Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/0KEFVdvGv-ChijDIsnLGIgCil34.roa
File: 0KEFVdvGv-ChijDIsnLGIgCil34.roa (raw, json)
Hash identifier: Nw1+hiEOS4011D4TsgMditziwNaP7ka9v6nY3VfECKY=
Subject key identifier: D0:A1:05:55:DB:C6:BF:E0:A1:8A:30:C8:B2:72:C6:22:00:A2:97:7E
Certificate issuer: /CN=3ec9fb0d13552aad04f3aaaeb58d4dd4e7cf40f0
Certificate serial: 01995CD62BF64F85C0B47F96F4B4C125E189
Authority key identifier: 3E:C9:FB:0D:13:55:2A:AD:04:F3:AA:AE:B5:8D:4D:D4:E7:CF:40:F0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/0KEFVdvGv-ChijDIsnLGIgCil34.roa
Signing time: Thu 18 Sep 2025 12:39:23 +0000
ROA not before: Thu 18 Sep 2025 12:39:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62166
IP address blocks: 185.65.106.0/24 maxlen: 24
185.83.172.0/22 maxlen: 22
185.83.172.0/23 maxlen: 23
185.83.174.0/23 maxlen: 23
185.208.44.0/22 maxlen: 22
185.208.44.0/23 maxlen: 23
185.208.46.0/23 maxlen: 23
185.240.68.0/22 maxlen: 22
185.240.68.0/23 maxlen: 23
185.240.70.0/23 maxlen: 23
193.25.203.0/24 maxlen: 24
193.58.36.0/22 maxlen: 22
193.58.36.0/23 maxlen: 23
193.58.38.0/23 maxlen: 23
2a05:9d40::/29 maxlen: 29
2a05:9d40:8000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/Psn7DRNVKq0E86qutY1N1OfPQPA.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/Psn7DRNVKq0E86qutY1N1OfPQPA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 11:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5c:d6:2b:f6:4f:85:c0:b4:7f:96:f4:b4:c1:25:e1:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3ec9fb0d13552aad04f3aaaeb58d4dd4e7cf40f0
Validity
Not Before: Sep 18 12:39:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0a10555dbc6bfe0a18a30c8b272c62200a2977e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:a0:53:85:1c:1f:b9:3e:44:ff:f1:8c:48:ee:
6b:3d:1e:1c:aa:e7:fa:db:d8:0b:82:e1:b1:6a:04:
e7:c2:5e:46:cc:72:52:c1:65:67:ad:0d:fd:d3:b8:
69:fa:4c:ba:3e:5f:c4:f1:a1:ea:1e:f9:7e:77:18:
0d:1e:86:ec:7e:3f:14:b9:fd:46:cf:61:cf:5c:ea:
c6:36:44:1f:69:4f:7a:42:76:74:ca:7b:ea:e8:44:
37:c7:96:3c:97:63:18:13:c2:01:ef:d3:7a:30:ad:
9a:ae:87:42:ed:0c:03:f7:c3:a8:0b:9e:f7:8c:85:
a1:5a:88:77:e9:fc:8d:c8:de:9c:09:be:f0:7e:47:
5f:46:16:1f:9c:dd:d9:1e:38:ab:38:5c:c2:dd:2b:
50:4c:ee:6f:57:60:2b:37:ce:3e:fe:32:19:51:0a:
01:f9:a3:8a:25:4b:5c:a5:d2:0b:6b:fd:90:31:bb:
31:1e:8f:25:53:a2:02:4f:e8:8f:19:54:d5:33:03:
ab:6f:7a:76:35:60:f2:aa:86:d6:09:ab:db:6a:47:
0e:4b:17:88:32:54:fe:5e:6e:62:68:37:4b:8a:21:
38:dd:94:3e:a1:3e:e5:73:33:a3:30:20:2c:aa:90:
48:ae:e4:9a:df:57:89:6d:9e:f9:68:4c:a3:e3:83:
33:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A1:05:55:DB:C6:BF:E0:A1:8A:30:C8:B2:72:C6:22:00:A2:97:7E
X509v3 Authority Key Identifier:
keyid:3E:C9:FB:0D:13:55:2A:AD:04:F3:AA:AE:B5:8D:4D:D4:E7:CF:40:F0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Psn7DRNVKq0E86qutY1N1OfPQPA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/0KEFVdvGv-ChijDIsnLGIgCil34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/6ccab3-479b-4da8-ae98-2cb6e3fdf9cd/1/Psn7DRNVKq0E86qutY1N1OfPQPA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.65.106.0/24
185.83.172.0/22
185.208.44.0/22
185.240.68.0/22
193.25.203.0/24
193.58.36.0/22
IPv6:
2a05:9d40::/29
Signature Algorithm: sha256WithRSAEncryption
56:26:b1:5f:04:c0:68:d8:3d:94:37:f8:58:7a:7f:81:a6:10:
3d:04:db:29:a7:24:72:3f:64:56:b1:55:d0:f9:6a:54:8f:20:
5f:14:63:d3:41:25:e6:17:d4:72:da:89:b0:31:e0:28:43:c5:
5d:8d:c5:66:0b:b9:ba:e8:6d:0b:b9:18:72:20:8a:cb:97:e7:
89:57:27:53:7a:2c:5f:c9:7f:7d:99:c6:98:40:b9:82:09:bb:
a6:5c:76:b2:f7:ac:41:ec:96:96:dc:ee:57:3d:1f:0c:aa:8e:
cd:a7:85:7c:e1:55:e8:88:6d:4f:bb:11:05:e0:8b:18:51:87:
fc:64:86:bf:00:c1:5c:9f:ef:9f:d5:71:75:a2:78:8c:21:19:
22:08:c5:bf:2a:3b:c8:fc:68:9d:8e:fc:58:dd:b6:46:e6:b7:
c0:fc:93:79:2a:ca:15:1d:e4:90:1b:6a:e1:72:6e:14:66:c6:
bb:0b:85:88:2e:da:58:c3:8c:b0:fd:61:e3:28:0f:4c:e2:9e:
a2:2a:4c:4a:cb:cd:af:84:68:06:56:74:3e:90:15:0c:fb:0f:
30:b7:3b:fb:95:fb:c3:a5:4b:e2:14:d8:cb:f1:d1:d2:ac:24:
42:3d:28:73:53:45:5d:93:b9:34:87:ab:ff:69:14:d2:59:8b:
6d:d7:88:d1
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZlc1iv2T4XAtH+W9LTBJeGJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlYzlmYjBkMTM1NTJhYWQwNGYzYWFhZWI1OGQ0ZGQ0ZTdj
ZjQwZjAwHhcNMjUwOTE4MTIzOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGExMDU1NWRiYzZiZmUwYTE4YTMwYzhiMjcyYzYyMjAwYTI5NzdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvaBThRwfuT5E//GMSO5rPR4cquf6
29gLguGxagTnwl5GzHJSwWVnrQ3907hp+ky6Pl/E8aHqHvl+dxgNHobsfj8Uuf1G
z2HPXOrGNkQfaU96QnZ0ynvq6EQ3x5Y8l2MYE8IB79N6MK2arodC7QwD98OoC573
jIWhWoh36fyNyN6cCb7wfkdfRhYfnN3ZHjirOFzC3StQTO5vV2ArN84+/jIZUQoB
+aOKJUtcpdILa/2QMbsxHo8lU6ICT+iPGVTVMwOrb3p2NWDyqobWCavbakcOSxeI
MlT+Xm5iaDdLiiE43ZQ+oT7lczOjMCAsqpBIruSa31eJbZ75aEyj44MzbwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFNChBVXbxr/goYowyLJyxiIAopd+MB8GA1UdIwQY
MBaAFD7J+w0TVSqtBPOqrrWNTdTnz0DwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUHNuN0RSTlZLcTBFODZxdXRZMU4xT2ZQUVBBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny82Y2NhYjMtNDc5Yi00ZGE4LWFlOTgt
MmNiNmUzZmRmOWNkLzEvMEtFRlZkdkd2LUNoaWpESXNuTEdJZ0NpbDM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny82Y2NhYjMtNDc5Yi00ZGE4LWFlOTgtMmNiNmUzZmRmOWNk
LzEvUHNuN0RSTlZLcTBFODZxdXRZMU4xT2ZQUVBBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQAuUFqAwQC
uVOsAwQCudAsAwQCufBEAwQAwRnLAwQCwTokMA0EAgACMAcDBQMqBZ1AMA0GCSqG
SIb3DQEBCwUAA4IBAQBWJrFfBMBo2D2UN/hYen+BphA9BNsppyRyP2RWsVXQ+WpU
jyBfFGPTQSXmF9Ry2omwMeAoQ8VdjcVmC7m66G0LuRhyIIrLl+eJVydTeixfyX99
mcaYQLmCCbumXHay96xB7JaW3O5XPR8Mqo7Np4V84VXoiG1PuxEF4IsYUYf8ZIa/
AMFcn++f1XF1oniMIRkiCMW/KjvI/GidjvxY3bZG5rfA/JN5KsoVHeSQG2rhcm4U
Zsa7C4WILtpYw4yw/WHjKA9M4p6iKkxKy82vhGgGVnQ+kBUM+w8wtzv7lfvDpUvi
FNjL8dHSrCRCPShzU0Vdk7k0h6v/aRTSWYtt14jR
-----END CERTIFICATE-----
Generated at Sat Oct 25 20:35:45 2025 by rpki-client