Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/p0MUFXpVkZgtsSlPABpC9tRNWwQ.roa
File: p0MUFXpVkZgtsSlPABpC9tRNWwQ.roa (raw, json)
Hash identifier: nwwnHtipryYbCGtYcP4T5i/NkJIrOO1hIAZjs1xr3Vg=
Subject key identifier: A7:43:14:15:7A:55:91:98:2D:B1:29:4F:00:1A:42:F6:D4:4D:5B:04
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 019A007F3DD118023823531DFDEF632BF7A7
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/p0MUFXpVkZgtsSlPABpC9tRNWwQ.roa
Signing time: Mon 20 Oct 2025 07:22:10 +0000
ROA not before: Mon 20 Oct 2025 07:22:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 77.105.61.0/24 maxlen: 24
79.175.93.0/24 maxlen: 24
79.175.103.0/24 maxlen: 24
81.18.48.0/24 maxlen: 24
81.18.60.0/24 maxlen: 24
109.121.33.0/24 maxlen: 24
109.121.39.0/24 maxlen: 24
178.253.221.0/24 maxlen: 24
178.253.224.0/24 maxlen: 24
178.253.229.0/24 maxlen: 24
188.255.148.0/24 maxlen: 24
188.255.222.0/24 maxlen: 24
188.255.236.0/24 maxlen: 24
188.255.242.0/24 maxlen: 24
188.255.247.0/24 maxlen: 24
212.69.11.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 10:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:7f:3d:d1:18:02:38:23:53:1d:fd:ef:63:2b:f7:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Oct 20 07:22:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a74314157a5591982db1294f001a42f6d44d5b04
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:69:c6:2e:d9:d8:52:17:77:a1:2d:8d:0b:59:
da:dd:c0:f3:01:05:ba:1e:82:5b:70:10:63:a6:4e:
dc:67:5e:d6:34:eb:d1:70:4e:02:c9:0c:82:64:c3:
08:9b:88:26:fd:a7:28:63:c4:21:30:19:e9:bc:d6:
ba:1e:20:36:94:d1:58:4e:63:48:f2:77:a3:b7:7d:
fb:7c:d9:2f:d6:5e:8e:b1:6a:e8:35:e4:df:16:4a:
3a:56:f4:cb:95:a6:68:0f:04:50:5b:f2:7d:a0:36:
12:dc:0d:99:29:c2:a2:d0:2c:11:a6:ec:37:f4:de:
da:ef:20:69:d5:a0:9b:a6:24:e8:d8:30:48:4d:e8:
5f:29:da:37:29:00:0f:b2:15:fc:9f:11:c2:f3:53:
3a:f5:53:f3:dd:3a:e2:95:d3:7d:12:0b:fe:70:7a:
cc:ba:cc:57:cf:67:61:40:3e:d6:35:e9:f6:a4:e5:
be:1a:52:b5:9a:1a:6f:f1:56:c7:8b:f9:ec:6b:ac:
af:55:13:38:f3:c9:bf:79:f9:2b:ec:f5:dc:d8:d6:
09:f3:6a:f7:55:76:04:11:6b:cf:2b:04:57:bc:b2:
51:3c:c0:b0:ad:a4:4d:6b:42:23:7a:4f:e1:65:94:
7b:93:e4:c6:f1:64:19:58:3b:4d:0e:57:06:86:2f:
78:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:43:14:15:7A:55:91:98:2D:B1:29:4F:00:1A:42:F6:D4:4D:5B:04
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/p0MUFXpVkZgtsSlPABpC9tRNWwQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.105.61.0/24
79.175.93.0/24
79.175.103.0/24
81.18.48.0/24
81.18.60.0/24
109.121.33.0/24
109.121.39.0/24
178.253.221.0/24
178.253.224.0/24
178.253.229.0/24
188.255.148.0/24
188.255.222.0/24
188.255.236.0/24
188.255.242.0/24
188.255.247.0/24
212.69.11.0/24
Signature Algorithm: sha256WithRSAEncryption
67:d0:35:07:01:e2:1b:6b:31:46:f7:5d:71:4c:f0:56:d2:28:
ca:4b:1f:29:09:03:6e:2f:c5:0f:70:12:43:97:9f:da:91:da:
de:d7:ef:c6:8d:98:5f:bd:cd:28:33:df:44:e2:aa:11:3e:75:
ec:2d:4a:ac:d8:6c:4f:46:cd:06:40:02:84:d8:c7:29:3e:7e:
f0:b9:1f:1e:12:69:65:5a:54:79:0a:98:69:e8:17:07:b8:0b:
01:39:1b:7e:22:26:56:e7:fc:e4:f1:db:61:57:07:68:61:2b:
de:d1:2f:7a:f5:fe:cd:6e:da:fa:53:fd:ac:31:35:aa:2a:6b:
51:be:88:f8:68:d3:26:4a:bb:2b:a3:63:a4:6f:48:b0:0d:21:
8e:ea:8a:22:6b:01:7c:5d:0c:9e:93:5c:40:8d:0e:bf:98:2b:
88:f6:99:d0:53:14:eb:05:0c:11:2c:b9:9b:60:ab:14:43:18:
09:96:e4:bb:cd:9b:1b:13:ee:41:d8:ae:4b:e5:9c:e7:38:b2:
16:2b:2f:1e:86:e4:ff:c4:a3:ec:ed:15:8c:c8:09:49:09:f3:
80:bb:72:7e:7a:42:cb:b4:19:c9:45:b0:62:1f:73:74:c8:84:
de:3e:6d:ae:2a:a4:37:bf:05:2d:38:bd:47:b8:7a:11:b4:fa:
ed:ac:5c:2d
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZoAfz3RGAI4I1Md/e9jK/enMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUxMDIwMDcyMjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzQzMTQxNTdhNTU5MTk4MmRiMTI5NGYwMDFhNDJmNmQ0NGQ1YjA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzmnGLtnYUhd3oS2NC1na3cDzAQW6
HoJbcBBjpk7cZ17WNOvRcE4CyQyCZMMIm4gm/acoY8QhMBnpvNa6HiA2lNFYTmNI
8nejt337fNkv1l6OsWroNeTfFko6VvTLlaZoDwRQW/J9oDYS3A2ZKcKi0CwRpuw3
9N7a7yBp1aCbpiTo2DBITehfKdo3KQAPshX8nxHC81M69VPz3TrildN9Egv+cHrM
usxXz2dhQD7WNen2pOW+GlK1mhpv8VbHi/nsa6yvVRM488m/efkr7PXc2NYJ82r3
VXYEEWvPKwRXvLJRPMCwraRNa0Ijek/hZZR7k+TG8WQZWDtNDlcGhi944wIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFKdDFBV6VZGYLbEpTwAaQvbUTVsEMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvcDBNVUZYcFZrWmd0c1NsUEFCcEM5dFJOV3dRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQATWk9AwQA
T69dAwQAT69nAwQAURIwAwQAURI8AwQAbXkhAwQAbXknAwQAsv3dAwQAsv3gAwQA
sv3lAwQAvP+UAwQAvP/eAwQAvP/sAwQAvP/yAwQAvP/3AwQA1EULMA0GCSqGSIb3
DQEBCwUAA4IBAQBn0DUHAeIbazFG911xTPBW0ijKSx8pCQNuL8UPcBJDl5/akdre
1+/GjZhfvc0oM99E4qoRPnXsLUqs2GxPRs0GQAKE2McpPn7wuR8eEmllWlR5Cphp
6BcHuAsBORt+IiZW5/zk8dthVwdoYSve0S969f7Nbtr6U/2sMTWqKmtRvoj4aNMm
Srsro2Okb0iwDSGO6ooiawF8XQyek1xAjQ6/mCuI9pnQUxTrBQwRLLmbYKsUQxgJ
luS7zZsbE+5B2K5L5ZznOLIWKy8ehuT/xKPs7RWMyAlJCfOAu3J+ekLLtBnJRbBi
H3N0yITePm2uKqQ3vwUtOL1HuHoRtPrtrFwt
-----END CERTIFICATE-----
Generated at Tue Oct 21 16:46:49 2025 by rpki-client