Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/m6ICGY8tDK8Q212zDiNB6cUKuGY.roa
File: m6ICGY8tDK8Q212zDiNB6cUKuGY.roa (raw, json)
Hash identifier: EJb3usFy++FqYT3SUw3jZOIZDnNXZwJojnoQ4titUsw=
Subject key identifier: 9B:A2:02:19:8F:2D:0C:AF:10:DB:5D:B3:0E:23:41:E9:C5:0A:B8:66
Certificate issuer: /CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Certificate serial: 019A5024D77155BCE2A43F74881EAAE877A9
Authority key identifier: 1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/m6ICGY8tDK8Q212zDiNB6cUKuGY.roa
Signing time: Tue 04 Nov 2025 18:33:03 +0000
ROA not before: Tue 04 Nov 2025 18:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43581
IP address blocks: 46.253.143.0/24 maxlen: 24
91.211.115.0/24 maxlen: 24
193.17.92.0/24 maxlen: 24
2a11:1940::/32 maxlen: 32
2a13:17c0::/32 maxlen: 32
2a13:17c1::/32 maxlen: 32
2a13:17c2::/32 maxlen: 32
2a13:17c3::/32 maxlen: 32
2a13:17c4::/32 maxlen: 32
2a13:17c5::/32 maxlen: 32
2a13:17c7::/32 maxlen: 32
2a13:a500::/32 maxlen: 32
2a13:a502::/32 maxlen: 32
2a13:a503::/32 maxlen: 32
2a13:a504::/32 maxlen: 32
2a13:a505::/32 maxlen: 32
2a13:a506::/32 maxlen: 32
2a13:a507::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.mft
rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:50:24:d7:71:55:bc:e2:a4:3f:74:88:1e:aa:e8:77:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1bf268175c5a09a7afd0d87851824e1db73f7e7b
Validity
Not Before: Nov 4 18:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ba202198f2d0caf10db5db30e2341e9c50ab866
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:45:ab:d9:30:f5:a3:1e:c4:93:b8:f4:c9:17:
c4:de:18:51:4b:08:00:32:f9:58:95:5b:88:07:e2:
d6:89:42:8d:b1:a7:a5:ca:cd:49:df:c9:86:3e:ca:
5a:f9:b1:55:93:c7:ae:de:02:9b:2c:68:54:25:86:
f4:fc:97:82:af:dc:aa:86:b0:83:b6:89:dc:39:94:
aa:bc:1b:1d:5b:61:20:f3:18:ea:2e:43:37:f8:a3:
a4:2b:fd:0b:62:f2:bd:72:d9:13:d5:04:7e:07:7a:
c4:0b:87:c5:aa:26:8b:d4:cc:b4:e7:c7:89:7e:fb:
4a:77:4c:c1:1d:2c:b6:29:65:07:34:ca:df:b8:23:
0a:ee:65:97:ef:8e:ba:84:e3:41:ec:40:66:82:58:
a4:12:c2:f9:73:e8:92:5d:e2:7a:55:e4:ef:d8:7e:
5b:3a:9d:82:51:95:e3:bf:b1:ad:e6:f1:f4:44:a6:
f8:ac:67:c5:82:cc:c7:22:26:e7:4d:b8:da:e7:b3:
9a:c3:2c:d7:12:4d:df:5f:ed:d9:83:51:30:eb:f1:
da:3d:74:62:23:03:fe:ee:17:01:90:da:a4:54:51:
c1:01:92:23:8e:ec:fc:10:01:12:a0:b7:1d:36:6e:
1c:05:63:31:82:df:89:eb:c1:d6:af:ba:e8:91:e6:
82:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:A2:02:19:8F:2D:0C:AF:10:DB:5D:B3:0E:23:41:E9:C5:0A:B8:66
X509v3 Authority Key Identifier:
keyid:1B:F2:68:17:5C:5A:09:A7:AF:D0:D8:78:51:82:4E:1D:B7:3F:7E:7B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G_JoF1xaCaev0Nh4UYJOHbc_fns.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/m6ICGY8tDK8Q212zDiNB6cUKuGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/66650a-598a-4389-941f-534b8cd652e9/1/G_JoF1xaCaev0Nh4UYJOHbc_fns.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.143.0/24
91.211.115.0/24
193.17.92.0/24
IPv6:
2a11:1940::/32
2a13:17c0::-2a13:17c5:ffff:ffff:ffff:ffff:ffff:ffff
2a13:17c7::/32
2a13:a500::/32
2a13:a502::-2a13:a507:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:34:8e:f7:7a:ad:00:eb:3d:01:a5:61:62:07:23:f0:6b:af:
8f:12:e0:5b:aa:02:30:7e:c0:db:82:6a:e8:1a:37:6b:69:1b:
0e:b0:68:14:a7:b3:03:ae:03:0b:30:62:43:8e:60:f3:1d:72:
e1:df:1b:3e:20:3e:c2:94:fc:fd:b5:64:a4:a4:a3:59:75:32:
3e:66:f9:e8:cd:54:9c:02:49:9f:e8:28:f4:5f:8c:82:2a:1f:
ae:4c:ce:8b:9d:a4:83:62:8a:51:70:ad:84:85:09:21:75:0a:
be:8a:a4:54:07:c7:08:8b:df:c6:4b:2b:34:22:55:d0:5f:e0:
a0:55:0a:3f:16:fb:17:fb:34:51:9c:4f:d0:b7:e6:71:8a:c3:
4d:b2:77:8e:f8:d5:1a:da:3d:9d:b3:7f:34:4f:19:a1:eb:dc:
7a:65:90:c0:37:7f:07:d5:a3:f7:98:dd:ec:2a:92:62:4f:03:
93:7c:7b:13:65:eb:91:e7:7a:21:95:0a:fa:45:07:42:1f:ee:
7b:2e:74:83:77:15:f3:02:69:2e:9e:1b:b7:9c:4c:54:39:1b:
09:7c:22:ca:57:d6:3d:0e:78:dd:53:21:fe:9e:f6:f3:55:e9:
a4:29:ca:06:f6:16:cf:1a:83:e7:2b:01:f5:95:f3:c1:11:b4:
d7:70:09:eb
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZpQJNdxVbzipD90iB6q6HepMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiZjI2ODE3NWM1YTA5YTdhZmQwZDg3ODUxODI0ZTFkYjcz
ZjdlN2IwHhcNMjUxMTA0MTgzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YmEyMDIxOThmMmQwY2FmMTBkYjVkYjMwZTIzNDFlOWM1MGFiODY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokWr2TD1ox7Ek7j0yRfE3hhRSwgA
MvlYlVuIB+LWiUKNsaelys1J38mGPspa+bFVk8eu3gKbLGhUJYb0/JeCr9yqhrCD
toncOZSqvBsdW2Eg8xjqLkM3+KOkK/0LYvK9ctkT1QR+B3rEC4fFqiaL1My058eJ
fvtKd0zBHSy2KWUHNMrfuCMK7mWX7466hONB7EBmglikEsL5c+iSXeJ6VeTv2H5b
Op2CUZXjv7Gt5vH0RKb4rGfFgszHIibnTbja57OawyzXEk3fX+3Zg1Ew6/HaPXRi
IwP+7hcBkNqkVFHBAZIjjuz8EAESoLcdNm4cBWMxgt+J68HWr7rokeaCRQIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFJuiAhmPLQyvENtdsw4jQenFCrhmMB8GA1UdIwQY
MBaAFBvyaBdcWgmnr9DYeFGCTh23P357MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYt
NTM0YjhjZDY1MmU5LzEvbTZJQ0dZOHRESzhRMjEyekRpTkI2Y1VLdUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni82NjY1MGEtNTk4YS00Mzg5LTk0MWYtNTM0YjhjZDY1MmU5
LzEvR19Kb0YxeGFDYWV2ME5oNFVZSk9IYmNfZm5zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAYBAIAATASAwQALv2PAwQA
W9NzAwQAwRFcMDsEAgACMDUDBQAqERlAMA4DBQYqExfAAwUBKhMXxAMFACoTF8cD
BQAqE6UAMA4DBQEqE6UCAwUDKhOlADANBgkqhkiG9w0BAQsFAAOCAQEAXDSO93qt
AOs9AaVhYgcj8GuvjxLgW6oCMH7A24Jq6Bo3a2kbDrBoFKezA64DCzBiQ45g8x1y
4d8bPiA+wpT8/bVkpKSjWXUyPmb56M1UnAJJn+go9F+MgiofrkzOi52kg2KKUXCt
hIUJIXUKvoqkVAfHCIvfxksrNCJV0F/goFUKPxb7F/s0UZxP0LfmcYrDTbJ3jvjV
Gto9nbN/NE8ZoevcemWQwDd/B9Wj95jd7CqSYk8Dk3x7E2Xrked6IZUK+kUHQh/u
ey50g3cV8wJpLp4bt5xMVDkbCXwiylfWPQ543VMh/p7281XppCnKBvYWzxqD5ysB
9ZXzwRG013AJ6w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:17:27 2025 by rpki-client