Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/l0O1IsWy5iFNtCwFJIwlFHNZHnM.roa
File: l0O1IsWy5iFNtCwFJIwlFHNZHnM.roa (raw, json)
Hash identifier: J8KjXkpEjgxS3H6vTTYYQV8h4P0h1eKLxSE3vk6fr7E=
Subject key identifier: 97:43:B5:22:C5:B2:E6:21:4D:B4:2C:05:24:8C:25:14:73:59:1E:73
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 0198FE2B6F80445DE9A70913B4E8D35A983E
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/l0O1IsWy5iFNtCwFJIwlFHNZHnM.roa
Signing time: Sun 31 Aug 2025 03:28:36 +0000
ROA not before: Sun 31 Aug 2025 03:28:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
194.110.60.0/24 maxlen: 24
2a14:3f80::/45 maxlen: 45
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:3d1::/48 maxlen: 48
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:1ed0::/45 maxlen: 45
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:2b40::/42 maxlen: 42
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:6920::/44 maxlen: 44
2a14:3f87:6ba0::/44 maxlen: 44
2a14:3f87:9800::/38 maxlen: 38
2a14:3f87:c800::/38 maxlen: 38
2a14:3f87:e000::/38 maxlen: 38
2a14:3f87:f000::/38 maxlen: 38
2a14:3f87:f001::/48 maxlen: 48
2a14:3f87:f002::/48 maxlen: 48
2a14:3f87:fc00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 06:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:fe:2b:6f:80:44:5d:e9:a7:09:13:b4:e8:d3:5a:98:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Aug 31 03:28:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9743b522c5b2e6214db42c05248c251473591e73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:d7:7d:ac:3f:48:6e:fc:df:d1:a5:79:e0:6f:
8c:e6:ff:87:1c:3a:a3:7b:4e:36:76:55:e3:3a:12:
e0:4c:e1:8b:c3:26:9c:3d:a5:fc:6c:96:11:b9:4e:
67:0f:a9:4a:ae:2b:b2:e8:2c:87:55:55:33:cf:7c:
a9:73:58:42:26:aa:3c:32:62:84:15:9e:40:6e:39:
2c:47:4d:a4:55:f4:3a:3d:8d:b8:df:00:d3:91:77:
cd:ae:30:9c:b5:92:33:ca:5e:4d:82:b7:a2:9c:70:
b9:46:c3:ca:b3:29:ac:96:0d:32:96:d6:5a:2d:ad:
2e:0d:b5:95:0d:b1:0d:05:d7:02:b7:ab:e6:b0:90:
a4:cf:30:00:ee:fc:3a:34:c0:99:5d:59:74:e5:af:
0d:fa:ea:ab:e5:0f:75:a5:25:ae:ac:e1:42:f6:b8:
6a:08:2f:69:06:50:e0:a2:73:d4:9d:24:eb:7d:02:
ee:bc:04:00:77:bd:13:1b:6a:66:d4:31:4e:a0:5f:
47:18:94:b4:a5:8b:38:cc:09:d0:bb:8b:cd:90:93:
8a:cf:28:b9:a6:9b:44:25:46:a5:5c:ff:4b:ac:26:
63:fb:6f:22:cb:75:c4:ee:bc:76:dc:ca:c7:09:17:
1d:91:dd:03:11:f3:aa:08:90:d7:f8:90:90:2a:e5:
46:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:43:B5:22:C5:B2:E6:21:4D:B4:2C:05:24:8C:25:14:73:59:1E:73
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/l0O1IsWy5iFNtCwFJIwlFHNZHnM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.26.0/24
192.189.157.0/24
194.110.60.0/24
IPv6:
2a14:3f80::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:3d1::/48
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:1ed0::/45
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
2a14:3f87:c800::/38
2a14:3f87:e000::/38
2a14:3f87:f000::/38
2a14:3f87:fc00::/38
Signature Algorithm: sha256WithRSAEncryption
36:a1:27:20:f9:1e:e1:11:c1:91:04:75:c3:06:d2:05:2e:26:
dd:ea:68:ce:5a:8f:57:04:b0:7f:bc:38:dd:95:02:ad:6f:9c:
04:bf:7c:6e:a6:2f:a7:d7:76:60:ec:a5:b7:d5:e8:d4:29:f3:
47:2d:40:4f:a9:52:76:0a:c1:3a:a9:71:94:21:eb:90:b3:58:
45:a3:9c:83:a7:04:83:fd:fa:7b:c8:15:f8:3d:8b:ef:77:74:
d1:ce:90:64:e6:1a:d2:01:f7:f0:1e:b1:8a:a2:d6:f1:79:f2:
51:26:17:59:c9:35:99:7f:0d:fe:6e:8d:5f:65:dd:47:96:ec:
45:b7:b3:78:85:45:27:98:d5:ce:b9:bb:e7:56:df:9e:15:38:
c9:cb:5f:c9:dd:4b:72:36:26:c2:f9:02:1a:cc:08:ea:22:ec:
a4:36:c0:c5:7e:5d:22:58:b1:4a:0d:05:24:63:9e:68:4e:c4:
12:f3:68:ad:ff:ae:17:1d:86:67:c9:bf:9e:e9:b9:85:85:87:
39:5a:3d:09:ea:24:a6:57:36:4f:7b:5d:69:40:09:d3:a0:d2:
e0:bf:a3:e3:ae:86:d9:d7:fe:be:98:5b:b5:6a:bc:d2:a3:23:
89:ce:7b:79:db:5f:54:4f:cc:30:99:e0:79:af:f1:62:3d:41:
57:d1:bd:e5
-----BEGIN CERTIFICATE-----
MIIGITCCBQmgAwIBAgISAZj+K2+ARF3ppwkTtOjTWpg+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjUwODMxMDMyODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzQzYjUyMmM1YjJlNjIxNGRiNDJjMDUyNDhjMjUxNDczNTkxZTczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutd9rD9Ibvzf0aV54G+M5v+HHDqj
e042dlXjOhLgTOGLwyacPaX8bJYRuU5nD6lKriuy6CyHVVUzz3ypc1hCJqo8MmKE
FZ5AbjksR02kVfQ6PY243wDTkXfNrjCctZIzyl5NgreinHC5RsPKsymslg0yltZa
La0uDbWVDbENBdcCt6vmsJCkzzAA7vw6NMCZXVl05a8N+uqr5Q91pSWurOFC9rhq
CC9pBlDgonPUnSTrfQLuvAQAd70TG2pm1DFOoF9HGJS0pYs4zAnQu4vNkJOKzyi5
pptEJUalXP9LrCZj+28iy3XE7rx23MrHCRcdkd0DEfOqCJDX+JCQKuVGnwIDAQAB
o4IDLTCCAykwHQYDVR0OBBYEFJdDtSLFsuYhTbQsBSSMJRRzWR5zMB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvbDBPMUlzV3k1aUZOdEN3RkpJd2xGSE5aSG5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBQQYIKwYBBQUHAQcBAf8EggEwMIIBLDAYBAIAATASAwQA
ueEaAwQAwL2dAwQAwm48MIIBDgQCAAIwggEGMBADBQcqFD+AAwcEKhQ/gAAgAwcD
KhQ/gABgAwcEKhQ/gACAAwcEKhQ/gAEAAwcAKhQ/gAPRMBADBgMqFD+ACAMGAioU
P4AYAwcDKhQ/gB7QMBADBgUqFD+AIAMGAioUP4AoMBADBgQqFD+AMAMGAyoUP4BA
AwYCKhQ/gFADBgIqFD+AYAMGAioUP4BwAwYCKhQ/gIgDBwMqFD+ArzgDBgIqFD+B
WAMGAioUP4JAAwYCKhQ/gmADBgIqFD+CcAMGAioUP4KIAwYCKhQ/hygDBgIqFD+H
SAMGAioUP4doAwYCKhQ/h5gDBgIqFD+HyAMGAioUP4fgAwYCKhQ/h/ADBgIqFD+H
/DANBgkqhkiG9w0BAQsFAAOCAQEANqEnIPke4RHBkQR1wwbSBS4m3epozlqPVwSw
f7w43ZUCrW+cBL98bqYvp9d2YOylt9Xo1CnzRy1AT6lSdgrBOqlxlCHrkLNYRaOc
g6cEg/36e8gV+D2L73d00c6QZOYa0gH38B6xiqLW8XnyUSYXWck1mX8N/m6NX2Xd
R5bsRbezeIVFJ5jVzrm751bfnhU4yctfyd1LcjYmwvkCGswI6iLspDbAxX5dIlix
Sg0FJGOeaE7EEvNorf+uFx2GZ8m/num5hYWHOVo9Ceokplc2T3tdaUAJ06DS4L+j
466G2df+vphbtWq80qMjic57edtfVE/MMJngea/xYj1BV9G95Q==
-----END CERTIFICATE-----
Generated at Sun Sep 7 14:51:17 2025 by rpki-client