Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/KAuOHWt-R6D_FxRYYs3gpwscXsg.roa
File: KAuOHWt-R6D_FxRYYs3gpwscXsg.roa (raw, json)
Hash identifier: Pgubb9gKDOdz0YwAQ2TL03c4sJTbMRlSOGCHZAx7niE=
Subject key identifier: 28:0B:8E:1D:6B:7E:47:A0:FF:17:14:58:62:CD:E0:A7:0B:1C:5E:C8
Certificate issuer: /CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Certificate serial: 01998066C46AE22141C380053E3E39C4AC06
Authority key identifier: FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/KAuOHWt-R6D_FxRYYs3gpwscXsg.roa
Signing time: Thu 25 Sep 2025 10:24:02 +0000
ROA not before: Thu 25 Sep 2025 10:24:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 46.80.0.0/12 maxlen: 12
62.153.0.0/16 maxlen: 16
62.154.0.0/15 maxlen: 15
62.156.0.0/14 maxlen: 14
62.224.0.0/14 maxlen: 14
79.192.0.0/10 maxlen: 10
80.128.0.0/11 maxlen: 11
80.128.0.0/12 maxlen: 12
80.144.0.0/13 maxlen: 13
80.152.0.0/14 maxlen: 14
80.156.0.0/16 maxlen: 16
80.157.0.0/16 maxlen: 16
80.157.8.0/21 maxlen: 21
80.157.16.0/20 maxlen: 20
84.128.0.0/10 maxlen: 10
87.128.0.0/10 maxlen: 10
91.0.0.0/10 maxlen: 10
93.192.0.0/10 maxlen: 10
192.166.49.0/24 maxlen: 24
193.158.0.0/15 maxlen: 15
194.25.0.0/16 maxlen: 16
194.150.228.0/23 maxlen: 23
195.145.0.0/16 maxlen: 16
195.243.0.0/16 maxlen: 16
212.184.0.0/15 maxlen: 15
217.0.0.0/13 maxlen: 13
217.80.0.0/12 maxlen: 12
217.224.0.0/11 maxlen: 11
2003::/19 maxlen: 19
2003::/23 maxlen: 23
2003:8:f400::/48 maxlen: 48
2003:8:f401::/48 maxlen: 48
2003:8:f402::/48 maxlen: 48
2003:8:f403::/48 maxlen: 48
2003:8:f404::/48 maxlen: 48
2003:8:f405::/48 maxlen: 48
2003:8:f406::/48 maxlen: 48
2003:8:f407::/48 maxlen: 48
2003:8:f408::/48 maxlen: 48
2003:8:f409::/48 maxlen: 48
2003:8:f40a::/48 maxlen: 48
2003:8:f40b::/48 maxlen: 48
2003:8:f40c::/48 maxlen: 48
2003:8:f40d::/48 maxlen: 48
2003:8:f40e::/48 maxlen: 48
2003:8:f40f::/48 maxlen: 48
2003:8:f412::/48 maxlen: 48
2003:8:f413::/48 maxlen: 48
2003:8:f414::/48 maxlen: 48
2003:8:f415::/48 maxlen: 48
2003:8:f416::/48 maxlen: 48
2003:8:f417::/48 maxlen: 48
2003:8:f418::/48 maxlen: 48
2003:8:f419::/48 maxlen: 48
2003:8:f41a::/48 maxlen: 48
2003:8:f41b::/48 maxlen: 48
2003:8:f41c::/48 maxlen: 48
2003:8:f41d::/48 maxlen: 48
2003:8:f41e::/48 maxlen: 48
2003:8:f41f::/48 maxlen: 48
2003:8:f420::/48 maxlen: 48
2003:8:f421::/48 maxlen: 48
2003:8:f422::/48 maxlen: 48
2003:8:f423::/48 maxlen: 48
2003:8:f424::/48 maxlen: 48
2003:8:f425::/48 maxlen: 48
2003:8:f426::/48 maxlen: 48
2003:8:f427::/48 maxlen: 48
2003:8:f428::/48 maxlen: 48
2003:8:f429::/48 maxlen: 48
2003:8:f42a::/48 maxlen: 48
2003:8:f42b::/48 maxlen: 48
2003:3c0::/28 maxlen: 28
2003:3e0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:80:66:c4:6a:e2:21:41:c3:80:05:3e:3e:39:c4:ac:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fad7100e77ed9119d66e2321bb6711d7e760982b
Validity
Not Before: Sep 25 10:24:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=280b8e1d6b7e47a0ff17145862cde0a70b1c5ec8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:23:2f:59:1f:c6:c1:6a:69:e8:e8:fb:37:ad:
cf:72:8f:a4:f7:77:f2:58:d7:1f:4e:d6:09:e4:1a:
b9:e0:a7:eb:f1:97:5a:27:0d:37:b4:6e:e7:95:5c:
1e:18:df:ec:57:8b:f0:1f:91:ef:5a:88:c6:b6:fe:
5b:7c:b2:b6:88:5f:0f:8f:de:26:0a:22:00:ab:e7:
c4:49:15:f2:19:95:80:de:ec:f7:61:c1:35:7a:5b:
a6:45:13:c4:f9:20:61:88:a3:ea:cb:c6:0e:dd:30:
47:ad:e9:13:41:be:89:5d:ac:b1:33:cb:54:c2:02:
c2:f8:2c:4f:b7:0b:04:0f:63:ea:1b:20:12:2a:e6:
7a:15:5a:9d:f2:cc:0f:28:51:dd:c7:49:7a:fd:ef:
99:bc:84:d6:50:e0:f9:06:30:69:f5:70:8d:9d:b0:
75:d8:58:24:8f:c8:ff:ca:f6:84:70:14:f3:3c:0c:
f9:02:09:a5:21:31:34:9f:a3:20:b7:0b:70:81:8c:
a5:36:99:16:27:1e:2a:17:cb:89:66:ed:18:e1:0c:
ac:08:4e:23:d3:a6:af:79:bc:4f:9f:82:d7:cb:a6:
df:83:27:55:c0:a7:09:5e:0a:77:cb:92:af:18:98:
cb:bb:e6:f3:50:a9:a7:99:da:4e:a7:26:3f:02:16:
8a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:0B:8E:1D:6B:7E:47:A0:FF:17:14:58:62:CD:E0:A7:0B:1C:5E:C8
X509v3 Authority Key Identifier:
keyid:FA:D7:10:0E:77:ED:91:19:D6:6E:23:21:BB:67:11:D7:E7:60:98:2B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-tcQDnftkRnWbiMhu2cR1-dgmCs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/KAuOHWt-R6D_FxRYYs3gpwscXsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/01d411-d915-4277-8fe2-76b0dda2bf3e/1/1-tcQDnftkRnWbiMhu2cR1-dgmCs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.80.0.0/12
62.153.0.0-62.159.255.255
62.224.0.0/14
79.192.0.0/10
80.128.0.0/11
84.128.0.0/10
87.128.0.0/10
91.0.0.0/10
93.192.0.0/10
192.166.49.0/24
193.158.0.0/15
194.25.0.0/16
194.150.228.0/23
195.145.0.0/16
195.243.0.0/16
212.184.0.0/15
217.0.0.0/13
217.80.0.0/12
217.224.0.0/11
IPv6:
2003::/19
Signature Algorithm: sha256WithRSAEncryption
01:14:fa:e9:87:6a:36:69:2e:1e:28:5a:29:f2:36:49:54:c8:
13:ed:ce:b0:b8:bc:b2:21:1c:32:17:04:8f:fd:dc:4e:66:c7:
a6:87:6d:6a:4a:cb:f1:5e:b9:f7:0a:23:4d:54:46:3d:3c:fb:
6b:c7:fb:cc:f9:99:b4:74:8f:a4:cd:0b:94:97:11:3f:ae:50:
f2:ef:95:53:63:88:3d:0c:98:21:fe:e5:7f:be:58:17:81:7d:
ea:9a:7c:a7:79:fc:ee:ca:4e:e9:74:6c:df:4e:ea:48:01:14:
78:32:a9:2d:58:8e:dd:c5:d2:45:18:6e:08:c7:51:66:77:7d:
8e:b1:99:c7:0d:81:38:53:ee:e2:08:f7:3a:ea:80:e3:9a:c3:
94:fd:6b:12:b0:41:8d:66:c6:57:02:da:6a:4e:9b:51:28:ae:
67:a2:a9:fe:65:d6:de:f4:5d:84:d3:31:19:e3:d2:7c:d6:86:
57:c0:af:6c:5d:d3:63:23:43:8c:34:ac:bb:16:b1:81:43:76:
9d:ae:61:82:8d:08:66:c8:71:ce:cf:4e:29:4a:66:02:ab:62:
2e:f9:cf:9e:14:4c:79:e4:25:d0:01:e7:df:5c:64:15:80:d3:
b7:f6:a4:cd:6c:33:90:35:b8:c4:b1:cb:79:7f:02:e1:e9:de:
33:9e:1a:2c
-----BEGIN CERTIFICATE-----
MIIFcTCCBFmgAwIBAgISAZmAZsRq4iFBw4AFPj45xKwGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhZDcxMDBlNzdlZDkxMTlkNjZlMjMyMWJiNjcxMWQ3ZTc2
MDk4MmIwHhcNMjUwOTI1MTAyNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyODBiOGUxZDZiN2U0N2EwZmYxNzE0NTg2MmNkZTBhNzBiMWM1ZWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSMvWR/GwWpp6Oj7N63Pco+k93fy
WNcfTtYJ5Bq54Kfr8ZdaJw03tG7nlVweGN/sV4vwH5HvWojGtv5bfLK2iF8Pj94m
CiIAq+fESRXyGZWA3uz3YcE1elumRRPE+SBhiKPqy8YO3TBHrekTQb6JXayxM8tU
wgLC+CxPtwsED2PqGyASKuZ6FVqd8swPKFHdx0l6/e+ZvITWUOD5BjBp9XCNnbB1
2Fgkj8j/yvaEcBTzPAz5AgmlITE0n6MgtwtwgYylNpkWJx4qF8uJZu0Y4QysCE4j
06avebxPn4LXy6bfgydVwKcJXgp3y5KvGJjLu+bzUKmnmdpOpyY/AhaKeQIDAQAB
o4ICfTCCAnkwHQYDVR0OBBYEFCgLjh1rfkeg/xcUWGLN4KcLHF7IMB8GA1UdIwQY
MBaAFPrXEA537ZEZ1m4jIbtnEdfnYJgrMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS10Y1FEbmZ0a1JuV2JpTWh1MmNSMS1kZ21Dcy5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUy
LTc2YjBkZGEyYmYzZS8xL0tBdU9IV3QtUjZEX0Z4UllZczNncHdzY1hzZy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvM2UvMDFkNDExLWQ5MTUtNDI3Ny04ZmUyLTc2YjBkZGEyYmYz
ZS8xLzEtdGNRRG5mdGtSbldiaU1odTJjUjEtZGdtQ3MuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwgZAGCCsGAQUFBwEHAQH/BIGAMH4wbgQCAAEwaAMDBC5Q
MAoDAwA+mQMDBT6AAwMCPuADAwZPwAMDBVCAAwMGVIADAwZXgAMDBlsAAwMGXcAD
BADApjEDAwHBngMDAMIZAwQBwpbkAwMAw5EDAwDD8wMDAdS4AwMD2QADAwTZUAMD
BdngMAwEAgACMAYDBAUgAwAwDQYJKoZIhvcNAQELBQADggEBAAEU+umHajZpLh4o
WinyNklUyBPtzrC4vLIhHDIXBI/93E5mx6aHbWpKy/FeufcKI01URj08+2vH+8z5
mbR0j6TNC5SXET+uUPLvlVNjiD0MmCH+5X++WBeBfeqafKd5/O7KTul0bN9O6kgB
FHgyqS1Yjt3F0kUYbgjHUWZ3fY6xmccNgThT7uII9zrqgOOaw5T9axKwQY1mxlcC
2mpOm1Eormeiqf5l1t70XYTTMRnj0nzWhlfAr2xd02MjQ4w0rLsWsYFDdp2uYYKN
CGbIcc7PTilKZgKrYi75z54UTHnkJdAB599cZBWA07f2pM1sM5A1uMSxy3l/AuHp
3jOeGiw=
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:19:32 2025 by rpki-client