Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dR_0BzNiIPcS8bb1Hv_v-Xg53Y8.roa
File: dR_0BzNiIPcS8bb1Hv_v-Xg53Y8.roa (raw, json)
Hash identifier: Xsquyxpc5F5Y6RJZ7Uixno0cDi569pPDKsfiD65TYGw=
Subject key identifier: 75:1F:F4:07:33:62:20:F7:12:F1:B6:F5:1E:FF:EF:F9:78:39:DD:8F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199851F45A69B1C6DA1EF087E6C6A327D39
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dR_0BzNiIPcS8bb1Hv_v-Xg53Y8.roa
Signing time: Fri 26 Sep 2025 08:24:03 +0000
ROA not before: Fri 26 Sep 2025 08:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.3.0/24 maxlen: 24
82.152.233.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
109.176.200.0/24 maxlen: 24
213.130.155.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:85:1f:45:a6:9b:1c:6d:a1:ef:08:7e:6c:6a:32:7d:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 26 08:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=751ff407336220f712f1b6f51effeff97839dd8f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:eb:8c:8a:a0:37:38:aa:f4:1c:a6:31:88:fd:
c2:3a:d0:16:96:33:da:11:b0:ea:60:37:89:e7:9e:
43:86:d1:b0:18:14:98:83:76:8b:75:df:fa:9c:d9:
aa:1d:08:33:34:c0:b1:30:c0:bd:05:15:e9:c1:6e:
cf:a6:76:5b:c1:4e:bb:1e:9b:24:51:23:1e:67:95:
51:0c:5e:9e:bc:31:d7:b3:c6:f6:ce:fe:80:e9:9f:
6a:2a:3a:a5:7b:e0:4e:a9:8f:c4:c3:b0:72:39:ac:
63:2b:50:86:cd:f8:3a:2b:2e:99:01:10:b1:7d:7f:
9c:f1:ff:c7:77:c1:65:10:a1:5b:fd:fc:c4:17:9d:
c6:9f:b8:06:15:ce:23:47:34:39:c7:62:b4:6c:f8:
97:bf:78:7e:4b:be:ca:e3:56:ed:9c:f5:e7:3d:a4:
b4:10:ad:b0:fc:0e:cf:6b:00:04:8a:e2:4c:97:d2:
b6:21:34:93:40:14:4d:c3:fd:4f:74:2d:32:6f:35:
5b:d7:a8:55:0d:08:85:98:ea:93:4a:3f:93:23:6d:
ef:a2:bb:37:a7:44:af:7a:19:f4:ec:eb:54:a3:2b:
ec:d0:e9:11:38:08:84:2e:72:81:53:37:d7:73:12:
e0:c9:9a:20:f2:90:38:3a:0e:4c:69:8a:e6:70:cf:
b3:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:1F:F4:07:33:62:20:F7:12:F1:B6:F5:1E:FF:EF:F9:78:39:DD:8F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dR_0BzNiIPcS8bb1Hv_v-Xg53Y8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.3.0/24
82.152.233.0/24
82.153.72.0/24
89.213.99.0/24
109.176.200.0/24
213.130.155.0/24
213.218.213.0/24
213.218.225.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:81:83:3b:e9:32:31:c9:5a:8e:2e:84:10:b0:cb:34:cb:39:
48:b6:2d:65:cc:c7:e6:98:b3:79:18:54:c7:d4:cb:05:b3:8c:
4e:19:bb:cf:b4:ee:47:34:8e:e7:c3:25:1e:25:eb:86:cc:64:
5d:98:8b:f1:a3:86:c0:20:fa:56:28:60:83:8c:86:ac:0c:01:
72:34:77:95:d0:e2:dc:08:38:f8:87:92:87:db:89:43:37:e3:
de:e9:c4:23:9f:15:fc:4f:cc:0f:89:f7:8d:e8:c6:27:71:1e:
d2:39:3f:52:38:84:5a:f2:5a:32:c5:fe:86:9e:7c:1e:a3:c2:
66:7e:fb:08:54:ce:7b:9f:28:12:85:3a:30:37:70:5b:c9:0d:
b7:96:84:0c:b3:e6:a4:07:5c:29:bb:11:2a:2b:22:57:45:f9:
27:08:d2:6f:f7:2b:2b:48:93:92:8d:9a:5e:9a:27:c0:d0:3d:
99:6e:b5:99:5b:d1:d9:3a:e1:c1:3b:bd:0f:80:36:35:c5:49:
c3:53:8d:0a:09:50:ad:da:bb:61:cd:df:0a:a7:77:51:f0:06:
08:73:50:d8:f0:d4:29:02:21:fc:c2:1e:84:3f:e5:56:10:12:
5e:b7:cb:88:d8:9d:4e:3d:22:dc:3a:30:84:05:a4:6d:72:42:
d9:7d:f4:be
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZmFH0Wmmxxtoe8IfmxqMn05MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTI2MDgyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTFmZjQwNzMzNjIyMGY3MTJmMWI2ZjUxZWZmZWZmOTc4MzlkZDhmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnOuMiqA3OKr0HKYxiP3COtAWljPa
EbDqYDeJ555DhtGwGBSYg3aLdd/6nNmqHQgzNMCxMMC9BRXpwW7PpnZbwU67Hpsk
USMeZ5VRDF6evDHXs8b2zv6A6Z9qKjqle+BOqY/Ew7ByOaxjK1CGzfg6Ky6ZARCx
fX+c8f/Hd8FlEKFb/fzEF53Gn7gGFc4jRzQ5x2K0bPiXv3h+S77K41btnPXnPaS0
EK2w/A7PawAEiuJMl9K2ITSTQBRNw/1PdC0ybzVb16hVDQiFmOqTSj+TI23vors3
p0Svehn07OtUoyvs0OkROAiELnKBUzfXcxLgyZog8pA4Og5MaYrmcM+zpwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFHUf9AczYiD3EvG29R7/7/l4Od2PMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZFJfMEJ6TmlJUGNTOGJiMUh2X3YtWGc1M1k4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQAUah4AwQA
UpgDAwQAUpjpAwQAUplIAwQAWdVjAwQAbbDIAwQA1YKbAwQA1drVAwQA1drhMA0G
CSqGSIb3DQEBCwUAA4IBAQBtgYM76TIxyVqOLoQQsMs0yzlIti1lzMfmmLN5GFTH
1MsFs4xOGbvPtO5HNI7nwyUeJeuGzGRdmIvxo4bAIPpWKGCDjIasDAFyNHeV0OLc
CDj4h5KH24lDN+Pe6cQjnxX8T8wPifeN6MYncR7SOT9SOIRa8loyxf6Gnnweo8Jm
fvsIVM57nygShTowN3BbyQ23loQMs+akB1wpuxEqKyJXRfknCNJv9ysrSJOSjZpe
mifA0D2ZbrWZW9HZOuHBO70PgDY1xUnDU40KCVCt2rthzd8Kp3dR8AYIc1DY8NQp
AiH8wh6EP+VWEBJet8uI2J1OPSLcOjCEBaRtckLZffS+
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:28:00 2025 by rpki-client