Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/2G_wfY-wtHrrh5fIlt2oTgfjyRk.roa
File: 2G_wfY-wtHrrh5fIlt2oTgfjyRk.roa (raw, json)
Hash identifier: Z3ThrbWDvPG2omkuECARA3Z0eG/8QMV8+rwPhMcjF+s=
Subject key identifier: D8:6F:F0:7D:8F:B0:B4:7A:EB:87:97:C8:96:DD:A8:4E:07:E3:C9:19
Certificate issuer: /CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Certificate serial: 01986E7FD88371980CAAB6564EE0F205A015
Authority key identifier: B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/2G_wfY-wtHrrh5fIlt2oTgfjyRk.roa
Signing time: Sun 03 Aug 2025 05:55:28 +0000
ROA not before: Sun 03 Aug 2025 05:55:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34636
IP address blocks: 88.135.40.0/22 maxlen: 22
88.135.40.0/23 maxlen: 23
88.135.40.0/24 maxlen: 24
88.135.41.0/24 maxlen: 24
88.135.42.0/23 maxlen: 23
88.135.42.0/24 maxlen: 24
88.135.43.0/24 maxlen: 24
88.135.44.0/24 maxlen: 24
88.135.46.0/24 maxlen: 24
88.135.47.0/24 maxlen: 24
185.67.100.0/22 maxlen: 22
185.67.100.0/24 maxlen: 24
185.67.101.0/24 maxlen: 24
185.67.102.0/24 maxlen: 24
185.67.103.0/24 maxlen: 24
185.189.120.0/22 maxlen: 22
185.189.120.0/23 maxlen: 23
185.189.120.0/24 maxlen: 24
185.189.121.0/24 maxlen: 24
185.189.122.0/23 maxlen: 23
185.189.122.0/24 maxlen: 24
185.189.123.0/24 maxlen: 24
185.233.12.0/22 maxlen: 22
185.233.12.0/24 maxlen: 24
185.233.13.0/24 maxlen: 24
185.233.14.0/24 maxlen: 24
185.233.15.0/24 maxlen: 24
185.237.8.0/22 maxlen: 22
185.237.8.0/24 maxlen: 24
185.237.9.0/24 maxlen: 24
185.237.10.0/24 maxlen: 24
185.237.11.0/24 maxlen: 24
2a04:f080::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.mft
rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6e:7f:d8:83:71:98:0c:aa:b6:56:4e:e0:f2:05:a0:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6d14118dbd227298daa80c7acab11eea6d63e21
Validity
Not Before: Aug 3 05:55:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d86ff07d8fb0b47aeb8797c896dda84e07e3c919
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:44:3b:03:43:8e:5b:a4:a1:6f:c6:9a:2a:89:
d9:3b:c8:9a:3a:3a:3b:ec:d6:71:45:1a:a1:f8:46:
7c:41:33:0c:2a:63:6d:ca:6c:bf:ff:de:14:fe:1a:
ad:5b:7c:47:a4:92:57:19:6d:08:ef:13:21:cc:ce:
d2:13:9a:97:29:9f:f5:d3:da:5b:8e:72:38:75:4f:
4a:82:5b:55:97:a2:a5:88:78:d9:5b:ac:e9:39:12:
5c:52:5c:3e:1a:20:17:fa:bf:7a:df:27:17:e1:95:
c2:12:29:db:d8:9b:ad:1f:f9:87:f7:4b:57:56:15:
18:4b:5f:dc:e3:e0:6b:d5:7d:f4:ba:d8:ae:1f:05:
63:a7:74:87:23:d1:8f:94:da:03:8c:4f:40:f8:3f:
a1:57:a7:72:93:a7:a9:f7:4c:33:48:b9:6f:d5:ff:
63:ab:05:07:8f:30:42:8f:b8:f8:cb:f1:38:eb:fc:
98:5e:6a:7a:a4:a2:d3:a3:ac:cc:68:e5:aa:1c:25:
8e:e3:ee:16:39:f9:5e:bf:98:43:63:f3:b7:c8:04:
a8:42:c0:61:97:e2:73:26:48:f8:01:b3:e4:51:dd:
89:30:47:b8:fb:36:ae:15:f5:35:44:52:ea:cb:c2:
ce:eb:85:a6:db:e8:5e:0c:c4:c1:9e:46:8d:a2:16:
3d:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:6F:F0:7D:8F:B0:B4:7A:EB:87:97:C8:96:DD:A8:4E:07:E3:C9:19
X509v3 Authority Key Identifier:
keyid:B6:D1:41:18:DB:D2:27:29:8D:AA:80:C7:AC:AB:11:EE:A6:D6:3E:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ttFBGNvSJymNqoDHrKsR7qbWPiE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/2G_wfY-wtHrrh5fIlt2oTgfjyRk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/ed51d7-64fd-4c73-9e8c-0e37e11d0ec3/1/ttFBGNvSJymNqoDHrKsR7qbWPiE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.135.40.0-88.135.44.255
88.135.46.0/23
185.67.100.0/22
185.189.120.0/22
185.233.12.0/22
185.237.8.0/22
IPv6:
2a04:f080::/29
Signature Algorithm: sha256WithRSAEncryption
7d:04:c8:f9:e9:65:49:68:a6:c6:41:24:91:c9:f6:0f:bf:d0:
84:4c:96:bb:3d:6a:5d:28:a0:9c:48:c7:06:78:40:d7:14:54:
d6:4e:7a:f4:aa:27:c4:96:84:a1:e2:f4:0c:8c:63:a8:1a:22:
a8:67:32:6c:b9:67:d2:ff:9f:28:63:5b:b3:7b:b3:12:ec:2c:
0f:ff:36:14:2b:bf:71:57:6e:fe:23:71:b8:38:92:ab:b1:1e:
2e:eb:5b:72:8b:41:6d:cb:43:fe:2f:4e:d0:83:48:5e:86:72:
54:0e:2a:ed:47:47:ed:be:dc:95:72:ce:d4:4d:71:b6:b4:ea:
35:70:e1:e6:7c:67:43:8d:a9:9f:ff:f6:19:74:1e:e7:65:21:
89:a1:56:10:c3:88:5b:17:64:36:33:7f:8b:3b:82:42:d4:a6:
d8:4b:d3:c5:9a:d3:29:39:21:1e:c6:98:33:c0:48:ea:93:c2:
21:e2:12:8a:7a:eb:78:9c:c3:94:e7:18:68:40:61:a7:82:cc:
9a:a0:7b:9e:6f:a8:a4:9a:e0:d5:dd:39:f2:bb:13:ef:ba:ce:
e6:2e:77:ed:64:67:ad:77:8e:bc:e5:95:f9:de:66:95:2c:85:
eb:2b:80:63:4e:57:d5:31:e8:9f:06:04:26:6a:62:b5:88:1c:
c4:13:0a:97
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZhuf9iDcZgMqrZWTuDyBaAVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2ZDE0MTE4ZGJkMjI3Mjk4ZGFhODBjN2FjYWIxMWVlYTZk
NjNlMjEwHhcNMjUwODAzMDU1NTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODZmZjA3ZDhmYjBiNDdhZWI4Nzk3Yzg5NmRkYTg0ZTA3ZTNjOTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoUQ7A0OOW6Shb8aaKonZO8iaOjo7
7NZxRRqh+EZ8QTMMKmNtymy//94U/hqtW3xHpJJXGW0I7xMhzM7SE5qXKZ/109pb
jnI4dU9KgltVl6KliHjZW6zpORJcUlw+GiAX+r963ycX4ZXCEinb2JutH/mH90tX
VhUYS1/c4+Br1X30utiuHwVjp3SHI9GPlNoDjE9A+D+hV6dyk6ep90wzSLlv1f9j
qwUHjzBCj7j4y/E46/yYXmp6pKLTo6zMaOWqHCWO4+4WOflev5hDY/O3yASoQsBh
l+JzJkj4AbPkUd2JMEe4+zauFfU1RFLqy8LO64Wm2+heDMTBnkaNohY9RwIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFNhv8H2PsLR664eXyJbdqE4H48kZMB8GA1UdIwQY
MBaAFLbRQRjb0icpjaqAx6yrEe6m1j4hMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMt
MGUzN2UxMWQwZWMzLzEvMkdfd2ZZLXd0SHJyaDVmSWx0Mm9UZ2ZqeVJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni9lZDUxZDctNjRmZC00YzczLTllOGMtMGUzN2UxMWQwZWMz
LzEvdHRGQkdOdlNKeW1OcW9ESHJLc1I3cWJXUGlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsMAwDBANYhygD
BABYhywDBAFYhy4DBAK5Q2QDBAK5vXgDBAK56QwDBAK57QgwDQQCAAIwBwMFAyoE
8IAwDQYJKoZIhvcNAQELBQADggEBAH0EyPnpZUlopsZBJJHJ9g+/0IRMlrs9al0o
oJxIxwZ4QNcUVNZOevSqJ8SWhKHi9AyMY6gaIqhnMmy5Z9L/nyhjW7N7sxLsLA//
NhQrv3FXbv4jcbg4kquxHi7rW3KLQW3LQ/4vTtCDSF6GclQOKu1HR+2+3JVyztRN
cba06jVw4eZ8Z0ONqZ//9hl0HudlIYmhVhDDiFsXZDYzf4s7gkLUpthL08Wa0yk5
IR7GmDPASOqTwiHiEop663icw5TnGGhAYaeCzJqge55vqKSa4NXdOfK7E++6zuYu
d+1kZ613jrzllfneZpUshesrgGNOV9Ux6J8GBCZqYrWIHMQTCpc=
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:26:04 2025 by rpki-client