Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ANdJ-siXlYdz3__LzO_ddBbWRmI.roa
File: ANdJ-siXlYdz3__LzO_ddBbWRmI.roa (raw, json)
Hash identifier: ZCSjY6ZdnTDWVjIdvM8PD0DeEJQczdtyLW/jlG7Bbhs=
Subject key identifier: 00:D7:49:FA:C8:97:95:87:73:DF:FF:CB:CC:EF:DD:74:16:D6:46:62
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 01993C89EB4D5C20A4D934D1CF2CD7E1808B
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ANdJ-siXlYdz3__LzO_ddBbWRmI.roa
Signing time: Fri 12 Sep 2025 06:08:15 +0000
ROA not before: Fri 12 Sep 2025 06:08:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.70.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.82.0/23 maxlen: 24
213.145.82.0/24 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.84.0/24 maxlen: 24
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3c:89:eb:4d:5c:20:a4:d9:34:d1:cf:2c:d7:e1:80:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Sep 12 06:08:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00d749fac897958773dfffcbccefdd7416d64662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:f3:03:e8:72:5b:89:44:fe:7a:a5:ee:39:2d:
38:cf:cc:ea:93:2a:fe:d2:36:3a:54:e9:81:c7:35:
7e:04:e8:4a:7a:42:22:57:27:ad:f8:07:99:b4:f5:
2a:df:60:0b:13:f1:2a:75:01:58:8c:f0:ab:ff:97:
df:1b:0f:ab:36:95:7d:d3:a6:87:ff:ba:09:fd:44:
4a:85:2d:76:2b:6b:bc:16:bf:8f:f0:d7:dd:49:b3:
b9:e7:6e:92:95:72:bb:56:e5:82:b0:0c:a1:66:ae:
60:9f:69:39:e9:4c:70:1d:0f:ca:6f:3b:18:cd:67:
dc:c5:20:c9:27:54:be:ce:68:0d:4b:40:08:d9:36:
69:c1:05:36:ed:c3:b5:bd:bd:fb:fa:fa:bb:04:91:
19:c7:c4:6d:a6:c5:6a:93:5e:68:5c:e0:93:e0:a6:
14:ac:75:14:47:ac:e4:f4:02:c2:7a:0b:80:67:9d:
5c:ee:78:cf:f6:8c:26:2c:12:f1:b2:05:2d:70:d1:
97:1a:ca:e4:52:6f:f4:e9:a5:ac:ac:bf:98:1f:1a:
85:73:92:cc:d0:b7:50:c0:e8:ed:07:27:c7:03:a4:
7e:96:c8:42:b7:33:d9:11:68:48:0b:62:41:09:e6:
96:91:bd:78:56:7a:c5:07:04:d9:47:03:12:f4:39:
61:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:D7:49:FA:C8:97:95:87:73:DF:FF:CB:CC:EF:DD:74:16:D6:46:62
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/ANdJ-siXlYdz3__LzO_ddBbWRmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
a9:50:2b:49:50:bb:50:1e:c2:cf:50:ca:7b:80:3b:f9:dd:86:
f2:38:16:4f:a3:2a:b8:9f:df:b7:a2:e8:ac:32:44:4d:81:76:
10:a5:40:8d:1d:d6:39:70:27:9d:f2:62:f3:87:b2:73:bc:c3:
4a:a7:15:ed:a6:a4:5d:f2:bf:22:86:fb:92:07:64:17:1e:df:
0b:bb:72:c3:c1:84:9e:70:4c:89:83:d2:70:e5:3c:d7:80:3d:
3d:a7:58:40:df:f3:b4:aa:18:84:1d:5d:d8:6a:4d:21:ec:6e:
b0:1a:86:16:f0:44:a6:91:7e:3b:e5:f1:e6:ac:48:26:2b:ff:
fd:a8:f3:da:54:26:e3:0c:1b:c7:a6:bd:b1:09:dd:3c:62:9f:
68:ca:1c:2b:78:a6:36:de:d7:1d:6c:c3:78:8d:0a:22:8b:d3:
8c:a3:d8:b4:7a:7f:c9:15:e5:03:c5:72:c0:eb:22:35:08:d2:
d4:83:ea:ee:7c:97:13:cd:87:6a:b3:a3:43:03:31:43:fe:28:
c8:28:47:ac:84:13:bd:10:7e:69:0b:5f:aa:7e:8e:73:1f:24:
23:3e:23:ae:0b:e9:14:5e:e2:d7:42:4f:68:c4:50:08:e4:82:
03:25:4a:f0:ce:13:aa:4d:28:ae:6c:38:40:39:bd:a4:dd:a7:
f7:f4:e8:27
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZk8ietNXCCk2TTRzyzX4YCLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUwOTEyMDYwODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGQ3NDlmYWM4OTc5NTg3NzNkZmZmY2JjY2VmZGQ3NDE2ZDY0NjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuPMD6HJbiUT+eqXuOS04z8zqkyr+
0jY6VOmBxzV+BOhKekIiVyet+AeZtPUq32ALE/EqdQFYjPCr/5ffGw+rNpV906aH
/7oJ/URKhS12K2u8Fr+P8NfdSbO5526SlXK7VuWCsAyhZq5gn2k56UxwHQ/KbzsY
zWfcxSDJJ1S+zmgNS0AI2TZpwQU27cO1vb37+vq7BJEZx8RtpsVqk15oXOCT4KYU
rHUUR6zk9ALCeguAZ51c7njP9owmLBLxsgUtcNGXGsrkUm/06aWsrL+YHxqFc5LM
0LdQwOjtByfHA6R+lshCtzPZEWhIC2JBCeaWkb14VnrFBwTZRwMS9DlhLQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFADXSfrIl5WHc9//y8zv3XQW1kZiMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvQU5kSi1zaVhsWWR6M19fTHpPX2RkQmJXUm1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQCVXPQMAwD
BALVkUQDBATVkUAwDAMEAdWRUgMEAdWRWDANBgkqhkiG9w0BAQsFAAOCAQEAqVAr
SVC7UB7Cz1DKe4A7+d2G8jgWT6MquJ/ft6LorDJETYF2EKVAjR3WOXAnnfJi84ey
c7zDSqcV7aakXfK/Iob7kgdkFx7fC7tyw8GEnnBMiYPScOU814A9PadYQN/ztKoY
hB1d2GpNIexusBqGFvBEppF+O+Xx5qxIJiv//ajz2lQm4wwbx6a9sQndPGKfaMoc
K3imNt7XHWzDeI0KIovTjKPYtHp/yRXlA8VywOsiNQjS1IPq7nyXE82HarOjQwMx
Q/4oyChHrIQTvRB+aQtfqn6Ocx8kIz4jrgvpFF7i10JPaMRQCOSCAyVK8M4Tqk0o
rmw4QDm9pN2n9/ToJw==
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:41:28 2025 by rpki-client