Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/e0Jx9GMBwKJeF_-AH1mkWee5zpM.roa
File: e0Jx9GMBwKJeF_-AH1mkWee5zpM.roa (raw, json)
Hash identifier: 7khM7gkFDzpcD48poy5Gxpw+JkUcp4jMj8x/QzQvOu8=
Subject key identifier: 7B:42:71:F4:63:01:C0:A2:5E:17:FF:80:1F:59:A4:59:E7:B9:CE:93
Certificate issuer: /CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Certificate serial: 019A4E3A1F56C59B558CE18485C2DB18C591
Authority key identifier: A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/e0Jx9GMBwKJeF_-AH1mkWee5zpM.roa
Signing time: Tue 04 Nov 2025 09:37:03 +0000
ROA not before: Tue 04 Nov 2025 09:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201301
IP address blocks: 185.45.96.0/24 maxlen: 24
185.45.98.0/24 maxlen: 24
2a04:a180::/32 maxlen: 32
2a04:a182::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.mft
rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:3a:1f:56:c5:9b:55:8c:e1:84:85:c2:db:18:c5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2ca37ded1b70c81b74a430f9b4d7acc62805ed8
Validity
Not Before: Nov 4 09:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b4271f46301c0a25e17ff801f59a459e7b9ce93
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:dc:35:e9:72:c1:e3:16:f6:90:c6:3a:db:ae:
4b:85:52:05:1a:12:47:4c:c3:d6:3c:a9:c7:17:d9:
15:fb:71:2b:b6:62:3b:8a:e5:0e:ea:e2:d2:31:3f:
08:9e:34:54:04:31:a5:9b:4e:34:e5:8b:70:d2:2f:
0f:2e:5a:4c:df:a5:d7:cf:74:b3:7f:61:47:d5:75:
e6:b6:cd:c6:e5:95:06:10:8c:5b:2e:dd:76:04:3a:
ca:cf:d8:be:3e:b4:2b:18:39:3b:7b:80:0e:5b:23:
9e:57:5e:2c:de:42:21:64:99:0e:e5:f8:4d:88:b4:
39:a6:03:08:d2:cc:09:b3:90:d5:19:00:af:a7:3d:
cc:10:70:56:cd:a9:81:37:16:f6:dc:a0:52:0c:fc:
55:0e:8d:fa:0c:3f:93:cb:dc:aa:5d:70:c9:16:bf:
e9:81:6c:5f:b7:7e:a3:0c:cd:36:05:c8:b4:f4:87:
70:6a:4a:23:22:93:4a:fb:a3:bf:1c:0a:20:2b:da:
ce:f6:fc:71:2b:40:54:2b:39:70:a7:9e:fe:b8:a7:
14:72:b8:cc:e9:3c:87:26:0e:12:54:90:c2:31:2b:
9a:fa:4e:d1:2a:83:3d:24:81:1f:b4:97:68:ba:10:
6f:24:a0:19:dd:41:bf:18:1c:3f:be:5c:b7:19:b2:
5a:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:42:71:F4:63:01:C0:A2:5E:17:FF:80:1F:59:A4:59:E7:B9:CE:93
X509v3 Authority Key Identifier:
keyid:A2:CA:37:DE:D1:B7:0C:81:B7:4A:43:0F:9B:4D:7A:CC:62:80:5E:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oso33tG3DIG3SkMPm016zGKAXtg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/e0Jx9GMBwKJeF_-AH1mkWee5zpM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/22/b2ace7-48db-4f7d-917f-306189d5c049/1/oso33tG3DIG3SkMPm016zGKAXtg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.45.96.0/24
185.45.98.0/24
IPv6:
2a04:a180::/32
2a04:a182::/32
Signature Algorithm: sha256WithRSAEncryption
11:48:aa:48:43:34:57:c7:ed:f0:04:cd:8f:f7:79:ad:d0:47:
c3:53:ea:6b:fa:6d:b2:e0:46:d3:4b:43:7d:63:a7:5b:d6:71:
cc:43:ff:15:f4:45:cc:c4:65:b9:b1:81:5c:02:96:be:1d:ce:
e3:db:0c:c2:22:10:8a:14:3b:1f:f9:24:60:c0:b7:20:47:8d:
4f:35:0f:2a:be:f1:fc:38:a6:ff:75:8a:d2:c6:65:2e:28:c7:
9b:dc:63:57:5b:ae:ff:58:0a:22:27:4e:ba:2c:3f:04:0d:40:
b8:92:5d:ce:e8:79:91:24:d3:92:b2:7a:56:b6:b6:ae:4f:6f:
9f:26:44:4f:7e:bf:80:ab:b8:88:8d:31:5c:94:98:78:e6:0f:
1a:e3:9a:f9:9f:2a:3f:8e:f3:74:53:d4:ef:80:85:34:1f:40:
0b:e4:98:92:ce:3b:85:86:3d:d6:38:04:03:4b:b3:78:2f:63:
32:42:d7:9f:78:99:e1:f3:ef:1e:a8:97:38:b0:76:09:af:41:
77:f0:4c:dc:de:84:1a:29:92:1d:96:61:e2:28:26:4d:a5:2f:
96:5f:96:18:4a:47:2a:45:c7:d0:42:54:1f:a9:41:d3:d0:55:
a4:6f:97:e4:d1:a9:89:80:66:3a:b9:fc:92:89:d2:64:64:27:
8c:5b:b5:75
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZpOOh9WxZtVjOGEhcLbGMWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyY2EzN2RlZDFiNzBjODFiNzRhNDMwZjliNGQ3YWNjNjI4
MDVlZDgwHhcNMjUxMTA0MDkzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQyNzFmNDYzMDFjMGEyNWUxN2ZmODAxZjU5YTQ1OWU3YjljZTkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo9w16XLB4xb2kMY6265LhVIFGhJH
TMPWPKnHF9kV+3ErtmI7iuUO6uLSMT8InjRUBDGlm0405Ytw0i8PLlpM36XXz3Sz
f2FH1XXmts3G5ZUGEIxbLt12BDrKz9i+PrQrGDk7e4AOWyOeV14s3kIhZJkO5fhN
iLQ5pgMI0swJs5DVGQCvpz3MEHBWzamBNxb23KBSDPxVDo36DD+Ty9yqXXDJFr/p
gWxft36jDM02Bci09IdwakojIpNK+6O/HAogK9rO9vxxK0BUKzlwp57+uKcUcrjM
6TyHJg4SVJDCMSua+k7RKoM9JIEftJdouhBvJKAZ3UG/GBw/vly3GbJakwIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFHtCcfRjAcCiXhf/gB9ZpFnnuc6TMB8GA1UdIwQY
MBaAFKLKN97RtwyBt0pDD5tNesxigF7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2Yt
MzA2MTg5ZDVjMDQ5LzEvZTBKeDlHTUJ3S0plRl8tQUgxbWtXZWU1enBNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMi9iMmFjZTctNDhkYi00ZjdkLTkxN2YtMzA2MTg5ZDVjMDQ5
LzEvb3NvMzN0RzNESUczU2tNUG0wMTZ6R0tBWHRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjASBAIAATAMAwQAuS1gAwQA
uS1iMBQEAgACMA4DBQAqBKGAAwUAKgShgjANBgkqhkiG9w0BAQsFAAOCAQEAEUiq
SEM0V8ft8ATNj/d5rdBHw1Pqa/ptsuBG00tDfWOnW9ZxzEP/FfRFzMRlubGBXAKW
vh3O49sMwiIQihQ7H/kkYMC3IEeNTzUPKr7x/Dim/3WK0sZlLijHm9xjV1uu/1gK
IidOuiw/BA1AuJJdzuh5kSTTkrJ6Vra2rk9vnyZET36/gKu4iI0xXJSYeOYPGuOa
+Z8qP47zdFPU74CFNB9AC+SYks47hYY91jgEA0uzeC9jMkLXn3iZ4fPvHqiXOLB2
Ca9Bd/BM3N6EGimSHZZh4igmTaUvll+WGEpHKkXH0EJUH6lB09BVpG+X5NGpiYBm
Orn8konSZGQnjFu1dQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 11:40:32 2025 by rpki-client