Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NdE7_aVOasdjLTrUFo34L8XDskM.roa
File: NdE7_aVOasdjLTrUFo34L8XDskM.roa (raw, json)
Hash identifier: Rpe05oJlIyYdtATGAHAsssRayQgvtIFe7+sN5fARdgw=
Subject key identifier: 35:D1:3B:FD:A5:4E:6A:C7:63:2D:3A:D4:16:8D:F8:2F:C5:C3:B2:43
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019A07FE1527491EABE8266CEB176D72AF88
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NdE7_aVOasdjLTrUFo34L8XDskM.roa
Signing time: Tue 21 Oct 2025 18:18:03 +0000
ROA not before: Tue 21 Oct 2025 18:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.70.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.74.0/24 maxlen: 24
213.145.82.0/24 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:fe:15:27:49:1e:ab:e8:26:6c:eb:17:6d:72:af:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Oct 21 18:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=35d13bfda54e6ac7632d3ad4168df82fc5c3b243
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:fa:ab:ce:68:1a:31:33:56:e4:10:7e:d3:76:
84:9c:fb:05:e6:f5:61:34:6a:76:1d:10:9d:8f:0d:
ba:ab:75:d9:a7:34:d3:53:77:83:6a:f3:85:86:d5:
5e:5d:00:af:08:34:44:be:87:9e:64:aa:9b:fc:15:
83:a0:1d:eb:29:82:b5:0e:aa:95:cd:10:51:68:ac:
79:cc:c6:13:68:50:fa:d6:f4:31:54:23:b1:80:8d:
af:1d:83:4c:fd:df:25:e0:fb:a8:85:42:da:b9:f9:
d9:bf:35:10:62:b9:a4:b3:e6:6a:4f:78:b1:6e:fe:
bf:4b:7e:ef:60:d8:b3:c8:2d:ab:03:3c:9d:77:bb:
d2:89:85:70:be:ce:e9:b4:f2:48:c5:ac:7c:c6:71:
6f:ee:f9:d8:fd:ab:45:a7:d8:85:0f:31:d5:71:9e:
88:ec:5a:da:e0:cc:ca:3a:7d:11:12:af:4d:d2:27:
2e:3c:90:83:36:52:5a:25:cf:ac:8e:0f:da:0e:9e:
b9:fe:cf:09:2a:e1:55:38:79:42:18:06:30:35:02:
d5:c2:af:b9:3f:0e:ab:70:25:ca:70:f7:09:94:c6:
30:ad:eb:e1:c4:ce:77:f4:ef:f0:f6:19:0f:03:22:
15:4e:27:4a:a0:0d:79:7f:35:cb:36:30:69:a7:f1:
34:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
35:D1:3B:FD:A5:4E:6A:C7:63:2D:3A:D4:16:8D:F8:2F:C5:C3:B2:43
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/NdE7_aVOasdjLTrUFo34L8XDskM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.68.0-213.145.79.255
213.145.82.0/24
213.145.84.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
24:03:c7:c1:2e:35:e8:ea:62:d0:93:b8:32:e1:13:67:f2:e4:
83:d6:de:31:06:74:da:36:f4:9d:dc:d6:a3:a0:2b:90:95:55:
82:04:ad:27:7d:09:b3:4f:f2:6d:8b:e7:c8:6a:3d:70:27:e9:
bf:e4:f7:1e:9e:52:0b:63:dc:14:f3:f3:a4:1f:ca:6a:30:6c:
1f:f5:ac:8c:cb:2d:23:65:20:5a:7f:23:a2:33:d8:12:55:50:
d1:c7:6f:88:57:f2:34:9e:10:ae:9b:99:b3:4e:f0:d2:fe:a8:
92:1c:92:c4:4e:17:f5:fc:c6:75:77:91:08:60:d7:70:9e:43:
6d:38:0c:82:6c:12:c4:4b:e6:5a:dc:6c:15:0e:e8:71:24:5c:
f2:20:f1:dc:62:92:fc:9e:e9:34:5a:78:32:c6:f0:be:eb:a8:
be:41:45:3b:dc:31:1e:fe:16:77:94:27:60:15:43:13:f0:63:
e6:c3:ff:37:06:26:6f:25:cb:cc:3c:7e:13:df:8c:97:9c:03:
05:e6:2d:9b:e1:46:f6:9a:b2:03:a9:d8:fd:09:98:eb:51:f4:
ca:13:d1:ce:dd:52:40:5f:f1:c1:6d:68:75:bb:a2:38:3a:df:
e7:cc:36:00:25:6d:3a:d0:5f:85:5c:ab:a2:f3:1f:36:eb:c5:
dd:f6:13:3c
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZoH/hUnSR6r6CZs6xdtcq+IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUxMDIxMTgxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNWQxM2JmZGE1NGU2YWM3NjMyZDNhZDQxNjhkZjgyZmM1YzNiMjQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl/qrzmgaMTNW5BB+03aEnPsF5vVh
NGp2HRCdjw26q3XZpzTTU3eDavOFhtVeXQCvCDREvoeeZKqb/BWDoB3rKYK1DqqV
zRBRaKx5zMYTaFD61vQxVCOxgI2vHYNM/d8l4PuohULaufnZvzUQYrmks+ZqT3ix
bv6/S37vYNizyC2rAzydd7vSiYVwvs7ptPJIxax8xnFv7vnY/atFp9iFDzHVcZ6I
7Fra4MzKOn0REq9N0icuPJCDNlJaJc+sjg/aDp65/s8JKuFVOHlCGAYwNQLVwq+5
Pw6rcCXKcPcJlMYwrevhxM539O/w9hkPAyIVTidKoA15fzXLNjBpp/E0EwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDXRO/2lTmrHYy061BaN+C/Fw7JDMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvTmRFN19hVk9hc2RqTFRyVUZvMzRMOFhEc2tNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoAwQCVXPQMAwD
BALVkUQDBATVkUADBADVkVIwDAMEAtWRVAMEAdWRWDANBgkqhkiG9w0BAQsFAAOC
AQEAJAPHwS416Opi0JO4MuETZ/Lkg9beMQZ02jb0ndzWo6ArkJVVggStJ30Js0/y
bYvnyGo9cCfpv+T3Hp5SC2PcFPPzpB/KajBsH/WsjMstI2UgWn8jojPYElVQ0cdv
iFfyNJ4QrpuZs07w0v6okhySxE4X9fzGdXeRCGDXcJ5DbTgMgmwSxEvmWtxsFQ7o
cSRc8iDx3GKS/J7pNFp4MsbwvuuovkFFO9wxHv4Wd5QnYBVDE/Bj5sP/NwYmbyXL
zDx+E9+Ml5wDBeYtm+FG9pqyA6nY/QmY61H0yhPRzt1SQF/xwW1odbuiODrf58w2
ACVtOtBfhVyrovMfNuvF3fYTPA==
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:28:41 2025 by rpki-client