Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l4VRrf05zn63z4PmKlOtfl7H8TM.roa
File: l4VRrf05zn63z4PmKlOtfl7H8TM.roa (raw, json)
Hash identifier: 4xnwk5l3HxBH4JxaOOT+INvtspwYpfqJ99zk4dGEjiI=
Subject key identifier: 97:85:51:AD:FD:39:CE:7E:B7:CF:83:E6:2A:53:AD:7E:5E:C7:F1:33
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019A3FB805663E485EC2FBB452CFA8D34DC3
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l4VRrf05zn63z4PmKlOtfl7H8TM.roa
Signing time: Sat 01 Nov 2025 14:00:15 +0000
ROA not before: Sat 01 Nov 2025 14:00:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 62.76.236.0/24 maxlen: 24
62.76.237.0/24 maxlen: 24
193.124.17.0/24 maxlen: 24
193.124.206.0/24 maxlen: 24
194.58.56.0/24 maxlen: 24
194.58.154.0/24 maxlen: 24
194.58.155.0/24 maxlen: 24
194.87.51.0/24 maxlen: 24
194.87.55.0/24 maxlen: 24
194.87.233.0/24 maxlen: 24
194.87.255.0/24 maxlen: 24
212.193.20.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:22:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:b8:05:66:3e:48:5e:c2:fb:b4:52:cf:a8:d3:4d:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 14:00:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=978551adfd39ce7eb7cf83e62a53ad7e5ec7f133
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:83:f5:2f:9b:98:2f:0d:6c:82:c0:ac:8c:e8:79:
6e:47:2a:a8:8b:47:ff:76:08:2e:7d:ac:25:7f:c0:
0d:78:a3:b5:13:ff:41:11:57:bc:43:79:73:bf:c3:
3f:a7:b4:db:cc:5a:a8:88:ed:db:c3:47:be:75:d0:
36:2b:2e:1f:fd:94:5b:ca:c7:3f:f6:8a:25:e7:fa:
5b:84:db:4e:6d:d7:40:dc:2f:32:85:5c:f9:41:7d:
6d:11:22:3e:1e:7d:8f:cc:7e:7b:2a:dd:c3:93:e5:
79:5d:72:f9:00:93:a3:f4:fb:9a:30:8e:72:76:3d:
90:fc:43:29:19:b2:20:a3:44:9b:ae:05:54:7d:ea:
bf:32:f4:0c:61:c1:b8:65:29:86:f7:ff:74:fd:1d:
97:44:10:36:1d:c1:1c:0e:41:fc:c9:3e:2b:9c:62:
8b:7e:a6:b8:f5:8a:3b:5b:6a:eb:76:79:1e:02:21:
68:7b:9f:4e:d3:53:f6:93:f4:ef:92:13:b2:76:c0:
9d:f3:36:83:fe:f0:67:c3:71:c9:f0:6b:2b:8c:53:
72:cf:b5:76:51:0e:69:f3:2a:5c:3d:d8:2f:66:dc:
e6:00:f4:f9:d5:bc:14:e0:3f:bb:8e:29:f0:13:7f:
9e:bd:3a:8a:59:6b:ac:a9:2b:8b:ed:1c:b2:ab:6a:
28:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:85:51:AD:FD:39:CE:7E:B7:CF:83:E6:2A:53:AD:7E:5E:C7:F1:33
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/l4VRrf05zn63z4PmKlOtfl7H8TM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.236.0/23
193.124.17.0/24
193.124.206.0/24
194.58.56.0/24
194.58.154.0/23
194.87.51.0/24
194.87.55.0/24
194.87.233.0/24
194.87.255.0/24
212.193.20.0/24
Signature Algorithm: sha256WithRSAEncryption
03:9b:97:62:db:c6:28:6d:5a:3d:bd:4a:a5:df:68:09:dd:3b:
e3:1c:4e:8d:6a:2d:7b:a0:8f:78:4e:bb:37:a8:d8:f4:0f:ac:
cd:a4:22:e6:e7:29:22:71:37:e7:a1:fb:e9:74:ec:4a:29:bf:
00:d3:eb:ab:22:b5:a4:19:e9:82:41:da:e3:00:53:b2:64:ff:
db:2d:43:04:81:01:f6:4f:f9:a3:fd:00:bb:8e:34:81:98:80:
6c:22:e6:f2:bb:ce:80:02:ae:fb:49:2b:19:8d:a9:ca:64:d4:
e9:10:01:d6:bc:8d:1a:4b:ff:07:c5:7e:fe:66:92:bc:ac:af:
0e:b4:2d:ea:81:de:ac:4c:75:14:a6:05:96:5a:fc:dc:0f:c5:
74:f6:81:29:34:b7:f7:f7:e9:55:c2:05:a4:fb:96:aa:7e:2a:
8b:e8:fa:1d:1a:8f:7b:9b:7c:ab:82:86:76:ad:07:07:a5:97:
45:4a:ce:a9:20:a0:e1:8d:c4:6f:95:80:fb:fb:fe:5e:4d:b2:
85:df:e9:44:d6:0a:14:7a:b2:59:46:25:00:e7:91:50:e4:69:
f6:0c:a0:f8:59:d4:69:4c:d5:08:d3:b4:12:9c:55:d8:9c:a8:
43:f0:ac:30:de:cc:17:21:18:6a:d0:6d:05:14:1a:b7:b1:d5:
e0:25:54:a0
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZo/uAVmPkhewvu0Us+o003DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUxMTAxMTQwMDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Nzg1NTFhZGZkMzljZTdlYjdjZjgzZTYyYTUzYWQ3ZTVlYzdmMTMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAg/Uvm5gvDWyCwKyM6HluRyqoi0f/
dggufawlf8ANeKO1E/9BEVe8Q3lzv8M/p7TbzFqoiO3bw0e+ddA2Ky4f/ZRbysc/
9ool5/pbhNtObddA3C8yhVz5QX1tESI+Hn2PzH57Kt3Dk+V5XXL5AJOj9PuaMI5y
dj2Q/EMpGbIgo0SbrgVUfeq/MvQMYcG4ZSmG9/90/R2XRBA2HcEcDkH8yT4rnGKL
fqa49Yo7W2rrdnkeAiFoe59O01P2k/TvkhOydsCd8zaD/vBnw3HJ8GsrjFNyz7V2
UQ5p8ypcPdgvZtzmAPT51bwU4D+7jinwE3+evTqKWWusqSuL7Ryyq2oo/wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFJeFUa39Oc5+t8+D5ipTrX5ex/EzMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvbDRWUnJmMDV6bjYzejRQbUtsT3RmbDdIOFRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQBPkzsAwQA
wXwRAwQAwXzOAwQAwjo4AwQBwjqaAwQAwlczAwQAwlc3AwQAwlfpAwQAwlf/AwQA
1MEUMA0GCSqGSIb3DQEBCwUAA4IBAQADm5di28YobVo9vUql32gJ3TvjHE6Nai17
oI94Trs3qNj0D6zNpCLm5ykicTfnofvpdOxKKb8A0+urIrWkGemCQdrjAFOyZP/b
LUMEgQH2T/mj/QC7jjSBmIBsIubyu86AAq77SSsZjanKZNTpEAHWvI0aS/8HxX7+
ZpK8rK8OtC3qgd6sTHUUpgWWWvzcD8V09oEpNLf39+lVwgWk+5aqfiqL6PodGo97
m3yrgoZ2rQcHpZdFSs6pIKDhjcRvlYD7+/5eTbKF3+lE1goUerJZRiUA55FQ5Gn2
DKD4WdRpTNUI07QSnFXYnKhD8Kww3swXIRhq0G0FFBq3sdXgJVSg
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:04:48 2025 by rpki-client