Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/sKDcgqrzTnILG4Tq477BccwF4pQ.roa
File: sKDcgqrzTnILG4Tq477BccwF4pQ.roa (raw, json)
Hash identifier: 6+GFy/dNFKXyiBMKcgcLHz5mt8j4SOz5xQ+ZuaGLdHU=
Subject key identifier: B0:A0:DC:82:AA:F3:4E:72:0B:1B:84:EA:E3:BE:C1:71:CC:05:E2:94
Certificate issuer: /CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Certificate serial: 019A3A0CB6BF86B34FCD80732FD731D4AF4D
Authority key identifier: D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/sKDcgqrzTnILG4Tq477BccwF4pQ.roa
Signing time: Fri 31 Oct 2025 11:35:03 +0000
ROA not before: Fri 31 Oct 2025 11:35:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214196
IP address blocks: 94.74.158.0/24 maxlen: 24
94.74.164.0/24 maxlen: 24
176.46.141.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.mft
rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3a:0c:b6:bf:86:b3:4f:cd:80:73:2f:d7:31:d4:af:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d60475ebe7f07d74153cb1cca338c16d801f45f7
Validity
Not Before: Oct 31 11:35:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0a0dc82aaf34e720b1b84eae3bec171cc05e294
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9a:e9:f5:e4:60:b9:48:99:9e:6c:d4:fa:44:
01:0c:02:0a:a8:52:30:c4:f7:f5:cb:61:bb:72:5b:
65:6d:e9:b2:02:72:4d:f7:14:57:5d:57:29:6b:1b:
dc:10:df:25:0b:64:60:85:ef:6b:96:b5:c2:cb:75:
55:a7:df:2d:e3:81:c4:b9:f7:e1:2a:83:98:f7:b0:
e1:b8:64:ec:dd:58:df:d2:60:83:bd:ef:bd:5a:f7:
06:bd:9e:27:66:9a:15:26:02:22:8e:bc:41:d0:08:
42:dc:52:43:7e:15:ed:14:69:86:80:3d:22:2e:3f:
61:d9:4f:cb:68:91:61:50:9e:37:2a:71:a6:9f:3d:
fa:62:57:64:bf:99:75:66:f4:a4:62:3a:48:d1:44:
c7:d4:29:ae:19:1b:d2:f5:99:45:52:b2:2a:ea:9a:
94:c0:32:d8:b1:51:62:b9:91:63:3f:d8:8e:67:17:
a0:a4:d8:3d:5d:5d:2c:c4:6b:c6:46:6c:4a:7a:ce:
69:ff:70:cf:46:f7:19:cf:e3:58:f5:c8:5b:e3:19:
08:97:f6:36:f1:7e:b1:e1:0b:9a:87:fa:20:91:84:
45:e2:02:c1:5f:f5:cf:89:d2:d4:0f:3f:7b:a4:ee:
44:7f:3d:43:5e:a6:59:0e:e5:e3:6c:bc:89:f3:e4:
3a:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:A0:DC:82:AA:F3:4E:72:0B:1B:84:EA:E3:BE:C1:71:CC:05:E2:94
X509v3 Authority Key Identifier:
keyid:D6:04:75:EB:E7:F0:7D:74:15:3C:B1:CC:A3:38:C1:6D:80:1F:45:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1gR16-fwfXQVPLHMozjBbYAfRfc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/sKDcgqrzTnILG4Tq477BccwF4pQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/28/52ebae-e006-4778-ac3c-496f8ebb2d61/1/1gR16-fwfXQVPLHMozjBbYAfRfc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.74.158.0/24
94.74.164.0/24
176.46.141.0/24
Signature Algorithm: sha256WithRSAEncryption
45:c5:90:ca:74:fc:fb:4d:59:dc:8e:98:07:32:f4:2c:ac:8b:
51:c9:12:65:6f:ce:bd:74:d7:a0:de:53:04:77:ee:35:66:2b:
ff:2e:96:08:bc:fb:4f:c8:9c:b4:f8:c2:80:6a:9b:32:23:e3:
12:c5:6d:c4:77:1b:6c:4b:51:5c:6d:9c:f4:4d:c8:73:89:31:
4f:48:c3:ee:88:3a:5b:41:d5:42:ae:f6:18:83:44:99:ca:a6:
30:ec:6a:df:95:9c:b2:83:65:37:14:9d:bf:5a:1c:70:86:a8:
cd:e5:ac:a5:8c:35:b2:06:8f:2a:32:b3:59:e5:bd:46:05:e2:
4b:39:53:bb:0d:49:0d:3e:e1:86:0d:f3:91:f5:e8:30:34:84:
be:67:d4:f1:6f:3a:24:2f:02:64:6d:f3:44:06:32:b6:8d:35:
2e:53:b3:57:2d:08:47:94:1c:2f:3d:14:1d:87:bb:21:85:e9:
ee:59:06:cc:f1:6b:ed:96:84:ae:8a:71:8f:fe:9f:b4:1a:7f:
e4:8b:c3:d5:07:72:f4:ab:93:40:04:a7:8c:92:30:81:2e:c8:
c3:99:1f:06:87:ee:6d:85:55:fc:00:8b:cc:aa:56:90:90:d9:
20:e5:9c:d0:eb:ca:eb:e2:84:1d:8f:10:23:c0:0a:9e:9a:1d:
95:4a:92:df
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZo6DLa/hrNPzYBzL9cx1K9NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2MDQ3NWViZTdmMDdkNzQxNTNjYjFjY2EzMzhjMTZkODAx
ZjQ1ZjcwHhcNMjUxMDMxMTEzNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMGEwZGM4MmFhZjM0ZTcyMGIxYjg0ZWFlM2JlYzE3MWNjMDVlMjk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5rp9eRguUiZnmzU+kQBDAIKqFIw
xPf1y2G7cltlbemyAnJN9xRXXVcpaxvcEN8lC2Rghe9rlrXCy3VVp98t44HEuffh
KoOY97DhuGTs3Vjf0mCDve+9WvcGvZ4nZpoVJgIijrxB0AhC3FJDfhXtFGmGgD0i
Lj9h2U/LaJFhUJ43KnGmnz36Yldkv5l1ZvSkYjpI0UTH1CmuGRvS9ZlFUrIq6pqU
wDLYsVFiuZFjP9iOZxegpNg9XV0sxGvGRmxKes5p/3DPRvcZz+NY9chb4xkIl/Y2
8X6x4Quah/ogkYRF4gLBX/XPidLUDz97pO5Efz1DXqZZDuXjbLyJ8+Q66QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLCg3IKq805yCxuE6uO+wXHMBeKUMB8GA1UdIwQY
MBaAFNYEdevn8H10FTyxzKM4wW2AH0X3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2Mt
NDk2ZjhlYmIyZDYxLzEvc0tEY2dxcnpUbklMRzRUcTQ3N0JjY3dGNHBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOC81MmViYWUtZTAwNi00Nzc4LWFjM2MtNDk2ZjhlYmIyZDYx
LzEvMWdSMTYtZndmWFFWUExITW96akJiWUFmUmZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAXkqeAwQA
XkqkAwQAsC6NMA0GCSqGSIb3DQEBCwUAA4IBAQBFxZDKdPz7TVncjpgHMvQsrItR
yRJlb869dNeg3lMEd+41Ziv/LpYIvPtPyJy0+MKAapsyI+MSxW3EdxtsS1FcbZz0
TchziTFPSMPuiDpbQdVCrvYYg0SZyqYw7GrflZyyg2U3FJ2/WhxwhqjN5ayljDWy
Bo8qMrNZ5b1GBeJLOVO7DUkNPuGGDfOR9egwNIS+Z9TxbzokLwJkbfNEBjK2jTUu
U7NXLQhHlBwvPRQdh7shhenuWQbM8WvtloSuinGP/p+0Gn/ki8PVB3L0q5NABKeM
kjCBLsjDmR8Gh+5thVX8AIvMqlaQkNkg5ZzQ68rr4oQdjxAjwAqemh2VSpLf
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:00:20 2025 by rpki-client