Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/SyqNMF-ydxJR2kxngWZW5-SrEy0.roa
File: SyqNMF-ydxJR2kxngWZW5-SrEy0.roa (raw, json)
Hash identifier: KeocIUb7cPGt5yIgR1YWAUH1gGZjpJ9norLt8H3zU6Q=
Subject key identifier: 4B:2A:8D:30:5F:B2:77:12:51:DA:4C:67:81:66:56:E7:E4:AB:13:2D
Certificate issuer: /CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Certificate serial: 01992DC6C0F6610BBF8761005359D8163075
Authority key identifier: F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/SyqNMF-ydxJR2kxngWZW5-SrEy0.roa
Signing time: Tue 09 Sep 2025 09:20:24 +0000
ROA not before: Tue 09 Sep 2025 09:20:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35042
IP address blocks: 88.214.25.0/24 maxlen: 24
88.214.26.0/24 maxlen: 24
91.228.101.0/24 maxlen: 24
185.55.240.0/22 maxlen: 22
185.55.241.0/24 maxlen: 24
185.55.243.0/24 maxlen: 24
193.24.208.0/22 maxlen: 22
193.24.208.0/23 maxlen: 23
193.24.208.0/24 maxlen: 24
193.24.209.0/24 maxlen: 24
193.24.210.0/24 maxlen: 24
194.24.160.0/24 maxlen: 24
2a00:1910::/32 maxlen: 32
2a00:1911::/32 maxlen: 32
2a00:1911::/48 maxlen: 48
2a00:1911:1::/48 maxlen: 48
2a00:1911:3::/48 maxlen: 48
2a00:1911:4::/48 maxlen: 48
2a00:1911:5::/48 maxlen: 48
2a00:1911:6::/48 maxlen: 48
2a00:1911:7::/48 maxlen: 48
2a00:1911:8::/48 maxlen: 48
2a00:1911:9::/48 maxlen: 48
2a00:1911:10::/48 maxlen: 48
2a00:1912::/32 maxlen: 32
2a00:1912:1::/48 maxlen: 48
2a00:1913::/32 maxlen: 32
2a09:8700::/32 maxlen: 32
2a09:8700:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.mft
rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 13 Sep 2025 17:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2d:c6:c0:f6:61:0b:bf:87:61:00:53:59:d8:16:30:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5d9a9282c9d2547c566634f3bacccbcf2588827
Validity
Not Before: Sep 9 09:20:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b2a8d305fb2771251da4c67816656e7e4ab132d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d2:63:46:9b:a0:a8:6e:26:ae:1d:c8:b1:34:
be:d2:d9:df:ac:de:1a:64:95:e1:b5:51:98:b3:76:
08:b2:c5:6d:db:b4:c1:93:cd:f1:5b:5a:e0:c1:36:
0f:68:e9:44:50:26:b3:f9:9e:c1:ec:fc:88:6e:34:
40:4d:77:8f:8c:cb:93:ee:59:3c:2a:9f:d2:ac:fb:
90:94:38:07:fb:de:94:a7:bb:0f:98:d0:36:12:3e:
ba:58:b8:72:00:f4:4d:bc:21:1e:64:a2:f9:7e:44:
00:e4:a2:97:b7:85:3f:9b:96:f4:27:02:ca:b0:df:
f8:b7:b8:38:27:75:49:03:23:0d:c1:3d:6f:88:59:
e9:4a:5a:f8:78:2b:57:89:5a:59:cf:35:9b:30:ae:
40:b4:0e:3a:69:e8:ec:24:4d:03:58:58:a5:3b:ab:
f3:f5:8a:1a:b2:2d:00:c4:7f:66:14:76:b0:51:36:
70:c3:3b:36:10:16:6b:80:bb:56:6b:ea:4b:4d:be:
b5:94:d4:b3:e9:92:06:f6:4f:04:43:d5:4a:19:4b:
72:9c:59:9c:83:3b:38:d2:ae:b6:00:6e:97:75:a0:
24:d9:ce:7e:25:b9:49:1b:cf:0c:07:c4:17:1d:fc:
42:6d:dc:5a:38:fa:34:ac:69:28:74:7d:e5:88:17:
4e:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:2A:8D:30:5F:B2:77:12:51:DA:4C:67:81:66:56:E7:E4:AB:13:2D
X509v3 Authority Key Identifier:
keyid:F5:D9:A9:28:2C:9D:25:47:C5:66:63:4F:3B:AC:CC:BC:F2:58:88:27
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9dmpKCydJUfFZmNPO6zMvPJYiCc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/SyqNMF-ydxJR2kxngWZW5-SrEy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/0d0755-1897-47ef-8df7-8cf41cafdce2/1/9dmpKCydJUfFZmNPO6zMvPJYiCc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
88.214.25.0-88.214.26.255
91.228.101.0/24
185.55.240.0/22
193.24.208.0/22
194.24.160.0/24
IPv6:
2a00:1910::/30
2a09:8700::/32
Signature Algorithm: sha256WithRSAEncryption
5d:6d:0f:c2:af:99:4c:4c:43:be:da:bb:54:d1:8e:0f:99:f4:
c7:25:e7:bb:ee:52:ce:46:24:cb:8c:2c:a2:3d:95:f1:66:8f:
d0:80:b7:f9:8a:88:72:f7:5c:0a:38:66:92:fb:4f:99:c4:00:
9f:e2:94:d3:ab:53:51:73:5f:5b:9f:65:d5:5a:49:6e:89:3b:
f5:04:84:fc:d2:bf:a4:f7:39:9e:90:70:56:68:27:09:2c:75:
d6:0b:ff:f6:89:30:45:33:e2:a4:a8:35:7a:11:29:82:ca:25:
90:18:ec:b1:4d:31:10:26:0c:2e:33:50:c9:36:31:0d:4e:d5:
00:1d:13:ec:c3:a1:2d:70:45:48:03:9b:e1:5f:2c:d8:89:88:
78:17:63:a9:69:c3:97:62:62:a4:f9:53:8b:b2:27:b2:ac:50:
86:bb:e5:7b:90:c8:85:8c:35:fd:3a:55:04:b7:f2:ed:c3:68:
a6:7f:a4:a5:ea:94:cf:53:1c:52:bc:74:ff:a7:83:91:56:83:
58:ee:40:d1:6d:68:f5:7b:8e:c6:c3:b6:e9:f3:47:97:ba:b1:
27:fc:f4:a2:d2:be:94:cb:29:1c:1f:fd:3a:ca:6f:05:d2:4b:
d3:22:26:81:c4:58:2b:ae:70:2d:e2:9b:fd:8c:2a:ad:88:30:
56:3d:fe:a9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZktxsD2YQu/h2EAU1nYFjB1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZDlhOTI4MmM5ZDI1NDdjNTY2NjM0ZjNiYWNjY2JjZjI1
ODg4MjcwHhcNMjUwOTA5MDkyMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjJhOGQzMDVmYjI3NzEyNTFkYTRjNjc4MTY2NTZlN2U0YWIxMzJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dJjRpugqG4mrh3IsTS+0tnfrN4a
ZJXhtVGYs3YIssVt27TBk83xW1rgwTYPaOlEUCaz+Z7B7PyIbjRATXePjMuT7lk8
Kp/SrPuQlDgH+96Up7sPmNA2Ej66WLhyAPRNvCEeZKL5fkQA5KKXt4U/m5b0JwLK
sN/4t7g4J3VJAyMNwT1viFnpSlr4eCtXiVpZzzWbMK5AtA46aejsJE0DWFilO6vz
9Yoasi0AxH9mFHawUTZwwzs2EBZrgLtWa+pLTb61lNSz6ZIG9k8EQ9VKGUtynFmc
gzs40q62AG6XdaAk2c5+JblJG88MB8QXHfxCbdxaOPo0rGkodH3liBdOEwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEsqjTBfsncSUdpMZ4FmVufkqxMtMB8GA1UdIwQY
MBaAFPXZqSgsnSVHxWZjTzuszLzyWIgnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjct
OGNmNDFjYWZkY2UyLzEvU3lxTk1GLXlkeEpSMmt4bmdXWlc1LVNyRXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8wZDA3NTUtMTg5Ny00N2VmLThkZjctOGNmNDFjYWZkY2Uy
LzEvOWRtcEtDeWRKVWZGWm1OUE82ek12UEpZaUNjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAsBAIAATAmMAwDBABY1hkD
BABY1hoDBABb5GUDBAK5N/ADBALBGNADBADCGKAwFAQCAAIwDgMFAioAGRADBQAq
CYcAMA0GCSqGSIb3DQEBCwUAA4IBAQBdbQ/Cr5lMTEO+2rtU0Y4PmfTHJee77lLO
RiTLjCyiPZXxZo/QgLf5iohy91wKOGaS+0+ZxACf4pTTq1NRc19bn2XVWkluiTv1
BIT80r+k9zmekHBWaCcJLHXWC//2iTBFM+KkqDV6ESmCyiWQGOyxTTEQJgwuM1DJ
NjENTtUAHRPsw6EtcEVIA5vhXyzYiYh4F2OpacOXYmKk+VOLsieyrFCGu+V7kMiF
jDX9OlUEt/Ltw2imf6Sl6pTPUxxSvHT/p4ORVoNY7kDRbWj1e47Gw7bp80eXurEn
/PSi0r6UyykcH/06ym8F0kvTIiaBxFgrrnAt4pv9jCqtiDBWPf6p
-----END CERTIFICATE-----
Generated at Sat Sep 13 01:03:23 2025 by rpki-client