Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/8yaYj48CMeDTrtxfRpEdN6HgFIQ.roa
File: 8yaYj48CMeDTrtxfRpEdN6HgFIQ.roa (raw, json)
Hash identifier: 4avp+UIZj25/RQWft/nWjrgeixj3LhpnKvccOgiHbbs=
Subject key identifier: F3:26:98:8F:8F:02:31:E0:D3:AE:DC:5F:46:91:1D:37:A1:E0:14:84
Certificate issuer: /CN=26a5aa918cbfeb3e12997f33890feb258907b343
Certificate serial: 019A2B86C2725EB998AEE1B1F9C13109F20A
Authority key identifier: 26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/8yaYj48CMeDTrtxfRpEdN6HgFIQ.roa
Signing time: Tue 28 Oct 2025 15:54:03 +0000
ROA not before: Tue 28 Oct 2025 15:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29522
IP address blocks: 91.198.146.0/24 maxlen: 24
91.225.28.0/22 maxlen: 24
91.225.31.0/24 maxlen: 24
94.152.0.0/16 maxlen: 24
94.152.32.0/19 maxlen: 19
94.152.176.0/21 maxlen: 21
94.152.184.0/21 maxlen: 21
94.152.205.0/24 maxlen: 24
94.152.216.0/21 maxlen: 21
94.152.224.0/21 maxlen: 21
94.152.254.0/24 maxlen: 24
94.152.255.0/24 maxlen: 24
185.11.100.0/22 maxlen: 24
185.140.120.0/22 maxlen: 24
194.60.251.0/24 maxlen: 24
195.62.12.0/23 maxlen: 24
195.149.224.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.mft
rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:86:c2:72:5e:b9:98:ae:e1:b1:f9:c1:31:09:f2:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26a5aa918cbfeb3e12997f33890feb258907b343
Validity
Not Before: Oct 28 15:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f326988f8f0231e0d3aedc5f46911d37a1e01484
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:99:12:32:86:d7:e7:f1:09:de:d3:11:9b:1e:
8c:7c:f7:40:77:8e:14:7c:56:5a:12:3d:1a:45:5d:
ef:f9:a0:31:0e:23:c2:d8:4b:46:5d:2c:0c:65:c2:
79:84:36:00:c6:e2:5b:a6:43:d5:44:44:ed:a9:6b:
2f:c5:a5:ac:03:ff:77:05:7f:5c:15:f4:37:12:25:
6c:9c:c0:d4:b0:6e:77:5a:9a:f2:5e:29:19:08:47:
a9:3f:c4:35:41:11:07:eb:95:34:fa:61:87:bc:3c:
0b:10:5f:d5:59:ab:d5:e8:8c:72:61:c0:8e:5e:2f:
c8:5c:df:1c:73:f9:53:77:93:4d:c1:4f:3a:57:fd:
af:04:05:2d:10:73:39:04:82:79:20:b7:c8:3c:d2:
fb:4b:7e:1d:69:b0:cc:c7:c0:cf:90:d8:60:81:05:
8f:b5:2a:8c:58:3c:e9:b5:92:65:63:7e:31:e7:08:
2b:dc:77:23:48:f8:30:bc:34:a9:71:e0:f4:1d:5a:
d8:f0:e1:8c:ab:03:56:2d:ca:84:cb:f9:d9:d6:53:
ec:0b:37:9f:f2:66:2c:5b:5c:72:51:c7:b8:59:d0:
d6:3f:2c:63:c5:05:34:0d:70:6d:67:32:92:f8:7d:
6b:ab:69:50:aa:f4:1f:a9:0a:db:19:39:07:98:b7:
66:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:26:98:8F:8F:02:31:E0:D3:AE:DC:5F:46:91:1D:37:A1:E0:14:84
X509v3 Authority Key Identifier:
keyid:26:A5:AA:91:8C:BF:EB:3E:12:99:7F:33:89:0F:EB:25:89:07:B3:43
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/8yaYj48CMeDTrtxfRpEdN6HgFIQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/1433ea-1080-46e5-b612-297e282d66a8/1/JqWqkYy_6z4SmX8ziQ_rJYkHs0M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.198.146.0/24
91.225.28.0/22
94.152.0.0/16
185.11.100.0/22
185.140.120.0/22
194.60.251.0/24
195.62.12.0/23
195.149.224.0/21
Signature Algorithm: sha256WithRSAEncryption
16:29:7f:49:ed:09:e2:c4:7f:a8:ab:b2:97:9f:c7:28:ee:2d:
f9:34:f1:0b:e6:6b:57:b6:e2:c5:99:f8:5a:18:56:44:6d:d5:
49:cd:63:19:eb:43:70:c8:21:b1:34:81:ee:6e:79:a6:37:80:
f0:42:fe:42:6f:6b:59:64:b1:5c:68:fc:94:c3:06:b1:0d:30:
65:5c:6d:70:81:02:50:7e:27:1f:4d:f8:05:6e:f2:04:20:e8:
69:bc:99:fc:d1:cb:82:7a:50:1d:2d:98:01:83:db:c6:cf:c9:
d1:59:d9:0b:11:c2:8a:79:73:eb:63:4d:3e:ba:5d:f6:85:1c:
00:bc:09:0a:89:9e:f9:8c:80:59:2d:c5:a7:23:59:45:f2:1c:
81:11:84:36:a7:ed:4d:73:97:f0:c4:29:23:f2:ca:44:34:ca:
60:d7:5a:1f:fb:ab:b3:15:3b:a3:74:b6:b8:da:03:81:cf:f8:
00:3b:05:35:a0:96:dc:ee:83:03:77:7b:0c:bc:21:f4:b0:13:
0e:29:06:ac:35:31:8a:2a:7d:5b:d1:9d:36:44:e1:2b:db:91:
07:17:f8:ed:dc:3a:e4:3a:21:92:b6:e9:d7:aa:e6:92:4c:a0:
a6:a8:87:87:72:79:42:f0:4a:9e:c7:ef:56:8b:7c:99:5b:e5:
f5:23:dd:54
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZorhsJyXrmYruGx+cExCfIKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2YTVhYTkxOGNiZmViM2UxMjk5N2YzMzg5MGZlYjI1ODkw
N2IzNDMwHhcNMjUxMDI4MTU1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMzI2OTg4ZjhmMDIzMWUwZDNhZWRjNWY0NjkxMWQzN2ExZTAxNDg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZkSMobX5/EJ3tMRmx6MfPdAd44U
fFZaEj0aRV3v+aAxDiPC2EtGXSwMZcJ5hDYAxuJbpkPVRETtqWsvxaWsA/93BX9c
FfQ3EiVsnMDUsG53WpryXikZCEepP8Q1QREH65U0+mGHvDwLEF/VWavV6IxyYcCO
Xi/IXN8cc/lTd5NNwU86V/2vBAUtEHM5BIJ5ILfIPNL7S34dabDMx8DPkNhggQWP
tSqMWDzptZJlY34x5wgr3HcjSPgwvDSpceD0HVrY8OGMqwNWLcqEy/nZ1lPsCzef
8mYsW1xyUce4WdDWPyxjxQU0DXBtZzKS+H1rq2lQqvQfqQrbGTkHmLdmowIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFPMmmI+PAjHg067cX0aRHTeh4BSEMB8GA1UdIwQY
MBaAFCalqpGMv+s+Epl/M4kP6yWJB7NDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTIt
Mjk3ZTI4MmQ2NmE4LzEvOHlhWWo0OENNZURUcnR4ZlJwRWRONkhnRklRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC8xNDMzZWEtMTA4MC00NmU1LWI2MTItMjk3ZTI4MmQ2NmE4
LzEvSnFXcWtZeV82ejRTbVg4emlRX3JKWWtIczBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzA1BAIAATAvAwQAW8aSAwQC
W+EcAwMAXpgDBAK5C2QDBAK5jHgDBADCPPsDBAHDPgwDBAPDleAwDQYJKoZIhvcN
AQELBQADggEBABYpf0ntCeLEf6irspefxyjuLfk08Qvma1e24sWZ+FoYVkRt1UnN
YxnrQ3DIIbE0ge5ueaY3gPBC/kJva1lksVxo/JTDBrENMGVcbXCBAlB+Jx9N+AVu
8gQg6Gm8mfzRy4J6UB0tmAGD28bPydFZ2QsRwop5c+tjTT66XfaFHAC8CQqJnvmM
gFktxacjWUXyHIERhDan7U1zl/DEKSPyykQ0ymDXWh/7q7MVO6N0trjaA4HP+AA7
BTWgltzugwN3ewy8IfSwEw4pBqw1MYoqfVvRnTZE4SvbkQcX+O3cOuQ6IZK26deq
5pJMoKaoh4dyeULwSp7H71aLfJlb5fUj3VQ=
-----END CERTIFICATE-----
Generated at Wed Nov 5 14:47:13 2025 by rpki-client