Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/hTZXcUjpJUJ22kXbz7xa6_8yeXg.roa
File: hTZXcUjpJUJ22kXbz7xa6_8yeXg.roa (raw, json)
Hash identifier: T8pLPSySDtezTp46L2Jv6HnkGBBxe5327Qx79YtHPlw=
Subject key identifier: 85:36:57:71:48:E9:25:42:76:DA:45:DB:CF:BC:5A:EB:FF:32:79:78
Certificate issuer: /CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Certificate serial: 01991F438A9F7DDB82BBDB24B0E6D5CB32B5
Authority key identifier: 49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/hTZXcUjpJUJ22kXbz7xa6_8yeXg.roa
Signing time: Sat 06 Sep 2025 13:42:24 +0000
ROA not before: Sat 06 Sep 2025 13:42:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48407
IP address blocks: 81.90.16.0/20 maxlen: 20
81.90.18.0/24 maxlen: 24
81.90.19.0/24 maxlen: 24
81.90.31.0/24 maxlen: 24
93.94.50.0/24 maxlen: 24
93.94.53.0/24 maxlen: 24
93.94.54.0/24 maxlen: 24
93.94.55.0/24 maxlen: 24
2a00:8b20::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 22:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1f:43:8a:9f:7d:db:82:bb:db:24:b0:e6:d5:cb:32:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49216f5c165b827a7fd73d8107aebd2f63c63e24
Validity
Not Before: Sep 6 13:42:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8536577148e9254276da45dbcfbc5aebff327978
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:32:78:3e:5f:00:8e:3f:2a:e0:e1:3d:4f:36:
e9:6a:15:24:9f:50:20:39:54:af:a5:6a:0a:e2:d6:
ac:57:c4:08:70:bc:e2:55:ef:d8:77:ab:5a:07:d3:
d4:ed:e5:d7:ba:4d:7c:28:65:06:76:de:89:01:7b:
5c:70:ba:30:81:90:ae:c6:58:2f:aa:a4:ba:1f:ef:
5c:f4:e9:38:0c:e5:03:f4:e4:3d:3e:56:08:8a:a2:
4e:d7:f8:29:3e:e9:15:07:55:a6:f3:cc:0f:17:29:
c8:4c:2b:f0:4b:d2:40:3e:e5:8f:88:35:87:9e:79:
fa:22:02:fb:be:0c:0d:23:2d:a7:23:e4:73:a3:f2:
df:7d:16:34:8c:0a:f9:e3:5c:03:25:a9:55:15:98:
16:9b:a5:14:25:08:fa:6d:e8:96:e2:7f:fc:50:d1:
91:28:87:67:92:6b:6c:50:cb:2d:22:3c:42:42:1c:
76:91:59:1b:4f:d1:a6:27:8d:0a:98:2e:4d:26:7b:
61:d2:d1:15:b8:bc:09:a7:e6:53:25:f6:7b:7d:f9:
98:8e:e6:8f:42:29:5a:fb:a7:1c:43:4c:f7:56:5a:
d6:e3:12:9f:7c:19:19:ce:f4:27:26:9b:c1:fa:9c:
9c:ea:d2:e4:7c:f9:36:9a:9b:3f:57:4e:f0:55:c8:
db:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:36:57:71:48:E9:25:42:76:DA:45:DB:CF:BC:5A:EB:FF:32:79:78
X509v3 Authority Key Identifier:
keyid:49:21:6F:5C:16:5B:82:7A:7F:D7:3D:81:07:AE:BD:2F:63:C6:3E:24
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SSFvXBZbgnp_1z2BB669L2PGPiQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/hTZXcUjpJUJ22kXbz7xa6_8yeXg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/4842a9-9fcd-4bb6-bb04-0dbbc249e657/1/SSFvXBZbgnp_1z2BB669L2PGPiQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.90.16.0/20
93.94.50.0/24
93.94.53.0-93.94.55.255
IPv6:
2a00:8b20::/32
Signature Algorithm: sha256WithRSAEncryption
5d:29:70:8b:c4:6d:08:95:0e:fc:84:ff:bf:19:5f:ce:9d:dd:
ec:4a:08:fe:01:d6:c0:c9:ea:38:e3:96:c5:48:cd:2a:6e:ac:
98:1f:bb:c9:b4:c0:fb:64:f4:fb:c7:33:28:17:2c:73:26:dc:
66:0c:44:7c:45:b8:f0:0f:d1:65:40:8a:0d:6c:be:a1:e0:dc:
fb:e6:c2:40:1e:ca:0c:88:50:7d:18:c8:2b:c1:9f:44:5e:50:
bc:d3:cb:6f:13:17:9e:2a:b2:1f:fd:2b:56:d4:a4:5d:5a:f2:
11:5d:44:fb:a9:08:81:8a:ab:ae:d7:a1:85:3f:6b:18:69:4c:
c9:52:0e:15:80:b8:2d:6f:0e:75:ee:5c:ce:65:70:36:67:06:
57:11:7b:98:1d:b3:a0:35:08:a6:b6:6a:af:4b:3d:63:e8:8f:
54:27:d4:55:fa:92:c7:25:d1:12:56:e9:dc:36:fa:c3:80:ea:
54:e1:69:52:4a:df:e1:f2:df:b7:28:d2:be:d5:63:56:2e:a8:
1b:e7:60:0c:a4:be:97:c5:15:40:12:0c:cf:a1:a9:a3:48:a9:
b1:7d:1b:07:a0:62:c4:5b:ca:c7:d1:2d:31:d3:2b:c7:3b:f0:
65:75:8f:08:36:49:e4:5d:6f:50:af:53:45:e3:1a:63:ee:cd:
4f:85:36:0b
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZkfQ4qffduCu9sksObVyzK1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5MjE2ZjVjMTY1YjgyN2E3ZmQ3M2Q4MTA3YWViZDJmNjNj
NjNlMjQwHhcNMjUwOTA2MTM0MjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTM2NTc3MTQ4ZTkyNTQyNzZkYTQ1ZGJjZmJjNWFlYmZmMzI3OTc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmDJ4Pl8Ajj8q4OE9TzbpahUkn1Ag
OVSvpWoK4tasV8QIcLziVe/Yd6taB9PU7eXXuk18KGUGdt6JAXtccLowgZCuxlgv
qqS6H+9c9Ok4DOUD9OQ9PlYIiqJO1/gpPukVB1Wm88wPFynITCvwS9JAPuWPiDWH
nnn6IgL7vgwNIy2nI+Rzo/LffRY0jAr541wDJalVFZgWm6UUJQj6beiW4n/8UNGR
KIdnkmtsUMstIjxCQhx2kVkbT9GmJ40KmC5NJnth0tEVuLwJp+ZTJfZ7ffmYjuaP
Qila+6ccQ0z3VlrW4xKffBkZzvQnJpvB+pyc6tLkfPk2mps/V07wVcjbvQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFIU2V3FI6SVCdtpF28+8Wuv/Mnl4MB8GA1UdIwQY
MBaAFEkhb1wWW4J6f9c9gQeuvS9jxj4kMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQt
MGRiYmMyNDllNjU3LzEvaFRaWGNVanBKVUoyMmtYYno3eGE2Xzh5ZVhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi80ODQyYTktOWZjZC00YmI2LWJiMDQtMGRiYmMyNDllNjU3
LzEvU1NGdlhCWmJnbnBfMXoyQkI2NjlMMlBHUGlRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaAwQEUVoQAwQA
XV4yMAwDBABdXjUDBANdXjAwDQQCAAIwBwMFACoAiyAwDQYJKoZIhvcNAQELBQAD
ggEBAF0pcIvEbQiVDvyE/78ZX86d3exKCP4B1sDJ6jjjlsVIzSpurJgfu8m0wPtk
9PvHMygXLHMm3GYMRHxFuPAP0WVAig1svqHg3PvmwkAeygyIUH0YyCvBn0ReULzT
y28TF54qsh/9K1bUpF1a8hFdRPupCIGKq67XoYU/axhpTMlSDhWAuC1vDnXuXM5l
cDZnBlcRe5gds6A1CKa2aq9LPWPoj1Qn1FX6kscl0RJW6dw2+sOA6lThaVJK3+Hy
37co0r7VY1YuqBvnYAykvpfFFUASDM+hqaNIqbF9GwegYsRbysfRLTHTK8c78GV1
jwg2SeRdb1CvU0XjGmPuzU+FNgs=
-----END CERTIFICATE-----
Generated at Thu Sep 18 07:34:51 2025 by rpki-client