Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/IbNwOiJ1le6Y53Nfy_nDXLnu_e8.roa
File: IbNwOiJ1le6Y53Nfy_nDXLnu_e8.roa (raw, json)
Hash identifier: WT+RMze0r66BHerB43Jku9h5V4DbQETjQUbfL1+hc8o=
Subject key identifier: 21:B3:70:3A:22:75:95:EE:98:E7:73:5F:CB:F9:C3:5C:B9:EE:FD:EF
Certificate issuer: /CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Certificate serial: 01986F6FB689E38AE269C5E0FFEF90FB7712
Authority key identifier: D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/IbNwOiJ1le6Y53Nfy_nDXLnu_e8.roa
Signing time: Sun 03 Aug 2025 10:17:28 +0000
ROA not before: Sun 03 Aug 2025 10:17:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216244
IP address blocks: 185.85.72.0/24 maxlen: 24
185.85.73.0/24 maxlen: 24
185.85.74.0/24 maxlen: 24
185.85.75.0/24 maxlen: 24
185.160.28.0/24 maxlen: 24
185.160.29.0/24 maxlen: 24
185.160.30.0/24 maxlen: 24
185.160.31.0/24 maxlen: 24
2a05:abc0::/29 maxlen: 29
2a05:abc0::/48 maxlen: 48
2a05:abc0:1::/48 maxlen: 48
2a05:abc0:2::/48 maxlen: 48
2a05:abc0:3::/48 maxlen: 48
2a05:abc0:4::/48 maxlen: 48
2a05:abc0:5::/48 maxlen: 48
2a05:abc0:6::/48 maxlen: 48
2a05:abc0:7::/48 maxlen: 48
2a05:abc0:8::/48 maxlen: 48
2a05:abc0:9::/48 maxlen: 48
2a05:abc0:a::/48 maxlen: 48
2a05:abc0:b::/48 maxlen: 48
2a05:abc0:c::/48 maxlen: 48
2a05:abc0:d::/48 maxlen: 48
2a05:abc0:e::/48 maxlen: 48
2a05:abc0:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:6f:6f:b6:89:e3:8a:e2:69:c5:e0:ff:ef:90:fb:77:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d1e013ec8a5c56df241a9b2563d111f8e543bf91
Validity
Not Before: Aug 3 10:17:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21b3703a227595ee98e7735fcbf9c35cb9eefdef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:06:6d:9e:1c:e1:38:ab:99:3b:d3:cb:17:1a:
3b:d6:61:ad:ae:00:2e:c4:cd:7d:9c:10:1e:77:c0:
24:88:33:11:d2:03:2b:c1:f4:19:e8:6f:0e:57:37:
30:96:b1:cb:4c:7d:de:86:cb:35:ef:78:43:52:c3:
d3:8a:30:a8:37:4e:ec:5c:31:cc:5a:8d:a5:72:b8:
ef:61:e5:71:22:be:6f:84:3a:1e:b5:ab:18:2f:34:
e5:79:2a:ad:1b:78:0b:e9:fe:42:46:dd:f8:c0:b8:
3e:c7:24:4f:ee:b5:0b:47:3a:e3:44:da:cc:d6:b0:
1e:a3:b2:f4:18:13:46:92:7b:69:1f:9d:c4:1f:29:
49:a9:18:2d:b1:6d:7f:4e:51:41:fb:96:1a:dc:6b:
66:8a:35:63:26:22:a6:a4:f9:f4:bc:e5:88:55:b9:
21:47:f6:d0:76:72:d6:c8:44:f6:6c:1a:6f:f9:79:
b2:1f:a8:21:da:a4:72:90:e1:f4:8a:56:2b:45:7d:
20:a5:62:6e:ee:67:a6:13:94:5f:98:a8:e6:75:1a:
e8:39:72:83:ca:87:da:95:cd:a4:f9:40:29:07:ce:
92:2c:19:75:e6:c3:ea:09:95:b7:da:0d:a8:e1:6b:
f7:08:ec:d6:57:b2:29:bb:10:83:22:2c:35:a3:6d:
27:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B3:70:3A:22:75:95:EE:98:E7:73:5F:CB:F9:C3:5C:B9:EE:FD:EF
X509v3 Authority Key Identifier:
keyid:D1:E0:13:EC:8A:5C:56:DF:24:1A:9B:25:63:D1:11:F8:E5:43:BF:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0eAT7IpcVt8kGpslY9ER-OVDv5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/IbNwOiJ1le6Y53Nfy_nDXLnu_e8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9a/e41ef4-dc1e-4469-bd2d-440528c1e49e/1/0eAT7IpcVt8kGpslY9ER-OVDv5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.85.72.0/22
185.160.28.0/22
IPv6:
2a05:abc0::/29
Signature Algorithm: sha256WithRSAEncryption
0e:4d:98:3b:23:0a:2a:3b:6b:57:c0:ce:63:0f:ee:f7:ae:16:
05:6c:4d:33:cc:38:1c:c9:95:da:5a:de:c1:74:5c:93:11:a9:
16:9b:57:6f:f4:63:bb:ba:f6:a0:df:bb:91:c7:5c:c3:61:7d:
b0:dc:58:47:3a:a1:bf:37:34:3d:a5:27:dd:0f:36:c9:53:20:
0c:50:94:ff:85:ec:a2:6f:2d:63:7a:1c:e9:38:6c:85:e9:00:
17:c0:0d:e8:01:79:ad:21:d1:4a:e9:ac:f4:87:44:f3:15:42:
f7:89:cf:36:be:44:8f:ba:46:3d:8e:3a:2e:b8:dc:70:24:1e:
14:28:25:a9:34:7b:54:a4:41:a6:46:14:03:87:62:be:82:7a:
87:92:38:7a:c4:e1:ab:f1:f5:3a:9a:9e:18:bb:37:76:a4:71:
96:65:87:cb:6f:9f:70:ec:ce:60:eb:d1:43:97:cc:c3:6f:ff:
1f:df:7f:9d:72:0f:33:4b:cc:01:b9:0c:c3:14:93:af:34:98:
83:7d:cc:57:38:9a:49:d8:42:e5:26:15:92:31:a7:54:4a:70:
dc:0c:da:00:a5:d4:13:05:5c:1c:ba:d9:c8:11:86:46:b6:9a:
b3:ef:7b:38:d3:66:31:a3:ce:68:cf:5a:a3:aa:a9:31:72:0a:
8c:96:41:25
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZhvb7aJ44riacXg/++Q+3cSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQxZTAxM2VjOGE1YzU2ZGYyNDFhOWIyNTYzZDExMWY4ZTU0
M2JmOTEwHhcNMjUwODAzMTAxNzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWIzNzAzYTIyNzU5NWVlOThlNzczNWZjYmY5YzM1Y2I5ZWVmZGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQZtnhzhOKuZO9PLFxo71mGtrgAu
xM19nBAed8AkiDMR0gMrwfQZ6G8OVzcwlrHLTH3ehss173hDUsPTijCoN07sXDHM
Wo2lcrjvYeVxIr5vhDoetasYLzTleSqtG3gL6f5CRt34wLg+xyRP7rULRzrjRNrM
1rAeo7L0GBNGkntpH53EHylJqRgtsW1/TlFB+5Ya3GtmijVjJiKmpPn0vOWIVbkh
R/bQdnLWyET2bBpv+XmyH6gh2qRykOH0ilYrRX0gpWJu7memE5RfmKjmdRroOXKD
yofalc2k+UApB86SLBl15sPqCZW32g2o4Wv3COzWV7IpuxCDIiw1o20nbwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFCGzcDoidZXumOdzX8v5w1y57v3vMB8GA1UdIwQY
MBaAFNHgE+yKXFbfJBqbJWPREfjlQ7+RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQt
NDQwNTI4YzFlNDllLzEvSWJOd09pSjFsZTZZNTNOZnlfbkRYTG51X2U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85YS9lNDFlZjQtZGMxZS00NDY5LWJkMmQtNDQwNTI4YzFlNDll
LzEvMGVBVDdJcGNWdDhrR3BzbFk5RVItT1ZEdjVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQCuVVIAwQC
uaAcMA0EAgACMAcDBQMqBavAMA0GCSqGSIb3DQEBCwUAA4IBAQAOTZg7IwoqO2tX
wM5jD+73rhYFbE0zzDgcyZXaWt7BdFyTEakWm1dv9GO7uvag37uRx1zDYX2w3FhH
OqG/NzQ9pSfdDzbJUyAMUJT/heyiby1jehzpOGyF6QAXwA3oAXmtIdFK6az0h0Tz
FUL3ic82vkSPukY9jjouuNxwJB4UKCWpNHtUpEGmRhQDh2K+gnqHkjh6xOGr8fU6
mp4Yuzd2pHGWZYfLb59w7M5g69FDl8zDb/8f33+dcg8zS8wBuQzDFJOvNJiDfcxX
OJpJ2ELlJhWSMadUSnDcDNoApdQTBVwcutnIEYZGtpqz73s402Yxo85oz1qjqqkx
cgqMlkEl
-----END CERTIFICATE-----
Generated at Fri Aug 8 19:34:11 2025 by rpki-client