Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/vDXI6zDZCtBj_jhc2X0hLjsgR8Q.roa
File: vDXI6zDZCtBj_jhc2X0hLjsgR8Q.roa (raw, json)
Hash identifier: z26aGtU0D7UYmGcPjOFI1fCBSEy79I6N0Y6rtSN2uVg=
Subject key identifier: BC:35:C8:EB:30:D9:0A:D0:63:FE:38:5C:D9:7D:21:2E:3B:20:47:C4
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 0198186A22E80DFC437ECF2CBA7E257755CC
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/vDXI6zDZCtBj_jhc2X0hLjsgR8Q.roa
Signing time: Thu 17 Jul 2025 12:44:25 +0000
ROA not before: Thu 17 Jul 2025 12:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 46.80.0.0/12 maxlen: 12
62.153.0.0/16 maxlen: 16
62.154.0.0/15 maxlen: 15
62.156.0.0/14 maxlen: 14
62.224.0.0/14 maxlen: 14
79.192.0.0/10 maxlen: 10
80.128.0.0/11 maxlen: 11
80.128.0.0/12 maxlen: 12
80.144.0.0/13 maxlen: 13
80.152.0.0/14 maxlen: 14
80.156.0.0/16 maxlen: 16
80.157.0.0/16 maxlen: 16
80.157.8.0/21 maxlen: 21
80.157.16.0/20 maxlen: 20
84.128.0.0/10 maxlen: 10
87.128.0.0/10 maxlen: 10
91.0.0.0/10 maxlen: 10
93.192.0.0/10 maxlen: 10
192.166.49.0/24 maxlen: 24
193.158.0.0/15 maxlen: 15
194.25.0.0/16 maxlen: 16
194.150.228.0/23 maxlen: 23
195.145.0.0/16 maxlen: 16
195.243.0.0/16 maxlen: 16
212.184.0.0/15 maxlen: 15
217.0.0.0/13 maxlen: 13
217.80.0.0/12 maxlen: 12
217.224.0.0/11 maxlen: 11
2003::/19 maxlen: 19
2003::/23 maxlen: 23
2003:8:f400::/48 maxlen: 48
2003:8:f401::/48 maxlen: 48
2003:8:f402::/48 maxlen: 48
2003:8:f403::/48 maxlen: 48
2003:8:f404::/48 maxlen: 48
2003:8:f405::/48 maxlen: 48
2003:8:f406::/48 maxlen: 48
2003:8:f407::/48 maxlen: 48
2003:8:f408::/48 maxlen: 48
2003:8:f409::/48 maxlen: 48
2003:8:f40a::/48 maxlen: 48
2003:8:f40b::/48 maxlen: 48
2003:8:f40c::/48 maxlen: 48
2003:8:f40d::/48 maxlen: 48
2003:8:f40e::/48 maxlen: 48
2003:8:f40f::/48 maxlen: 48
2003:3c0::/28 maxlen: 28
2003:3e0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:6a:22:e8:0d:fc:43:7e:cf:2c:ba:7e:25:77:55:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Jul 17 12:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc35c8eb30d90ad063fe385cd97d212e3b2047c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:3c:66:95:78:01:3d:fd:11:fb:73:5b:65:1e:
e8:8a:a3:46:73:da:31:77:88:ae:df:dd:1c:f2:ef:
6a:12:f3:5f:6b:b9:93:7e:2c:58:b6:2b:9d:a0:fa:
2e:df:62:c6:ef:40:a4:fa:6e:23:e6:19:a6:6d:43:
60:c2:8e:5e:ab:8c:96:3d:a4:5e:f6:66:f8:1f:52:
e5:de:cd:fe:fc:fe:15:d8:78:1b:b9:fa:04:71:cc:
53:d7:7c:4c:85:4a:0f:e1:80:ed:1f:05:f8:a2:29:
82:f5:2a:17:e4:a8:07:bd:18:cd:73:88:86:e1:e6:
90:c8:ea:ad:11:42:b7:41:8e:c4:b1:e1:4b:20:f9:
0f:d2:ed:98:8e:8a:df:65:81:fc:4d:17:3f:9f:bb:
44:81:1a:55:e7:62:42:31:e5:7c:36:c4:7e:88:85:
a3:b5:a3:09:30:fc:4f:f0:c1:3b:c6:75:fe:58:fd:
05:e5:52:a0:71:c0:e1:01:15:26:d6:22:2c:bc:9c:
45:c0:7b:24:8c:ae:d1:5d:10:e3:a5:9d:cf:0d:58:
fc:fb:da:7c:56:1f:38:47:23:e1:4c:94:83:59:8e:
b9:df:0c:5c:98:04:6e:82:3d:e0:4e:46:21:38:da:
27:10:66:94:f3:07:39:29:25:10:f2:52:47:8f:4f:
d8:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:35:C8:EB:30:D9:0A:D0:63:FE:38:5C:D9:7D:21:2E:3B:20:47:C4
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/vDXI6zDZCtBj_jhc2X0hLjsgR8Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.80.0.0/12
62.153.0.0-62.159.255.255
62.224.0.0/14
79.192.0.0/10
80.128.0.0/11
84.128.0.0/10
87.128.0.0/10
91.0.0.0/10
93.192.0.0/10
192.166.49.0/24
193.158.0.0/15
194.25.0.0/16
194.150.228.0/23
195.145.0.0/16
195.243.0.0/16
212.184.0.0/15
217.0.0.0/13
217.80.0.0/12
217.224.0.0/11
IPv6:
2003::/19
Signature Algorithm: sha256WithRSAEncryption
2b:77:71:ff:ea:d8:27:d1:19:cd:98:73:8f:7b:99:33:2b:38:
5e:7b:24:f8:4f:85:6a:93:53:88:12:95:5b:0f:76:dd:de:bb:
70:d9:f4:4f:29:4f:b1:a1:35:69:0a:be:4e:c1:86:96:2c:df:
e5:45:7b:7d:31:19:98:df:93:8f:27:80:b1:7f:4d:7a:9c:30:
31:8c:97:dd:8c:21:27:cc:71:ac:22:2f:24:3a:b5:72:a8:e0:
ef:97:5f:93:86:f5:ea:b8:a1:fe:77:f6:67:04:ec:2c:89:44:
7f:10:69:e7:f3:e7:e1:e4:e8:09:ab:c0:b7:91:b3:fc:9a:f6:
45:05:cb:06:68:d7:44:4e:6b:8a:1c:ce:ed:4d:e8:d1:5f:e6:
0d:04:b2:f8:a2:a9:7e:5e:44:ad:71:09:c7:a2:c7:d4:cc:dc:
8a:70:a5:02:eb:ea:c7:92:cd:a6:33:a0:ff:ab:4c:f6:7e:fe:
77:1a:71:8e:ad:d9:e9:13:18:91:20:4a:2a:70:bf:6d:f2:d0:
89:08:fb:c0:26:82:e6:c3:2b:a7:18:41:cc:53:22:d6:eb:44:
d6:ba:f2:41:1e:1d:4d:c2:0d:e7:cd:bb:10:d1:e8:68:85:19:
1e:46:82:c6:6f:60:61:18:bb:00:52:71:61:c9:f3:7a:f0:e6:
13:d3:d4:ec
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAZgYaiLoDfxDfs8sun4ld1XMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjUwNzE3MTI0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzM1YzhlYjMwZDkwYWQwNjNmZTM4NWNkOTdkMjEyZTNiMjA0N2M0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAozxmlXgBPf0R+3NbZR7oiqNGc9ox
d4iu390c8u9qEvNfa7mTfixYtiudoPou32LG70Ck+m4j5hmmbUNgwo5eq4yWPaRe
9mb4H1Ll3s3+/P4V2HgbufoEccxT13xMhUoP4YDtHwX4oimC9SoX5KgHvRjNc4iG
4eaQyOqtEUK3QY7EseFLIPkP0u2YjorfZYH8TRc/n7tEgRpV52JCMeV8NsR+iIWj
taMJMPxP8ME7xnX+WP0F5VKgccDhARUm1iIsvJxFwHskjK7RXRDjpZ3PDVj8+9p8
Vh84RyPhTJSDWY653wxcmARugj3gTkYhONonEGaU8wc5KSUQ8lJHj0/YDQIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFLw1yOsw2QrQY/44XNl9IS47IEfEMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL3ZEWEk2ekRaQ3RCal9qaGMyWDBoTGpzZ1I4US5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZAGCCsGAQUFBwEHAQH/BIGAMH4wbgQCAAEwaAMDBC5Q
MAoDAwA+mQMDBT6AAwMCPuADAwZPwAMDBVCAAwMGVIADAwZXgAMDBlsAAwMGXcAD
BADApjEDAwHBngMDAMIZAwQBwpbkAwMAw5EDAwDD8wMDAdS4AwMD2QADAwTZUAMD
BdngMAwEAgACMAYDBAUgAwAwDQYJKoZIhvcNAQELBQADggEBACt3cf/q2CfRGc2Y
c497mTMrOF57JPhPhWqTU4gSlVsPdt3eu3DZ9E8pT7GhNWkKvk7BhpYs3+VFe30x
GZjfk48ngLF/TXqcMDGMl92MISfMcawiLyQ6tXKo4O+XX5OG9eq4of539mcE7CyJ
RH8Qaefz5+Hk6AmrwLeRs/ya9kUFywZo10ROa4oczu1N6NFf5g0EsviiqX5eRK1x
Cceix9TM3IpwpQLr6seSzaYzoP+rTPZ+/ncacY6t2ekTGJEgSipwv23y0IkI+8Am
gubDK6cYQcxTItbrRNa68kEeHU3CDefNuxDR6GiFGR5GgsZvYGEYuwBScWHJ83rw
5hPT1Ow=
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:01:25 2025 by rpki-client