Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Sn2yq569peqmbe3S0107RFaZbdU.roa
File: Sn2yq569peqmbe3S0107RFaZbdU.roa (raw, json)
Hash identifier: v0CID4ljSSDt03Znz3l7eRbQ/C/Uw7lcLaMg7wkGl0Y=
Subject key identifier: 4A:7D:B2:AB:9E:BD:A5:EA:A6:6D:ED:D2:D3:5D:3B:44:56:99:6D:D5
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01997B82A58780272DDEDBFE50D0618EF274
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Sn2yq569peqmbe3S0107RFaZbdU.roa
Signing time: Wed 24 Sep 2025 11:36:23 +0000
ROA not before: Wed 24 Sep 2025 11:36:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59651
IP address blocks: 37.72.141.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
46.253.131.0/24 maxlen: 24
62.204.49.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
83.97.116.0/22 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
91.246.51.0/24 maxlen: 24
91.247.163.0/24 maxlen: 24
94.154.113.0/24 maxlen: 24
146.19.39.0/24 maxlen: 24
146.19.44.0/24 maxlen: 24
176.126.104.0/24 maxlen: 24
178.20.28.0/22 maxlen: 24
185.202.108.0/24 maxlen: 24
185.212.115.0/24 maxlen: 24
193.31.126.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.163.89.0/24 maxlen: 24
193.163.92.0/24 maxlen: 24
193.163.207.0/24 maxlen: 24
194.70.234.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
212.18.113.0/24 maxlen: 24
212.18.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 Oct 2025 11:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7b:82:a5:87:80:27:2d:de:db:fe:50:d0:61:8e:f2:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Sep 24 11:36:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a7db2ab9ebda5eaa66dedd2d35d3b4456996dd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:7e:67:45:d2:38:32:f6:00:be:59:38:d1:6e:
fd:2d:86:09:eb:8f:b8:ad:7d:97:b9:42:57:1e:63:
c2:bc:12:8e:c8:2f:8b:f3:8c:74:03:b0:4d:96:26:
e4:f7:b8:89:00:d0:10:1e:d0:6a:de:50:52:5f:af:
e1:dd:9d:a7:ce:30:b1:2a:7f:7d:2c:fb:55:f6:d9:
3a:ae:b2:8a:bf:c5:7f:ec:f7:ea:1c:50:fe:eb:f9:
2e:76:64:b9:52:18:73:70:6e:c0:5c:01:10:e2:32:
14:61:7f:c5:48:97:0f:a9:bf:0f:37:9d:0d:b9:98:
32:64:b9:3c:d3:3f:43:cd:c7:f1:3f:2d:8f:7d:b6:
db:4f:d4:79:5a:33:85:b1:b6:b0:52:00:10:a3:67:
31:19:e7:3f:62:59:d8:ce:b7:f4:50:6d:55:5b:6b:
23:89:ae:67:24:f4:d1:ac:ca:d9:0c:b9:a8:e3:e7:
ef:92:67:b6:1d:56:cd:ff:b2:7e:d5:e0:51:45:d0:
82:51:07:fc:2d:c1:13:76:4e:8f:6e:30:ba:dc:a2:
75:67:d9:10:f1:27:0a:3a:53:d8:5a:bf:08:4d:e3:
21:8f:90:85:35:53:8f:52:eb:e6:f2:52:79:a6:b3:
03:ab:85:2f:87:df:dd:78:0e:b3:fc:6e:0d:03:2a:
d5:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:7D:B2:AB:9E:BD:A5:EA:A6:6D:ED:D2:D3:5D:3B:44:56:99:6D:D5
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/Sn2yq569peqmbe3S0107RFaZbdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.72.141.0/24
45.159.21.0-45.159.22.255
46.253.131.0/24
62.204.49.0/24
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
91.246.51.0/24
91.247.163.0/24
94.154.113.0/24
146.19.39.0/24
146.19.44.0/24
176.126.104.0/24
178.20.28.0/22
185.202.108.0/24
185.212.115.0/24
193.31.126.0/24
193.151.189.0-193.151.191.255
193.163.89.0/24
193.163.92.0/24
193.163.207.0/24
194.70.234.0/24
194.99.24.0/24
194.99.26.0/24
212.18.113.0/24
212.18.127.0/24
Signature Algorithm: sha256WithRSAEncryption
79:02:80:48:cb:c7:86:0f:d6:00:cd:a9:e6:0e:c3:2f:3c:6b:
f9:8e:91:9b:a6:ed:c3:87:b8:ce:aa:8c:79:78:0c:63:dd:52:
e8:88:11:be:90:30:7d:6d:9b:33:45:cf:be:21:17:7a:d3:d2:
09:ee:d8:95:ff:ed:59:e0:a2:a4:26:98:7e:04:4e:51:f8:f1:
97:e6:8b:82:b1:30:11:bc:1e:d0:ea:ff:3d:4c:c2:81:0d:c2:
f2:cf:5f:c5:df:c4:25:86:4b:c5:2c:7f:09:86:7d:b1:02:14:
43:5a:23:14:27:4d:1d:eb:fa:3f:8c:ee:c8:f0:c4:6a:ff:5a:
95:1d:1e:94:bd:42:2f:34:16:3f:27:84:7b:12:7c:f5:5b:89:
20:03:fe:4b:b4:f8:16:f6:a1:be:1f:30:2e:6d:c1:45:4c:bc:
e2:a1:e8:ad:5b:e0:e2:21:22:21:72:f4:86:41:2e:a5:28:9e:
68:93:f2:c2:c1:6f:14:f4:e4:63:6b:d0:ce:25:75:13:24:d9:
c4:03:53:e5:bd:e3:f6:53:e2:90:74:74:4d:16:c2:4c:a0:0b:
36:d8:dd:88:94:53:37:12:1a:59:e3:dc:ac:98:77:6c:ab:5f:
45:8e:68:fc:d1:8b:72:df:7d:ed:1b:0b:48:2e:9e:1b:a6:9c:
aa:68:85:0e
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZl7gqWHgCct3tv+UNBhjvJ0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwOTI0MTEzNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTdkYjJhYjllYmRhNWVhYTY2ZGVkZDJkMzVkM2I0NDU2OTk2ZGQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu35nRdI4MvYAvlk40W79LYYJ64+4
rX2XuUJXHmPCvBKOyC+L84x0A7BNlibk97iJANAQHtBq3lBSX6/h3Z2nzjCxKn99
LPtV9tk6rrKKv8V/7PfqHFD+6/kudmS5UhhzcG7AXAEQ4jIUYX/FSJcPqb8PN50N
uZgyZLk80z9DzcfxPy2PfbbbT9R5WjOFsbawUgAQo2cxGec/YlnYzrf0UG1VW2sj
ia5nJPTRrMrZDLmo4+fvkme2HVbN/7J+1eBRRdCCUQf8LcETdk6PbjC63KJ1Z9kQ
8ScKOlPYWr8ITeMhj5CFNVOPUuvm8lJ5prMDq4Uvh9/deA6z/G4NAyrVfQIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFEp9squevaXqpm3t0tNdO0RWmW3VMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvU24yeXE1NjlwZXFtYmUzUzAxMDdSRmFaYmRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAAl
SI0wDAMEAC2fFQMEAC2fFgMEAC79gwMEAD7MMQMEAk1TGAMEAlNhdAMEAFjaLQME
AFjaLwMEAFv2MwMEAFv3owMEAF6acQMEAJITJwMEAJITLAMEALB+aAMEArIUHAME
ALnKbAMEALnUcwMEAMEffjAMAwQAwZe9AwQGwZeAAwQAwaNZAwQAwaNcAwQAwaPP
AwQAwkbqAwQAwmMYAwQAwmMaAwQA1BJxAwQA1BJ/MA0GCSqGSIb3DQEBCwUAA4IB
AQB5AoBIy8eGD9YAzanmDsMvPGv5jpGbpu3Dh7jOqox5eAxj3VLoiBG+kDB9bZsz
Rc++IRd609IJ7tiV/+1Z4KKkJph+BE5R+PGX5ouCsTARvB7Q6v89TMKBDcLyz1/F
38QlhkvFLH8Jhn2xAhRDWiMUJ00d6/o/jO7I8MRq/1qVHR6UvUIvNBY/J4R7Enz1
W4kgA/5LtPgW9qG+HzAubcFFTLzioeitW+DiISIhcvSGQS6lKJ5ok/LCwW8U9ORj
a9DOJXUTJNnEA1PlveP2U+KQdHRNFsJMoAs22N2IlFM3EhpZ49ysmHdsq19Fjmj8
0Yty333tGwtILp4bppyqaIUO
-----END CERTIFICATE-----
Generated at Sat Oct 11 17:33:13 2025 by rpki-client