Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uUuHUMTHorYeEWXsAWhDIKKfI7g.roa
File: uUuHUMTHorYeEWXsAWhDIKKfI7g.roa (raw, json)
Hash identifier: qcnPtR5N4PzE4F2HaVuexd6i6R8hmYq6VxjORH5qyPg=
Subject key identifier: B9:4B:87:50:C4:C7:A2:B6:1E:11:65:EC:01:68:43:20:A2:9F:23:B8
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019904D080DA38DD2CF354A056C9E4849FEF
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uUuHUMTHorYeEWXsAWhDIKKfI7g.roa
Signing time: Mon 01 Sep 2025 10:26:37 +0000
ROA not before: Mon 01 Sep 2025 10:26:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.252.26.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
82.152.10.0/24 maxlen: 24
82.152.92.0/24 maxlen: 24
82.152.102.0/24 maxlen: 24
82.153.41.0/24 maxlen: 24
82.153.86.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
109.176.20.0/24 maxlen: 24
109.176.201.0/24 maxlen: 24
213.130.135.0/24 maxlen: 24
213.210.11.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
217.144.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:04:d0:80:da:38:dd:2c:f3:54:a0:56:c9:e4:84:9f:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 1 10:26:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b94b8750c4c7a2b61e1165ec01684320a29f23b8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:a6:c5:c1:5c:16:9d:c8:be:32:70:8c:fa:f0:
26:ff:a0:59:a8:63:0a:b6:82:f7:7d:44:5f:36:3d:
55:4f:81:a2:35:43:a8:5a:15:c3:65:cb:a9:f3:2a:
1c:b1:4e:5b:be:be:08:b3:69:90:69:34:6c:50:cd:
f5:64:b7:53:19:d7:7f:a1:b9:9e:1a:e1:56:e9:cd:
37:8e:f8:9a:38:bd:97:be:41:3b:0d:61:cb:ab:8f:
cb:a8:9b:35:97:b9:81:a8:0f:1b:33:26:1d:fb:5f:
13:8c:45:ef:be:fc:95:90:91:0b:a1:42:93:97:a0:
39:59:09:93:0d:c0:7c:90:9e:ee:cc:a9:f8:c6:55:
09:b4:78:fb:ce:02:1a:e8:1e:3e:63:9f:39:c3:4b:
b4:4f:1a:62:32:70:ac:7d:13:5f:c5:27:b3:70:5f:
c9:f3:3e:d3:48:db:15:c1:3c:b4:9a:62:0b:3c:b8:
44:e3:68:a5:99:14:21:ff:3d:c1:f7:1b:d9:e3:73:
c4:cf:ea:b1:ef:0a:53:26:36:11:96:fa:49:17:28:
f4:dd:4f:a3:84:a0:cb:72:fb:dc:18:f2:ae:c2:3b:
78:43:38:98:a7:5c:6c:74:67:e3:f0:fa:26:03:55:
e9:58:7a:4e:78:9f:21:81:3a:0a:5b:2f:d4:9e:6f:
1a:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B9:4B:87:50:C4:C7:A2:B6:1E:11:65:EC:01:68:43:20:A2:9F:23:B8
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/uUuHUMTHorYeEWXsAWhDIKKfI7g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.26.0/24
79.99.76.0/24
82.152.10.0/24
82.152.92.0/24
82.152.102.0/24
82.153.41.0/24
82.153.86.0/24
82.153.220.0/24
82.153.255.0/24
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.155.0/24
89.213.162.0/24
89.213.167.0/24
89.213.181.0/24
89.213.191.0/24
89.213.212.0/24
89.213.224.0/24
109.176.20.0/24
109.176.201.0/24
213.130.135.0/24
213.210.11.0/24
213.210.41.0/24
217.144.153.0/24
Signature Algorithm: sha256WithRSAEncryption
8e:2c:41:8b:6a:4b:77:9a:d4:db:d8:65:8a:73:24:f1:f2:d4:
f6:36:3e:6c:48:0c:97:90:1f:ba:17:46:7a:d1:03:a8:5c:11:
fe:3c:bc:1c:54:5c:4b:ac:0e:90:0b:84:82:1f:d0:fd:eb:1e:
d7:3d:e3:58:2c:8a:49:c6:19:3e:0e:34:8e:82:9c:7c:55:e4:
34:be:b7:e8:fd:c6:fd:20:5b:01:ea:e5:70:cc:c1:a1:da:5c:
7a:69:2e:2d:9c:3b:1d:ea:22:99:f7:e3:03:c2:58:05:4a:85:
c3:25:99:ea:1f:87:59:ea:cd:9f:50:b4:1f:dd:86:d4:48:e2:
1c:01:98:f7:fa:6c:f4:43:a1:78:05:82:5e:fd:75:7d:b2:ad:
30:0c:96:dd:b7:be:8a:e9:9d:0a:9a:4a:20:2b:c8:9f:56:cb:
2b:d4:74:07:32:4e:84:38:57:c8:65:45:fd:e8:8d:24:df:83:
a0:e3:d5:dd:f7:8a:64:fb:83:46:47:e6:7b:c3:ab:31:eb:ec:
0e:60:8a:d8:98:3f:e2:dd:ca:a1:fa:10:44:76:76:f5:9b:a2:
81:e3:c4:eb:20:55:13:e1:98:0c:dc:05:e4:0a:41:fb:39:11:
5d:b7:bd:1b:be:1d:71:6b:fa:26:47:2f:93:2e:da:bb:eb:1d:
3f:69:e2:69
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZkE0IDaON0s81SgVsnkhJ/vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTAxMTAyNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiOTRiODc1MGM0YzdhMmI2MWUxMTY1ZWMwMTY4NDMyMGEyOWYyM2I4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqabFwVwWnci+MnCM+vAm/6BZqGMK
toL3fURfNj1VT4GiNUOoWhXDZcup8yocsU5bvr4Is2mQaTRsUM31ZLdTGdd/obme
GuFW6c03jviaOL2XvkE7DWHLq4/LqJs1l7mBqA8bMyYd+18TjEXvvvyVkJELoUKT
l6A5WQmTDcB8kJ7uzKn4xlUJtHj7zgIa6B4+Y585w0u0TxpiMnCsfRNfxSezcF/J
8z7TSNsVwTy0mmILPLhE42ilmRQh/z3B9xvZ43PEz+qx7wpTJjYRlvpJFyj03U+j
hKDLcvvcGPKuwjt4QziYp1xsdGfj8PomA1XpWHpOeJ8hgToKWy/Unm8aeQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFLlLh1DEx6K2HhFl7AFoQyCinyO4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdVV1SFVNVEhvclllRVdYc0FXaERJS0tmSTdnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAl
/BoDBABPY0wDBABSmAoDBABSmFwDBABSmGYDBABSmSkDBABSmVYDBABSmdwDBABS
mf8DBABZ1X8DBABZ1YEDBABZ1YQDBABZ1ZsDBABZ1aIDBABZ1acDBABZ1bUDBABZ
1b8DBABZ1dQDBABZ1eADBABtsBQDBABtsMkDBADVgocDBADV0gsDBADV0ikDBADZ
kJkwDQYJKoZIhvcNAQELBQADggEBAI4sQYtqS3ea1NvYZYpzJPHy1PY2PmxIDJeQ
H7oXRnrRA6hcEf48vBxUXEusDpALhIIf0P3rHtc941gsiknGGT4ONI6CnHxV5DS+
t+j9xv0gWwHq5XDMwaHaXHppLi2cOx3qIpn34wPCWAVKhcMlmeofh1nqzZ9QtB/d
htRI4hwBmPf6bPRDoXgFgl79dX2yrTAMlt23vorpnQqaSiAryJ9WyyvUdAcyToQ4
V8hlRf3ojSTfg6Dj1d33imT7g0ZH5nvDqzHr7A5gitiYP+LdyqH6EER2dvWbooHj
xOsgVRPhmAzcBeQKQfs5EV23vRu+HXFr+iZHL5Mu2rvrHT9p4mk=
-----END CERTIFICATE-----
Generated at Fri Sep 5 10:06:52 2025 by rpki-client