Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/agnF3x6WdCZz_7mKDy-LLUgrR2s.roa
File: agnF3x6WdCZz_7mKDy-LLUgrR2s.roa (raw, json)
Hash identifier: QsH4PII2M8MLvfAn0vn7uI04k3SgZ4ibQitz1cKdNWo=
Subject key identifier: 6A:09:C5:DF:1E:96:74:26:73:FF:B9:8A:0F:2F:8B:2D:48:2B:47:6B
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019A3A7C697163E694C216CA0B0497CC93EA
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/agnF3x6WdCZz_7mKDy-LLUgrR2s.roa
Signing time: Fri 31 Oct 2025 13:37:03 +0000
ROA not before: Fri 31 Oct 2025 13:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 55470
IP address blocks: 213.169.198.0/23 maxlen: 23
213.169.238.0/23 maxlen: 23
213.169.242.0/23 maxlen: 23
217.8.220.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3a:7c:69:71:63:e6:94:c2:16:ca:0b:04:97:cc:93:ea
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Oct 31 13:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a09c5df1e96742673ffb98a0f2f8b2d482b476b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:51:8a:9c:2c:86:b2:53:c6:9d:6d:fd:e9:dc:
e6:b7:c5:d7:a7:24:37:b7:89:37:12:a9:89:d0:21:
8e:00:2f:03:e8:64:bb:f4:fe:a3:86:b8:cc:91:cd:
c4:cb:46:74:12:05:71:af:ca:ec:2c:fa:e4:01:42:
34:b6:68:d9:40:4a:81:20:d6:0e:9f:7c:0d:20:84:
e1:99:44:ed:02:eb:06:3c:38:cd:1a:48:fa:c3:0c:
b8:c3:c3:4b:20:25:f5:38:7a:f4:83:5d:cf:6f:55:
e3:a5:ad:5e:61:86:68:80:a3:4d:fc:cb:c3:89:5a:
cd:cd:8b:ce:07:5f:92:62:46:55:9f:33:ce:82:68:
76:c4:ec:cc:90:0f:24:f3:b9:ba:62:9a:06:28:2c:
23:8c:b4:1b:d1:a9:52:3a:fc:43:59:f1:a0:e0:4b:
f9:2e:84:09:c7:2e:13:f2:5b:b3:d1:7b:dc:c6:01:
bc:7d:91:59:ec:6c:20:67:e7:a4:5e:c2:51:66:38:
0e:dd:9f:87:4c:83:3e:14:a0:95:2d:cc:63:4f:57:
0b:b1:9c:55:94:e6:1e:45:fd:30:74:66:00:9c:ff:
27:55:2f:8c:f8:6a:c9:cc:a7:ca:44:9f:20:d6:aa:
d1:3f:5b:46:2a:2f:44:56:61:87:c2:d4:79:e2:6e:
8a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:09:C5:DF:1E:96:74:26:73:FF:B9:8A:0F:2F:8B:2D:48:2B:47:6B
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/agnF3x6WdCZz_7mKDy-LLUgrR2s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.169.198.0/23
213.169.238.0/23
213.169.242.0/23
217.8.220.0/23
Signature Algorithm: sha256WithRSAEncryption
93:29:37:8d:8e:8b:0b:ab:52:80:b1:bf:9b:39:c0:a6:bb:16:
1e:ca:55:30:39:9f:cb:bc:7d:42:ec:f2:82:97:ee:2c:f6:b7:
3a:76:16:e5:9f:6d:2b:4f:ac:e1:0f:37:15:f8:4a:07:e0:33:
8e:ac:38:4f:85:b2:fd:00:d6:1b:68:d3:54:19:31:96:ff:11:
3f:38:27:6b:f9:97:4d:64:d8:2d:71:a2:d7:f1:4b:b7:33:7a:
75:a2:8b:eb:7a:95:f7:d4:30:27:5b:c1:90:e7:9a:1b:e5:33:
01:97:04:6d:54:8b:cc:f1:62:0e:dd:d9:74:65:39:8d:b7:4d:
28:df:9b:c0:0e:e8:b7:42:6a:92:13:54:96:e1:e4:03:16:f7:
53:5b:7c:47:6a:9c:85:30:0f:56:60:06:79:49:16:3d:75:b4:
e4:e2:e6:07:1f:29:6d:7d:ab:1b:2e:c2:06:90:a8:7d:6c:86:
a2:04:fc:ee:15:41:d0:0b:7f:26:31:7a:80:38:b3:71:ac:ba:
ce:a9:ad:b1:57:e6:c5:e2:04:78:94:a9:6b:28:e2:03:48:d2:
5b:b5:df:09:d3:1e:11:a2:91:74:28:52:31:ab:e1:86:15:7a:
43:77:d9:32:07:5d:ae:05:68:50:b4:31:39:04:51:87:d6:ab:
b2:cc:a5:48
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZo6fGlxY+aUwhbKCwSXzJPqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUxMDMxMTMzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTA5YzVkZjFlOTY3NDI2NzNmZmI5OGEwZjJmOGIyZDQ4MmI0NzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulGKnCyGslPGnW396dzmt8XXpyQ3
t4k3EqmJ0CGOAC8D6GS79P6jhrjMkc3Ey0Z0EgVxr8rsLPrkAUI0tmjZQEqBINYO
n3wNIIThmUTtAusGPDjNGkj6wwy4w8NLICX1OHr0g13Pb1Xjpa1eYYZogKNN/MvD
iVrNzYvOB1+SYkZVnzPOgmh2xOzMkA8k87m6YpoGKCwjjLQb0alSOvxDWfGg4Ev5
LoQJxy4T8luz0XvcxgG8fZFZ7GwgZ+ekXsJRZjgO3Z+HTIM+FKCVLcxjT1cLsZxV
lOYeRf0wdGYAnP8nVS+M+GrJzKfKRJ8g1qrRP1tGKi9EVmGHwtR54m6KKQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGoJxd8elnQmc/+5ig8viy1IK0drMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvYWduRjN4NldkQ1p6XzdtS0R5LUxMVWdyUjJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQB1anGAwQB
1anuAwQB1anyAwQB2QjcMA0GCSqGSIb3DQEBCwUAA4IBAQCTKTeNjosLq1KAsb+b
OcCmuxYeylUwOZ/LvH1C7PKCl+4s9rc6dhbln20rT6zhDzcV+EoH4DOOrDhPhbL9
ANYbaNNUGTGW/xE/OCdr+ZdNZNgtcaLX8Uu3M3p1oovrepX31DAnW8GQ55ob5TMB
lwRtVIvM8WIO3dl0ZTmNt00o35vADui3QmqSE1SW4eQDFvdTW3xHapyFMA9WYAZ5
SRY9dbTk4uYHHyltfasbLsIGkKh9bIaiBPzuFUHQC38mMXqAOLNxrLrOqa2xV+bF
4gR4lKlrKOIDSNJbtd8J0x4RopF0KFIxq+GGFXpDd9kyB12uBWhQtDE5BFGH1quy
zKVI
-----END CERTIFICATE-----
Generated at Wed Nov 5 07:42:12 2025 by rpki-client