Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ROOXaK24mcKsg8wHkCye3coN9oc.roa
File: ROOXaK24mcKsg8wHkCye3coN9oc.roa (raw, json)
Hash identifier: a8XrlIHGGCXYup849M+J4FYv6C7TvdysJ0YxCqH5jf4=
Subject key identifier: 44:E3:97:68:AD:B8:99:C2:AC:83:CC:07:90:2C:9E:DD:CA:0D:F6:87
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019929185664E6E3CB26684EC0FC9732965C
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ROOXaK24mcKsg8wHkCye3coN9oc.roa
Signing time: Mon 08 Sep 2025 11:31:24 +0000
ROA not before: Mon 08 Sep 2025 11:31:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 37.252.30.0/24 maxlen: 24
77.107.81.0/24 maxlen: 24
77.107.94.0/24 maxlen: 24
77.107.103.0/24 maxlen: 24
77.107.104.0/24 maxlen: 24
77.107.113.0/24 maxlen: 24
77.107.115.0/24 maxlen: 24
77.107.126.0/24 maxlen: 24
81.168.127.0/24 maxlen: 24
82.152.15.0/24 maxlen: 24
82.152.19.0/24 maxlen: 24
82.152.82.0/24 maxlen: 24
82.152.103.0/24 maxlen: 24
82.152.134.0/24 maxlen: 24
82.152.242.0/24 maxlen: 24
82.153.146.0/24 maxlen: 24
82.153.158.0/24 maxlen: 24
89.213.103.0/24 maxlen: 24
109.176.72.0/24 maxlen: 24
109.176.77.0/24 maxlen: 24
109.176.129.0/24 maxlen: 24
109.176.168.0/24 maxlen: 24
109.176.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 16 Sep 2025 22:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:18:56:64:e6:e3:cb:26:68:4e:c0:fc:97:32:96:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 8 11:31:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44e39768adb899c2ac83cc07902c9eddca0df687
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:0a:99:eb:d0:31:b1:82:ba:dd:b7:79:8d:76:
fe:16:e4:06:46:16:7e:d7:ce:b4:1e:e3:f4:44:5d:
5a:ad:13:d4:01:b5:ae:14:13:1e:b2:1a:b8:ae:39:
69:95:d2:ed:77:1b:a0:23:a1:2c:10:b3:bd:5a:a5:
71:05:81:23:61:7b:6a:ff:42:28:85:cd:11:fc:af:
c8:06:04:93:28:d6:3b:58:ae:a8:cd:1c:34:8f:b2:
6b:93:54:90:2c:6d:f0:45:67:f6:db:79:b7:03:2e:
42:01:3b:d2:c2:9c:37:02:1f:24:a0:7f:30:d1:b6:
8b:5e:62:e9:3c:a4:0d:f1:61:5f:a0:a7:e3:52:46:
5b:92:fb:bb:f4:b6:ca:e6:fe:1e:45:d4:3e:13:d8:
3e:c7:cd:43:96:43:54:8b:53:e0:85:f0:cf:61:b4:
8c:9c:aa:2b:4e:48:ae:30:f4:dd:a5:12:3c:8d:06:
07:5d:4f:38:6d:50:68:c4:ab:2b:17:9b:0a:51:7c:
a6:d2:ae:f2:c2:99:48:62:95:f1:e7:f7:12:4d:33:
e3:8d:1b:88:a5:4b:e2:e4:7c:43:f5:c6:0f:d3:ee:
4f:21:f8:e6:70:20:d9:d9:1b:48:41:d0:b4:d6:d3:
13:e2:9b:06:95:65:96:03:55:c2:4a:d2:3b:99:3d:
e8:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:E3:97:68:AD:B8:99:C2:AC:83:CC:07:90:2C:9E:DD:CA:0D:F6:87
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ROOXaK24mcKsg8wHkCye3coN9oc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.30.0/24
77.107.81.0/24
77.107.94.0/24
77.107.103.0-77.107.104.255
77.107.113.0/24
77.107.115.0/24
77.107.126.0/24
81.168.127.0/24
82.152.15.0/24
82.152.19.0/24
82.152.82.0/24
82.152.103.0/24
82.152.134.0/24
82.152.242.0/24
82.153.146.0/24
82.153.158.0/24
89.213.103.0/24
109.176.72.0/24
109.176.77.0/24
109.176.129.0/24
109.176.168.0/24
109.176.171.0/24
Signature Algorithm: sha256WithRSAEncryption
18:c3:c0:33:71:0a:31:17:64:ac:21:d4:dd:30:3b:25:88:7d:
13:4d:1c:e0:94:1a:e1:3f:1f:f3:2b:62:55:ee:02:ad:6d:ca:
f8:82:a4:22:35:83:76:07:3b:90:d2:af:ae:9f:62:cd:88:f6:
f4:e4:35:e2:b1:e0:62:bd:6a:15:02:87:47:ff:3d:b1:12:56:
13:b4:97:64:95:a4:d2:1a:cf:22:6a:df:4a:2e:30:79:68:c0:
04:a0:bb:9b:ae:b7:79:95:27:dd:63:70:46:b3:a6:50:79:58:
37:5e:33:f1:7e:f2:0e:97:4d:f3:c6:d1:dd:f7:ad:72:03:ef:
2d:7a:b9:ab:b7:32:73:15:32:60:ae:32:6e:a6:19:94:91:02:
c3:92:aa:d0:e1:96:18:c4:07:fd:05:c1:0c:65:dc:b3:fc:10:
78:4f:b2:e0:d7:bd:98:31:4b:bb:99:d3:5a:95:51:a4:a4:b2:
51:d2:f6:0e:30:48:c5:dc:f4:e1:f5:a6:fb:36:af:cc:4e:6c:
62:a3:0f:5a:72:27:47:88:5b:85:1b:7c:6f:8f:1c:30:20:50:
e4:f2:9a:78:cf:5c:eb:10:d4:1e:ce:b3:44:7d:c5:51:d8:f0:
c2:a1:13:ae:a2:8a:35:8f:07:36:d1:ff:a9:e7:47:08:ca:ea:
52:90:db:2d
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZkpGFZk5uPLJmhOwPyXMpZcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTA4MTEzMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGUzOTc2OGFkYjg5OWMyYWM4M2NjMDc5MDJjOWVkZGNhMGRmNjg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvwqZ69AxsYK63bd5jXb+FuQGRhZ+
1860HuP0RF1arRPUAbWuFBMeshq4rjlpldLtdxugI6EsELO9WqVxBYEjYXtq/0Io
hc0R/K/IBgSTKNY7WK6ozRw0j7Jrk1SQLG3wRWf223m3Ay5CATvSwpw3Ah8koH8w
0baLXmLpPKQN8WFfoKfjUkZbkvu79LbK5v4eRdQ+E9g+x81DlkNUi1PghfDPYbSM
nKorTkiuMPTdpRI8jQYHXU84bVBoxKsrF5sKUXym0q7ywplIYpXx5/cSTTPjjRuI
pUvi5HxD9cYP0+5PIfjmcCDZ2RtIQdC01tMT4psGlWWWA1XCStI7mT3oHQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFETjl2ituJnCrIPMB5Asnt3KDfaHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUk9PWGFLMjRtY0tzZzh3SGtDeWUzY29OOW9jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwDBAAl
/B4DBABNa1EDBABNa14wDAMEAE1rZwMEAE1raAMEAE1rcQMEAE1rcwMEAE1rfgME
AFGofwMEAFKYDwMEAFKYEwMEAFKYUgMEAFKYZwMEAFKYhgMEAFKY8gMEAFKZkgME
AFKZngMEAFnVZwMEAG2wSAMEAG2wTQMEAG2wgQMEAG2wqAMEAG2wqzANBgkqhkiG
9w0BAQsFAAOCAQEAGMPAM3EKMRdkrCHU3TA7JYh9E00c4JQa4T8f8ytiVe4CrW3K
+IKkIjWDdgc7kNKvrp9izYj29OQ14rHgYr1qFQKHR/89sRJWE7SXZJWk0hrPImrf
Si4weWjABKC7m663eZUn3WNwRrOmUHlYN14z8X7yDpdN88bR3fetcgPvLXq5q7cy
cxUyYK4ybqYZlJECw5Kq0OGWGMQH/QXBDGXcs/wQeE+y4Ne9mDFLu5nTWpVRpKSy
UdL2DjBIxdz04fWm+zavzE5sYqMPWnInR4hbhRt8b48cMCBQ5PKaeM9c6xDUHs6z
RH3FUdjwwqETrqKKNY8HNtH/qedHCMrqUpDbLQ==
-----END CERTIFICATE-----
Generated at Tue Sep 16 05:11:37 2025 by rpki-client