Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/rE87pRMGrIGW2-QCo2IWgU4T1zg.roa
File: rE87pRMGrIGW2-QCo2IWgU4T1zg.roa (raw, json)
Hash identifier: YOlXp2sGo61mpLlpdmbznU7uW49evw4d47+WkKfymmQ=
Subject key identifier: AC:4F:3B:A5:13:06:AC:81:96:DB:E4:02:A3:62:16:81:4E:13:D7:38
Certificate issuer: /CN=dab1c03088ebfe553812b31547c03c90a25d8771
Certificate serial: 019A0539757C24BFB8D6EF7219A7C7F4615B
Authority key identifier: DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/rE87pRMGrIGW2-QCo2IWgU4T1zg.roa
Signing time: Tue 21 Oct 2025 05:24:03 +0000
ROA not before: Tue 21 Oct 2025 05:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58130
IP address blocks: 176.116.96.0/20 maxlen: 20
176.116.96.0/24 maxlen: 24
176.116.97.0/24 maxlen: 24
176.116.99.0/24 maxlen: 24
176.116.101.0/24 maxlen: 24
176.116.104.0/24 maxlen: 24
176.116.105.0/24 maxlen: 24
176.116.106.0/24 maxlen: 24
176.116.107.0/24 maxlen: 24
176.116.108.0/23 maxlen: 23
176.116.108.0/24 maxlen: 24
176.116.111.0/24 maxlen: 24
176.116.112.0/22 maxlen: 22
185.165.140.0/23 maxlen: 23
185.165.142.0/23 maxlen: 23
2001:67c:1050::/48 maxlen: 48
2a0a:1a00::/29 maxlen: 29
2a0a:1a00::/30 maxlen: 30
2a0a:1a00::/32 maxlen: 32
2a0a:1a00:f000:9000::/56 maxlen: 56
2a0a:1a04::/30 maxlen: 30
2a0a:1a06::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.crl
rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:39:75:7c:24:bf:b8:d6:ef:72:19:a7:c7:f4:61:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab1c03088ebfe553812b31547c03c90a25d8771
Validity
Not Before: Oct 21 05:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ac4f3ba51306ac8196dbe402a36216814e13d738
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f6:a3:d3:58:76:d8:da:de:34:c8:df:53:26:82:
c6:e4:e0:5e:4d:ac:81:3d:a2:61:1b:d2:a7:15:eb:
f6:ba:2f:fe:96:9f:04:3a:c9:27:f9:5f:f1:a7:41:
c2:ae:04:1d:9f:f2:75:11:46:6b:4f:5e:f8:ac:da:
1b:db:e5:59:4d:64:7f:bb:d0:e2:4e:77:02:96:cd:
3b:27:11:86:75:38:ab:19:47:66:f4:cc:bf:5b:bf:
21:14:d7:ad:9b:3a:34:12:12:a7:c6:94:d0:32:cc:
18:49:cb:3b:d7:05:b9:26:fd:04:4b:b7:43:15:9f:
86:78:2f:78:4e:9c:02:a4:a4:e5:2e:9f:f7:0e:5d:
16:ec:fc:76:8b:e9:3a:1b:d5:9c:65:07:74:59:0e:
b9:23:84:e4:be:2a:c6:84:5a:44:9c:cd:db:80:23:
46:56:84:ca:1e:76:11:e6:2c:ba:af:88:76:7c:51:
eb:a3:54:28:40:da:ac:83:56:dc:b9:71:1e:38:50:
fb:a3:13:e8:64:84:ca:76:24:a5:6a:5b:47:0a:55:
c5:a3:d3:89:3e:35:67:22:af:4a:aa:3a:ad:7b:2c:
31:cf:60:25:72:b9:4c:28:ac:c6:07:ef:b3:40:cc:
26:01:69:c8:5b:18:c3:92:fc:23:63:9e:9b:68:06:
53:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AC:4F:3B:A5:13:06:AC:81:96:DB:E4:02:A3:62:16:81:4E:13:D7:38
X509v3 Authority Key Identifier:
keyid:DA:B1:C0:30:88:EB:FE:55:38:12:B3:15:47:C0:3C:90:A2:5D:87:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rHAMIjr_lU4ErMVR8A8kKJdh3E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/rE87pRMGrIGW2-QCo2IWgU4T1zg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ce/36c2aa-2e24-44fb-9e0a-b72398070823/1/2rHAMIjr_lU4ErMVR8A8kKJdh3E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.116.96.0-176.116.115.255
185.165.140.0/22
IPv6:
2001:67c:1050::/48
2a0a:1a00::/29
Signature Algorithm: sha256WithRSAEncryption
2e:af:c8:4e:c9:f2:6c:a4:d8:05:3f:84:71:02:e6:be:c6:88:
41:cf:8f:bc:f5:6f:b7:d4:00:bb:7f:31:18:26:46:8d:e1:d9:
7f:19:73:19:77:b9:52:55:67:be:03:c4:bd:3c:78:d6:d7:83:
16:37:43:7e:06:1b:66:07:5f:6d:77:6a:5f:66:80:02:72:27:
85:4c:ab:93:d7:ba:3e:ed:2c:84:12:d4:94:74:86:89:ae:6d:
01:35:53:04:a6:10:f6:61:23:03:35:d7:c0:81:41:e2:b5:66:
c2:69:88:e8:c5:38:c3:15:2f:ff:d8:20:ea:b2:b4:df:d8:99:
6a:83:9c:06:70:60:48:8d:d9:5c:0d:4a:56:1c:1f:15:74:27:
e2:93:20:57:e0:76:6e:47:bd:13:b7:5f:39:e4:82:2c:85:42:
c3:14:e9:f4:c8:36:d8:cd:f0:56:18:d8:59:19:eb:52:cf:80:
bb:27:28:5d:8e:58:88:80:6d:0e:a3:21:02:f3:6a:5a:4e:ea:
cf:db:06:78:58:d3:c4:d7:f7:ba:2f:39:8f:8a:57:32:73:68:
5a:68:b3:71:fb:af:35:5e:f1:32:a9:40:f3:47:fc:89:97:0b:
e6:2c:68:25:9a:4f:5e:04:bb:f8:35:5a:af:2d:c9:eb:bb:c6:
34:71:fb:45
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZoFOXV8JL+41u9yGafH9GFbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjFjMDMwODhlYmZlNTUzODEyYjMxNTQ3YzAzYzkwYTI1
ZDg3NzEwHhcNMjUxMDIxMDUyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYzRmM2JhNTEzMDZhYzgxOTZkYmU0MDJhMzYyMTY4MTRlMTNkNzM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9qPTWHbY2t40yN9TJoLG5OBeTayB
PaJhG9KnFev2ui/+lp8EOskn+V/xp0HCrgQdn/J1EUZrT174rNob2+VZTWR/u9Di
TncCls07JxGGdTirGUdm9My/W78hFNetmzo0EhKnxpTQMswYScs71wW5Jv0ES7dD
FZ+GeC94TpwCpKTlLp/3Dl0W7Px2i+k6G9WcZQd0WQ65I4TkvirGhFpEnM3bgCNG
VoTKHnYR5iy6r4h2fFHro1QoQNqsg1bcuXEeOFD7oxPoZITKdiSlaltHClXFo9OJ
PjVnIq9Kqjqteywxz2AlcrlMKKzGB++zQMwmAWnIWxjDkvwjY56baAZTQwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFKxPO6UTBqyBltvkAqNiFoFOE9c4MB8GA1UdIwQY
MBaAFNqxwDCI6/5VOBKzFUfAPJCiXYdxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEt
YjcyMzk4MDcwODIzLzEvckU4N3BSTUdySUdXMi1RQ28ySVdnVTRUMXpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZS8zNmMyYWEtMmUyNC00NGZiLTllMGEtYjcyMzk4MDcwODIz
LzEvMnJIQU1JanJfbFU0RXJNVlI4QThrS0pkaDNFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAaBAIAATAUMAwDBAWwdGAD
BAKwdHADBAK5pYwwFgQCAAIwEAMHACABBnwQUAMFAyoKGgAwDQYJKoZIhvcNAQEL
BQADggEBAC6vyE7J8myk2AU/hHEC5r7GiEHPj7z1b7fUALt/MRgmRo3h2X8Zcxl3
uVJVZ74DxL08eNbXgxY3Q34GG2YHX213al9mgAJyJ4VMq5PXuj7tLIQS1JR0homu
bQE1UwSmEPZhIwM118CBQeK1ZsJpiOjFOMMVL//YIOqytN/YmWqDnAZwYEiN2VwN
SlYcHxV0J+KTIFfgdm5HvRO3XznkgiyFQsMU6fTINtjN8FYY2FkZ61LPgLsnKF2O
WIiAbQ6jIQLzalpO6s/bBnhY08TX97ovOY+KVzJzaFpos3H7rzVe8TKpQPNH/ImX
C+YsaCWaT14Eu/g1Wq8tyeu7xjRx+0U=
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:53:48 2025 by rpki-client