Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Ym3v4fA-9SbeaVLCUhCMF6luegs.roa
File: Ym3v4fA-9SbeaVLCUhCMF6luegs.roa (raw, json)
Hash identifier: FmZYtjEAI6HbN2L304x9nDfYoXOnvpHTgcVPpa70sTg=
Subject key identifier: 62:6D:EF:E1:F0:3E:F5:26:DE:69:52:C2:52:10:8C:17:A9:6E:7A:0B
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019A2C48DA2A256068187153530F89131B88
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Ym3v4fA-9SbeaVLCUhCMF6luegs.roa
Signing time: Tue 28 Oct 2025 19:26:03 +0000
ROA not before: Tue 28 Oct 2025 19:26:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 194.231.132.0/22 maxlen: 22
194.231.136.0/22 maxlen: 22
194.231.152.0/22 maxlen: 22
194.231.196.0/22 maxlen: 22
194.231.200.0/22 maxlen: 22
194.231.202.0/23 maxlen: 24
194.231.204.0/22 maxlen: 22
194.231.204.0/23 maxlen: 24
194.231.206.0/23 maxlen: 24
194.231.208.0/22 maxlen: 22
194.231.208.0/23 maxlen: 24
194.231.210.0/23 maxlen: 24
194.231.212.0/22 maxlen: 22
194.231.220.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 01 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2c:48:da:2a:25:60:68:18:71:53:53:0f:89:13:1b:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Oct 28 19:26:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=626defe1f03ef526de6952c252108c17a96e7a0b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ea:b1:0f:65:45:44:a6:bd:50:87:6c:3a:a4:
dd:84:e3:66:ea:0e:0a:98:4b:34:a4:37:86:4d:f1:
8b:ca:0b:4a:14:9b:02:4b:dc:d4:7e:f2:aa:d3:88:
2f:04:bd:17:73:2c:5c:74:19:27:0d:cd:6d:40:fc:
4a:1b:5a:43:88:15:91:ac:57:0e:c3:04:25:a0:4c:
da:06:68:10:2a:cc:a6:18:ea:74:89:e2:cc:25:5f:
0f:eb:56:15:80:62:a6:8b:df:96:d8:ef:39:a0:36:
fc:2d:11:f6:48:c5:0a:d6:97:07:de:17:68:30:4f:
39:61:be:dc:bd:07:ff:5d:2f:0a:58:3e:d8:3b:2f:
4b:ca:aa:3f:fa:aa:c5:9f:79:bf:00:c5:67:cb:98:
5f:0f:9c:67:69:04:80:5d:51:4a:09:e3:82:a9:ad:
cd:e7:67:5c:44:3f:62:7e:99:9d:65:8b:cd:53:0a:
ab:cb:41:9a:34:62:27:0d:3a:4a:08:68:ce:98:5a:
22:fb:c2:45:82:0d:90:a4:75:f0:2c:a3:74:1a:ff:
a9:2f:3a:54:a1:79:bb:01:43:c3:de:c0:41:52:26:
77:78:e8:e3:f3:c7:a8:c1:07:5b:92:82:fa:79:25:
06:77:ad:ce:0e:75:c7:4a:1e:27:4d:f7:4d:43:34:
d5:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
62:6D:EF:E1:F0:3E:F5:26:DE:69:52:C2:52:10:8C:17:A9:6E:7A:0B
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/Ym3v4fA-9SbeaVLCUhCMF6luegs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.132.0-194.231.139.255
194.231.152.0/22
194.231.196.0-194.231.215.255
194.231.220.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:c9:bf:01:24:dd:69:a4:ef:a5:72:c3:ec:8c:34:59:b8:2c:
43:58:3c:38:4b:ea:03:74:94:9b:60:14:80:06:64:b1:3b:fb:
56:78:f9:7b:b2:0e:ca:12:7e:04:23:e1:13:d9:06:d9:30:29:
65:cb:61:21:9d:76:c6:12:a1:f4:44:7b:8c:5c:a7:b7:c2:4e:
ba:e4:47:9d:fd:54:5f:2e:a8:33:99:cc:39:5f:82:3f:7a:cd:
5d:b6:40:87:0d:26:bb:60:0f:bf:d7:cd:d2:ef:33:ac:dd:b2:
83:7c:62:78:6b:17:be:7f:70:d0:6c:6f:a2:d2:09:7e:f7:4b:
66:b2:fe:0c:13:4d:cb:9a:cf:02:e3:c1:ed:a1:1f:ab:5c:62:
d5:9a:82:ad:e0:e9:b5:67:23:70:11:b1:f9:5d:8d:16:9c:51:
5e:91:78:e6:48:f3:72:89:38:70:9a:bb:73:9d:53:40:52:9d:
72:4a:0a:6b:c8:62:83:43:bf:82:ed:5d:f1:3e:9e:00:f7:b3:
38:15:9a:0f:37:2e:80:ee:1a:68:69:4e:8b:f0:a8:fb:7b:7c:
72:f9:22:a7:a1:80:7f:cb:00:ea:26:c2:9e:7b:54:39:3a:9e:
4d:ac:10:02:88:c9:36:83:94:bc:a7:b6:91:62:c3:13:90:e4:
f9:1a:e8:c8
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZosSNoqJWBoGHFTUw+JExuIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUxMDI4MTkyNjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MjZkZWZlMWYwM2VmNTI2ZGU2OTUyYzI1MjEwOGMxN2E5NmU3YTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAluqxD2VFRKa9UIdsOqTdhONm6g4K
mEs0pDeGTfGLygtKFJsCS9zUfvKq04gvBL0XcyxcdBknDc1tQPxKG1pDiBWRrFcO
wwQloEzaBmgQKsymGOp0ieLMJV8P61YVgGKmi9+W2O85oDb8LRH2SMUK1pcH3hdo
ME85Yb7cvQf/XS8KWD7YOy9Lyqo/+qrFn3m/AMVny5hfD5xnaQSAXVFKCeOCqa3N
52dcRD9ifpmdZYvNUwqry0GaNGInDTpKCGjOmFoi+8JFgg2QpHXwLKN0Gv+pLzpU
oXm7AUPD3sBBUiZ3eOjj88eowQdbkoL6eSUGd63ODnXHSh4nTfdNQzTVmwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFGJt7+HwPvUm3mlSwlIQjBepbnoLMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvWW0zdjRmQS05U2JlYVZMQ1VoQ01GNmx1ZWdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAuBAIAATAoMAwDBALC54QD
BALC54gDBALC55gwDAMEAsLnxAMEA8Ln0AMEAsLn3DANBgkqhkiG9w0BAQsFAAOC
AQEAjsm/ASTdaaTvpXLD7Iw0WbgsQ1g8OEvqA3SUm2AUgAZksTv7Vnj5e7IOyhJ+
BCPhE9kG2TApZcthIZ12xhKh9ER7jFynt8JOuuRHnf1UXy6oM5nMOV+CP3rNXbZA
hw0mu2APv9fN0u8zrN2yg3xieGsXvn9w0GxvotIJfvdLZrL+DBNNy5rPAuPB7aEf
q1xi1ZqCreDptWcjcBGx+V2NFpxRXpF45kjzcok4cJq7c51TQFKdckoKa8hig0O/
gu1d8T6eAPezOBWaDzcugO4aaGlOi/Co+3t8cvkip6GAf8sA6ibCnntUOTqeTawQ
AojJNoOUvKe2kWLDE5Dk+RroyA==
-----END CERTIFICATE-----
Generated at Fri Oct 31 05:43:32 2025 by rpki-client