Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wTXmziKIjJtrScYXSWPA1Kyvc34.roa
File: wTXmziKIjJtrScYXSWPA1Kyvc34.roa (raw, json)
Hash identifier: birq1k3onowIH9WOK5CYKTIpfJRRrukdH0LoSFK4LcY=
Subject key identifier: C1:35:E6:CE:22:88:8C:9B:6B:49:C6:17:49:63:C0:D4:AC:AF:73:7E
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01995BF12C618561BF87AEFB3A14F3B7F246
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wTXmziKIjJtrScYXSWPA1Kyvc34.roa
Signing time: Thu 18 Sep 2025 08:29:16 +0000
ROA not before: Thu 18 Sep 2025 08:29:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 40676
IP address blocks: 109.176.18.0/24 maxlen: 24
109.176.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5b:f1:2c:61:85:61:bf:87:ae:fb:3a:14:f3:b7:f2:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 18 08:29:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c135e6ce22888c9b6b49c6174963c0d4acaf737e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:0d:fe:dd:92:8e:f0:bc:e3:ff:8e:ba:29:91:
2c:f4:6a:73:90:7e:f8:d1:2b:ac:01:fc:90:f9:3a:
90:4e:44:ee:0f:2e:27:d3:29:11:c5:fc:f6:d5:d7:
b5:65:62:79:ac:eb:f7:eb:1a:8c:63:3d:27:3c:e7:
9e:55:0e:0c:38:fd:df:d2:f5:f2:d6:ba:68:21:10:
9d:ff:b3:65:f0:02:37:07:e7:08:b6:c2:61:bb:32:
26:d1:6a:8c:ec:a8:00:56:09:c4:ba:6c:45:e7:5a:
40:80:68:29:95:a3:b9:1e:f2:58:99:97:64:fa:a5:
c3:a5:8f:f4:2b:a5:38:16:c1:df:f7:30:40:2c:80:
79:9c:ab:29:ab:24:3d:49:8f:c0:af:41:e6:8c:07:
72:04:d5:f8:1e:21:f0:bf:b5:a0:eb:2b:27:e5:b6:
9f:f1:11:3d:03:2d:d2:39:e6:02:04:73:c4:fa:39:
02:b1:00:3b:dc:a8:ba:53:ad:92:81:0f:87:15:b7:
02:45:7e:9d:35:47:01:14:f0:0a:af:36:b9:1a:50:
8e:2e:14:cb:d1:6f:b5:6b:7a:7f:bf:af:94:f4:17:
1e:b7:c3:a9:71:ba:00:3a:b9:75:0f:f5:ac:03:7b:
f1:05:7e:13:52:a7:4b:f3:5c:3f:c8:41:02:75:a8:
7a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:35:E6:CE:22:88:8C:9B:6B:49:C6:17:49:63:C0:D4:AC:AF:73:7E
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/wTXmziKIjJtrScYXSWPA1Kyvc34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.18.0/24
109.176.208.0/24
Signature Algorithm: sha256WithRSAEncryption
48:56:ed:50:84:48:ee:76:4f:01:d5:84:78:3d:a6:f9:70:8d:
b9:74:09:db:91:13:8e:ed:7b:63:6a:ea:9f:81:6e:82:c1:82:
51:e7:98:7e:ff:e4:d4:88:47:1d:2f:13:e7:34:a6:ff:b3:56:
a1:06:29:44:fa:ae:20:e9:5f:64:16:e8:25:ee:98:52:aa:64:
77:1c:05:17:0b:0f:9a:cc:60:76:fc:70:52:a5:13:52:e7:1b:
b8:34:64:89:5d:be:63:02:94:42:38:e0:5f:68:6d:17:b7:08:
f0:55:07:8a:bf:56:e4:ed:28:21:e5:71:d4:3d:ef:99:87:21:
cc:e4:94:fe:22:ee:e2:d1:18:d1:f1:ea:8d:1f:b8:18:af:85:
30:bf:70:51:93:38:e8:4c:6d:23:94:32:5d:90:80:61:4c:0b:
b6:f9:dc:d3:4e:de:f8:9c:24:ed:20:63:c4:c8:14:a0:e0:a1:
06:bf:bd:69:4f:a5:d0:59:e8:a4:e0:f8:bc:42:a9:c7:d4:c2:
f1:60:63:c3:61:98:8f:b3:14:76:93:e5:b8:ce:84:b5:5b:ae:
70:77:1a:5a:15:7a:50:43:98:c4:41:6b:c9:6c:5b:29:9c:b1:
f7:78:c9:4f:37:da:be:78:e1:a7:1e:26:81:24:1c:cc:f6:41:
37:51:a6:61
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlb8SxhhWG/h677OhTzt/JGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTE4MDgyOTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTM1ZTZjZTIyODg4YzliNmI0OWM2MTc0OTYzYzBkNGFjYWY3MzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4w3+3ZKO8Lzj/466KZEs9GpzkH74
0SusAfyQ+TqQTkTuDy4n0ykRxfz21de1ZWJ5rOv36xqMYz0nPOeeVQ4MOP3f0vXy
1rpoIRCd/7Nl8AI3B+cItsJhuzIm0WqM7KgAVgnEumxF51pAgGgplaO5HvJYmZdk
+qXDpY/0K6U4FsHf9zBALIB5nKspqyQ9SY/Ar0HmjAdyBNX4HiHwv7Wg6ysn5baf
8RE9Ay3SOeYCBHPE+jkCsQA73Ki6U62SgQ+HFbcCRX6dNUcBFPAKrza5GlCOLhTL
0W+1a3p/v6+U9Bcet8OpcboAOrl1D/WsA3vxBX4TUqdL81w/yEECdah6KQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFME15s4iiIyba0nGF0ljwNSsr3N+MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvd1RYbXppS0lqSnRyU2NZWFNXUEExS3l2YzM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbASAwQA
bbDQMA0GCSqGSIb3DQEBCwUAA4IBAQBIVu1QhEjudk8B1YR4Pab5cI25dAnbkROO
7XtjauqfgW6CwYJR55h+/+TUiEcdLxPnNKb/s1ahBilE+q4g6V9kFugl7phSqmR3
HAUXCw+azGB2/HBSpRNS5xu4NGSJXb5jApRCOOBfaG0XtwjwVQeKv1bk7Sgh5XHU
Pe+ZhyHM5JT+Iu7i0RjR8eqNH7gYr4Uwv3BRkzjoTG0jlDJdkIBhTAu2+dzTTt74
nCTtIGPEyBSg4KEGv71pT6XQWeik4Pi8QqnH1MLxYGPDYZiPsxR2k+W4zoS1W65w
dxpaFXpQQ5jEQWvJbFspnLH3eMlPN9q+eOGnHiaBJBzM9kE3UaZh
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:28:01 2025 by rpki-client