Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/3m24X-EciRhk0jIJsdLBkFHw4Vc.roa
File: 3m24X-EciRhk0jIJsdLBkFHw4Vc.roa (raw, json)
Hash identifier: 4191ER+HI71G/WcSYBdVlGxJt+on8LpGReotMNSci7U=
Subject key identifier: DE:6D:B8:5F:E1:1C:89:18:64:D2:32:09:B1:D2:C1:90:51:F0:E1:57
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 019A0249D171C6F50A23371DA681CC2C8F1A
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/3m24X-EciRhk0jIJsdLBkFHw4Vc.roa
Signing time: Mon 20 Oct 2025 15:43:03 +0000
ROA not before: Mon 20 Oct 2025 15:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44592
IP address blocks: 176.65.139.0/24 maxlen: 24
176.65.140.0/24 maxlen: 24
176.65.141.0/24 maxlen: 24
176.65.142.0/24 maxlen: 24
176.65.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 07:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:49:d1:71:c6:f5:0a:23:37:1d:a6:81:cc:2c:8f:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: Oct 20 15:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=de6db85fe11c891864d23209b1d2c19051f0e157
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:be:6c:d5:57:3b:b4:0e:a1:db:93:fa:43:cf:
9b:0f:3f:3c:0c:81:f3:70:5d:78:59:06:53:2f:fc:
c3:7f:11:dc:35:90:a9:20:96:1c:66:a1:6f:e7:81:
41:77:15:51:f0:5d:c9:47:da:b3:5b:12:c3:51:b1:
9a:3b:15:ab:fb:dc:36:42:22:8a:2d:76:7e:b0:04:
44:3e:4a:1b:55:66:91:0e:68:91:e6:18:20:9c:f7:
f1:e1:4d:69:b2:75:b1:68:c7:e4:63:13:39:fa:f2:
83:c8:30:4b:0a:3f:70:0d:c4:11:87:01:57:42:4e:
a6:2c:dc:51:0b:9b:26:a6:71:b2:b7:98:8f:51:0b:
be:66:14:db:56:bf:57:54:9c:7a:37:85:f6:35:6a:
58:12:dc:e0:1c:81:a5:eb:ed:6e:4c:15:91:33:74:
49:52:b4:ad:c7:d6:04:65:de:81:12:f8:45:1d:60:
2d:bf:1f:39:22:d3:6f:7a:a4:7d:0f:db:f5:fb:bf:
3f:2a:e3:62:07:27:cb:d1:14:4a:ab:48:d8:76:f2:
fb:e0:cd:3a:8f:f2:92:20:c6:8c:28:4c:0b:71:99:
94:1b:af:b3:6d:38:d7:cb:28:1d:6c:1e:60:7f:0d:
c5:4f:72:00:21:10:7c:2a:2b:87:24:85:83:7e:67:
d5:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:6D:B8:5F:E1:1C:89:18:64:D2:32:09:B1:D2:C1:90:51:F0:E1:57
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/3m24X-EciRhk0jIJsdLBkFHw4Vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.139.0-176.65.143.255
Signature Algorithm: sha256WithRSAEncryption
2b:3a:10:52:4c:93:b7:de:55:b4:71:c8:44:10:ed:52:cf:52:
53:47:1e:a9:76:5c:aa:96:05:90:82:77:ce:d2:43:07:6f:4f:
1e:27:a8:8f:36:9b:10:2a:12:1d:a0:da:33:73:59:81:46:4b:
59:a7:7b:73:20:e5:54:36:02:c4:a5:95:8a:49:75:7d:4b:cb:
d3:ec:d5:95:1e:a9:5e:69:45:66:05:97:8f:5b:12:85:ae:31:
5b:19:44:03:ab:f9:f4:9d:15:bd:2c:bb:7c:8e:92:f5:f7:c4:
96:c9:93:17:e6:ae:41:9d:cf:ee:af:df:a6:0d:bf:0b:21:10:
03:df:5b:b6:da:76:b1:1d:75:0e:15:31:57:c3:02:63:9a:e2:
92:72:d2:5c:d5:43:8c:10:1f:dc:c5:88:bc:08:c5:e8:4f:29:
fb:13:4b:a5:7b:7e:42:f9:5d:20:9f:a2:e0:ca:9f:86:1f:87:
bd:eb:46:fd:16:fb:aa:3d:9f:38:06:cc:c3:11:da:5b:31:9f:
bb:14:43:c5:16:d7:65:7d:4c:43:19:f0:0d:da:d5:c1:71:b1:
5e:e5:8d:37:7e:f5:ce:33:47:5e:ed:81:32:0e:d0:9a:e4:60:
31:e8:a4:bc:9d:58:34:e9:2e:69:0b:cd:84:cf:7a:d5:16:5b:
e8:58:34:42
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZoCSdFxxvUKIzcdpoHMLI8aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUxMDIwMTU0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZTZkYjg1ZmUxMWM4OTE4NjRkMjMyMDliMWQyYzE5MDUxZjBlMTU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuL5s1Vc7tA6h25P6Q8+bDz88DIHz
cF14WQZTL/zDfxHcNZCpIJYcZqFv54FBdxVR8F3JR9qzWxLDUbGaOxWr+9w2QiKK
LXZ+sAREPkobVWaRDmiR5hggnPfx4U1psnWxaMfkYxM5+vKDyDBLCj9wDcQRhwFX
Qk6mLNxRC5smpnGyt5iPUQu+ZhTbVr9XVJx6N4X2NWpYEtzgHIGl6+1uTBWRM3RJ
UrStx9YEZd6BEvhFHWAtvx85ItNveqR9D9v1+78/KuNiByfL0RRKq0jYdvL74M06
j/KSIMaMKEwLcZmUG6+zbTjXyygdbB5gfw3FT3IAIRB8KiuHJIWDfmfVYwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFN5tuF/hHIkYZNIyCbHSwZBR8OFXMB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvM20yNFgtRWNpUmhrMGpJSnNkTEJrRkh3NFZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBACwQYsD
BASwQYAwDQYJKoZIhvcNAQELBQADggEBACs6EFJMk7feVbRxyEQQ7VLPUlNHHql2
XKqWBZCCd87SQwdvTx4nqI82mxAqEh2g2jNzWYFGS1mne3Mg5VQ2AsSllYpJdX1L
y9Ps1ZUeqV5pRWYFl49bEoWuMVsZRAOr+fSdFb0su3yOkvX3xJbJkxfmrkGdz+6v
36YNvwshEAPfW7badrEddQ4VMVfDAmOa4pJy0lzVQ4wQH9zFiLwIxehPKfsTS6V7
fkL5XSCfouDKn4Yfh73rRv0W+6o9nzgGzMMR2lsxn7sUQ8UW12V9TEMZ8A3a1cFx
sV7ljTd+9c4zR17tgTIO0JrkYDHopLydWDTpLmkLzYTPetUWW+hYNEI=
-----END CERTIFICATE-----
Generated at Tue Oct 21 11:58:01 2025 by rpki-client