Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/B4g2RZrDCtl2daBU44rN2zQyWqI.roa
File: B4g2RZrDCtl2daBU44rN2zQyWqI.roa (raw, json)
Hash identifier: OZ3NU2ofd2c3YsQl/yma9opMDumtk1U/7LwNvrpS0BY=
Subject key identifier: 07:88:36:45:9A:C3:0A:D9:76:75:A0:54:E3:8A:CD:DB:34:32:5A:A2
Certificate issuer: /CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Certificate serial: 019A538519983C7D8253E97D3547A42FB248
Authority key identifier: 2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/B4g2RZrDCtl2daBU44rN2zQyWqI.roa
Signing time: Wed 05 Nov 2025 10:17:03 +0000
ROA not before: Wed 05 Nov 2025 10:17:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 85.115.208.0/23 maxlen: 24
85.115.210.0/23 maxlen: 24
213.145.66.0/24 maxlen: 24
213.145.68.0/23 maxlen: 23
213.145.70.0/23 maxlen: 24
213.145.70.0/24 maxlen: 24
213.145.72.0/21 maxlen: 24
213.145.74.0/24 maxlen: 24
213.145.82.0/24 maxlen: 24
213.145.84.0/23 maxlen: 23
213.145.86.0/23 maxlen: 23
213.145.88.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.mft
rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 07:01:13 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:53:85:19:98:3c:7d:82:53:e9:7d:35:47:a4:2f:b2:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2fa16ab06020067740a4c1fb47a912622f1d0722
Validity
Not Before: Nov 5 10:17:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=078836459ac30ad97675a054e38acddb34325aa2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:4c:12:ad:a1:51:cc:97:61:c5:01:aa:ba:c0:
46:56:0f:38:63:3f:af:13:95:c4:5e:e5:ba:c2:49:
86:0e:de:23:6a:79:7a:36:89:22:fc:23:ec:30:32:
93:d1:99:09:e7:4e:68:d0:31:b7:81:0c:03:aa:4b:
55:d2:24:76:23:db:c3:96:d6:b7:11:60:30:9f:ed:
64:8a:d1:53:c4:bd:20:32:91:9d:ad:cc:3d:69:fd:
89:c3:82:92:e7:68:b3:fd:84:36:b1:71:84:26:35:
df:61:91:24:cf:d8:76:e2:d6:83:f6:6a:3c:6c:02:
b9:29:a4:bd:d0:ed:f4:b2:9a:7a:f0:06:d1:ad:a1:
74:63:e4:6d:f6:3e:dc:aa:82:71:55:ef:6d:90:e5:
56:7a:a9:c2:8d:70:19:b9:36:21:a1:43:39:af:d6:
67:29:f7:4e:a2:14:a0:e7:1e:28:91:0a:1d:8d:5a:
0f:b3:45:fc:cb:08:1b:c3:a8:5b:5e:57:bd:b7:0b:
ed:cf:08:62:f6:94:7d:a2:3f:ad:e6:5c:5e:fa:68:
d0:d3:52:db:f1:c3:ad:34:9b:67:7a:55:d5:cb:aa:
60:92:4e:03:2b:22:90:77:2e:9e:bd:d5:65:6f:42:
0e:96:58:8d:f2:5f:dd:c6:4c:57:33:11:2d:eb:51:
e1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
07:88:36:45:9A:C3:0A:D9:76:75:A0:54:E3:8A:CD:DB:34:32:5A:A2
X509v3 Authority Key Identifier:
keyid:2F:A1:6A:B0:60:20:06:77:40:A4:C1:FB:47:A9:12:62:2F:1D:07:22
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L6FqsGAgBndApMH7R6kSYi8dByI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/B4g2RZrDCtl2daBU44rN2zQyWqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/7f2393-d01a-41f7-a52e-d242b6f3a8a1/1/L6FqsGAgBndApMH7R6kSYi8dByI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.208.0/22
213.145.66.0/24
213.145.68.0-213.145.79.255
213.145.82.0/24
213.145.84.0-213.145.89.255
Signature Algorithm: sha256WithRSAEncryption
19:8d:e8:21:c7:8c:81:ae:fa:2e:4b:e5:19:02:a1:2b:f1:2d:
af:90:8e:68:f4:e4:9d:f2:e8:82:91:04:4c:52:fe:56:0f:12:
f1:52:14:f7:7d:42:71:31:bb:dc:23:05:ee:3f:40:fe:ac:cf:
96:ac:8f:6e:70:84:5f:a8:6c:b4:3b:e2:27:a8:a8:5d:46:9d:
17:9d:11:4b:64:b8:34:2e:80:8a:2a:ed:84:a9:ea:53:99:67:
41:69:b1:14:fc:47:31:a8:c9:42:38:c3:23:68:1d:44:04:b5:
62:51:b5:b3:f1:7d:da:ab:3e:cc:2c:10:4c:cd:a2:b7:0e:d6:
ae:01:70:72:07:72:85:fa:c3:75:9b:5c:18:55:fe:16:64:90:
02:00:4a:19:45:69:ca:f3:b7:d0:d4:0d:68:a5:ef:4c:21:b5:
16:86:fb:3a:eb:07:90:f7:30:60:12:bb:22:bc:b2:76:2b:73:
9d:d7:51:6a:04:9b:e3:56:78:89:70:d5:81:4c:99:36:26:77:
fe:9c:3b:23:46:01:82:c0:c1:de:09:57:34:fa:28:ab:63:77:
62:3b:d5:f6:0a:6a:c9:ad:b4:7c:7b:5d:82:9c:c0:c5:4e:17:
fe:f0:eb:68:83:db:53:03:bf:a2:b0:dc:ef:40:c1:ea:01:20:
26:87:ee:aa
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZpThRmYPH2CU+l9NUekL7JIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmYTE2YWIwNjAyMDA2Nzc0MGE0YzFmYjQ3YTkxMjYyMmYx
ZDA3MjIwHhcNMjUxMTA1MTAxNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNzg4MzY0NTlhYzMwYWQ5NzY3NWEwNTRlMzhhY2RkYjM0MzI1YWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1EwSraFRzJdhxQGqusBGVg84Yz+v
E5XEXuW6wkmGDt4janl6Noki/CPsMDKT0ZkJ505o0DG3gQwDqktV0iR2I9vDlta3
EWAwn+1kitFTxL0gMpGdrcw9af2Jw4KS52iz/YQ2sXGEJjXfYZEkz9h24taD9mo8
bAK5KaS90O30spp68AbRraF0Y+Rt9j7cqoJxVe9tkOVWeqnCjXAZuTYhoUM5r9Zn
KfdOohSg5x4okQodjVoPs0X8ywgbw6hbXle9twvtzwhi9pR9oj+t5lxe+mjQ01Lb
8cOtNJtnelXVy6pgkk4DKyKQdy6evdVlb0IOlliN8l/dxkxXMxEt61HhTQIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFAeINkWawwrZdnWgVOOKzds0MlqiMB8GA1UdIwQY
MBaAFC+harBgIAZ3QKTB+0epEmIvHQciMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUt
ZDI0MmI2ZjNhOGExLzEvQjRnMlJackRDdGwyZGFCVTQ0ck4yelF5V3FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy83ZjIzOTMtZDAxYS00MWY3LWE1MmUtZDI0MmI2ZjNhOGEx
LzEvTDZGcXNHQWdCbmRBcE1IN1I2a1NZaThkQnlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQCVXPQAwQA
1ZFCMAwDBALVkUQDBATVkUADBADVkVIwDAMEAtWRVAMEAdWRWDANBgkqhkiG9w0B
AQsFAAOCAQEAGY3oIceMga76LkvlGQKhK/Etr5COaPTknfLogpEETFL+Vg8S8VIU
931CcTG73CMF7j9A/qzPlqyPbnCEX6hstDviJ6ioXUadF50RS2S4NC6AiirthKnq
U5lnQWmxFPxHMajJQjjDI2gdRAS1YlG1s/F92qs+zCwQTM2itw7WrgFwcgdyhfrD
dZtcGFX+FmSQAgBKGUVpyvO30NQNaKXvTCG1Fob7OusHkPcwYBK7IryyditznddR
agSb41Z4iXDVgUyZNiZ3/pw7I0YBgsDB3glXNPooq2N3YjvV9gpqya20fHtdgpzA
xU4X/vDraIPbUwO/orDc70DB6gEgJofuqg==
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:42:41 2025 by rpki-client