Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/2TMm2LCfr57u_4J2_1CZ5UV6wg4.roa
File: 2TMm2LCfr57u_4J2_1CZ5UV6wg4.roa (raw, json)
Hash identifier: 9V/G4F6RhZ4wdXFiY4sW5vKF1AdhLHo9sUbdwSftjVY=
Subject key identifier: D9:33:26:D8:B0:9F:AF:9E:EE:FF:82:76:FF:50:99:E5:45:7A:C2:0E
Certificate issuer: /CN=efa70cb849e3837451bd79af7dc7e035963e6043
Certificate serial: 0198891A4C0F0ABDFDE9B15FD456C5CBF1D8
Authority key identifier: EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/2TMm2LCfr57u_4J2_1CZ5UV6wg4.roa
Signing time: Fri 08 Aug 2025 09:54:18 +0000
ROA not before: Fri 08 Aug 2025 09:54:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34916
IP address blocks: 85.204.193.0/24 maxlen: 24
86.104.231.0/24 maxlen: 24
86.105.204.0/23 maxlen: 23
86.105.226.0/24 maxlen: 24
86.106.27.0/24 maxlen: 24
89.42.118.0/23 maxlen: 23
89.44.238.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.mft
rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:1a:4c:0f:0a:bd:fd:e9:b1:5f:d4:56:c5:cb:f1:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=efa70cb849e3837451bd79af7dc7e035963e6043
Validity
Not Before: Aug 8 09:54:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d93326d8b09faf9eeeff8276ff5099e5457ac20e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:d1:30:51:d1:e8:c0:b0:84:ad:0d:8d:40:9d:
33:0c:dd:13:53:e7:7c:d4:8e:d1:8a:91:bd:73:b8:
9d:7c:ea:e5:af:ef:d8:3c:3e:e1:8f:d2:a4:4f:ab:
5e:28:7d:de:05:61:4e:47:c9:e2:d2:a2:8d:b4:3c:
97:53:dd:47:1a:96:09:35:67:a7:b6:0c:31:66:26:
79:0d:f7:3c:85:d7:7e:64:ed:46:c0:35:15:83:8e:
b4:8d:08:57:9f:1d:4c:2d:31:ca:c7:3f:e4:e1:1b:
9b:0e:a6:ba:e4:fa:ba:bd:9f:2b:e9:2b:90:2f:c8:
29:07:55:31:ca:73:84:06:cb:ac:04:67:78:9a:ee:
8e:b9:0c:60:80:62:55:6e:11:08:d7:a8:c6:9b:c8:
61:c7:08:2d:9c:a6:f7:75:53:bb:ab:d4:ad:24:e7:
11:8b:17:fd:9c:05:69:c3:dc:4b:f1:61:eb:d8:b9:
3e:bd:3e:4d:c1:c1:6f:b0:f7:52:c6:2f:ab:41:b8:
2c:26:d8:a2:2a:bf:d6:df:1f:70:3d:b8:e0:3b:be:
cb:c6:20:d9:33:ba:c8:05:f3:9e:13:03:b7:a6:a5:
07:87:f2:4d:92:5f:c4:aa:4e:e3:15:58:1a:fa:0b:
aa:4d:90:d4:2a:ea:e1:01:a9:1f:98:6a:70:ef:4e:
fb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D9:33:26:D8:B0:9F:AF:9E:EE:FF:82:76:FF:50:99:E5:45:7A:C2:0E
X509v3 Authority Key Identifier:
keyid:EF:A7:0C:B8:49:E3:83:74:51:BD:79:AF:7D:C7:E0:35:96:3E:60:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/76cMuEnjg3RRvXmvfcfgNZY-YEM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/2TMm2LCfr57u_4J2_1CZ5UV6wg4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/55/692b1e-c9fe-43e0-b722-53a60480761d/1/76cMuEnjg3RRvXmvfcfgNZY-YEM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.193.0/24
86.104.231.0/24
86.105.204.0/23
86.105.226.0/24
86.106.27.0/24
89.42.118.0/23
89.44.238.0/23
Signature Algorithm: sha256WithRSAEncryption
2b:f6:14:01:d6:7f:b5:73:01:3b:17:f0:94:4a:a9:ca:1f:6b:
f4:f2:64:a4:6a:7b:dc:a4:90:18:f8:dc:9e:bf:22:9a:5e:74:
f1:49:f4:75:e1:e9:5b:5c:44:0e:88:6c:6d:20:bb:5b:cf:de:
65:e6:e3:cb:0b:41:50:5a:bf:6c:45:8c:bd:6d:ed:ee:38:27:
3e:3a:7e:b7:3b:8a:5d:36:fc:6f:4e:99:e4:69:c7:76:24:6d:
85:4a:7e:d4:16:73:3e:32:3c:7f:3f:58:30:6d:12:db:d1:7d:
58:de:a0:a4:bb:fc:65:5c:9b:83:56:4b:d1:3c:99:18:fd:76:
37:6f:4d:3d:08:d7:f8:24:18:18:9d:37:a2:7f:61:ad:b2:c6:
e5:23:22:3b:79:d6:02:93:be:f1:68:fd:f8:b7:d7:26:bf:9c:
d6:43:93:b9:ed:40:0d:66:ec:69:f6:ae:70:c1:31:5a:74:3d:
62:f4:86:dc:25:4f:79:bb:86:91:da:37:b6:df:27:37:b0:4f:
89:f7:44:5d:f5:07:91:5e:7d:18:69:73:78:f5:ce:87:bd:dd:
4d:f2:02:cd:d7:a7:04:8e:e1:a6:b7:15:0b:43:59:16:03:83:
30:65:67:c4:9a:1d:97:35:45:b2:37:b9:c9:ac:d2:6a:71:82:
c1:7c:cf:56
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZiJGkwPCr396bFf1FbFy/HYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmYTcwY2I4NDllMzgzNzQ1MWJkNzlhZjdkYzdlMDM1OTYz
ZTYwNDMwHhcNMjUwODA4MDk1NDE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOTMzMjZkOGIwOWZhZjllZWVmZjgyNzZmZjUwOTllNTQ1N2FjMjBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsNEwUdHowLCErQ2NQJ0zDN0TU+d8
1I7RipG9c7idfOrlr+/YPD7hj9KkT6teKH3eBWFOR8ni0qKNtDyXU91HGpYJNWen
tgwxZiZ5Dfc8hdd+ZO1GwDUVg460jQhXnx1MLTHKxz/k4RubDqa65Pq6vZ8r6SuQ
L8gpB1UxynOEBsusBGd4mu6OuQxggGJVbhEI16jGm8hhxwgtnKb3dVO7q9StJOcR
ixf9nAVpw9xL8WHr2Lk+vT5NwcFvsPdSxi+rQbgsJtiiKr/W3x9wPbjgO77LxiDZ
M7rIBfOeEwO3pqUHh/JNkl/Eqk7jFVga+guqTZDUKurhAakfmGpw7077vQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFNkzJtiwn6+e7v+Cdv9QmeVFesIOMB8GA1UdIwQY
MBaAFO+nDLhJ44N0Ub15r33H4DWWPmBDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjIt
NTNhNjA0ODA3NjFkLzEvMlRNbTJMQ2ZyNTd1XzRKMl8xQ1o1VVY2d2c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81NS82OTJiMWUtYzlmZS00M2UwLWI3MjItNTNhNjA0ODA3NjFk
LzEvNzZjTXVFbmpnM1JSdlhtdmZjZmdOWlktWUVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAVczBAwQA
VmjnAwQBVmnMAwQAVmniAwQAVmobAwQBWSp2AwQBWSzuMA0GCSqGSIb3DQEBCwUA
A4IBAQAr9hQB1n+1cwE7F/CUSqnKH2v08mSkanvcpJAY+NyevyKaXnTxSfR14elb
XEQOiGxtILtbz95l5uPLC0FQWr9sRYy9be3uOCc+On63O4pdNvxvTpnkacd2JG2F
Sn7UFnM+Mjx/P1gwbRLb0X1Y3qCku/xlXJuDVkvRPJkY/XY3b009CNf4JBgYnTei
f2GtssblIyI7edYCk77xaP34t9cmv5zWQ5O57UANZuxp9q5wwTFadD1i9IbcJU95
u4aR2je23yc3sE+J90Rd9QeRXn0YaXN49c6Hvd1N8gLN16cEjuGmtxULQ1kWA4Mw
ZWfEmh2XNUWyN7nJrNJqcYLBfM9W
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:20:04 2025 by rpki-client