Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/4KWiQtmJjDlF2DYDhF9dVQgC3rY.roa
File: 4KWiQtmJjDlF2DYDhF9dVQgC3rY.roa (raw, json)
Hash identifier: p/nyQGd2f2o2HLS8jm422WXygPmGuwDXd7wjQqTbcdY=
Subject key identifier: E0:A5:A2:42:D9:89:8C:39:45:D8:36:03:84:5F:5D:55:08:02:DE:B6
Certificate issuer: /CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Certificate serial: 019A398F49438AB5AEDAB83F2B4CEBE24D9E
Authority key identifier: E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/4KWiQtmJjDlF2DYDhF9dVQgC3rY.roa
Signing time: Fri 31 Oct 2025 09:18:02 +0000
ROA not before: Fri 31 Oct 2025 09:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 77.87.123.0/24 maxlen: 24
86.54.26.0/24 maxlen: 24
193.169.194.0/23 maxlen: 23
193.169.194.0/24 maxlen: 24
193.169.195.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.mft
rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:39:8f:49:43:8a:b5:ae:da:b8:3f:2b:4c:eb:e2:4d:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e6c2e0d3fdc215a389c7043ca5a1a06be2c558ef
Validity
Not Before: Oct 31 09:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0a5a242d9898c3945d83603845f5d550802deb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:f4:ae:7c:38:8a:e1:b4:23:5f:fa:1c:99:fa:
27:ca:fd:d0:f7:5c:22:92:2e:94:36:26:29:63:42:
6f:a1:0b:64:29:81:57:b9:8c:19:cb:6f:b7:01:2c:
2f:e1:3f:05:8d:e0:2a:60:0f:4f:1d:d4:ab:ff:6d:
69:45:f3:ea:ec:ee:0a:82:24:5f:f8:3e:25:e6:6a:
50:3d:cb:65:d2:5f:cc:3b:ad:47:c7:26:37:b9:29:
91:a0:21:0e:05:b1:d7:c7:c5:b2:75:2b:d3:44:5c:
4d:53:9e:1f:9d:24:02:21:af:62:80:1e:10:f4:3f:
27:a7:56:0c:ce:72:70:0f:a7:c6:55:e0:3d:d2:68:
d4:97:1e:b7:e6:4e:3d:95:83:3c:a7:09:82:75:52:
ae:74:e8:b2:16:65:58:11:1e:1c:9e:99:ec:e4:67:
66:6d:64:71:e0:bf:e6:f4:0f:81:ed:4c:6f:9e:f2:
75:c6:15:b4:d5:c4:27:07:38:ad:9b:17:ed:d3:ef:
89:34:73:0b:61:a1:50:e7:ce:f4:2c:9f:bb:4d:24:
37:92:3b:b9:53:6d:5e:d2:c7:2a:c9:a7:4e:14:86:
67:5c:21:98:6f:02:9a:01:8e:64:48:a0:fe:34:47:
ea:6e:35:10:94:35:6f:0a:01:db:56:8d:cb:f8:bc:
bc:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:A5:A2:42:D9:89:8C:39:45:D8:36:03:84:5F:5D:55:08:02:DE:B6
X509v3 Authority Key Identifier:
keyid:E6:C2:E0:D3:FD:C2:15:A3:89:C7:04:3C:A5:A1:A0:6B:E2:C5:58:EF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5sLg0_3CFaOJxwQ8paGga-LFWO8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/4KWiQtmJjDlF2DYDhF9dVQgC3rY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/29176b-1038-4417-bdad-f3e052bab144/1/5sLg0_3CFaOJxwQ8paGga-LFWO8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.87.123.0/24
86.54.26.0/24
193.169.194.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:de:e1:c8:5b:5e:b4:84:2f:9a:22:30:87:cf:bf:96:93:03:
9a:37:8a:0a:b2:88:3f:9e:7a:a8:25:8e:54:40:39:32:87:c8:
17:4a:4f:ab:27:d9:09:1c:37:5f:4b:e8:8a:11:13:86:39:c0:
59:49:07:26:04:2f:e0:85:09:52:d3:39:32:fd:40:38:91:75:
dc:81:8a:42:a2:e8:48:32:33:9c:fc:20:12:4f:b4:56:70:af:
f8:05:fc:4e:d2:1e:81:4a:62:8e:2c:54:ac:e3:27:7a:8e:6b:
0f:b1:8b:0f:6f:97:3d:fc:d0:4c:0f:b6:4c:01:ca:e7:51:d5:
55:1c:f0:c2:8e:63:88:21:be:df:34:e0:4c:ac:13:c8:a6:1c:
9b:de:15:8d:0a:1b:68:8e:f4:f4:64:a0:92:1c:05:93:54:08:
a7:b4:74:64:8d:ef:9d:fc:77:37:ff:52:30:fe:25:23:49:36:
9e:63:77:7b:c6:1c:31:b0:39:57:8c:3b:97:e2:0f:31:13:61:
40:63:f7:2b:93:a8:05:58:82:86:8e:5b:d8:7a:d8:44:5d:d3:
d2:ec:2a:3e:ff:11:af:9a:a1:eb:38:74:55:ce:b6:ee:02:d1:
79:bc:6c:c4:db:49:33:16:07:0b:27:dc:1c:e9:38:91:d5:6d:
b7:09:47:2a
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZo5j0lDirWu2rg/K0zr4k2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2YzJlMGQzZmRjMjE1YTM4OWM3MDQzY2E1YTFhMDZiZTJj
NTU4ZWYwHhcNMjUxMDMxMDkxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMGE1YTI0MmQ5ODk4YzM5NDVkODM2MDM4NDVmNWQ1NTA4MDJkZWI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmvSufDiK4bQjX/ocmfonyv3Q91wi
ki6UNiYpY0JvoQtkKYFXuYwZy2+3ASwv4T8FjeAqYA9PHdSr/21pRfPq7O4KgiRf
+D4l5mpQPctl0l/MO61HxyY3uSmRoCEOBbHXx8WydSvTRFxNU54fnSQCIa9igB4Q
9D8np1YMznJwD6fGVeA90mjUlx635k49lYM8pwmCdVKudOiyFmVYER4cnpns5Gdm
bWRx4L/m9A+B7UxvnvJ1xhW01cQnBzitmxft0++JNHMLYaFQ5870LJ+7TSQ3kju5
U21e0scqyadOFIZnXCGYbwKaAY5kSKD+NEfqbjUQlDVvCgHbVo3L+Ly8nQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOClokLZiYw5Rdg2A4RfXVUIAt62MB8GA1UdIwQY
MBaAFObC4NP9whWjiccEPKWhoGvixVjvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQt
ZjNlMDUyYmFiMTQ0LzEvNEtXaVF0bUpqRGxGMkRZRGhGOWRWUWdDM3JZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8yOTE3NmItMTAzOC00NDE3LWJkYWQtZjNlMDUyYmFiMTQ0
LzEvNXNMZzBfM0NGYU9KeHdROHBhR2dhLUxGV084LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQATVd7AwQA
VjYaAwQBwanCMA0GCSqGSIb3DQEBCwUAA4IBAQAe3uHIW160hC+aIjCHz7+WkwOa
N4oKsog/nnqoJY5UQDkyh8gXSk+rJ9kJHDdfS+iKEROGOcBZSQcmBC/ghQlS0zky
/UA4kXXcgYpCouhIMjOc/CAST7RWcK/4BfxO0h6BSmKOLFSs4yd6jmsPsYsPb5c9
/NBMD7ZMAcrnUdVVHPDCjmOIIb7fNOBMrBPIphyb3hWNChtojvT0ZKCSHAWTVAin
tHRkje+d/Hc3/1Iw/iUjSTaeY3d7xhwxsDlXjDuX4g8xE2FAY/crk6gFWIKGjlvY
ethEXdPS7Co+/xGvmqHrOHRVzrbuAtF5vGzE20kzFgcLJ9wc6TiR1W23CUcq
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:28:04 2025 by rpki-client