Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/AWbjG9TX3XJzrT_-XfE26cRzumw.roa
File: AWbjG9TX3XJzrT_-XfE26cRzumw.roa (raw, json)
Hash identifier: d3rYvzptm9LbDQTkI+bmmI8obEDEKG+DiLvlKsR0uoE=
Subject key identifier: 01:66:E3:1B:D4:D7:DD:72:73:AD:3F:FE:5D:F1:36:E9:C4:73:BA:6C
Certificate issuer: /CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Certificate serial: 019A07216F8851F5CCB7D7757C66F05A5DCC
Authority key identifier: EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/AWbjG9TX3XJzrT_-XfE26cRzumw.roa
Signing time: Tue 21 Oct 2025 14:17:03 +0000
ROA not before: Tue 21 Oct 2025 14:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15763
IP address blocks: 85.22.0.0/16 maxlen: 16
85.22.0.0/20 maxlen: 20
85.22.16.0/20 maxlen: 20
85.22.48.0/24 maxlen: 24
85.22.52.0/24 maxlen: 24
85.22.53.0/24 maxlen: 24
85.22.54.0/24 maxlen: 24
85.22.55.0/24 maxlen: 24
85.22.58.0/24 maxlen: 24
85.22.60.0/24 maxlen: 24
85.22.64.0/24 maxlen: 24
85.22.66.0/24 maxlen: 24
85.22.74.0/24 maxlen: 24
85.22.75.0/24 maxlen: 24
85.22.76.0/24 maxlen: 24
85.22.84.0/22 maxlen: 22
85.22.96.0/20 maxlen: 20
85.22.112.0/20 maxlen: 20
85.22.128.0/22 maxlen: 22
85.22.148.0/23 maxlen: 23
85.22.156.0/24 maxlen: 24
85.22.158.0/24 maxlen: 24
85.22.172.0/24 maxlen: 24
85.22.173.0/24 maxlen: 24
85.22.174.0/24 maxlen: 24
85.22.175.0/24 maxlen: 24
156.67.58.0/24 maxlen: 24
185.151.100.0/22 maxlen: 24
212.29.32.0/19 maxlen: 19
212.29.32.0/24 maxlen: 24
212.29.33.0/24 maxlen: 24
212.29.34.0/24 maxlen: 24
212.29.39.0/24 maxlen: 24
212.29.40.0/24 maxlen: 24
212.29.42.0/24 maxlen: 24
2a03:f580::/32 maxlen: 48
2a03:f580::/48 maxlen: 48
2a03:f580:1::/48 maxlen: 48
2a03:f580:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 17:00:44 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:21:6f:88:51:f5:cc:b7:d7:75:7c:66:f0:5a:5d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ebef95f8c4c554826de8f38ad6bba9fb74802824
Validity
Not Before: Oct 21 14:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0166e31bd4d7dd7273ad3ffe5df136e9c473ba6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:cc:39:4a:e7:43:22:52:e7:f3:c9:44:4a:d6:
2a:74:49:fd:4a:f5:85:1d:4c:92:c2:28:19:8e:bb:
5e:21:ae:0c:40:8d:41:39:39:ac:91:26:13:39:fc:
6e:4e:85:e6:38:db:b5:23:a7:74:59:7c:5c:0f:4d:
f8:54:b7:3c:6e:80:30:7c:76:95:9c:4e:d2:2a:6c:
d2:a2:6e:a4:68:d8:7a:7b:e9:0b:96:0d:6d:db:9d:
ba:2f:1b:f5:b3:9f:e4:02:8d:76:ea:2c:3b:8b:08:
ae:1a:7c:ac:19:28:a6:23:3a:b1:57:63:59:28:13:
5d:2c:3a:76:84:32:a8:ca:7d:d9:05:50:f1:83:07:
d4:11:53:a3:0d:d1:90:f6:1a:9c:8e:0c:a1:86:c7:
16:f2:ca:76:c6:c2:b5:81:4f:84:a5:37:25:52:5a:
63:73:bb:1a:7c:17:ca:7f:03:7c:57:a3:ad:69:6f:
4f:6d:cc:2c:34:5b:f3:13:20:e6:65:8e:7e:91:31:
3c:02:c6:63:36:e1:33:b1:99:c1:08:7d:5d:6a:b3:
07:ba:be:0a:96:18:40:0f:99:40:c3:0f:6c:00:cc:
a1:1a:83:c5:20:d2:e9:8e:6c:01:7e:21:fb:52:d7:
e7:30:9a:8d:85:ed:db:2b:5e:a7:26:9f:eb:2e:a2:
16:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:66:E3:1B:D4:D7:DD:72:73:AD:3F:FE:5D:F1:36:E9:C4:73:BA:6C
X509v3 Authority Key Identifier:
keyid:EB:EF:95:F8:C4:C5:54:82:6D:E8:F3:8A:D6:BB:A9:FB:74:80:28:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6--V-MTFVIJt6POK1rup-3SAKCQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/AWbjG9TX3XJzrT_-XfE26cRzumw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e1/f1457f-621f-4796-860e-9a350fd1a4ad/1/6--V-MTFVIJt6POK1rup-3SAKCQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.22.0.0/16
156.67.58.0/24
185.151.100.0/22
212.29.32.0/19
IPv6:
2a03:f580::/32
Signature Algorithm: sha256WithRSAEncryption
2a:47:bb:cf:81:95:17:03:2e:e8:61:51:c5:24:78:38:c3:7b:
86:32:9f:3b:14:33:1a:57:81:c8:28:d0:18:15:67:85:19:71:
ad:c6:4c:ac:2e:ef:a2:76:c9:49:70:99:72:aa:4a:b2:12:ec:
dc:54:03:5b:aa:93:69:aa:83:05:08:26:2a:36:d1:c0:02:87:
ac:21:e9:ca:25:aa:22:0f:cc:c9:f6:e6:09:a4:26:ce:b5:2b:
f3:8a:64:54:48:c4:3a:36:dc:a5:26:5e:ca:1b:b4:5e:d3:09:
ba:8a:f4:3c:d5:15:fe:c9:b3:fd:e6:62:06:89:42:27:70:ee:
7b:7d:c9:25:ef:19:9b:e0:01:86:84:d0:14:29:1b:be:b3:0f:
ac:19:34:13:3f:a2:c8:6f:17:86:bb:87:ee:27:12:aa:08:34:
9c:fc:75:4b:11:8f:af:75:f8:52:09:16:90:81:7a:1e:26:35:
66:58:72:4d:11:25:4c:c4:4a:f6:da:8c:c3:61:a1:68:27:79:
05:44:c7:2c:81:43:c4:fe:c5:91:cb:1d:d4:06:e6:35:85:ec:
03:bc:0e:65:3a:0e:4a:b0:80:8c:10:b8:ac:2d:d9:74:34:38:
3e:ee:34:e6:61:e4:98:3e:5e:6c:6e:bc:92:46:72:64:19:69:
f8:49:92:22
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZoHIW+IUfXMt9d1fGbwWl3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViZWY5NWY4YzRjNTU0ODI2ZGU4ZjM4YWQ2YmJhOWZiNzQ4
MDI4MjQwHhcNMjUxMDIxMTQxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTY2ZTMxYmQ0ZDdkZDcyNzNhZDNmZmU1ZGYxMzZlOWM0NzNiYTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1Mw5SudDIlLn88lEStYqdEn9SvWF
HUySwigZjrteIa4MQI1BOTmskSYTOfxuToXmONu1I6d0WXxcD034VLc8boAwfHaV
nE7SKmzSom6kaNh6e+kLlg1t2526Lxv1s5/kAo126iw7iwiuGnysGSimIzqxV2NZ
KBNdLDp2hDKoyn3ZBVDxgwfUEVOjDdGQ9hqcjgyhhscW8sp2xsK1gU+EpTclUlpj
c7safBfKfwN8V6OtaW9PbcwsNFvzEyDmZY5+kTE8AsZjNuEzsZnBCH1darMHur4K
lhhAD5lAww9sAMyhGoPFINLpjmwBfiH7UtfnMJqNhe3bK16nJp/rLqIWcQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFAFm4xvU191yc60//l3xNunEc7psMB8GA1UdIwQY
MBaAFOvvlfjExVSCbejzita7qft0gCgkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUt
OWEzNTBmZDFhNGFkLzEvQVdiakc5VFgzWEp6clRfLVhmRTI2Y1J6dW13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMS9mMTQ1N2YtNjIxZi00Nzk2LTg2MGUtOWEzNTBmZDFhNGFk
LzEvNi0tVi1NVEZWSUp0NlBPSzFydXAtM1NBS0NRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAdBAIAATAXAwMAVRYDBACc
QzoDBAK5l2QDBAXUHSAwDQQCAAIwBwMFACoD9YAwDQYJKoZIhvcNAQELBQADggEB
ACpHu8+BlRcDLuhhUcUkeDjDe4YynzsUMxpXgcgo0BgVZ4UZca3GTKwu76J2yUlw
mXKqSrIS7NxUA1uqk2mqgwUIJio20cACh6wh6colqiIPzMn25gmkJs61K/OKZFRI
xDo23KUmXsobtF7TCbqK9DzVFf7Js/3mYgaJQidw7nt9ySXvGZvgAYaE0BQpG76z
D6wZNBM/oshvF4a7h+4nEqoINJz8dUsRj691+FIJFpCBeh4mNWZYck0RJUzESvba
jMNhoWgneQVExyyBQ8T+xZHLHdQG5jWF7AO8DmU6DkqwgIwQuKwt2XQ0OD7uNOZh
5Jg+XmxuvJJGcmQZafhJkiI=
-----END CERTIFICATE-----
Generated at Wed Oct 29 01:25:05 2025 by rpki-client