Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/55J76HFvFGk4ErJdVfsRKDoUYW4.roa
File: 55J76HFvFGk4ErJdVfsRKDoUYW4.roa (raw, json)
Hash identifier: B8EvonCFsFwtNG4Rpt/IOgNxjy+9gcueQUy1KRnO5xc=
Subject key identifier: E7:92:7B:E8:71:6F:14:69:38:12:B2:5D:55:FB:11:28:3A:14:61:6E
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019A0753F280D1C10BC09B2B6C526A79C546
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/55J76HFvFGk4ErJdVfsRKDoUYW4.roa
Signing time: Tue 21 Oct 2025 15:12:13 +0000
ROA not before: Tue 21 Oct 2025 15:12:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 262287
IP address blocks: 93.152.28.0/24 maxlen: 24
93.152.33.0/24 maxlen: 24
93.152.34.0/24 maxlen: 24
93.152.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:07:53:f2:80:d1:c1:0b:c0:9b:2b:6c:52:6a:79:c5:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 21 15:12:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7927be8716f14693812b25d55fb11283a14616e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:f0:ef:5f:dc:e6:5a:5f:c4:94:d6:20:6e:71:
86:f6:11:2d:14:13:f0:f2:b8:69:d8:5f:b0:11:0a:
1c:b2:4f:a1:8c:56:93:07:d6:1c:e0:c7:5e:fe:fa:
0f:22:eb:58:d9:9e:64:8c:ee:9e:e6:13:95:62:70:
ee:d0:0d:68:d3:e7:c1:3c:4e:d9:6c:1b:d3:ae:fe:
10:8d:51:5c:36:fe:14:1f:3d:6f:8e:fa:9f:ea:80:
f6:f5:f6:8b:7e:48:cb:f4:c9:b5:82:46:48:d8:ba:
6c:df:2b:e5:20:7c:4e:45:3d:67:d4:d8:7c:9b:0b:
c3:b1:fc:7b:12:3a:e3:4c:55:79:09:cc:7a:31:83:
0d:8e:f8:06:19:8e:b4:70:11:42:3e:df:67:40:7b:
4c:6a:ef:6a:26:c0:53:f7:81:87:fb:8b:bb:87:2b:
1a:2e:93:67:9c:85:e1:85:8d:fa:2a:68:00:af:a6:
ef:d8:56:3e:e0:a7:be:b8:9a:67:a5:08:d9:94:97:
8b:c0:c2:93:13:ee:77:15:2f:8f:e6:0e:35:c7:fc:
6e:0a:3b:45:af:85:52:ea:49:fc:05:63:24:2d:32:
ad:13:41:69:1a:35:59:ab:36:ab:4b:ac:41:73:af:
77:f3:29:4f:ae:46:c3:66:18:9b:0d:65:db:a6:3e:
3b:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:92:7B:E8:71:6F:14:69:38:12:B2:5D:55:FB:11:28:3A:14:61:6E
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/55J76HFvFGk4ErJdVfsRKDoUYW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
93.152.28.0/24
93.152.33.0-93.152.34.255
93.152.37.0/24
Signature Algorithm: sha256WithRSAEncryption
09:c0:0c:27:02:41:42:cc:77:14:e6:29:54:dc:00:37:78:d1:
3a:42:fe:72:08:04:d0:ae:37:df:ab:ac:b7:ba:f5:c1:cb:bc:
9c:b8:81:a0:15:e0:b9:e8:b8:5b:a3:0c:c0:de:07:dd:0b:a4:
f8:9a:15:c1:26:54:8b:b9:ea:c6:dd:28:28:13:8f:a4:d5:d7:
69:44:09:eb:6e:09:c2:25:37:7e:69:5a:ec:f6:ce:0b:f8:38:
b2:2d:d5:1f:20:3d:91:bf:c1:0b:01:67:ee:43:b7:c1:2b:db:
d6:ac:c1:6c:36:57:43:f8:fc:d0:8e:80:b5:fc:ba:52:c3:b2:
b1:66:a5:db:1b:fd:62:5e:4b:f4:67:6b:d0:4f:c4:68:10:a5:
ba:f7:9f:12:92:8b:c2:62:0c:f2:bf:79:30:84:8f:c8:24:9a:
fb:94:23:fd:b9:f5:a3:d4:4b:b6:fe:15:ef:89:d0:e6:9c:b3:
cc:95:37:82:da:ee:27:fc:f7:fc:a0:60:8e:9e:25:22:9a:34:
63:f7:3c:9d:c2:5c:9c:f7:54:05:08:02:30:cd:54:2c:0f:5a:
ff:9a:a4:4c:18:80:c2:a6:b5:93:9f:7d:d6:46:d6:36:c1:7c:
4d:55:45:ca:38:42:32:f1:65:f2:02:7b:fa:5f:79:96:fc:ed:
03:72:45:98
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZoHU/KA0cELwJsrbFJqecVGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDIxMTUxMjEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzkyN2JlODcxNmYxNDY5MzgxMmIyNWQ1NWZiMTEyODNhMTQ2MTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/DvX9zmWl/ElNYgbnGG9hEtFBPw
8rhp2F+wEQocsk+hjFaTB9Yc4Mde/voPIutY2Z5kjO6e5hOVYnDu0A1o0+fBPE7Z
bBvTrv4QjVFcNv4UHz1vjvqf6oD29faLfkjL9Mm1gkZI2Lps3yvlIHxORT1n1Nh8
mwvDsfx7EjrjTFV5Ccx6MYMNjvgGGY60cBFCPt9nQHtMau9qJsBT94GH+4u7hysa
LpNnnIXhhY36KmgAr6bv2FY+4Ke+uJpnpQjZlJeLwMKTE+53FS+P5g41x/xuCjtF
r4VS6kn8BWMkLTKtE0FpGjVZqzarS6xBc6938ylPrkbDZhibDWXbpj47bwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFOeSe+hxbxRpOBKyXVX7ESg6FGFuMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvNTVKNzZIRnZGR2s0RXJKZFZmc1JLRG9VWVc0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQAXZgcMAwD
BABdmCEDBABdmCIDBABdmCUwDQYJKoZIhvcNAQELBQADggEBAAnADCcCQULMdxTm
KVTcADd40TpC/nIIBNCuN9+rrLe69cHLvJy4gaAV4LnouFujDMDeB90LpPiaFcEm
VIu56sbdKCgTj6TV12lECetuCcIlN35pWuz2zgv4OLIt1R8gPZG/wQsBZ+5Dt8Er
29aswWw2V0P4/NCOgLX8ulLDsrFmpdsb/WJeS/Rna9BPxGgQpbr3nxKSi8JiDPK/
eTCEj8gkmvuUI/259aPUS7b+Fe+J0Oacs8yVN4La7if89/ygYI6eJSKaNGP3PJ3C
XJz3VAUIAjDNVCwPWv+apEwYgMKmtZOffdZG1jbBfE1VRco4QjLxZfICe/pfeZb8
7QNyRZg=
-----END CERTIFICATE-----
Generated at Wed Nov 5 12:30:28 2025 by rpki-client