Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A79eyhfzpTaDE10VxYfoN5pIELo.roa
File: A79eyhfzpTaDE10VxYfoN5pIELo.roa (raw, json)
Hash identifier: XtFNKGR/9f/wklhEPCkijA8EOYS0TQ9xfSyyG9ty2ns=
Subject key identifier: 03:BF:5E:CA:17:F3:A5:36:83:13:5D:15:C5:87:E8:37:9A:48:10:BA
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01994C7FE766D9480CFA1916C8CD53D553A8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A79eyhfzpTaDE10VxYfoN5pIELo.roa
Signing time: Mon 15 Sep 2025 08:31:14 +0000
ROA not before: Mon 15 Sep 2025 08:31:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 82.153.33.0/24 maxlen: 24
82.153.181.0/24 maxlen: 24
82.153.190.0/24 maxlen: 24
82.153.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 06:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:4c:7f:e7:66:d9:48:0c:fa:19:16:c8:cd:53:d5:53:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 15 08:31:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03bf5eca17f3a53683135d15c587e8379a4810ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:5e:99:61:83:51:67:a4:ab:9a:68:18:02:b8:
46:9b:14:bc:10:46:53:67:eb:1f:65:ae:eb:b9:13:
a6:64:5e:f4:60:45:34:c3:08:6f:c4:64:b0:8e:4a:
00:8e:4e:ac:95:d4:5b:df:b3:9e:0f:92:62:83:0b:
ba:20:52:4c:75:c3:a3:3f:16:7a:69:ef:6e:f6:15:
d3:b1:c2:69:76:43:26:1d:c2:a0:6d:38:b0:9e:dc:
b1:41:e0:d3:58:ff:16:44:2b:ff:76:ad:de:11:46:
eb:44:3f:d3:f8:85:30:ac:f7:a0:27:38:b3:86:8c:
21:95:f6:d9:25:3a:36:1d:ac:54:f3:2e:bd:c7:dc:
f9:04:12:71:9c:8f:7f:22:a2:ef:cd:0e:03:dd:25:
1c:24:64:66:85:30:05:9a:9c:df:52:7b:ec:79:b8:
c7:5b:9c:5c:ca:cb:e9:f7:09:05:87:c1:8b:bd:c3:
fe:81:81:db:77:94:da:72:fd:b7:21:45:dc:e3:1a:
22:71:dd:65:b5:c3:b5:5b:01:36:55:eb:0f:60:a8:
3a:36:89:03:c6:d0:27:d1:11:42:b0:84:e2:dc:90:
16:c6:da:86:e8:9a:2a:e9:14:53:2d:30:d3:af:f8:
68:e4:43:ba:c8:39:a4:c3:e0:e7:27:a5:0a:36:7e:
71:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:BF:5E:CA:17:F3:A5:36:83:13:5D:15:C5:87:E8:37:9A:48:10:BA
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/A79eyhfzpTaDE10VxYfoN5pIELo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.33.0/24
82.153.181.0/24
82.153.190.0/24
82.153.238.0/24
Signature Algorithm: sha256WithRSAEncryption
89:7b:d3:20:d4:6d:b9:26:43:47:5d:d1:e9:a5:14:99:f1:bf:
5b:72:0c:28:5d:bd:40:fc:6f:a5:d6:e0:ad:66:53:ae:2b:6c:
7b:28:66:4f:7b:99:ec:58:55:a0:8e:35:87:9f:a2:9c:b4:b9:
4b:ed:ef:f2:fe:ce:0b:df:d5:f1:74:80:6d:96:f5:28:1c:b1:
ce:12:16:cc:f0:f7:1e:0e:d8:64:88:3b:49:92:d4:cc:88:08:
89:48:e7:34:88:c9:37:66:86:a4:4c:8a:3c:3d:b9:91:ff:1c:
c6:97:ba:49:0f:e2:07:65:fb:6f:04:e1:fc:52:d4:e8:3f:f2:
0e:f7:0d:49:ea:05:4c:83:0b:a2:e0:c0:47:7e:96:e0:4c:87:
90:7c:ad:5a:55:61:3a:49:1e:c4:ab:5b:97:b4:19:82:48:e0:
6d:53:97:c4:3f:95:65:b8:01:95:ed:df:4b:08:e8:ea:ae:cb:
ac:f5:ed:cd:3c:1d:78:8f:67:1d:8f:a4:1a:c3:31:b1:e1:19:
7f:e5:fd:9d:37:33:c4:2c:dc:5b:63:18:9d:c2:58:37:2b:eb:
df:d7:29:c0:40:0c:ff:3c:e2:52:3c:be:3b:31:bc:45:78:bf:
69:07:a2:df:9a:09:a8:5f:cb:32:44:72:22:1c:b4:b3:5f:46:
74:9d:3c:bf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlMf+dm2UgM+hkWyM1T1VOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTE1MDgzMTE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2JmNWVjYTE3ZjNhNTM2ODMxMzVkMTVjNTg3ZTgzNzlhNDgxMGJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnl6ZYYNRZ6SrmmgYArhGmxS8EEZT
Z+sfZa7ruROmZF70YEU0wwhvxGSwjkoAjk6sldRb37OeD5Jigwu6IFJMdcOjPxZ6
ae9u9hXTscJpdkMmHcKgbTiwntyxQeDTWP8WRCv/dq3eEUbrRD/T+IUwrPegJziz
howhlfbZJTo2HaxU8y69x9z5BBJxnI9/IqLvzQ4D3SUcJGRmhTAFmpzfUnvsebjH
W5xcysvp9wkFh8GLvcP+gYHbd5Tacv23IUXc4xoicd1ltcO1WwE2VesPYKg6NokD
xtAn0RFCsITi3JAWxtqG6Joq6RRTLTDTr/ho5EO6yDmkw+DnJ6UKNn5xxQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFAO/XsoX86U2gxNdFcWH6DeaSBC6MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvQTc5ZXloZnpwVGFERTEwVnhZZm9ONXBJRUxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpkhAwQA
Upm1AwQAUpm+AwQAUpnuMA0GCSqGSIb3DQEBCwUAA4IBAQCJe9Mg1G25JkNHXdHp
pRSZ8b9bcgwoXb1A/G+l1uCtZlOuK2x7KGZPe5nsWFWgjjWHn6KctLlL7e/y/s4L
39XxdIBtlvUoHLHOEhbM8PceDthkiDtJktTMiAiJSOc0iMk3ZoakTIo8PbmR/xzG
l7pJD+IHZftvBOH8UtToP/IO9w1J6gVMgwui4MBHfpbgTIeQfK1aVWE6SR7Eq1uX
tBmCSOBtU5fEP5VluAGV7d9LCOjqrsus9e3NPB14j2cdj6QawzGx4Rl/5f2dNzPE
LNxbYxidwlg3K+vf1ynAQAz/POJSPL47MbxFeL9pB6LfmgmoX8syRHIiHLSzX0Z0
nTy/
-----END CERTIFICATE-----
Generated at Fri Sep 19 09:09:06 2025 by rpki-client