Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/plbxQbrAe4NUuxrJeWYY2owN_A4.roa
File: plbxQbrAe4NUuxrJeWYY2owN_A4.roa (raw, json)
Hash identifier: UGw+vuKvbSSScPoToTljhf+tZpkdRjY+j2rbaz2Dfco=
Subject key identifier: A6:56:F1:41:BA:C0:7B:83:54:BB:1A:C9:79:66:18:DA:8C:0D:FC:0E
Certificate issuer: /CN=a42d0b826644a18387cf8322db7e646af63d986a
Certificate serial: 019A34619A1BF60CBED164A5D61FC46BF235
Authority key identifier: A4:2D:0B:82:66:44:A1:83:87:CF:83:22:DB:7E:64:6A:F6:3D:98:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/plbxQbrAe4NUuxrJeWYY2owN_A4.roa
Signing time: Thu 30 Oct 2025 09:10:03 +0000
ROA not before: Thu 30 Oct 2025 09:10:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42517
IP address blocks: 77.241.224.0/20 maxlen: 24
89.248.128.0/20 maxlen: 24
109.69.224.0/21 maxlen: 24
145.35.0.0/16 maxlen: 24
185.130.240.0/22 maxlen: 24
2a00:1ae8::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/pC0LgmZEoYOHz4Mi235kavY9mGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/pC0LgmZEoYOHz4Mi235kavY9mGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:61:9a:1b:f6:0c:be:d1:64:a5:d6:1f:c4:6b:f2:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a42d0b826644a18387cf8322db7e646af63d986a
Validity
Not Before: Oct 30 09:10:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a656f141bac07b8354bb1ac9796618da8c0dfc0e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:10:d5:4c:27:ad:c6:f7:31:76:f6:2e:d8:09:
71:bd:fb:a7:3c:a4:00:c2:4b:05:6c:16:cb:49:b6:
d0:22:0b:bd:ff:c8:d9:73:31:d0:d4:9c:75:2f:f5:
df:8a:3c:a5:56:0e:4a:10:b7:16:4a:49:5d:9e:09:
f0:96:6c:4a:03:0e:1f:60:6e:b5:bf:ce:f5:7f:5c:
e1:4d:a1:6c:00:28:19:c4:14:e3:5c:e5:3c:fb:29:
ed:69:0b:60:7d:f5:0d:56:55:cf:a3:3b:bf:17:af:
51:a5:8b:e4:d9:25:05:65:44:8d:d3:cb:9f:89:12:
a0:94:49:b5:a9:82:0c:ac:38:be:9b:7f:ab:81:9c:
11:bd:aa:e4:a5:2a:9a:34:e3:aa:10:63:7d:55:06:
c1:90:29:44:e8:b9:c6:95:84:e3:2d:41:91:ac:d1:
90:64:92:3c:c6:5d:96:8c:a7:fd:be:38:90:75:25:
dd:2a:d0:e2:ea:27:8d:c3:8d:ce:c5:3b:97:13:fb:
c6:dd:1a:76:e3:98:0e:ae:30:27:7a:11:f2:7a:69:
bb:c1:d7:d1:0c:4f:44:3a:ad:ad:ce:9f:36:0e:c8:
6d:12:de:f1:d2:79:a1:29:cf:03:dc:bb:c1:9e:48:
73:73:c2:b1:e7:c1:f6:6d:40:20:2a:0e:e0:ab:34:
a4:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:56:F1:41:BA:C0:7B:83:54:BB:1A:C9:79:66:18:DA:8C:0D:FC:0E
X509v3 Authority Key Identifier:
keyid:A4:2D:0B:82:66:44:A1:83:87:CF:83:22:DB:7E:64:6A:F6:3D:98:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pC0LgmZEoYOHz4Mi235kavY9mGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/plbxQbrAe4NUuxrJeWYY2owN_A4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/2260f2-3ccd-44e5-8428-e82d5ee4e40f/1/pC0LgmZEoYOHz4Mi235kavY9mGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.241.224.0/20
89.248.128.0/20
109.69.224.0/21
145.35.0.0/16
185.130.240.0/22
IPv6:
2a00:1ae8::/32
Signature Algorithm: sha256WithRSAEncryption
2e:0e:0d:52:ad:85:81:10:47:a5:ac:53:8c:9d:1f:1e:f4:b8:
09:9e:d5:cf:86:b9:66:e9:3c:f9:0d:fd:8d:3c:ab:05:63:71:
40:b2:06:89:d4:87:cf:08:ef:c0:c6:3d:21:53:49:fc:25:9b:
9d:f0:b9:ea:18:6f:c3:51:af:ef:8a:6b:5c:ca:2e:0b:01:09:
0b:37:75:a4:27:9e:10:3a:dd:2d:b7:78:74:bf:92:ef:7b:91:
0e:11:5e:f8:fd:91:92:4f:80:5d:21:97:a8:fe:a2:05:9e:3e:
3b:31:6f:fc:d9:96:1b:52:91:7c:ff:99:69:71:77:18:72:a2:
e2:f7:5e:7e:e7:e6:40:60:94:89:34:92:56:82:e8:31:f3:28:
b5:06:16:88:be:81:65:e0:87:9e:f4:52:89:de:36:96:bc:08:
5c:a5:6d:e6:17:e4:c7:f9:21:43:1a:f4:22:7e:0f:18:80:5e:
a5:dd:96:ad:a0:6f:ed:55:5e:d6:6a:02:71:26:5b:99:51:45:
ff:7d:4d:04:b5:be:47:1b:5c:2f:dd:b1:ae:9e:de:62:11:52:
a8:d0:a2:fb:ea:25:0d:f3:8e:4a:3f:8e:7b:ce:6f:00:30:36:
17:48:1c:a8:1d:e3:4d:75:c5:93:f8:70:83:d7:53:b7:19:46:
5c:85:c7:12
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZo0YZob9gy+0WSl1h/Ea/I1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE0MmQwYjgyNjY0NGExODM4N2NmODMyMmRiN2U2NDZhZjYz
ZDk4NmEwHhcNMjUxMDMwMDkxMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjU2ZjE0MWJhYzA3YjgzNTRiYjFhYzk3OTY2MThkYThjMGRmYzBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0xDVTCetxvcxdvYu2AlxvfunPKQA
wksFbBbLSbbQIgu9/8jZczHQ1Jx1L/XfijylVg5KELcWSkldngnwlmxKAw4fYG61
v871f1zhTaFsACgZxBTjXOU8+yntaQtgffUNVlXPozu/F69RpYvk2SUFZUSN08uf
iRKglEm1qYIMrDi+m3+rgZwRvarkpSqaNOOqEGN9VQbBkClE6LnGlYTjLUGRrNGQ
ZJI8xl2WjKf9vjiQdSXdKtDi6ieNw43OxTuXE/vG3Rp245gOrjAnehHyemm7wdfR
DE9EOq2tzp82DshtEt7x0nmhKc8D3LvBnkhzc8Kx58H2bUAgKg7gqzSkbQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKZW8UG6wHuDVLsayXlmGNqMDfwOMB8GA1UdIwQY
MBaAFKQtC4JmRKGDh8+DItt+ZGr2PZhqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcEMwTGdtWkVvWU9IejRNaTIzNWthdlk5bUdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yMjYwZjItM2NjZC00NGU1LTg0Mjgt
ZTgyZDVlZTRlNDBmLzEvcGxieFFickFlNE5VdXhySmVXWVkyb3dOX0E0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yMjYwZjItM2NjZC00NGU1LTg0MjgtZTgyZDVlZTRlNDBm
LzEvcEMwTGdtWkVvWU9IejRNaTIzNWthdlk5bUdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAjBAIAATAdAwQETfHgAwQE
WfiAAwQDbUXgAwMAkSMDBAK5gvAwDQQCAAIwBwMFACoAGugwDQYJKoZIhvcNAQEL
BQADggEBAC4ODVKthYEQR6WsU4ydHx70uAme1c+GuWbpPPkN/Y08qwVjcUCyBonU
h88I78DGPSFTSfwlm53wueoYb8NRr++Ka1zKLgsBCQs3daQnnhA63S23eHS/ku97
kQ4RXvj9kZJPgF0hl6j+ogWePjsxb/zZlhtSkXz/mWlxdxhyouL3Xn7n5kBglIk0
klaC6DHzKLUGFoi+gWXgh570UoneNpa8CFylbeYX5Mf5IUMa9CJ+DxiAXqXdlq2g
b+1VXtZqAnEmW5lRRf99TQS1vkcbXC/dsa6e3mIRUqjQovvqJQ3zjko/jnvObwAw
NhdIHKgd4011xZP4cIPXU7cZRlyFxxI=
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:03:25 2025 by rpki-client