Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2A7C_AHj9NUV9ZIGcc9ayDkfqYw.roa
File: 2A7C_AHj9NUV9ZIGcc9ayDkfqYw.roa (raw, json)
Hash identifier: MiBXxv1PiKMKTHL4bdhpxId8/G145W8AmFp46JMUaww=
Subject key identifier: D8:0E:C2:FC:01:E3:F4:D5:15:F5:92:06:71:CF:5A:C8:39:1F:A9:8C
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199141109BCA8D01F11D5C0BF98367DA2F2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2A7C_AHj9NUV9ZIGcc9ayDkfqYw.roa
Signing time: Thu 04 Sep 2025 09:31:24 +0000
ROA not before: Thu 04 Sep 2025 09:31:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 81.168.120.0/24 maxlen: 24
82.152.3.0/24 maxlen: 24
82.152.233.0/24 maxlen: 24
82.153.72.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
109.176.200.0/24 maxlen: 24
213.130.155.0/24 maxlen: 24
213.218.213.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:11:09:bc:a8:d0:1f:11:d5:c0:bf:98:36:7d:a2:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 4 09:31:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d80ec2fc01e3f4d515f5920671cf5ac8391fa98c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:63:f2:19:68:b1:2e:d6:ea:30:0b:04:cd:26:
f4:7e:24:f3:56:36:1c:a4:06:25:85:c7:ac:71:5d:
73:f1:e2:d9:a3:5a:32:9a:6c:33:b1:13:90:c8:80:
be:c2:18:65:08:52:eb:ca:53:5b:a5:c6:e4:32:b2:
3c:a6:65:14:3b:97:4d:cc:5c:5c:31:bc:46:ec:db:
15:7b:6c:5c:57:0d:56:3f:b1:89:db:18:0e:f6:5d:
52:87:34:ad:34:d6:2c:51:b4:1b:98:d9:4a:fb:45:
07:e0:a7:a3:c2:9c:fb:d6:83:ec:76:81:15:17:62:
b7:11:4e:b8:1f:0f:e8:f7:9f:ae:e0:8d:5a:b4:19:
ae:fa:25:3e:4d:95:79:f8:30:d4:3f:2a:1f:5b:6f:
aa:bb:5e:7e:8e:ef:d6:ef:0f:c8:97:a6:6f:ea:8b:
79:eb:68:b5:f8:be:ef:a6:07:b9:bf:39:11:7c:5d:
ce:ca:a0:5f:8c:79:65:bc:34:4c:27:9b:40:5f:9f:
ad:ab:31:54:4c:bb:82:3f:ef:4b:bd:55:e7:2a:2e:
fd:d3:3a:df:0b:d4:cb:61:a4:7a:b3:56:7f:35:33:
dd:76:f7:0c:d6:0f:b9:2f:2c:4b:5f:7e:2d:36:7c:
2f:0f:be:62:eb:3b:22:c7:ea:9a:8e:4c:24:4c:3e:
4a:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:0E:C2:FC:01:E3:F4:D5:15:F5:92:06:71:CF:5A:C8:39:1F:A9:8C
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/2A7C_AHj9NUV9ZIGcc9ayDkfqYw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.168.120.0/24
82.152.3.0/24
82.152.233.0/24
82.153.72.0/24
89.213.43.0/24
89.213.99.0/24
109.176.200.0/24
213.130.155.0/24
213.218.213.0/24
213.218.225.0/24
213.218.227.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:f7:a9:79:7e:83:15:cc:cd:2a:eb:99:aa:28:2f:18:2f:f4:
8e:86:0a:a1:36:2e:39:d5:dd:7e:68:f1:a2:3e:b1:00:0d:35:
db:13:64:8f:9c:e4:28:af:6d:92:da:b1:a9:2e:b4:e6:37:f9:
91:31:cb:9e:89:c9:49:b1:07:01:11:7e:b6:fc:2a:6a:38:4e:
62:ea:56:a7:cc:71:a5:0a:e1:2a:4d:35:c1:fb:d5:fd:9f:b6:
44:36:a1:5f:22:4e:b2:f4:69:7b:bc:17:92:d5:54:12:b5:d1:
d3:de:c4:8f:ed:6a:5b:40:33:ad:3c:4c:fb:4a:12:de:c2:6d:
24:11:ee:06:76:4f:3a:b2:96:d5:16:61:6b:85:2e:56:97:fe:
0d:df:21:b6:86:c6:e9:c3:72:df:8b:da:f9:81:2a:3d:95:7b:
d0:78:e9:27:17:18:21:42:81:db:27:1c:e8:5f:b8:2c:1a:57:
b5:30:11:e3:fc:c0:df:43:2e:8c:47:cd:15:1c:52:c7:dd:85:
b7:87:62:4c:1a:e5:51:3f:96:93:4e:b4:85:fb:20:bf:db:71:
3a:b7:71:80:6d:5f:c6:2d:53:62:1f:04:40:31:01:75:f3:c4:
f1:e2:d0:9e:0f:1e:ad:ee:0a:20:3d:72:e1:ae:a7:43:54:ad:
64:3e:ae:3c
-----BEGIN CERTIFICATE-----
MIIFOTCCBCGgAwIBAgISAZkUEQm8qNAfEdXAv5g2faLyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTA0MDkzMTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODBlYzJmYzAxZTNmNGQ1MTVmNTkyMDY3MWNmNWFjODM5MWZhOThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGPyGWixLtbqMAsEzSb0fiTzVjYc
pAYlhcescV1z8eLZo1oymmwzsROQyIC+whhlCFLrylNbpcbkMrI8pmUUO5dNzFxc
MbxG7NsVe2xcVw1WP7GJ2xgO9l1ShzStNNYsUbQbmNlK+0UH4Kejwpz71oPsdoEV
F2K3EU64Hw/o95+u4I1atBmu+iU+TZV5+DDUPyofW2+qu15+ju/W7w/Il6Zv6ot5
62i1+L7vpge5vzkRfF3OyqBfjHllvDRMJ5tAX5+tqzFUTLuCP+9LvVXnKi790zrf
C9TLYaR6s1Z/NTPddvcM1g+5LyxLX34tNnwvD75i6zsix+qajkwkTD5KcQIDAQAB
o4ICRTCCAkEwHQYDVR0OBBYEFNgOwvwB4/TVFfWSBnHPWsg5H6mMMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMkE3Q19BSGo5TlVWOVpJR2NjOWF5RGtmcVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFsGCCsGAQUFBwEHAQH/BEwwSjBIBAIAATBCAwQAUah4AwQA
UpgDAwQAUpjpAwQAUplIAwQAWdUrAwQAWdVjAwQAbbDIAwQA1YKbAwQA1drVAwQA
1drhAwQA1drjMA0GCSqGSIb3DQEBCwUAA4IBAQAq96l5foMVzM0q65mqKC8YL/SO
hgqhNi451d1+aPGiPrEADTXbE2SPnOQor22S2rGpLrTmN/mRMcueiclJsQcBEX62
/CpqOE5i6lanzHGlCuEqTTXB+9X9n7ZENqFfIk6y9Gl7vBeS1VQStdHT3sSP7Wpb
QDOtPEz7ShLewm0kEe4Gdk86spbVFmFrhS5Wl/4N3yG2hsbpw3Lfi9r5gSo9lXvQ
eOknFxghQoHbJxzoX7gsGle1MBHj/MDfQy6MR80VHFLH3YW3h2JMGuVRP5aTTrSF
+yC/23E6t3GAbV/GLVNiHwRAMQF188Tx4tCeDx6t7gogPXLhrqdDVK1kPq48
-----END CERTIFICATE-----
Generated at Sun Sep 7 13:02:47 2025 by rpki-client