Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A92EyAFhgJg3QuMPS9Cuws6OXVQ.roa
File: A92EyAFhgJg3QuMPS9Cuws6OXVQ.roa (raw, json)
Hash identifier: OlQ1fOEf9ThbiqOz7MeLkMkUN7mUqqkmSJ1zzLVhzCw=
Subject key identifier: 03:DD:84:C8:01:61:80:98:37:42:E3:0F:4B:D0:AE:C2:CE:8E:5D:54
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01993874664968AC12DAD66E38FBBDC35DCA
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A92EyAFhgJg3QuMPS9Cuws6OXVQ.roa
Signing time: Thu 11 Sep 2025 11:06:16 +0000
ROA not before: Thu 11 Sep 2025 11:06:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 5.253.56.0/24 maxlen: 24
5.253.57.0/24 maxlen: 24
5.253.58.0/24 maxlen: 24
37.139.128.0/24 maxlen: 24
45.88.66.0/24 maxlen: 24
45.128.234.0/24 maxlen: 24
45.128.235.0/24 maxlen: 24
85.31.44.0/24 maxlen: 24
85.31.46.0/24 maxlen: 24
85.208.136.0/24 maxlen: 24
87.120.108.0/24 maxlen: 24
87.120.196.0/24 maxlen: 24
87.121.216.0/24 maxlen: 24
91.92.21.0/24 maxlen: 24
93.123.31.0/24 maxlen: 24
94.125.102.0/24 maxlen: 24
94.125.103.0/24 maxlen: 24
109.206.240.0/24 maxlen: 24
109.206.243.0/24 maxlen: 24
185.207.14.0/24 maxlen: 24
185.207.15.0/24 maxlen: 24
185.218.138.0/24 maxlen: 24
185.246.221.0/24 maxlen: 24
185.252.179.0/24 maxlen: 24
193.8.186.0/24 maxlen: 24
193.8.187.0/24 maxlen: 24
193.47.61.0/24 maxlen: 24
193.148.56.0/24 maxlen: 24
193.148.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 17:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:74:66:49:68:ac:12:da:d6:6e:38:fb:bd:c3:5d:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 11 11:06:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03dd84c8016180983742e30f4bd0aec2ce8e5d54
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:f9:e8:da:52:ee:85:69:02:b6:f9:f9:e9:fb:
17:80:58:34:91:cb:85:5c:bd:14:f3:ec:78:f4:c2:
f6:6a:ac:e4:c3:f9:fe:cf:64:c2:37:ec:40:c6:e8:
3e:54:20:ac:1e:43:7f:4d:c8:57:61:de:59:a9:1a:
bf:c2:fa:4f:11:88:31:77:2a:09:c7:e0:82:bf:95:
f0:e2:bb:f1:18:44:de:73:00:7c:b2:22:90:cc:30:
a8:da:5f:89:37:cf:56:af:9a:6d:b6:a8:ea:9d:2b:
f7:ac:bb:3b:8c:ee:1f:5f:3f:e5:3e:4f:cd:fe:a7:
45:f2:72:f6:d1:ae:ec:09:f5:91:5f:a7:b5:8a:4a:
25:d7:1d:dd:32:f4:f8:ec:d2:eb:73:8a:93:24:d7:
db:01:1e:9c:29:7e:7e:db:7f:0e:71:2c:4f:c5:a6:
9a:3f:7d:eb:3d:b8:29:88:12:f0:3c:1f:e4:99:26:
73:29:61:b2:32:ae:ff:0d:c7:b0:c2:68:dc:86:e5:
c5:03:63:19:22:06:c6:80:e1:49:9b:e1:65:c7:53:
09:50:4b:3b:83:f9:1a:32:f8:bc:ad:ed:c8:fc:4a:
04:16:df:d3:eb:c4:28:f0:f9:f6:6a:40:29:4f:9e:
3a:47:c9:25:4a:bf:af:59:23:55:d4:8f:03:88:28:
a0:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:DD:84:C8:01:61:80:98:37:42:E3:0F:4B:D0:AE:C2:CE:8E:5D:54
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/A92EyAFhgJg3QuMPS9Cuws6OXVQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.56.0-5.253.58.255
37.139.128.0/24
45.88.66.0/24
45.128.234.0/23
85.31.44.0/24
85.31.46.0/24
85.208.136.0/24
87.120.108.0/24
87.120.196.0/24
87.121.216.0/24
91.92.21.0/24
93.123.31.0/24
94.125.102.0/23
109.206.240.0/24
109.206.243.0/24
185.207.14.0/23
185.218.138.0/24
185.246.221.0/24
185.252.179.0/24
193.8.186.0/23
193.47.61.0/24
193.148.56.0/23
Signature Algorithm: sha256WithRSAEncryption
60:76:a9:2c:fc:9e:23:98:82:3d:a4:b7:44:f0:4b:55:76:da:
c2:76:9c:03:39:54:8e:fd:ab:79:e6:17:c3:f9:67:61:31:d5:
cf:15:ed:79:f6:c8:3c:4c:8b:ff:5f:af:d3:32:3f:24:26:45:
9f:f2:84:e3:b7:ca:9d:b6:f6:f7:2a:f8:bc:38:9a:7a:a3:b7:
bc:56:67:c0:6e:ca:3a:c1:80:b6:58:a6:f4:b8:19:dc:03:47:
58:28:a5:8b:da:8a:b7:37:a4:b3:03:ac:3a:b7:1d:fa:99:07:
d5:ba:08:55:7b:48:16:8e:83:eb:03:b8:f5:c4:43:77:25:88:
0a:71:62:2a:2d:c6:d6:af:b0:eb:16:2c:ff:37:c6:cd:ea:2d:
9d:fa:f9:cd:c7:da:91:58:ab:bb:48:50:80:4b:a3:42:20:e3:
5d:86:99:c9:91:bb:95:c1:dd:87:ae:b9:99:fd:00:27:30:ad:
c3:fe:0b:ea:02:28:13:69:96:1c:06:ec:94:ba:cc:5b:e9:21:
76:46:97:9d:86:82:0b:81:29:5e:9e:53:59:63:62:40:f5:9e:
1f:34:15:8a:c8:7f:27:ad:76:66:3a:99:52:f9:e5:42:06:56:
6e:94:f6:cd:05:93:be:a7:08:2a:9a:f8:30:4c:ce:dd:93:98:
57:ab:81:1d
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZk4dGZJaKwS2tZuOPu9w13KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTExMTEwNjE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2RkODRjODAxNjE4MDk4Mzc0MmUzMGY0YmQwYWVjMmNlOGU1ZDU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAifno2lLuhWkCtvn56fsXgFg0kcuF
XL0U8+x49ML2aqzkw/n+z2TCN+xAxug+VCCsHkN/TchXYd5ZqRq/wvpPEYgxdyoJ
x+CCv5Xw4rvxGETecwB8siKQzDCo2l+JN89Wr5pttqjqnSv3rLs7jO4fXz/lPk/N
/qdF8nL20a7sCfWRX6e1ikol1x3dMvT47NLrc4qTJNfbAR6cKX5+238OcSxPxaaa
P33rPbgpiBLwPB/kmSZzKWGyMq7/DcewwmjchuXFA2MZIgbGgOFJm+Flx1MJUEs7
g/kaMvi8re3I/EoEFt/T68Qo8Pn2akApT546R8klSr+vWSNV1I8DiCigaQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFAPdhMgBYYCYN0LjD0vQrsLOjl1UMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvQTkyRXlBRmhnSmczUXVNUFM5Q3V3czZPWFZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBkwQCAAEwgYwwDAME
AwX9OAMEAAX9OgMEACWLgAMEAC1YQgMEAS2A6gMEAFUfLAMEAFUfLgMEAFXQiAME
AFd4bAMEAFd4xAMEAFd52AMEAFtcFQMEAF17HwMEAV59ZgMEAG3O8AMEAG3O8wME
AbnPDgMEALnaigMEALn23QMEALn8swMEAcEIugMEAMEvPQMEAcGUODANBgkqhkiG
9w0BAQsFAAOCAQEAYHapLPyeI5iCPaS3RPBLVXbawnacAzlUjv2reeYXw/lnYTHV
zxXtefbIPEyL/1+v0zI/JCZFn/KE47fKnbb29yr4vDiaeqO3vFZnwG7KOsGAtlim
9LgZ3ANHWCili9qKtzekswOsOrcd+pkH1boIVXtIFo6D6wO49cRDdyWICnFiKi3G
1q+w6xYs/zfGzeotnfr5zcfakViru0hQgEujQiDjXYaZyZG7lcHdh665mf0AJzCt
w/4L6gIoE2mWHAbslLrMW+khdkaXnYaCC4EpXp5TWWNiQPWeHzQVish/J612ZjqZ
UvnlQgZWbpT2zQWTvqcIKpr4MEzO3ZOYV6uBHQ==
-----END CERTIFICATE-----
Generated at Thu Sep 18 01:40:23 2025 by rpki-client