Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/qL79bcmuok9WC29ukQ7a9d6B160.roa
File: qL79bcmuok9WC29ukQ7a9d6B160.roa (raw, json)
Hash identifier: z0ZhjUmGDzRe62s2r1dSc49zELz53hjK7MceIpYi3XY=
Subject key identifier: A8:BE:FD:6D:C9:AE:A2:4F:56:0B:6F:6E:91:0E:DA:F5:DE:81:D7:AD
Certificate issuer: /CN=edb926f8c603aab79cb46a883bf632564a3faabf
Certificate serial: 0199C2BAAE5DC112899B4F036D6A5CF770E6
Authority key identifier: ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/qL79bcmuok9WC29ukQ7a9d6B160.roa
Signing time: Wed 08 Oct 2025 07:30:38 +0000
ROA not before: Wed 08 Oct 2025 07:30:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42695
IP address blocks: 31.12.84.0/22 maxlen: 24
31.132.58.0/24 maxlen: 24
37.153.138.0/23 maxlen: 24
37.153.172.0/23 maxlen: 24
45.114.120.0/22 maxlen: 24
45.114.121.0/24 maxlen: 24
45.114.122.0/24 maxlen: 24
45.114.123.0/24 maxlen: 24
46.254.8.0/21 maxlen: 24
46.254.10.0/23 maxlen: 23
46.254.12.0/24 maxlen: 24
46.254.13.0/24 maxlen: 24
46.254.14.0/24 maxlen: 24
46.254.15.0/24 maxlen: 24
77.81.6.0/23 maxlen: 24
77.81.188.0/23 maxlen: 24
86.107.48.0/23 maxlen: 24
86.107.49.0/24 maxlen: 24
86.107.242.0/23 maxlen: 24
89.36.90.0/23 maxlen: 23
89.40.216.0/23 maxlen: 23
89.42.140.0/23 maxlen: 24
89.45.226.0/23 maxlen: 24
89.45.226.0/24 maxlen: 24
89.45.227.0/24 maxlen: 24
89.46.80.0/21 maxlen: 24
89.46.80.0/24 maxlen: 24
89.46.81.0/24 maxlen: 24
89.46.82.0/24 maxlen: 24
89.46.83.0/24 maxlen: 24
89.46.86.0/24 maxlen: 24
91.106.192.0/21 maxlen: 24
91.123.192.0/20 maxlen: 24
103.57.72.0/22 maxlen: 24
103.57.74.0/24 maxlen: 24
103.81.140.0/22 maxlen: 24
116.206.168.0/22 maxlen: 24
141.255.184.0/21 maxlen: 24
185.2.152.0/22 maxlen: 22
185.16.84.0/22 maxlen: 24
185.52.156.0/22 maxlen: 24
185.62.204.0/22 maxlen: 24
185.62.207.0/24 maxlen: 24
185.103.48.0/23 maxlen: 23
185.103.51.0/24 maxlen: 24
188.95.224.0/21 maxlen: 24
188.212.108.0/23 maxlen: 24
188.240.18.0/23 maxlen: 24
188.240.92.0/22 maxlen: 24
188.240.222.0/23 maxlen: 24
188.241.198.0/23 maxlen: 24
188.241.198.0/24 maxlen: 24
2a00:16d8::/32 maxlen: 48
2a03:b000::/32 maxlen: 32
2a03:b000:200::/40 maxlen: 40
2a03:b000:600::/40 maxlen: 40
2a03:b000:700::/40 maxlen: 40
2a03:b000:800::/40 maxlen: 40
2a03:d7c0::/29 maxlen: 48
2a04:f180::/29 maxlen: 48
2a06:2980::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.mft
rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:ba:ae:5d:c1:12:89:9b:4f:03:6d:6a:5c:f7:70:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=edb926f8c603aab79cb46a883bf632564a3faabf
Validity
Not Before: Oct 8 07:30:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8befd6dc9aea24f560b6f6e910edaf5de81d7ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:8d:64:c9:eb:d5:7f:fd:3f:0b:38:85:1d:f4:
90:42:30:b8:64:28:29:a2:3f:a8:b5:a1:f5:89:5f:
3d:bc:fd:f3:5f:fe:b7:2f:21:23:45:65:c9:0e:bc:
a4:c7:ca:87:e1:06:8e:b1:4e:ff:98:04:14:76:3a:
85:91:52:43:aa:ec:18:4c:e9:77:58:22:72:f0:86:
d4:49:b7:32:31:5b:07:98:19:e9:63:8e:ac:26:23:
3a:73:00:fd:52:d2:84:02:e6:0f:62:b8:a7:51:63:
14:d2:fd:13:e6:58:c5:12:a6:e8:1b:4b:ab:4e:97:
10:05:ed:2d:8c:d2:0e:89:f1:98:26:7c:9e:96:50:
09:5c:6c:04:b6:d6:85:28:cc:18:f7:95:e0:d6:64:
c3:f3:0a:29:f0:10:a5:2a:e4:e2:88:5a:4f:70:ae:
ad:74:bb:2a:34:16:81:55:bd:c1:d8:a1:40:73:5a:
09:be:37:53:af:5b:e5:f2:f4:38:3b:c0:dd:d1:cd:
c5:bb:23:b0:87:a7:bc:a3:5a:3c:f9:f1:43:02:43:
7e:17:e2:f5:f4:aa:42:e2:71:eb:2e:8f:4b:13:64:
b5:c6:e3:fd:fb:07:14:34:b1:95:57:c2:03:ad:d9:
e2:e2:49:f2:b9:2c:37:e4:85:be:30:b6:7b:09:09:
7a:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:BE:FD:6D:C9:AE:A2:4F:56:0B:6F:6E:91:0E:DA:F5:DE:81:D7:AD
X509v3 Authority Key Identifier:
keyid:ED:B9:26:F8:C6:03:AA:B7:9C:B4:6A:88:3B:F6:32:56:4A:3F:AA:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7bkm-MYDqrectGqIO_YyVko_qr8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/qL79bcmuok9WC29ukQ7a9d6B160.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/56c934-cf14-4a4f-ae7c-3bd1978bf2f6/1/7bkm-MYDqrectGqIO_YyVko_qr8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.12.84.0/22
31.132.58.0/24
37.153.138.0/23
37.153.172.0/23
45.114.120.0/22
46.254.8.0/21
77.81.6.0/23
77.81.188.0/23
86.107.48.0/23
86.107.242.0/23
89.36.90.0/23
89.40.216.0/23
89.42.140.0/23
89.45.226.0/23
89.46.80.0/21
91.106.192.0/21
91.123.192.0/20
103.57.72.0/22
103.81.140.0/22
116.206.168.0/22
141.255.184.0/21
185.2.152.0/22
185.16.84.0/22
185.52.156.0/22
185.62.204.0/22
185.103.48.0/23
185.103.51.0/24
188.95.224.0/21
188.212.108.0/23
188.240.18.0/23
188.240.92.0/22
188.240.222.0/23
188.241.198.0/23
IPv6:
2a00:16d8::/32
2a03:b000::/32
2a03:d7c0::/29
2a04:f180::/29
2a06:2980::/29
Signature Algorithm: sha256WithRSAEncryption
65:29:a0:30:c8:42:ed:1a:4b:c7:c1:a8:27:92:58:4c:0b:1f:
eb:c7:c7:6f:8b:9e:6c:a6:00:c3:96:b7:9b:a7:ca:7d:2a:31:
46:2d:1e:a0:7e:4a:f1:33:e2:f2:be:a5:04:bb:3c:01:e5:94:
66:7a:70:e5:4e:9a:1e:56:67:ae:00:25:11:b9:a2:ce:85:3d:
44:b0:71:09:43:08:38:e2:f7:0b:f8:87:0a:ba:1d:f3:ca:19:
9e:0a:16:8b:e2:f0:95:24:ae:73:24:1b:fb:71:2a:55:0a:8c:
f6:1f:58:76:53:99:61:03:34:2f:0a:8e:5b:01:c3:82:26:5a:
85:2e:ec:e2:de:e5:9b:37:78:9b:79:e2:76:b0:ff:f3:b8:69:
52:e2:b6:bc:db:74:f9:2c:c8:1e:ae:5b:bc:03:74:06:e5:eb:
ac:01:a5:bd:80:b5:3e:a2:65:6b:a4:2a:25:82:29:42:9d:c7:
52:88:14:ff:96:2b:d3:a5:9f:25:80:3d:2c:bb:a1:15:c3:97:
75:52:45:ab:79:15:30:9d:b8:20:93:12:be:cb:02:0e:b5:90:
c3:22:1e:34:fc:21:07:5d:e9:72:2e:71:ca:75:76:b3:31:c3:
8d:45:0f:29:ce:5d:c5:a2:a0:7b:a4:f1:cb:ef:d7:16:be:a0:
16:c3:a0:35
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZnCuq5dwRKJm08DbWpc93DmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVkYjkyNmY4YzYwM2FhYjc5Y2I0NmE4ODNiZjYzMjU2NGEz
ZmFhYmYwHhcNMjUxMDA4MDczMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGJlZmQ2ZGM5YWVhMjRmNTYwYjZmNmU5MTBlZGFmNWRlODFkN2FkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAso1kyevVf/0/CziFHfSQQjC4ZCgp
oj+otaH1iV89vP3zX/63LyEjRWXJDrykx8qH4QaOsU7/mAQUdjqFkVJDquwYTOl3
WCJy8IbUSbcyMVsHmBnpY46sJiM6cwD9UtKEAuYPYrinUWMU0v0T5ljFEqboG0ur
TpcQBe0tjNIOifGYJnyellAJXGwEttaFKMwY95Xg1mTD8wop8BClKuTiiFpPcK6t
dLsqNBaBVb3B2KFAc1oJvjdTr1vl8vQ4O8Dd0c3FuyOwh6e8o1o8+fFDAkN+F+L1
9KpC4nHrLo9LE2S1xuP9+wcUNLGVV8IDrdni4knyuSw35IW+MLZ7CQl6AQIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFKi+/W3JrqJPVgtvbpEO2vXegdetMB8GA1UdIwQY
MBaAFO25JvjGA6q3nLRqiDv2MlZKP6q/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2Mt
M2JkMTk3OGJmMmY2LzEvcUw3OWJjbXVvazlXQzI5dWtRN2E5ZDZCMTYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy81NmM5MzQtY2YxNC00YTRmLWFlN2MtM2JkMTk3OGJmMmY2
LzEvN2JrbS1NWURxcmVjdEdxSU9fWXlWa29fcXI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgc0EAgABMIHGAwQC
HwxUAwQAH4Q6AwQBJZmKAwQBJZmsAwQCLXJ4AwQDLv4IAwQBTVEGAwQBTVG8AwQB
VmswAwQBVmvyAwQBWSRaAwQBWSjYAwQBWSqMAwQBWS3iAwQDWS5QAwQDW2rAAwQE
W3vAAwQCZzlIAwQCZ1GMAwQCdM6oAwQDjf+4AwQCuQKYAwQCuRBUAwQCuTScAwQC
uT7MAwQBuWcwAwQAuWczAwQDvF/gAwQBvNRsAwQBvPASAwQCvPBcAwQBvPDeAwQB
vPHGMCkEAgACMCMDBQAqABbYAwUAKgOwAAMFAyoD18ADBQMqBPGAAwUDKgYpgDAN
BgkqhkiG9w0BAQsFAAOCAQEAZSmgMMhC7RpLx8GoJ5JYTAsf68fHb4uebKYAw5a3
m6fKfSoxRi0eoH5K8TPi8r6lBLs8AeWUZnpw5U6aHlZnrgAlEbmizoU9RLBxCUMI
OOL3C/iHCrod88oZngoWi+LwlSSucyQb+3EqVQqM9h9YdlOZYQM0LwqOWwHDgiZa
hS7s4t7lmzd4m3nidrD/87hpUuK2vNt0+SzIHq5bvAN0BuXrrAGlvYC1PqJla6Qq
JYIpQp3HUogU/5Yr06WfJYA9LLuhFcOXdVJFq3kVMJ24IJMSvssCDrWQwyIeNPwh
B13pci5xynV2szHDjUUPKc5dxaKge6Txy+/XFr6gFsOgNQ==
-----END CERTIFICATE-----
Generated at Thu Oct 9 06:22:38 2025 by rpki-client