Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/fo6XvxSOTmhFArIWsIgE447XkhA.roa
File: fo6XvxSOTmhFArIWsIgE447XkhA.roa (raw, json)
Hash identifier: SZc980voofGZ82uEz4sev4EijzVTNOSOoK+3QgYr0Ak=
Subject key identifier: 7E:8E:97:BF:14:8E:4E:68:45:02:B2:16:B0:88:04:E3:8E:D7:92:10
Certificate issuer: /CN=624ad4535ac88dd534199f2a726095af71afe44e
Certificate serial: 019A0805CBA6235AF4C012C8E543BA8D6734
Authority key identifier: 62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/fo6XvxSOTmhFArIWsIgE447XkhA.roa
Signing time: Tue 21 Oct 2025 18:26:28 +0000
ROA not before: Tue 21 Oct 2025 18:26:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197706
IP address blocks: 31.171.152.0/24 maxlen: 24
31.171.153.0/24 maxlen: 24
31.171.154.0/24 maxlen: 24
31.171.155.0/24 maxlen: 24
45.142.25.0/24 maxlen: 24
45.142.26.0/24 maxlen: 24
45.142.27.0/24 maxlen: 24
103.93.40.0/24 maxlen: 24
103.93.41.0/24 maxlen: 24
103.93.42.0/24 maxlen: 24
103.93.43.0/24 maxlen: 24
103.124.164.0/24 maxlen: 24
103.124.165.0/24 maxlen: 24
103.124.166.0/24 maxlen: 24
103.124.167.0/24 maxlen: 24
109.104.132.0/24 maxlen: 24
109.104.133.0/24 maxlen: 24
109.104.135.0/24 maxlen: 24
109.104.136.0/24 maxlen: 24
109.104.137.0/24 maxlen: 24
109.104.138.0/24 maxlen: 24
109.104.139.0/24 maxlen: 24
109.104.140.0/22 maxlen: 22
109.104.140.0/24 maxlen: 24
109.104.141.0/24 maxlen: 24
109.104.142.0/24 maxlen: 24
109.104.143.0/24 maxlen: 24
109.104.156.0/24 maxlen: 24
109.104.157.0/24 maxlen: 24
109.104.158.0/24 maxlen: 24
109.104.159.0/24 maxlen: 24
144.48.52.0/24 maxlen: 24
144.48.53.0/24 maxlen: 24
144.48.54.0/24 maxlen: 24
144.48.55.0/24 maxlen: 24
185.53.100.0/24 maxlen: 24
185.53.101.0/24 maxlen: 24
185.153.125.0/24 maxlen: 24
185.153.126.0/24 maxlen: 24
185.153.127.0/24 maxlen: 24
199.168.120.0/24 maxlen: 24
199.168.121.0/24 maxlen: 24
199.168.122.0/24 maxlen: 24
199.168.123.0/24 maxlen: 24
209.23.44.0/24 maxlen: 24
209.23.45.0/24 maxlen: 24
209.23.46.0/24 maxlen: 24
209.23.47.0/24 maxlen: 24
2a04:27c0::/29 maxlen: 48
2a04:27c0:fffd::/48 maxlen: 48
2a04:27c0:fffe::/48 maxlen: 48
2a09:6e40::/29 maxlen: 48
2a09:6e47::/48 maxlen: 48
2a09:6ec0::/29 maxlen: 48
2a0d:27c0::/29 maxlen: 48
2a0d:27c4::/32 maxlen: 32
2a0d:42c0::/29 maxlen: 48
2a0d:4a40::/29 maxlen: 48
2a0d:4a46::/32 maxlen: 32
2a0e:3f00::/29 maxlen: 48
2a0e:3f01::/48 maxlen: 48
2a0e:4f00::/29 maxlen: 48
2a0e:4f05::/32 maxlen: 32
2a0e:d4c0::/29 maxlen: 48
2a0f:42c0::/29 maxlen: 48
2a0f:a880::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.mft
rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:08:05:cb:a6:23:5a:f4:c0:12:c8:e5:43:ba:8d:67:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=624ad4535ac88dd534199f2a726095af71afe44e
Validity
Not Before: Oct 21 18:26:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e8e97bf148e4e684502b216b08804e38ed79210
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:76:c3:71:1d:c3:f9:01:a1:cd:35:93:d6:64:
81:39:b9:9f:3d:1a:65:fd:13:08:d6:89:78:d7:02:
ba:8f:b6:67:d1:ac:6e:39:49:c0:79:7e:63:c9:fc:
6f:c6:48:bf:2c:fa:e8:e0:b5:46:71:13:b3:52:99:
da:2d:d7:2b:92:67:40:f5:6f:7f:84:59:f6:95:cf:
23:1e:18:5a:19:0a:03:6c:99:c2:51:d8:89:72:c1:
32:7c:d0:0c:1d:32:dc:fc:e5:7e:0c:e1:95:22:d8:
7e:9b:21:7b:b7:d6:58:35:aa:ff:30:0c:85:17:e4:
54:c7:9c:79:89:68:88:2c:70:01:79:c7:8f:98:ab:
0b:2b:95:a5:5a:ce:18:97:a1:6f:b6:95:59:c3:c5:
e9:f0:8b:ce:66:be:5c:dc:48:5d:a0:b4:23:79:39:
6a:dd:a4:e9:28:3c:61:e8:85:11:79:d5:7b:e1:ed:
d5:95:69:87:4d:f2:0c:41:e0:a2:58:e6:0a:35:42:
d1:fd:74:ff:0b:f6:57:d2:49:a3:9d:23:84:69:3d:
94:f6:78:1a:d4:40:c6:cf:d1:ba:ab:42:35:b4:57:
cd:d3:9d:6c:67:93:1b:c8:e5:7e:5a:84:f0:0f:1d:
ef:61:30:0e:de:ae:46:66:bc:65:00:5a:de:21:e8:
33:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:8E:97:BF:14:8E:4E:68:45:02:B2:16:B0:88:04:E3:8E:D7:92:10
X509v3 Authority Key Identifier:
keyid:62:4A:D4:53:5A:C8:8D:D5:34:19:9F:2A:72:60:95:AF:71:AF:E4:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/fo6XvxSOTmhFArIWsIgE447XkhA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/aa1019-564f-4c46-a217-fb5949808ddc/1/YkrUU1rIjdU0GZ8qcmCVr3Gv5E4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.171.152.0/22
45.142.25.0-45.142.27.255
103.93.40.0/22
103.124.164.0/22
109.104.132.0/23
109.104.135.0-109.104.143.255
109.104.156.0/22
144.48.52.0/22
185.53.100.0/23
185.153.125.0-185.153.127.255
199.168.120.0/22
209.23.44.0/22
IPv6:
2a04:27c0::/29
2a09:6e40::/29
2a09:6ec0::/29
2a0d:27c0::/29
2a0d:42c0::/29
2a0d:4a40::/29
2a0e:3f00::/29
2a0e:4f00::/29
2a0e:d4c0::/29
2a0f:42c0::/29
2a0f:a880::/29
Signature Algorithm: sha256WithRSAEncryption
0e:d4:fa:52:8e:fd:e4:b3:ec:df:d0:43:c6:6b:01:33:2b:df:
7c:09:90:71:96:6c:5f:90:cd:5c:3f:4a:82:8a:85:3e:73:68:
7c:c6:db:c0:ac:41:d3:37:39:aa:9d:6b:3c:d8:97:ed:5c:85:
53:27:a4:ba:6e:20:7b:22:b3:77:54:f7:9b:ed:ad:a5:14:ca:
f2:47:d8:0e:0e:29:ca:e3:b6:31:af:1d:4c:a4:af:bc:19:fd:
6a:a8:b8:97:91:33:19:aa:6a:7a:c3:73:ff:bb:33:0a:c5:28:
c0:be:7b:c9:3e:ef:aa:d1:69:82:19:21:1f:c9:f7:b8:d2:3c:
26:81:e0:f7:dd:a2:8b:4c:9d:1e:21:79:77:ea:af:ea:7b:fe:
9f:7f:22:4b:bc:4e:01:63:90:c9:82:34:52:54:32:3d:b6:bd:
66:e7:35:ab:44:09:cb:d6:29:e8:3b:f3:d6:b1:4c:95:a5:60:
3e:8c:a3:11:3f:9a:c3:5a:dd:f1:8e:af:57:9c:b9:13:2b:17:
6a:8c:00:5a:74:e5:a6:0b:2a:d4:cb:da:ae:7f:63:8a:f5:d8:
18:64:92:9c:77:31:01:56:d1:fc:a7:f5:eb:1e:6c:ea:52:22:
12:4f:a5:1e:01:13:f8:59:a1:a6:c0:9d:d4:67:65:fb:9f:77:
a7:ed:17:13
-----BEGIN CERTIFICATE-----
MIIFrzCCBJegAwIBAgISAZoIBcumI1r0wBLI5UO6jWc0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyNGFkNDUzNWFjODhkZDUzNDE5OWYyYTcyNjA5NWFmNzFh
ZmU0NGUwHhcNMjUxMDIxMTgyNjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZThlOTdiZjE0OGU0ZTY4NDUwMmIyMTZiMDg4MDRlMzhlZDc5MjEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzXbDcR3D+QGhzTWT1mSBObmfPRpl
/RMI1ol41wK6j7Zn0axuOUnAeX5jyfxvxki/LPro4LVGcROzUpnaLdcrkmdA9W9/
hFn2lc8jHhhaGQoDbJnCUdiJcsEyfNAMHTLc/OV+DOGVIth+myF7t9ZYNar/MAyF
F+RUx5x5iWiILHABecePmKsLK5WlWs4Yl6FvtpVZw8Xp8IvOZr5c3EhdoLQjeTlq
3aTpKDxh6IURedV74e3VlWmHTfIMQeCiWOYKNULR/XT/C/ZX0kmjnSOEaT2U9nga
1EDGz9G6q0I1tFfN051sZ5MbyOV+WoTwDx3vYTAO3q5GZrxlAFreIegzdwIDAQAB
o4ICuzCCArcwHQYDVR0OBBYEFH6Ol78Ujk5oRQKyFrCIBOOO15IQMB8GA1UdIwQY
MBaAFGJK1FNayI3VNBmfKnJgla9xr+ROMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTct
ZmI1OTQ5ODA4ZGRjLzEvZm82WHZ4U09UbWhGQXJJV3NJZ0U0NDdYa2hBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9hYTEwMTktNTY0Zi00YzQ2LWEyMTctZmI1OTQ5ODA4ZGRj
LzEvWWtyVVUxcklqZFUwR1o4cWNtQ1ZyM0d2NUU0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHQBggrBgEFBQcBBwEB/wSBwDCBvTBmBAIAATBgAwQCH6uY
MAwDBAAtjhkDBAItjhgDBAJnXSgDBAJnfKQDBAFtaIQwDAMEAG1ohwMEBG1ogAME
Am1onAMEApAwNAMEAbk1ZDAMAwQAuZl9AwQHuZkAAwQCx6h4AwQC0RcsMFMEAgAC
ME0DBQMqBCfAAwUDKgluQAMFAyoJbsADBQMqDSfAAwUDKg1CwAMFAyoNSkADBQMq
Dj8AAwUDKg5PAAMFAyoO1MADBQMqD0LAAwUDKg+ogDANBgkqhkiG9w0BAQsFAAOC
AQEADtT6Uo795LPs39BDxmsBMyvffAmQcZZsX5DNXD9KgoqFPnNofMbbwKxB0zc5
qp1rPNiX7VyFUyekum4geyKzd1T3m+2tpRTK8kfYDg4pyuO2Ma8dTKSvvBn9aqi4
l5EzGapqesNz/7szCsUowL57yT7vqtFpghkhH8n3uNI8JoHg992ii0ydHiF5d+qv
6nv+n38iS7xOAWOQyYI0UlQyPba9Zuc1q0QJy9Yp6Dvz1rFMlaVgPoyjET+aw1rd
8Y6vV5y5EysXaowAWnTlpgsq1Mvarn9jivXYGGSSnHcxAVbR/Kf16x5s6lIiEk+l
HgET+FmhpsCd1Gdl+593p+0XEw==
-----END CERTIFICATE-----
Generated at Tue Oct 28 05:32:21 2025 by rpki-client