Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CIWxdkM-fjwsATpphFGqO7yAmW8.roa
File: CIWxdkM-fjwsATpphFGqO7yAmW8.roa (raw, json)
Hash identifier: v0yToFBMIBZ8xFk3xqrUKWU8nSgUuvIQ8pNMTCCHBpw=
Subject key identifier: 08:85:B1:76:43:3E:7E:3C:2C:01:3A:69:84:51:AA:3B:BC:80:99:6F
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 019A3F9A87E988C29C7DC4BEE1CBD09D5BB2
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CIWxdkM-fjwsATpphFGqO7yAmW8.roa
Signing time: Sat 01 Nov 2025 13:28:03 +0000
ROA not before: Sat 01 Nov 2025 13:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 26383
IP address blocks: 62.76.232.0/24 maxlen: 24
62.76.234.0/24 maxlen: 24
62.76.238.0/24 maxlen: 24
62.76.239.0/24 maxlen: 24
192.124.175.0/24 maxlen: 24
192.124.176.0/24 maxlen: 24
192.124.209.0/24 maxlen: 24
193.108.112.0/24 maxlen: 24
193.124.2.0/24 maxlen: 24
193.124.22.0/24 maxlen: 24
193.124.41.0/24 maxlen: 24
193.124.46.0/24 maxlen: 24
194.58.38.0/24 maxlen: 24
194.58.39.0/24 maxlen: 24
194.58.40.0/24 maxlen: 24
194.58.59.0/24 maxlen: 24
194.58.66.0/24 maxlen: 24
194.58.68.0/24 maxlen: 24
194.87.2.0/24 maxlen: 24
194.87.10.0/24 maxlen: 24
194.87.17.0/24 maxlen: 24
194.87.18.0/24 maxlen: 24
194.87.23.0/24 maxlen: 24
194.87.30.0/24 maxlen: 24
194.87.39.0/24 maxlen: 24
194.87.41.0/24 maxlen: 24
194.87.47.0/24 maxlen: 24
194.87.48.0/24 maxlen: 24
194.87.58.0/24 maxlen: 24
194.87.73.0/24 maxlen: 24
194.87.82.0/24 maxlen: 24
194.87.89.0/24 maxlen: 24
194.87.105.0/24 maxlen: 24
194.87.106.0/24 maxlen: 24
194.87.108.0/24 maxlen: 24
194.87.123.0/24 maxlen: 24
194.87.128.0/24 maxlen: 24
194.87.137.0/24 maxlen: 24
194.87.162.0/24 maxlen: 24
194.87.178.0/24 maxlen: 24
194.87.198.0/24 maxlen: 24
194.87.227.0/24 maxlen: 24
194.87.230.0/24 maxlen: 24
194.87.240.0/24 maxlen: 24
194.87.245.0/24 maxlen: 24
195.133.55.0/24 maxlen: 24
195.133.67.0/24 maxlen: 24
195.133.83.0/24 maxlen: 24
195.133.92.0/24 maxlen: 24
212.192.221.0/24 maxlen: 24
212.192.223.0/24 maxlen: 24
212.193.1.0/24 maxlen: 24
212.193.2.0/24 maxlen: 24
212.193.6.0/24 maxlen: 24
212.193.18.0/24 maxlen: 24
212.193.20.0/24 maxlen: 24
212.193.23.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 15:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3f:9a:87:e9:88:c2:9c:7d:c4:be:e1:cb:d0:9d:5b:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Nov 1 13:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0885b176433e7e3c2c013a698451aa3bbc80996f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:53:43:6b:0d:40:bf:70:ea:80:15:a7:51:70:
26:7e:fc:d7:50:46:3d:20:20:46:54:3f:8d:47:a3:
e2:0a:6b:19:d4:d8:90:3f:84:1d:3f:2a:6f:1b:82:
77:e2:e4:32:0e:6d:43:c2:9a:b6:67:93:84:56:bb:
7c:3c:04:61:f4:a6:1f:7f:56:85:99:b0:b5:26:e2:
76:70:35:17:f5:8d:5a:99:73:53:40:83:43:32:64:
cb:08:04:ac:78:f4:29:0b:e4:60:fa:1f:ed:ef:67:
32:b5:8c:a3:d0:82:43:47:6e:2c:41:5e:a7:e2:ee:
ae:ff:89:9d:e4:4a:9c:45:62:3e:1f:06:68:79:b4:
f8:3c:3b:6f:4e:f5:4d:a7:4d:02:98:91:99:6a:83:
1c:15:4f:98:38:c3:22:50:91:3c:47:cb:df:94:1e:
0e:a2:5d:9c:50:ea:22:76:33:56:b0:d5:31:c4:d1:
e3:8c:39:64:4c:d3:da:50:fa:c6:82:f6:55:25:c4:
91:22:13:94:a0:0e:b8:85:eb:95:0a:d1:e3:93:49:
ae:91:9f:e4:4d:20:02:6f:40:76:98:64:ca:f5:84:
ab:3e:7e:1d:71:0b:26:10:e9:ae:26:45:38:76:bd:
cc:b5:81:bb:2d:2b:f0:30:9b:e6:2e:f9:47:3f:1e:
15:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:85:B1:76:43:3E:7E:3C:2C:01:3A:69:84:51:AA:3B:BC:80:99:6F
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/CIWxdkM-fjwsATpphFGqO7yAmW8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.76.232.0/24
62.76.234.0/24
62.76.238.0/23
192.124.175.0-192.124.176.255
192.124.209.0/24
193.108.112.0/24
193.124.2.0/24
193.124.22.0/24
193.124.41.0/24
193.124.46.0/24
194.58.38.0-194.58.40.255
194.58.59.0/24
194.58.66.0/24
194.58.68.0/24
194.87.2.0/24
194.87.10.0/24
194.87.17.0-194.87.18.255
194.87.23.0/24
194.87.30.0/24
194.87.39.0/24
194.87.41.0/24
194.87.47.0-194.87.48.255
194.87.58.0/24
194.87.73.0/24
194.87.82.0/24
194.87.89.0/24
194.87.105.0-194.87.106.255
194.87.108.0/24
194.87.123.0/24
194.87.128.0/24
194.87.137.0/24
194.87.162.0/24
194.87.178.0/24
194.87.198.0/24
194.87.227.0/24
194.87.230.0/24
194.87.240.0/24
194.87.245.0/24
195.133.55.0/24
195.133.67.0/24
195.133.83.0/24
195.133.92.0/24
212.192.221.0/24
212.192.223.0/24
212.193.1.0-212.193.2.255
212.193.6.0/24
212.193.18.0/24
212.193.20.0/24
212.193.23.0/24
Signature Algorithm: sha256WithRSAEncryption
03:68:a9:b0:b7:ed:fa:82:80:f1:3b:b2:3d:9a:0b:0e:70:56:
9c:ab:29:9f:5a:52:0d:2c:3a:92:24:ac:5f:bb:7d:8b:de:5e:
f9:44:84:21:cd:82:7f:54:af:bf:47:51:b0:36:ec:c7:38:9c:
d9:76:1b:ab:fc:ca:14:e2:e0:52:4f:95:d5:7d:0f:1f:48:a8:
8a:42:81:93:d1:b7:9a:6e:15:b4:a0:55:2e:e7:3a:4a:52:06:
9e:20:f1:ad:ad:27:b7:32:e7:7d:07:4a:1f:e8:02:3c:71:c2:
f4:bc:c5:f2:f3:8e:3a:77:51:87:a3:57:5d:12:36:55:ff:4b:
44:2b:f3:d0:04:dc:e2:db:6c:44:2d:99:b9:53:ca:7c:9b:34:
32:ff:3e:b9:94:e6:68:2c:f9:97:79:8b:af:b5:48:98:85:e2:
16:53:81:c3:87:69:16:28:f5:0f:ce:4a:7d:09:90:e9:35:ce:
8f:a4:9d:94:9a:b4:05:c8:59:f0:0a:a0:a0:bd:2e:d6:26:62:
54:1d:f5:19:fa:71:33:3c:28:9f:fd:20:cf:eb:ae:75:e0:75:
56:94:67:f5:fa:cf:a4:b0:b1:f6:13:62:55:9b:37:be:d9:6d:
28:07:7d:3e:2f:21:76:7f:82:da:ec:fe:79:48:42:5a:67:a7:
17:ae:1c:d6
-----BEGIN CERTIFICATE-----
MIIGVzCCBT+gAwIBAgISAZo/mofpiMKcfcS+4cvQnVuyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUxMTAxMTMyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODg1YjE3NjQzM2U3ZTNjMmMwMTNhNjk4NDUxYWEzYmJjODA5OTZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuVNDaw1Av3DqgBWnUXAmfvzXUEY9
ICBGVD+NR6PiCmsZ1NiQP4QdPypvG4J34uQyDm1Dwpq2Z5OEVrt8PARh9KYff1aF
mbC1JuJ2cDUX9Y1amXNTQINDMmTLCASsePQpC+Rg+h/t72cytYyj0IJDR24sQV6n
4u6u/4md5EqcRWI+HwZoebT4PDtvTvVNp00CmJGZaoMcFU+YOMMiUJE8R8vflB4O
ol2cUOoidjNWsNUxxNHjjDlkTNPaUPrGgvZVJcSRIhOUoA64heuVCtHjk0mukZ/k
TSACb0B2mGTK9YSrPn4dcQsmEOmuJkU4dr3MtYG7LSvwMJvmLvlHPx4VrwIDAQAB
o4IDYzCCA18wHQYDVR0OBBYEFAiFsXZDPn48LAE6aYRRqju8gJlvMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvQ0lXeGRrTS1mandzQVRwcGhGR3FPN3lBbVc4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBdwYIKwYBBQUHAQcBAf8EggFmMIIBYjCCAV4EAgABMIIB
VgMEAD5M6AMEAD5M6gMEAT5M7jAMAwQAwHyvAwQAwHywAwQAwHzRAwQAwWxwAwQA
wXwCAwQAwXwWAwQAwXwpAwQAwXwuMAwDBAHCOiYDBADCOigDBADCOjsDBADCOkID
BADCOkQDBADCVwIDBADCVwowDAMEAMJXEQMEAMJXEgMEAMJXFwMEAMJXHgMEAMJX
JwMEAMJXKTAMAwQAwlcvAwQAwlcwAwQAwlc6AwQAwldJAwQAwldSAwQAwldZMAwD
BADCV2kDBADCV2oDBADCV2wDBADCV3sDBADCV4ADBADCV4kDBADCV6IDBADCV7ID
BADCV8YDBADCV+MDBADCV+YDBADCV/ADBADCV/UDBADDhTcDBADDhUMDBADDhVMD
BADDhVwDBADUwN0DBADUwN8wDAMEANTBAQMEANTBAgMEANTBBgMEANTBEgMEANTB
FAMEANTBFzANBgkqhkiG9w0BAQsFAAOCAQEAA2ipsLft+oKA8TuyPZoLDnBWnKsp
n1pSDSw6kiSsX7t9i95e+USEIc2Cf1Svv0dRsDbsxzic2XYbq/zKFOLgUk+V1X0P
H0ioikKBk9G3mm4VtKBVLuc6SlIGniDxra0ntzLnfQdKH+gCPHHC9LzF8vOOOndR
h6NXXRI2Vf9LRCvz0ATc4ttsRC2ZuVPKfJs0Mv8+uZTmaCz5l3mLr7VImIXiFlOB
w4dpFij1D85KfQmQ6TXOj6SdlJq0BchZ8AqgoL0u1iZiVB31GfpxMzwon/0gz+uu
deB1VpRn9frPpLCx9hNiVZs3vtltKAd9Pi8hdn+C2uz+eUhCWmenF64c1g==
-----END CERTIFICATE-----
Generated at Mon Nov 3 23:01:36 2025 by rpki-client