Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/2R3GYbP40kVDselx86gqI7AglgU.roa
File: 2R3GYbP40kVDselx86gqI7AglgU.roa (raw, json)
Hash identifier: XLRcU1O670injcbZzqHBcbGiFZGa7M1Rl5LjE453GkQ=
Subject key identifier: D9:1D:C6:61:B3:F8:D2:45:43:B1:E9:71:F3:A8:2A:23:B0:20:96:05
Certificate issuer: /CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Certificate serial: 019A260798BEF150DB579DFF30A373DEB336
Authority key identifier: 81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/2R3GYbP40kVDselx86gqI7AglgU.roa
Signing time: Mon 27 Oct 2025 14:17:03 +0000
ROA not before: Mon 27 Oct 2025 14:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8737
IP address blocks: 84.39.0.0/19 maxlen: 19
109.72.32.0/20 maxlen: 20
128.127.32.0/20 maxlen: 20
195.64.64.0/19 maxlen: 19
195.121.0.0/16 maxlen: 16
195.121.0.0/17 maxlen: 17
195.121.64.0/18 maxlen: 18
195.121.128.0/17 maxlen: 17
212.182.128.0/18 maxlen: 18
213.75.0.0/16 maxlen: 16
213.75.0.0/17 maxlen: 17
213.75.128.0/17 maxlen: 17
213.148.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.mft
rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:26:07:98:be:f1:50:db:57:9d:ff:30:a3:73:de:b3:36
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=81eed4091383d9ed4056d9f4eff7d2622ddce205
Validity
Not Before: Oct 27 14:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d91dc661b3f8d24543b1e971f3a82a23b0209605
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:57:9f:8d:e3:87:b5:35:0d:d4:e9:5c:3d:5c:
be:c8:6d:ba:7d:c7:39:b2:93:70:e0:80:22:6d:11:
48:3a:9b:7a:26:6b:cc:1a:5c:4c:49:1c:90:41:d6:
3e:b7:0f:5a:2d:97:5a:36:10:8b:65:ea:cb:d1:19:
f4:5a:fd:c6:81:57:23:2d:95:c1:14:93:76:41:08:
9e:23:b4:fa:b4:ec:54:53:e5:75:cf:cd:5e:0f:ce:
ba:e1:64:46:1a:31:b1:e9:fc:f2:20:06:d7:31:04:
65:dd:7c:84:11:86:15:27:59:88:1b:b1:bc:5e:66:
ae:69:87:ad:27:4c:dc:9a:53:8e:7e:91:41:18:78:
33:5e:bb:82:65:f2:39:7d:9d:b0:92:3f:4b:94:60:
ad:95:aa:8f:44:1b:3a:13:b2:3f:71:41:8f:be:ef:
9b:88:10:cd:f9:ca:61:c9:6d:7c:84:8d:8e:ce:f5:
e5:29:8f:c9:4f:07:16:f2:d3:87:4d:92:a4:38:e8:
fd:50:cc:dd:65:50:c4:be:df:e4:b1:4a:94:f7:ff:
73:7b:00:64:5c:5f:5d:08:ed:f0:c4:e7:6f:2b:97:
5b:80:da:15:57:67:d5:ef:23:a6:3b:e8:64:e6:39:
a6:56:10:0f:19:5a:44:17:74:24:a5:0d:8a:7a:ed:
3d:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:1D:C6:61:B3:F8:D2:45:43:B1:E9:71:F3:A8:2A:23:B0:20:96:05
X509v3 Authority Key Identifier:
keyid:81:EE:D4:09:13:83:D9:ED:40:56:D9:F4:EF:F7:D2:62:2D:DC:E2:05
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ge7UCROD2e1AVtn07_fSYi3c4gU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/2R3GYbP40kVDselx86gqI7AglgU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/4a9cc4-2b9a-4ef2-a33a-872b3710c2a1/1/ge7UCROD2e1AVtn07_fSYi3c4gU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.39.0.0/19
109.72.32.0/20
128.127.32.0/20
195.64.64.0/19
195.121.0.0/16
212.182.128.0/18
213.75.0.0/16
213.148.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6d:b9:b9:22:b6:89:1b:79:bf:ef:28:53:c9:72:82:24:b8:3e:
2e:3d:57:f0:21:31:93:e0:83:a8:dd:ad:f7:58:13:57:87:44:
71:c4:a2:cc:7e:7b:97:20:14:4f:3c:c9:29:f6:d3:63:a5:66:
6d:e4:4b:3d:ab:d9:70:20:66:e5:ee:8a:5d:97:2c:6b:c2:fb:
43:4e:73:f5:98:12:aa:7a:12:5e:d5:f2:73:bf:87:6f:2a:63:
43:95:b3:9a:4c:44:24:18:86:26:c8:3a:1c:4b:50:bb:2f:99:
6a:c4:a6:65:5b:bd:16:17:70:ae:99:94:ed:fe:00:f6:31:e5:
7b:86:1a:4c:a7:c2:86:46:0c:ab:d7:bc:c4:ed:40:30:a0:1c:
2e:d3:bd:c8:6d:db:c9:de:e1:8b:37:99:da:64:8d:98:93:20:
bf:ba:88:4d:c7:c0:99:12:2e:a6:9b:31:02:e4:2a:54:33:17:
03:80:a6:c7:72:7e:6f:bb:12:d2:0d:9e:93:ce:67:e7:0b:86:
ab:be:dc:db:8e:20:76:e9:70:58:23:ca:72:5e:c6:81:dc:02:
f8:4b:a7:b0:4d:cd:20:a3:3e:4e:3a:0b:87:b1:31:6c:15:f0:
79:60:c5:c3:05:4b:aa:6b:50:b2:4d:43:d3:73:13:3d:0f:d2:
aa:e5:fc:4f
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZomB5i+8VDbV53/MKNz3rM2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgxZWVkNDA5MTM4M2Q5ZWQ0MDU2ZDlmNGVmZjdkMjYyMmRk
Y2UyMDUwHhcNMjUxMDI3MTQxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTFkYzY2MWIzZjhkMjQ1NDNiMWU5NzFmM2E4MmEyM2IwMjA5NjA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoFefjeOHtTUN1OlcPVy+yG26fcc5
spNw4IAibRFIOpt6JmvMGlxMSRyQQdY+tw9aLZdaNhCLZerL0Rn0Wv3GgVcjLZXB
FJN2QQieI7T6tOxUU+V1z81eD8664WRGGjGx6fzyIAbXMQRl3XyEEYYVJ1mIG7G8
XmauaYetJ0zcmlOOfpFBGHgzXruCZfI5fZ2wkj9LlGCtlaqPRBs6E7I/cUGPvu+b
iBDN+cphyW18hI2OzvXlKY/JTwcW8tOHTZKkOOj9UMzdZVDEvt/ksUqU9/9zewBk
XF9dCO3wxOdvK5dbgNoVV2fV7yOmO+hk5jmmVhAPGVpEF3QkpQ2Keu09bwIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFNkdxmGz+NJFQ7HpcfOoKiOwIJYFMB8GA1UdIwQY
MBaAFIHu1AkTg9ntQFbZ9O/30mIt3OIFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2Et
ODcyYjM3MTBjMmExLzEvMlIzR1liUDQwa1ZEc2VseDg2Z3FJN0FnbGdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS80YTljYzQtMmI5YS00ZWYyLWEzM2EtODcyYjM3MTBjMmEx
LzEvZ2U3VUNST0QyZTFBVnRuMDdfZlNZaTNjNGdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQFVCcAAwQE
bUggAwQEgH8gAwQFw0BAAwMAw3kDBAbUtoADAwDVSwMEBdWU4DANBgkqhkiG9w0B
AQsFAAOCAQEAbbm5IraJG3m/7yhTyXKCJLg+Lj1X8CExk+CDqN2t91gTV4dEccSi
zH57lyAUTzzJKfbTY6VmbeRLPavZcCBm5e6KXZcsa8L7Q05z9ZgSqnoSXtXyc7+H
bypjQ5WzmkxEJBiGJsg6HEtQuy+ZasSmZVu9FhdwrpmU7f4A9jHle4YaTKfChkYM
q9e8xO1AMKAcLtO9yG3byd7hizeZ2mSNmJMgv7qITcfAmRIuppsxAuQqVDMXA4Cm
x3J+b7sS0g2ek85n5wuGq77c244gdulwWCPKcl7GgdwC+EunsE3NIKM+TjoLh7Ex
bBXweWDFwwVLqmtQsk1D03MTPQ/SquX8Tw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 20:35:08 2025 by rpki-client