Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XdUrMqBh8XnY6_MhCPbDQApdBC0.roa
File: XdUrMqBh8XnY6_MhCPbDQApdBC0.roa (raw, json)
Hash identifier: FeL5q8lYB67u0xQ27qikZhQ2j17PxCDZ5ppMFByDsC4=
Subject key identifier: 5D:D5:2B:32:A0:61:F1:79:D8:EB:F3:21:08:F6:C3:40:0A:5D:04:2D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199518D93EE56A152C2EB1210E997F3A611
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XdUrMqBh8XnY6_MhCPbDQApdBC0.roa
Signing time: Tue 16 Sep 2025 08:04:16 +0000
ROA not before: Tue 16 Sep 2025 08:04:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 77.107.82.0/24 maxlen: 24
81.168.109.0/24 maxlen: 24
82.153.58.0/24 maxlen: 24
82.153.216.0/24 maxlen: 24
109.176.91.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
213.218.216.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 21:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:8d:93:ee:56:a1:52:c2:eb:12:10:e9:97:f3:a6:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 16 08:04:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5dd52b32a061f179d8ebf32108f6c3400a5d042d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:f3:a4:ea:23:c6:33:2a:c9:b7:5d:c3:41:71:
4d:65:9f:fd:db:40:90:32:7a:77:fd:54:6b:67:7c:
f3:b4:5a:62:f0:2e:f7:a3:ca:da:c3:2c:2d:41:5a:
6e:51:e5:33:f3:b8:5b:53:fc:64:35:e6:07:a0:4d:
b6:a7:3f:9d:5e:dd:17:e9:fc:4b:ba:79:0d:cd:cb:
c8:91:48:f1:b8:77:35:eb:3a:19:d7:bc:df:8e:ff:
fb:67:3a:bb:cf:0e:6e:a8:2f:cd:16:06:12:4d:9d:
8b:8e:e5:49:63:33:f4:ce:21:25:14:0b:ac:78:93:
80:54:b7:f7:d9:d7:69:9b:c8:76:42:c0:34:d3:bc:
7a:7f:66:d8:10:6d:c5:d6:e8:3f:74:22:f6:56:e4:
1d:8c:62:18:54:ea:34:44:c8:e4:86:3b:df:f3:99:
62:1c:22:20:72:23:a5:85:31:5b:ad:94:5b:e1:b2:
c4:72:a3:27:15:dd:56:a3:a3:a5:c5:02:0d:9d:98:
80:f0:e6:63:0b:c6:8a:1b:4f:8a:5a:52:cf:90:8a:
1e:e5:f8:32:47:4a:18:50:42:08:6a:a3:be:4f:0a:
6d:d5:bd:e3:84:b8:a9:dc:aa:ed:67:76:3e:23:d0:
5d:5a:af:77:7e:59:1f:78:89:1d:8a:63:ba:3d:01:
7d:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:D5:2B:32:A0:61:F1:79:D8:EB:F3:21:08:F6:C3:40:0A:5D:04:2D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/XdUrMqBh8XnY6_MhCPbDQApdBC0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.107.82.0/24
81.168.109.0/24
82.153.58.0/24
82.153.216.0/24
109.176.91.0/24
212.38.81.0/24
213.218.216.0/24
Signature Algorithm: sha256WithRSAEncryption
aa:41:7d:ca:f9:53:43:32:a8:67:dd:65:89:ed:6f:2d:aa:ea:
e4:31:f4:d0:5f:76:85:ee:8b:48:7e:07:36:b2:9a:3e:bf:08:
f2:bd:8a:7c:3c:3a:7c:a5:b5:c6:80:c4:af:28:58:58:89:17:
c6:4c:52:b4:40:5c:de:dd:74:55:08:56:dc:1f:5e:d0:0e:a5:
95:2b:c8:c9:62:a8:4b:c4:76:75:59:a3:f7:2b:df:48:da:39:
58:6c:e6:da:da:8b:0f:60:b6:14:a9:60:4a:4d:e7:18:fd:81:
ff:ef:d2:0d:d0:c1:dc:e7:b2:ab:16:c7:7f:ad:be:23:58:60:
35:ad:bc:49:51:83:d0:db:db:e7:9c:40:db:06:1d:ea:b7:0a:
77:b3:af:45:ac:50:c6:44:7c:71:de:7d:92:bd:e0:2d:66:6c:
d0:2b:41:62:07:b6:27:6d:b4:4d:7e:3f:77:53:ef:e1:ee:69:
33:bf:b1:b8:39:74:08:6f:1a:36:6d:6d:00:85:33:9d:0d:71:
8b:44:c2:b6:a2:65:dd:ed:69:03:9e:21:b8:fb:53:5c:22:97:
ea:0c:d0:6c:84:56:41:ca:48:b7:72:ad:d4:80:6a:44:9f:07:
6c:d7:d3:f3:3c:e6:6d:9f:ae:e6:86:30:a9:46:1f:b1:81:d1:
05:0e:9a:78
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZlRjZPuVqFSwusSEOmX86YRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTE2MDgwNDE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZGQ1MmIzMmEwNjFmMTc5ZDhlYmYzMjEwOGY2YzM0MDBhNWQwNDJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8POk6iPGMyrJt13DQXFNZZ/920CQ
Mnp3/VRrZ3zztFpi8C73o8rawywtQVpuUeUz87hbU/xkNeYHoE22pz+dXt0X6fxL
unkNzcvIkUjxuHc16zoZ17zfjv/7Zzq7zw5uqC/NFgYSTZ2LjuVJYzP0ziElFAus
eJOAVLf32ddpm8h2QsA007x6f2bYEG3F1ug/dCL2VuQdjGIYVOo0RMjkhjvf85li
HCIgciOlhTFbrZRb4bLEcqMnFd1Wo6OlxQINnZiA8OZjC8aKG0+KWlLPkIoe5fgy
R0oYUEIIaqO+Twpt1b3jhLip3KrtZ3Y+I9BdWq93flkfeIkdimO6PQF9EQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFF3VKzKgYfF52OvzIQj2w0AKXQQtMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWGRVck1xQmg4WG5ZNl9NaENQYkRRQXBkQkMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQATWtSAwQA
UahtAwQAUpk6AwQAUpnYAwQAbbBbAwQA1CZRAwQA1drYMA0GCSqGSIb3DQEBCwUA
A4IBAQCqQX3K+VNDMqhn3WWJ7W8tqurkMfTQX3aF7otIfgc2spo+vwjyvYp8PDp8
pbXGgMSvKFhYiRfGTFK0QFze3XRVCFbcH17QDqWVK8jJYqhLxHZ1WaP3K99I2jlY
bOba2osPYLYUqWBKTecY/YH/79IN0MHc57KrFsd/rb4jWGA1rbxJUYPQ29vnnEDb
Bh3qtwp3s69FrFDGRHxx3n2SveAtZmzQK0FiB7YnbbRNfj93U+/h7mkzv7G4OXQI
bxo2bW0AhTOdDXGLRMK2omXd7WkDniG4+1NcIpfqDNBshFZByki3cq3UgGpEnwds
19PzPOZtn67mhjCpRh+xgdEFDpp4
-----END CERTIFICATE-----
Generated at Fri Sep 19 02:45:16 2025 by rpki-client