Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/al43kkWzKm0Zt_leXuwrvUcI71Y.roa
File: al43kkWzKm0Zt_leXuwrvUcI71Y.roa (raw, json)
Hash identifier: NuSx8GRJa+corRLlCxsQTs+q7zRUHE8NRnHkfNJgBsk=
Subject key identifier: 6A:5E:37:92:45:B3:2A:6D:19:B7:F9:5E:5E:EC:2B:BD:47:08:EF:56
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 019A4E2D4E01E6369D4E8E3D094DBA9F03BC
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/al43kkWzKm0Zt_leXuwrvUcI71Y.roa
Signing time: Tue 04 Nov 2025 09:23:03 +0000
ROA not before: Tue 04 Nov 2025 09:23:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202195
IP address blocks: 46.21.0.0/20 maxlen: 20
87.253.240.0/21 maxlen: 21
185.108.8.0/23 maxlen: 23
185.108.10.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:2d:4e:01:e6:36:9d:4e:8e:3d:09:4d:ba:9f:03:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Nov 4 09:23:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a5e379245b32a6d19b7f95e5eec2bbd4708ef56
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:b6:ca:fe:01:cc:18:82:25:1f:12:bf:09:0f:
ec:51:b2:2a:72:19:2f:cf:4e:de:18:24:80:96:58:
cb:c2:94:8c:d0:78:f2:02:b6:16:bd:fc:99:8d:75:
32:3a:18:28:cd:b4:02:de:51:85:0c:f5:6a:89:8c:
ab:c5:c0:aa:3a:12:2d:de:ea:b5:82:f7:b3:27:53:
08:c3:d3:f3:b6:04:5d:00:ab:bc:2b:a0:ec:c2:a7:
ef:90:92:cd:05:3d:6c:6d:b4:18:d2:35:df:1a:af:
95:df:c6:e5:c9:c7:b5:f2:ff:36:3b:48:1b:c4:04:
91:9e:b4:69:11:fe:e5:2c:3b:17:3c:1d:41:7b:54:
67:68:ed:61:34:d5:1f:d1:cf:9c:02:36:4a:b3:16:
d3:34:ad:0c:e5:b6:b0:30:10:1a:b5:f9:19:cd:43:
80:ec:43:ec:b4:d0:b4:10:ff:bb:b5:12:65:de:27:
08:db:10:78:2e:2e:4b:4f:18:1d:8e:04:3a:0c:68:
71:cb:bb:4c:50:d8:ef:84:6a:a7:43:4c:7e:7b:69:
3c:76:cd:ba:b1:ee:89:37:d8:75:da:de:dc:e3:c9:
85:32:3e:30:7b:d3:57:de:fc:ee:c0:77:20:7d:f9:
cf:5d:df:e3:9e:63:fb:3a:ab:df:3f:73:b9:30:91:
af:25
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:5E:37:92:45:B3:2A:6D:19:B7:F9:5E:5E:EC:2B:BD:47:08:EF:56
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/al43kkWzKm0Zt_leXuwrvUcI71Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.21.0.0/20
87.253.240.0/21
185.108.8.0/22
Signature Algorithm: sha256WithRSAEncryption
ac:bc:8f:93:6c:9d:76:e3:cb:fc:05:3f:4a:f0:1e:0d:05:6b:
13:8d:09:59:c9:40:40:45:37:f6:0e:db:83:79:a5:85:f8:84:
f5:7f:1d:a5:95:f6:d8:02:96:d7:f0:39:c1:9e:ce:a6:df:37:
e4:17:97:05:80:90:49:6b:eb:33:60:1b:38:95:52:6d:0e:2b:
c4:8d:74:19:99:a3:17:a7:79:62:6d:9d:2c:91:a3:db:0a:34:
0d:93:e6:e8:4b:61:0f:0b:5c:25:2a:87:78:92:36:36:c8:fd:
26:44:22:e9:35:49:f2:a2:5b:42:03:2c:7f:44:9f:c6:9d:6e:
4b:c3:c8:43:b5:84:a7:12:fe:41:36:58:ec:95:86:ca:60:47:
e1:36:75:85:73:2c:8c:07:bb:df:d6:8f:6c:75:cc:96:35:7b:
a2:a3:85:25:b3:5d:33:9d:4b:72:50:0d:c7:ac:7a:4a:eb:37:
e6:a9:e6:66:b3:bf:05:36:1f:f7:27:b9:13:63:7c:c2:c1:85:
24:5e:68:8d:b9:0e:2a:35:cd:9a:8c:d2:19:a7:2e:f3:05:e1:
77:3a:82:04:8c:0a:35:c1:ea:59:e3:70:dd:4d:12:30:97:89:
8d:05:60:3b:4d:ee:74:da:2e:89:30:92:c9:c1:6c:87:7f:e3:
76:ba:71:7a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZpOLU4B5jadTo49CU26nwO8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjUxMTA0MDkyMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTVlMzc5MjQ1YjMyYTZkMTliN2Y5NWU1ZWVjMmJiZDQ3MDhlZjU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvrbK/gHMGIIlHxK/CQ/sUbIqchkv
z07eGCSAlljLwpSM0HjyArYWvfyZjXUyOhgozbQC3lGFDPVqiYyrxcCqOhIt3uq1
gvezJ1MIw9PztgRdAKu8K6DswqfvkJLNBT1sbbQY0jXfGq+V38blyce18v82O0gb
xASRnrRpEf7lLDsXPB1Be1RnaO1hNNUf0c+cAjZKsxbTNK0M5bawMBAatfkZzUOA
7EPstNC0EP+7tRJl3icI2xB4Li5LTxgdjgQ6DGhxy7tMUNjvhGqnQ0x+e2k8ds26
se6JN9h12t7c48mFMj4we9NX3vzuwHcgffnPXd/jnmP7OqvfP3O5MJGvJQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGpeN5JFsyptGbf5Xl7sK71HCO9WMB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvYWw0M2trV3pLbTBadF9sZVh1d3J2VWNJNzFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQELhUAAwQD
V/3wAwQCuWwIMA0GCSqGSIb3DQEBCwUAA4IBAQCsvI+TbJ1248v8BT9K8B4NBWsT
jQlZyUBARTf2DtuDeaWF+IT1fx2llfbYApbX8DnBns6m3zfkF5cFgJBJa+szYBs4
lVJtDivEjXQZmaMXp3libZ0skaPbCjQNk+boS2EPC1wlKod4kjY2yP0mRCLpNUny
oltCAyx/RJ/GnW5Lw8hDtYSnEv5BNljslYbKYEfhNnWFcyyMB7vf1o9sdcyWNXui
o4Uls10znUtyUA3HrHpK6zfmqeZms78FNh/3J7kTY3zCwYUkXmiNuQ4qNc2ajNIZ
py7zBeF3OoIEjAo1wepZ43DdTRIwl4mNBWA7Te502i6JMJLJwWyHf+N2unF6
-----END CERTIFICATE-----
Generated at Wed Nov 5 23:01:20 2025 by rpki-client