Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/c9jutYwXrdIy30XzA0-_m_kBXnk.roa
File: c9jutYwXrdIy30XzA0-_m_kBXnk.roa (raw, json)
Hash identifier: s8lbtTJMvbbZUsilkLTvkPSlk6FSlA5xlc0HqMVOXIA=
Subject key identifier: 73:D8:EE:B5:8C:17:AD:D2:32:DF:45:F3:03:4F:BF:9B:F9:01:5E:79
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 01993836228A044B361DCE69C0420C60F18B
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/c9jutYwXrdIy30XzA0-_m_kBXnk.roa
Signing time: Thu 11 Sep 2025 09:58:15 +0000
ROA not before: Thu 11 Sep 2025 09:58:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52116
IP address blocks: 77.105.11.0/24 maxlen: 24
77.105.31.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
79.175.116.0/24 maxlen: 24
80.74.173.0/24 maxlen: 24
81.18.49.0/24 maxlen: 24
81.18.50.0/24 maxlen: 24
81.18.52.0/23 maxlen: 23
81.18.55.0/24 maxlen: 24
81.18.61.0/24 maxlen: 24
93.186.67.0/24 maxlen: 24
93.186.71.0/24 maxlen: 24
93.186.72.0/24 maxlen: 24
109.121.60.0/24 maxlen: 24
178.253.207.0/24 maxlen: 24
178.253.213.0/24 maxlen: 24
178.253.214.0/24 maxlen: 24
178.253.219.0/24 maxlen: 24
178.253.236.0/24 maxlen: 24
178.253.240.0/24 maxlen: 24
185.47.88.0/24 maxlen: 24
185.47.90.0/24 maxlen: 24
188.255.130.0/24 maxlen: 24
188.255.190.0/24 maxlen: 24
188.255.208.0/24 maxlen: 24
188.255.213.0/24 maxlen: 24
188.255.219.0/24 maxlen: 24
188.255.226.0/24 maxlen: 24
188.255.244.0/23 maxlen: 23
188.255.246.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
188.255.252.0/24 maxlen: 24
188.255.254.0/24 maxlen: 24
188.255.255.0/24 maxlen: 24
212.69.7.0/24 maxlen: 24
212.69.12.0/24 maxlen: 24
212.69.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 17:00:35 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:36:22:8a:04:4b:36:1d:ce:69:c0:42:0c:60:f1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Sep 11 09:58:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=73d8eeb58c17add232df45f3034fbf9bf9015e79
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:71:84:b7:54:28:9d:73:ed:f9:0f:e7:3f:fa:
bd:c1:fd:ec:ef:85:c2:4a:7c:9e:3c:0d:e5:37:ca:
57:e8:cb:79:ec:5b:38:f0:cf:2a:6e:47:80:7d:90:
7c:26:ea:a7:a8:c9:51:d0:72:1f:69:f9:8b:be:5d:
16:af:b9:9d:f9:ae:93:8e:ce:0e:fc:06:dc:5f:63:
93:d4:b0:0c:e3:02:77:a5:72:e8:1e:b0:14:5e:ba:
6e:d1:31:a4:9b:36:68:e3:cc:ba:4d:88:0a:b7:1b:
a2:96:07:23:89:5d:a8:47:4b:68:01:03:cd:a9:66:
fa:1d:61:01:55:b0:40:a0:2a:56:e9:d0:b2:41:21:
89:ee:cd:d6:f2:d8:1e:e2:73:8b:09:d8:ad:84:15:
d0:56:02:32:2d:9f:23:e4:41:c3:a5:15:50:11:ff:
de:23:13:23:25:81:95:95:90:42:c4:0d:e3:9c:a0:
93:c7:d0:48:79:ed:76:ef:b7:93:a7:b8:2a:4b:37:
f8:ba:72:11:16:27:26:2e:ff:e1:ba:43:c7:cb:ac:
0a:7a:3e:bc:e8:7d:43:63:22:92:e9:dd:45:b8:52:
74:e5:10:22:e5:86:73:84:23:ed:dc:92:14:32:8a:
f4:38:28:45:78:67:e5:28:63:0d:33:bc:3e:16:c2:
58:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
73:D8:EE:B5:8C:17:AD:D2:32:DF:45:F3:03:4F:BF:9B:F9:01:5E:79
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/c9jutYwXrdIy30XzA0-_m_kBXnk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.11.0/24
77.105.31.0/24
79.175.103.0/24
79.175.116.0/24
80.74.173.0/24
81.18.49.0-81.18.50.255
81.18.52.0/23
81.18.55.0/24
81.18.61.0/24
93.186.67.0/24
93.186.71.0-93.186.72.255
109.121.60.0/24
178.253.207.0/24
178.253.213.0-178.253.214.255
178.253.219.0/24
178.253.236.0/24
178.253.240.0/24
185.47.88.0/24
185.47.90.0/24
188.255.130.0/24
188.255.190.0/24
188.255.208.0/24
188.255.213.0/24
188.255.219.0/24
188.255.226.0/24
188.255.244.0/22
188.255.252.0/24
188.255.254.0/23
212.69.7.0/24
212.69.12.0/24
212.69.18.0/24
Signature Algorithm: sha256WithRSAEncryption
a2:ae:15:9b:0f:61:f3:51:13:95:f0:57:fa:93:cd:eb:df:0a:
b3:87:4d:c5:e8:d7:78:9b:34:37:43:a7:43:05:a4:25:e7:53:
20:75:3e:bc:11:9f:4a:6d:3b:b9:6d:15:01:fe:a7:64:97:4b:
74:cb:63:6e:bf:1b:09:26:a3:14:11:aa:52:b6:74:fc:f5:34:
18:82:40:6d:66:4a:f4:dd:94:2c:ac:dd:10:e7:b4:fd:33:df:
7f:f4:b7:7b:ba:d3:68:e6:04:0a:ce:17:66:9c:fb:6f:8a:2c:
8a:ce:0e:80:c9:b4:dd:a3:97:28:22:42:04:1f:d3:27:2e:3b:
0d:e3:93:98:d4:11:e0:b0:f0:cb:66:7b:8b:54:dd:e6:55:68:
22:c1:5b:75:9c:92:d8:6b:ef:92:27:5f:0c:71:6d:70:89:c2:
ee:74:bc:b5:51:ab:7d:8a:36:33:cc:27:b0:41:f5:9b:7e:20:
c7:e0:05:a5:34:fc:7d:06:c4:33:d7:60:7a:eb:89:f0:9b:c7:
b2:c1:36:bb:2c:ea:e4:ba:d4:57:a0:cb:a5:b5:9c:19:ce:92:
8c:12:05:39:7b:b7:86:4a:f6:ca:e7:8d:f3:33:b8:11:fc:e7:
ad:e3:9a:d8:40:ad:03:7a:6f:01:7c:e0:48:da:81:b5:3e:32:
29:05:76:fd
-----BEGIN CERTIFICATE-----
MIIFzjCCBLagAwIBAgISAZk4NiKKBEs2Hc5pwEIMYPGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwOTExMDk1ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3M2Q4ZWViNThjMTdhZGQyMzJkZjQ1ZjMwMzRmYmY5YmY5MDE1ZTc5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqHGEt1QonXPt+Q/nP/q9wf3s74XC
SnyePA3lN8pX6Mt57Fs48M8qbkeAfZB8JuqnqMlR0HIfafmLvl0Wr7md+a6Tjs4O
/AbcX2OT1LAM4wJ3pXLoHrAUXrpu0TGkmzZo48y6TYgKtxuilgcjiV2oR0toAQPN
qWb6HWEBVbBAoCpW6dCyQSGJ7s3W8tge4nOLCdithBXQVgIyLZ8j5EHDpRVQEf/e
IxMjJYGVlZBCxA3jnKCTx9BIee1277eTp7gqSzf4unIRFicmLv/hukPHy6wKej68
6H1DYyKS6d1FuFJ05RAi5YZzhCPt3JIUMor0OChFeGflKGMNM7w+FsJYpQIDAQAB
o4IC2jCCAtYwHQYDVR0OBBYEFHPY7rWMF63SMt9F8wNPv5v5AV55MB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvYzlqdXRZd1hyZEl5MzBYekEwLV9tX2tCWG5rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHvBggrBgEFBQcBBwEB/wSB3zCB3DCB2QQCAAEwgdIDBABN
aQsDBABNaR8DBABPr2cDBABPr3QDBABQSq0wDAMEAFESMQMEAFESMgMEAVESNAME
AFESNwMEAFESPQMEAF26QzAMAwQAXbpHAwQAXbpIAwQAbXk8AwQAsv3PMAwDBACy
/dUDBACy/dYDBACy/dsDBACy/ewDBACy/fADBAC5L1gDBAC5L1oDBAC8/4IDBAC8
/74DBAC8/9ADBAC8/9UDBAC8/9sDBAC8/+IDBAK8//QDBAC8//wDBAG8//4DBADU
RQcDBADURQwDBADURRIwDQYJKoZIhvcNAQELBQADggEBAKKuFZsPYfNRE5XwV/qT
zevfCrOHTcXo13ibNDdDp0MFpCXnUyB1PrwRn0ptO7ltFQH+p2SXS3TLY26/Gwkm
oxQRqlK2dPz1NBiCQG1mSvTdlCys3RDntP0z33/0t3u602jmBArOF2ac+2+KLIrO
DoDJtN2jlygiQgQf0ycuOw3jk5jUEeCw8Mtme4tU3eZVaCLBW3Wckthr75InXwxx
bXCJwu50vLVRq32KNjPMJ7BB9Zt+IMfgBaU0/H0GxDPXYHrrifCbx7LBNrss6uS6
1Fegy6W1nBnOkowSBTl7t4ZK9srnjfMzuBH8563jmthArQN6bwF84EjagbU+MikF
dv0=
-----END CERTIFICATE-----
Generated at Sun Sep 14 02:39:00 2025 by rpki-client