Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/IpmNqXNW_slvomPPNDBgUsOEzfM.roa
File: IpmNqXNW_slvomPPNDBgUsOEzfM.roa (raw, json)
Hash identifier: Pw8rvzKx3ysNgK3+6i7f6vpgrH3WD3WqD3kHoDoxu9U=
Subject key identifier: 22:99:8D:A9:73:56:FE:C9:6F:A2:63:CF:34:30:60:52:C3:84:CD:F3
Certificate issuer: /CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Certificate serial: 01990A8F01DDB6BFDA0C6A69F0588650478C
Authority key identifier: E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/IpmNqXNW_slvomPPNDBgUsOEzfM.roa
Signing time: Tue 02 Sep 2025 13:12:48 +0000
ROA not before: Tue 02 Sep 2025 13:12:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203937
IP address blocks: 185.125.4.0/24 maxlen: 24
185.216.172.0/24 maxlen: 24
185.253.233.0/24 maxlen: 24
194.42.118.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.mft
rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 07:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0a:8f:01:dd:b6:bf:da:0c:6a:69:f0:58:86:50:47:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e4be8efec1fb03d8af979af1cba13a0845a7b0ba
Validity
Not Before: Sep 2 13:12:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22998da97356fec96fa263cf34306052c384cdf3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:97:a3:85:0b:7f:0b:18:49:81:3f:13:5d:6c:
9f:19:2e:b8:9c:5c:77:38:e5:2a:57:26:82:bb:af:
e2:c4:7d:84:d6:b0:c2:fe:b8:28:0a:9e:3a:ac:cb:
28:2d:f5:3e:fd:a0:bc:22:15:f0:87:86:f3:1f:47:
04:1b:18:c3:2f:36:79:17:b1:3c:af:45:65:d1:d8:
55:49:ed:f2:91:87:bd:27:0c:3b:d8:36:1d:29:9f:
27:ba:4e:0a:d5:b7:31:9c:c7:50:fe:8e:a8:1a:60:
cd:53:37:37:84:99:86:56:05:84:5d:34:e5:14:dc:
4c:41:a6:b0:96:22:d1:84:20:51:8f:7e:f0:32:30:
8c:ab:ad:91:42:95:2a:25:81:2b:c6:14:8e:9f:ba:
d1:34:fd:6b:d6:01:60:0f:21:69:89:65:d7:df:40:
5c:9f:87:3a:59:7e:84:19:28:3d:12:6d:e1:9d:a2:
09:2c:0b:d5:b7:1c:a0:3d:a8:c8:4d:c7:2e:2c:47:
21:d9:6f:62:74:10:e0:c2:53:b7:ce:3e:d8:33:4b:
41:73:e7:9d:0c:6c:29:cd:c1:7e:cc:37:ee:14:bd:
b9:e4:38:c9:2f:a2:37:67:45:05:c4:43:e4:c1:e5:
67:d3:f9:2d:18:c2:c3:95:72:f2:10:a2:13:11:0b:
b9:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:99:8D:A9:73:56:FE:C9:6F:A2:63:CF:34:30:60:52:C3:84:CD:F3
X509v3 Authority Key Identifier:
keyid:E4:BE:8E:FE:C1:FB:03:D8:AF:97:9A:F1:CB:A1:3A:08:45:A7:B0:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5L6O_sH7A9ivl5rxy6E6CEWnsLo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/IpmNqXNW_slvomPPNDBgUsOEzfM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/0f9f02-c2ad-4ec8-b4d5-dfbfa3fcf021/1/5L6O_sH7A9ivl5rxy6E6CEWnsLo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.4.0/24
185.216.172.0/24
185.253.233.0/24
194.42.118.0/23
Signature Algorithm: sha256WithRSAEncryption
05:b3:8e:a5:b8:9f:10:db:77:7b:b9:1c:00:f4:a8:89:89:30:
09:93:3c:d0:e1:d6:b4:4d:fd:6a:41:6c:e5:81:8f:61:8d:ec:
db:3f:99:fc:01:73:2a:d1:51:7a:88:21:e5:43:60:49:ea:9e:
29:51:a5:b0:68:3a:79:c6:ec:bb:a2:d6:94:59:2d:32:f3:6c:
3d:6d:a8:06:32:00:e9:3a:98:96:87:26:ae:6f:6a:1d:65:32:
92:ed:1a:a1:99:27:2d:29:f4:1e:60:dd:8e:b5:6e:8c:de:6f:
3d:f0:95:49:7b:fc:41:3e:86:14:63:64:cd:96:32:27:01:7d:
5f:fe:34:4d:cd:29:60:8b:7e:7f:d2:ec:b1:0a:61:30:bd:9d:
6d:7b:d4:f5:3d:72:4b:f1:9f:25:a4:d2:00:d2:2f:9e:bf:95:
69:c8:90:be:8a:9a:8c:6f:4d:d8:34:04:22:ac:6d:bc:64:bd:
40:dd:78:32:a8:e7:4c:46:61:7d:64:6a:5e:31:97:ab:5c:b6:
52:d0:53:7e:8d:b8:8e:c1:af:f4:e5:d7:b7:0e:09:9b:a0:53:
8d:5b:41:ad:eb:82:d7:70:b5:7d:da:cf:dc:76:42:15:db:3a:
20:1d:7d:a1:47:40:bf:40:28:1f:4f:61:ff:29:b0:a1:ab:2a:
2c:10:43:f5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZkKjwHdtr/aDGpp8FiGUEeMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU0YmU4ZWZlYzFmYjAzZDhhZjk3OWFmMWNiYTEzYTA4NDVh
N2IwYmEwHhcNMjUwOTAyMTMxMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjk5OGRhOTczNTZmZWM5NmZhMjYzY2YzNDMwNjA1MmMzODRjZGYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlJejhQt/CxhJgT8TXWyfGS64nFx3
OOUqVyaCu6/ixH2E1rDC/rgoCp46rMsoLfU+/aC8IhXwh4bzH0cEGxjDLzZ5F7E8
r0Vl0dhVSe3ykYe9Jww72DYdKZ8nuk4K1bcxnMdQ/o6oGmDNUzc3hJmGVgWEXTTl
FNxMQaawliLRhCBRj37wMjCMq62RQpUqJYErxhSOn7rRNP1r1gFgDyFpiWXX30Bc
n4c6WX6EGSg9Em3hnaIJLAvVtxygPajITccuLEch2W9idBDgwlO3zj7YM0tBc+ed
DGwpzcF+zDfuFL255DjJL6I3Z0UFxEPkweVn0/ktGMLDlXLyEKITEQu5kQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFCKZjalzVv7Jb6JjzzQwYFLDhM3zMB8GA1UdIwQY
MBaAFOS+jv7B+wPYr5ea8cuhOghFp7C6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUt
ZGZiZmEzZmNmMDIxLzEvSXBtTnFYTldfc2x2b21QUE5EQmdVc09FemZNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS8wZjlmMDItYzJhZC00ZWM4LWI0ZDUtZGZiZmEzZmNmMDIx
LzEvNUw2T19zSDdBOWl2bDVyeHk2RTZDRVduc0xvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuX0EAwQA
udisAwQAuf3pAwQBwip2MA0GCSqGSIb3DQEBCwUAA4IBAQAFs46luJ8Q23d7uRwA
9KiJiTAJkzzQ4da0Tf1qQWzlgY9hjezbP5n8AXMq0VF6iCHlQ2BJ6p4pUaWwaDp5
xuy7otaUWS0y82w9bagGMgDpOpiWhyaub2odZTKS7RqhmSctKfQeYN2OtW6M3m89
8JVJe/xBPoYUY2TNljInAX1f/jRNzSlgi35/0uyxCmEwvZ1te9T1PXJL8Z8lpNIA
0i+ev5VpyJC+ipqMb03YNAQirG28ZL1A3XgyqOdMRmF9ZGpeMZerXLZS0FN+jbiO
wa/05de3DgmboFONW0Gt64LXcLV92s/cdkIV2zogHX2hR0C/QCgfT2H/KbChqyos
EEP1
-----END CERTIFICATE-----
Generated at Tue Sep 9 12:20:09 2025 by rpki-client