Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/2_aedBK1LsY-Ma99ssfiCM4P-q4.roa
File: 2_aedBK1LsY-Ma99ssfiCM4P-q4.roa (raw, json)
Hash identifier: 88IybdKTdXl1XFfeFL40irO5Mp2itxxV1uFlENMQvcY=
Subject key identifier: DB:F6:9E:74:12:B5:2E:C6:3E:31:AF:7D:B2:C7:E2:08:CE:0F:FA:AE
Certificate issuer: /CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Certificate serial: 019A4E6C7953D719A52A46C674B03FCE0CB6
Authority key identifier: C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/2_aedBK1LsY-Ma99ssfiCM4P-q4.roa
Signing time: Tue 04 Nov 2025 10:32:03 +0000
ROA not before: Tue 04 Nov 2025 10:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42083
IP address blocks: 185.208.100.0/24 maxlen: 24
185.208.101.0/24 maxlen: 24
185.208.102.0/24 maxlen: 24
185.208.103.0/24 maxlen: 24
194.99.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.mft
rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:6c:79:53:d7:19:a5:2a:46:c6:74:b0:3f:ce:0c:b6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c588a079e4ceb6bb24c23c5271e4583e1cf2f9a9
Validity
Not Before: Nov 4 10:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbf69e7412b52ec63e31af7db2c7e208ce0ffaae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:09:39:b6:e5:76:e5:dc:96:16:da:a1:9b:8f:
49:cb:47:d0:19:82:44:61:2c:2b:3d:78:0c:88:4c:
02:75:f1:1b:73:88:de:5d:16:6b:5b:0f:9e:39:f0:
16:97:57:ae:57:e0:e3:bd:11:8d:1b:c6:ca:1b:f1:
63:ea:21:5d:8c:2f:59:35:8f:09:87:39:08:cd:e6:
24:77:f3:4b:28:0b:a0:33:9a:51:d0:55:81:23:10:
09:9d:20:37:ab:d7:65:e9:a3:09:f1:5e:a1:65:d5:
85:a1:1d:8b:59:eb:60:dc:0c:fe:ff:f7:f8:f8:b0:
a8:4f:bf:79:eb:26:71:79:32:ca:19:6e:f6:2d:09:
ff:22:ef:5d:94:cc:b2:c2:81:62:56:b0:f3:a8:db:
56:1b:0a:34:53:a6:07:c1:15:af:8e:76:84:09:f5:
8c:79:ba:da:61:d8:d9:68:f8:ff:bc:d0:91:f2:a7:
d7:ea:60:25:ab:b3:57:38:e0:9c:b5:d9:6a:c5:63:
65:fc:4f:04:ff:94:5e:c8:aa:29:95:62:cb:84:af:
b6:2e:84:db:6c:db:11:6d:9d:a9:99:e6:bf:bb:42:
18:ca:a0:01:bb:02:11:a5:d1:51:35:32:a0:7a:23:
5f:99:b0:7b:88:8d:2a:47:76:85:04:f6:3b:76:c9:
87:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:F6:9E:74:12:B5:2E:C6:3E:31:AF:7D:B2:C7:E2:08:CE:0F:FA:AE
X509v3 Authority Key Identifier:
keyid:C5:88:A0:79:E4:CE:B6:BB:24:C2:3C:52:71:E4:58:3E:1C:F2:F9:A9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xYigeeTOtrskwjxSceRYPhzy-ak.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/2_aedBK1LsY-Ma99ssfiCM4P-q4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/bb4b8f-b6a2-4d00-9612-17edb98bbb08/1/xYigeeTOtrskwjxSceRYPhzy-ak.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.208.100.0/22
194.99.57.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:1a:24:e5:87:0a:66:d5:2b:cb:7c:7e:14:7d:99:45:0f:03:
75:95:18:7f:14:c4:cd:21:78:de:99:12:67:51:64:00:c4:f3:
e2:be:67:52:e8:61:c5:1c:70:2a:68:6b:37:dd:bd:60:de:5b:
47:18:d6:eb:95:a8:09:bb:06:b2:c8:dd:c6:ad:00:b2:6a:c9:
73:54:c0:97:b0:f7:bd:8d:f2:b1:fc:54:d2:06:98:99:d0:d7:
06:a9:b5:49:0d:49:a2:be:ac:39:b9:a7:15:1b:cc:52:27:ed:
2b:19:3f:ee:69:1e:cd:43:0d:2c:7f:10:32:4e:82:d8:71:9b:
1f:bc:bc:cc:dd:54:ea:4a:12:8c:a2:ac:8b:07:c1:19:91:37:
97:d6:22:51:89:da:00:60:12:54:32:15:52:a0:4d:ab:c7:f7:
ab:64:38:fd:96:7f:d1:50:c0:24:85:39:77:4d:4e:ad:82:34:
d7:86:ad:26:38:e9:3e:b1:db:53:dc:59:3c:bd:92:4a:53:28:
73:05:ff:ff:f7:83:b5:45:af:b9:4f:f6:d0:40:e6:33:3d:fa:
6b:dc:ed:98:35:52:d2:d4:41:32:61:0f:21:8c:59:b9:c0:47:
f4:bb:17:a2:63:93:d1:3e:7b:48:0a:c0:ff:30:a1:27:4d:9c:
e2:ce:dc:d0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpObHlT1xmlKkbGdLA/zgy2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ODhhMDc5ZTRjZWI2YmIyNGMyM2M1MjcxZTQ1ODNlMWNm
MmY5YTkwHhcNMjUxMTA0MTAzMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmY2OWU3NDEyYjUyZWM2M2UzMWFmN2RiMmM3ZTIwOGNlMGZmYWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApwk5tuV25dyWFtqhm49Jy0fQGYJE
YSwrPXgMiEwCdfEbc4jeXRZrWw+eOfAWl1euV+DjvRGNG8bKG/Fj6iFdjC9ZNY8J
hzkIzeYkd/NLKAugM5pR0FWBIxAJnSA3q9dl6aMJ8V6hZdWFoR2LWetg3Az+//f4
+LCoT7956yZxeTLKGW72LQn/Iu9dlMyywoFiVrDzqNtWGwo0U6YHwRWvjnaECfWM
ebraYdjZaPj/vNCR8qfX6mAlq7NXOOCctdlqxWNl/E8E/5ReyKoplWLLhK+2LoTb
bNsRbZ2pmea/u0IYyqABuwIRpdFRNTKgeiNfmbB7iI0qR3aFBPY7dsmHcwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNv2nnQStS7GPjGvfbLH4gjOD/quMB8GA1UdIwQY
MBaAFMWIoHnkzra7JMI8UnHkWD4c8vmpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTIt
MTdlZGI5OGJiYjA4LzEvMl9hZWRCSzFMc1ktTWE5OXNzZmlDTTRQLXE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9iYjRiOGYtYjZhMi00ZDAwLTk2MTItMTdlZGI5OGJiYjA4
LzEveFlpZ2VlVE90cnNrd2p4U2NlUllQaHp5LWFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCudBkAwQA
wmM5MA0GCSqGSIb3DQEBCwUAA4IBAQAvGiTlhwpm1SvLfH4UfZlFDwN1lRh/FMTN
IXjemRJnUWQAxPPivmdS6GHFHHAqaGs33b1g3ltHGNbrlagJuwayyN3GrQCyaslz
VMCXsPe9jfKx/FTSBpiZ0NcGqbVJDUmivqw5uacVG8xSJ+0rGT/uaR7NQw0sfxAy
ToLYcZsfvLzM3VTqShKMoqyLB8EZkTeX1iJRidoAYBJUMhVSoE2rx/erZDj9ln/R
UMAkhTl3TU6tgjTXhq0mOOk+sdtT3Fk8vZJKUyhzBf//94O1Ra+5T/bQQOYzPfpr
3O2YNVLS1EEyYQ8hjFm5wEf0uxeiY5PRPntICsD/MKEnTZziztzQ
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:22:19 2025 by rpki-client