Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/AY8IrrzWhOI4edGB_Tl_2NFsPT4.roa
File: AY8IrrzWhOI4edGB_Tl_2NFsPT4.roa (raw, json)
Hash identifier: uiO1qHM3dqC6uI/IPIfdOOSGwVI3hRDJi3/ZtYOJrsc=
Subject key identifier: 01:8F:08:AE:BC:D6:84:E2:38:79:D1:81:FD:39:7F:D8:D1:6C:3D:3E
Certificate issuer: /CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Certificate serial: 019A1002B07013DD551C786CDB8E2A123798
Authority key identifier: EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/AY8IrrzWhOI4edGB_Tl_2NFsPT4.roa
Signing time: Thu 23 Oct 2025 07:40:03 +0000
ROA not before: Thu 23 Oct 2025 07:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 93.180.216.0/21 maxlen: 24
138.124.156.0/22 maxlen: 24
144.86.228.0/22 maxlen: 24
185.20.196.0/22 maxlen: 24
185.138.120.0/22 maxlen: 24
185.254.12.0/22 maxlen: 24
195.133.220.0/22 maxlen: 24
199.74.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:02:b0:70:13:dd:55:1c:78:6c:db:8e:2a:12:37:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef54d9e41ea5e2d161b7c4cdb2e4702c4f248e14
Validity
Not Before: Oct 23 07:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=018f08aebcd684e23879d181fd397fd8d16c3d3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:09:6c:bc:c3:6c:bc:46:e5:a3:ea:01:fd:b3:
5e:c1:cc:f7:8c:fd:aa:d7:39:07:57:90:fc:95:ec:
94:6a:aa:d2:fa:e7:4e:94:1a:6a:b9:e3:03:7d:5b:
b1:78:78:2e:1d:1e:5b:05:a4:40:82:0d:e0:87:30:
cd:af:4c:7d:22:39:89:9d:6b:16:3e:c0:de:00:01:
f1:cb:8e:3e:b5:7c:e2:59:eb:0c:bf:12:64:8b:75:
df:bb:1f:2e:10:37:f9:22:af:ba:3f:e0:7d:72:7e:
03:b2:5f:6b:eb:f7:e3:59:d6:71:34:e6:2c:b6:e1:
f2:49:be:36:21:e9:c6:37:88:1f:ec:7f:6b:7e:76:
f6:47:87:12:32:1a:9b:b3:4a:9b:a3:a7:5d:b8:eb:
14:42:79:4d:da:4d:86:cd:11:ee:33:f5:ef:ea:6b:
64:78:39:b3:51:25:50:77:32:f5:0d:30:8d:c9:e3:
18:37:bc:43:2d:e8:77:74:d5:c7:70:67:df:fc:87:
bc:d3:b0:5e:29:cf:29:41:33:28:85:b7:ac:b8:79:
71:e0:ee:bf:a7:5a:f0:62:23:b6:65:1f:be:7a:42:
81:1f:4c:16:19:a9:e8:e1:3d:01:b5:12:f0:80:86:
1b:cb:b3:c6:b3:79:80:ad:8f:b3:4d:5c:7e:9e:6a:
4f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:8F:08:AE:BC:D6:84:E2:38:79:D1:81:FD:39:7F:D8:D1:6C:3D:3E
X509v3 Authority Key Identifier:
keyid:EF:54:D9:E4:1E:A5:E2:D1:61:B7:C4:CD:B2:E4:70:2C:4F:24:8E:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/71TZ5B6l4tFht8TNsuRwLE8kjhQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/AY8IrrzWhOI4edGB_Tl_2NFsPT4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ec00e2-cbda-4b32-8c32-fbc6fcb5e7a6/1/71TZ5B6l4tFht8TNsuRwLE8kjhQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.180.216.0/21
138.124.156.0/22
144.86.228.0/22
185.20.196.0/22
185.138.120.0/22
185.254.12.0/22
195.133.220.0/22
199.74.188.0/22
Signature Algorithm: sha256WithRSAEncryption
af:8e:3c:56:b4:21:ed:b9:3b:cc:39:42:c0:1c:e1:3f:5c:fd:
4f:c1:e3:91:ae:47:c3:eb:f6:15:fb:69:eb:f4:66:b7:54:42:
73:b0:ca:90:64:d4:61:67:ae:03:12:5f:c8:18:7b:ad:7a:33:
af:8a:19:02:ed:be:f9:49:49:49:86:e5:f8:c5:17:46:ea:05:
a3:4b:ba:59:7a:45:b1:57:e8:dc:a6:40:03:32:de:bc:de:2c:
99:bb:ab:e5:27:58:a9:e7:e6:52:bb:20:a6:08:7e:b0:91:8d:
14:4d:9c:e7:dd:6b:8b:cd:18:2d:ca:46:fb:a5:b9:06:cb:a8:
24:94:aa:63:aa:ee:09:d3:c2:75:a5:b3:f8:4f:32:59:f4:73:
04:80:c7:d6:8e:b1:d2:65:b8:a9:43:8e:cc:61:db:ee:53:65:
2e:9f:a1:3f:85:8c:b0:8f:a8:30:3d:71:44:4e:f8:93:75:86:
36:89:f2:a2:c2:1a:b2:2c:36:4f:3e:3f:a0:bd:65:9a:06:31:
1e:28:c9:e8:b1:6b:fb:86:8d:0e:4d:d2:ee:1d:69:2e:f8:07:
94:46:33:2d:71:97:48:94:93:57:1a:2f:cc:6a:c2:11:47:e5:
d4:39:e0:3d:fc:c5:59:d4:b1:d4:23:ec:32:8a:36:3d:42:c2:
45:8d:e8:92
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZoQArBwE91VHHhs244qEjeYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmNTRkOWU0MWVhNWUyZDE2MWI3YzRjZGIyZTQ3MDJjNGYy
NDhlMTQwHhcNMjUxMDIzMDc0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMThmMDhhZWJjZDY4NGUyMzg3OWQxODFmZDM5N2ZkOGQxNmMzZDNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6AlsvMNsvEblo+oB/bNewcz3jP2q
1zkHV5D8leyUaqrS+udOlBpqueMDfVuxeHguHR5bBaRAgg3ghzDNr0x9IjmJnWsW
PsDeAAHxy44+tXziWesMvxJki3Xfux8uEDf5Iq+6P+B9cn4Dsl9r6/fjWdZxNOYs
tuHySb42IenGN4gf7H9rfnb2R4cSMhqbs0qbo6dduOsUQnlN2k2GzRHuM/Xv6mtk
eDmzUSVQdzL1DTCNyeMYN7xDLeh3dNXHcGff/Ie807BeKc8pQTMohbesuHlx4O6/
p1rwYiO2ZR++ekKBH0wWGano4T0BtRLwgIYby7PGs3mArY+zTVx+nmpP0wIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFAGPCK681oTiOHnRgf05f9jRbD0+MB8GA1UdIwQY
MBaAFO9U2eQepeLRYbfEzbLkcCxPJI4UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzIt
ZmJjNmZjYjVlN2E2LzEvQVk4SXJyeldoT0k0ZWRHQl9UbF8yTkZzUFQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9lYzAwZTItY2JkYS00YjMyLThjMzItZmJjNmZjYjVlN2E2
LzEvNzFUWjVCNmw0dEZodDhUTnN1UndMRThramhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDXbTYAwQC
inycAwQCkFbkAwQCuRTEAwQCuYp4AwQCuf4MAwQCw4XcAwQCx0q8MA0GCSqGSIb3
DQEBCwUAA4IBAQCvjjxWtCHtuTvMOULAHOE/XP1PweORrkfD6/YV+2nr9Ga3VEJz
sMqQZNRhZ64DEl/IGHutejOvihkC7b75SUlJhuX4xRdG6gWjS7pZekWxV+jcpkAD
Mt683iyZu6vlJ1ip5+ZSuyCmCH6wkY0UTZzn3WuLzRgtykb7pbkGy6gklKpjqu4J
08J1pbP4TzJZ9HMEgMfWjrHSZbipQ47MYdvuU2Uun6E/hYywj6gwPXFETviTdYY2
ifKiwhqyLDZPPj+gvWWaBjEeKMnosWv7ho0OTdLuHWku+AeURjMtcZdIlJNXGi/M
asIRR+XUOeA9/MVZ1LHUI+wyijY9QsJFjeiS
-----END CERTIFICATE-----
Generated at Tue Nov 4 17:01:24 2025 by rpki-client