Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7IWgNJ2h7eHwhPNwwttmEOFChC8.roa
File: 7IWgNJ2h7eHwhPNwwttmEOFChC8.roa (raw, json)
Hash identifier: 2rtV5wKeMmoW5y07HrI7mk7l9ptDVSdDe/b1efjBptU=
Subject key identifier: EC:85:A0:34:9D:A1:ED:E1:F0:84:F3:70:C2:DB:66:10:E1:42:84:2F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199BDB113491FF942C3D75E49C3EDB18A94
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7IWgNJ2h7eHwhPNwwttmEOFChC8.roa
Signing time: Tue 07 Oct 2025 08:02:02 +0000
ROA not before: Tue 07 Oct 2025 08:02:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62240
IP address blocks: 82.152.129.0/24 maxlen: 24
82.153.155.0/24 maxlen: 24
194.105.74.0/24 maxlen: 24
213.130.154.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bd:b1:13:49:1f:f9:42:c3:d7:5e:49:c3:ed:b1:8a:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 7 08:02:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec85a0349da1ede1f084f370c2db6610e142842f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:6b:80:0b:b5:00:6a:98:a4:8e:dc:1c:06:08:
27:34:bd:2e:65:98:2b:99:e0:13:f1:dd:b0:1e:dd:
86:09:93:8d:2c:28:28:46:e7:dd:c6:38:89:68:1f:
a5:56:3c:74:a0:a2:a2:14:50:ac:ca:ab:0c:b3:90:
b2:7c:bf:00:d2:ec:54:95:b2:43:2d:df:af:61:dd:
e7:a1:15:56:95:5d:a3:b7:33:c4:19:bd:52:12:cc:
2a:e3:43:c2:a4:46:0d:0b:4d:3d:6e:8f:10:87:2c:
e4:be:ad:12:e2:ea:d2:ad:19:10:5e:a9:b5:65:20:
fa:63:be:e1:d0:d0:47:9e:43:82:ca:1c:1c:19:34:
46:72:d2:b7:87:5a:a3:07:92:5e:3a:06:d7:4f:2f:
57:bf:a2:ff:67:b0:1b:0d:a6:16:c2:38:19:50:18:
95:ec:6d:8c:b0:18:3c:8a:87:80:02:6d:a8:f0:a4:
51:7d:76:12:b8:b2:26:2b:28:d9:3a:8f:47:3b:c5:
b0:f2:1b:28:aa:09:40:c9:53:25:24:fd:33:29:af:
da:21:3b:42:c6:c5:c2:36:4e:d6:51:d3:fd:69:d8:
fe:96:fc:fc:32:ab:03:dd:b3:f9:d3:57:d4:bd:40:
49:35:8b:bb:91:d4:e8:8b:28:d1:f9:de:9c:6b:4a:
26:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:85:A0:34:9D:A1:ED:E1:F0:84:F3:70:C2:DB:66:10:E1:42:84:2F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7IWgNJ2h7eHwhPNwwttmEOFChC8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.129.0/24
82.153.155.0/24
194.105.74.0/24
213.130.154.0/24
Signature Algorithm: sha256WithRSAEncryption
88:76:08:aa:1d:f4:a6:4f:c8:23:89:c1:48:bc:90:03:56:90:
a7:3c:31:5f:1b:9f:5b:c9:cb:6c:69:4b:02:26:99:58:8e:54:
30:cf:62:49:3e:2f:b0:b6:56:d0:8e:47:d0:32:d8:4d:3f:f9:
cd:c9:0b:2a:6b:b3:30:ab:c4:b0:1d:58:d6:e5:c1:ab:8e:d6:
20:40:4a:20:95:d4:9d:82:df:f6:c7:cf:b7:66:59:8f:a4:c0:
4a:0b:83:33:f7:8c:d8:b7:c2:2d:bb:df:5c:65:eb:20:08:81:
d9:37:e8:79:e1:a9:fb:95:c6:f3:58:d8:74:c8:b9:4e:a8:30:
d5:e0:8a:46:33:d5:9d:49:d1:a8:a0:69:dd:25:09:87:2f:51:
3f:af:6d:1d:a6:96:57:64:cd:f9:40:47:7b:de:f5:a0:46:23:
25:ac:70:73:7d:44:49:0c:5b:83:9b:9a:3e:c5:35:9d:dc:b3:
4f:e1:76:f0:a4:fa:ad:a3:ec:80:8e:c7:f8:f5:1d:92:b9:fa:
ce:37:08:b1:a2:59:35:65:84:81:4b:4c:48:7e:ac:e7:6f:87:
53:0f:7f:b6:9e:97:f0:16:8c:8e:97:d7:b5:42:81:b8:63:55:
c7:99:68:64:34:2e:f6:fe:c4:ac:d3:ca:03:93:16:5d:b5:20:
0a:ac:ac:f3
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZm9sRNJH/lCw9deScPtsYqUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDA3MDgwMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzg1YTAzNDlkYTFlZGUxZjA4NGYzNzBjMmRiNjYxMGUxNDI4NDJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGuAC7UAapikjtwcBggnNL0uZZgr
meAT8d2wHt2GCZONLCgoRufdxjiJaB+lVjx0oKKiFFCsyqsMs5CyfL8A0uxUlbJD
Ld+vYd3noRVWlV2jtzPEGb1SEswq40PCpEYNC009bo8Qhyzkvq0S4urSrRkQXqm1
ZSD6Y77h0NBHnkOCyhwcGTRGctK3h1qjB5JeOgbXTy9Xv6L/Z7AbDaYWwjgZUBiV
7G2MsBg8ioeAAm2o8KRRfXYSuLImKyjZOo9HO8Ww8hsoqglAyVMlJP0zKa/aITtC
xsXCNk7WUdP9adj+lvz8MqsD3bP501fUvUBJNYu7kdToiyjR+d6ca0omiQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFOyFoDSdoe3h8ITzcMLbZhDhQoQvMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN0lXZ05KMmg3ZUh3aFBOd3d0dG1FT0ZDaEM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpiBAwQA
UpmbAwQAwmlKAwQA1YKaMA0GCSqGSIb3DQEBCwUAA4IBAQCIdgiqHfSmT8gjicFI
vJADVpCnPDFfG59byctsaUsCJplYjlQwz2JJPi+wtlbQjkfQMthNP/nNyQsqa7Mw
q8SwHVjW5cGrjtYgQEogldSdgt/2x8+3ZlmPpMBKC4Mz94zYt8Itu99cZesgCIHZ
N+h54an7lcbzWNh0yLlOqDDV4IpGM9WdSdGooGndJQmHL1E/r20dppZXZM35QEd7
3vWgRiMlrHBzfURJDFuDm5o+xTWd3LNP4XbwpPqto+yAjsf49R2SufrONwixolk1
ZYSBS0xIfqznb4dTD3+2npfwFoyOl9e1QoG4Y1XHmWhkNC72/sSs08oDkxZdtSAK
rKzz
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:27:59 2025 by rpki-client