Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/AtDKjNeuuNXeVqqffYxe6oseq6E.roa
File: AtDKjNeuuNXeVqqffYxe6oseq6E.roa (raw, json)
Hash identifier: 8X3Pe8CzfVipbqmK38m2SCiV+GdUcXqwb5iKKxFpsvY=
Subject key identifier: 02:D0:CA:8C:D7:AE:B8:D5:DE:56:AA:9F:7D:8C:5E:EA:8B:1E:AB:A1
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019A005A72E78A69D313B21B0CC8E76DE5A8
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/AtDKjNeuuNXeVqqffYxe6oseq6E.roa
Signing time: Mon 20 Oct 2025 06:41:58 +0000
ROA not before: Mon 20 Oct 2025 06:41:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.155.240.0/24 maxlen: 24
45.155.242.0/24 maxlen: 24
194.143.205.0/24 maxlen: 24
194.143.206.0/23 maxlen: 24
194.143.207.0/24 maxlen: 24
195.114.196.0/24 maxlen: 24
195.114.197.0/24 maxlen: 24
195.114.198.0/24 maxlen: 24
213.220.11.0/24 maxlen: 24
213.220.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:5a:72:e7:8a:69:d3:13:b2:1b:0c:c8:e7:6d:e5:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Oct 20 06:41:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02d0ca8cd7aeb8d5de56aa9f7d8c5eea8b1eaba1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:a3:87:5b:e3:ef:6a:01:42:7e:01:39:13:11:
ec:fb:2c:4b:4f:c9:21:a2:2a:fb:a7:4b:58:5f:c6:
7b:60:36:0f:ae:34:4e:b5:40:c5:9b:6d:b2:cb:0e:
9b:9a:e8:9d:e6:5b:5d:32:e9:e3:04:94:07:98:eb:
b0:f9:48:2d:67:90:7b:3c:a1:2d:b5:30:e5:61:dd:
86:63:b5:32:fa:79:61:d8:6b:73:6f:3f:4b:40:34:
fa:07:9f:01:3d:1d:53:ef:f4:4b:36:19:18:c1:06:
58:1e:69:69:8b:fd:1c:ce:eb:11:d7:9f:25:b4:67:
4f:43:31:47:14:a9:26:48:dc:2a:1d:5d:73:03:45:
d3:2e:1e:65:a9:c9:4f:f8:75:7b:62:1a:53:2a:89:
81:73:4b:c0:00:f4:5f:9d:a8:82:0b:d4:c1:98:ff:
f8:2e:b0:52:1e:1c:18:3f:70:57:61:06:f4:9a:ae:
1a:f1:28:69:f1:00:cb:50:41:24:8e:3b:2c:64:75:
3f:79:2b:e2:c9:02:79:49:61:39:ad:ab:c4:35:24:
0d:9c:05:98:a4:eb:36:74:97:08:d3:02:f4:b9:7e:
74:dd:7e:bb:f2:61:67:a8:8f:60:6a:8a:d8:b1:df:
72:7f:49:6a:60:8a:26:1c:f3:b0:29:ee:fc:08:7f:
67:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D0:CA:8C:D7:AE:B8:D5:DE:56:AA:9F:7D:8C:5E:EA:8B:1E:AB:A1
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/AtDKjNeuuNXeVqqffYxe6oseq6E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.240.0/24
45.155.242.0/24
194.143.205.0-194.143.207.255
195.114.196.0-195.114.198.255
213.220.11.0/24
213.220.62.0/24
Signature Algorithm: sha256WithRSAEncryption
24:4c:7c:f1:dc:40:8c:25:0f:c4:79:78:32:3f:4e:bf:bc:fe:
d3:4a:3f:59:b3:28:00:27:e1:a3:5e:c9:92:63:c8:9a:17:5b:
35:14:3e:ba:4d:02:25:82:b5:74:1f:56:69:ca:88:7b:51:06:
a5:b8:b8:b5:d2:4d:3d:f0:37:01:25:c8:4d:59:67:5b:49:32:
bc:f0:7e:3c:34:2f:2a:5b:04:f7:f4:5b:f1:fc:dc:67:70:63:
69:83:47:7e:c0:c2:54:02:95:e6:6a:e9:f9:66:72:df:02:4f:
07:18:11:59:b6:ab:a8:95:18:92:5b:16:07:ac:35:ee:c8:5b:
9b:19:3b:05:37:d5:d2:b9:32:ee:08:e4:d2:27:f5:0e:4f:ee:
b7:f7:6c:a2:f7:d6:c7:72:fc:7c:f5:9a:10:a2:9f:56:ea:fd:
2c:50:49:9c:19:ac:f3:dd:69:df:77:e9:4d:42:32:35:a7:e5:
cc:aa:19:fe:0a:80:58:7f:1c:b3:47:cf:88:13:e3:d3:1d:4c:
f4:d6:d6:53:7f:46:c5:3e:01:c4:21:e8:ad:3e:e6:cc:7a:6f:
a8:e3:38:27:01:1d:c8:b1:96:af:8f:6c:ae:3a:42:ec:aa:64:
36:06:f5:0b:86:1b:63:a5:fd:8c:7e:60:8a:cf:ad:f0:4f:be:
8b:a4:8e:89
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZoAWnLnimnTE7IbDMjnbeWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUxMDIwMDY0MTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQwY2E4Y2Q3YWViOGQ1ZGU1NmFhOWY3ZDhjNWVlYThiMWVhYmExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq6OHW+PvagFCfgE5ExHs+yxLT8kh
oir7p0tYX8Z7YDYPrjROtUDFm22yyw6bmuid5ltdMunjBJQHmOuw+UgtZ5B7PKEt
tTDlYd2GY7Uy+nlh2Gtzbz9LQDT6B58BPR1T7/RLNhkYwQZYHmlpi/0czusR158l
tGdPQzFHFKkmSNwqHV1zA0XTLh5lqclP+HV7YhpTKomBc0vAAPRfnaiCC9TBmP/4
LrBSHhwYP3BXYQb0mq4a8Shp8QDLUEEkjjssZHU/eSviyQJ5SWE5ravENSQNnAWY
pOs2dJcI0wL0uX503X678mFnqI9gaorYsd9yf0lqYIomHPOwKe78CH9nnwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFALQyozXrrjV3laqn32MXuqLHquhMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvQXRES2pOZXV1TlhlVnFxZmZZeGU2b3NlcTZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQALZvwAwQA
LZvyMAwDBADCj80DBATCj8AwDAMEAsNyxAMEAMNyxgMEANXcCwMEANXcPjANBgkq
hkiG9w0BAQsFAAOCAQEAJEx88dxAjCUPxHl4Mj9Ov7z+00o/WbMoACfho17JkmPI
mhdbNRQ+uk0CJYK1dB9WacqIe1EGpbi4tdJNPfA3ASXITVlnW0kyvPB+PDQvKlsE
9/Rb8fzcZ3BjaYNHfsDCVAKV5mrp+WZy3wJPBxgRWbarqJUYklsWB6w17shbmxk7
BTfV0rky7gjk0if1Dk/ut/dsovfWx3L8fPWaEKKfVur9LFBJnBms891p33fpTUIy
NaflzKoZ/gqAWH8cs0fPiBPj0x1M9NbWU39GxT4BxCHorT7mzHpvqOM4JwEdyLGW
r49srjpC7KpkNgb1C4YbY6X9jH5gis+t8E++i6SOiQ==
-----END CERTIFICATE-----
Generated at Tue Oct 21 21:50:07 2025 by rpki-client