Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/37BTPRJ2mUzJ-nKimdQrOdGeJ_U.roa
File: 37BTPRJ2mUzJ-nKimdQrOdGeJ_U.roa (raw, json)
Hash identifier: VASG+LCLBWHHY3tdJ3+/Ec8TDU9J5mXR8pTNwrsjDxE=
Subject key identifier: DF:B0:53:3D:12:76:99:4C:C9:FA:72:A2:99:D4:2B:39:D1:9E:27:F5
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 019A59D8492D802245EDB792E606A760013F
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/37BTPRJ2mUzJ-nKimdQrOdGeJ_U.roa
Signing time: Thu 06 Nov 2025 15:45:37 +0000
ROA not before: Thu 06 Nov 2025 15:45:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205899
IP address blocks: 91.217.166.0/24 maxlen: 24
185.113.10.0/24 maxlen: 24
195.254.165.0/24 maxlen: 24
2a05:9080:5::/48 maxlen: 48
2a05:9080:14::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 08:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:59:d8:49:2d:80:22:45:ed:b7:92:e6:06:a7:60:01:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Nov 6 15:45:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dfb0533d1276994cc9fa72a299d42b39d19e27f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:43:24:9d:dc:95:6a:e0:55:3c:f6:0c:0d:96:
6d:cf:3a:9b:5e:3b:41:61:ce:0f:92:58:11:22:4e:
e2:9e:f7:f0:71:b2:0a:26:19:fc:6f:c1:5c:a0:11:
bd:d8:d1:f6:47:26:49:d0:71:95:45:d2:8d:87:dd:
00:6f:2d:20:cb:19:bf:f2:e4:83:8a:93:ca:da:1b:
9a:da:b9:92:8d:7d:00:7a:32:69:50:6d:36:55:3b:
3b:34:b4:8a:8e:16:ed:9a:31:74:bc:dd:ce:8b:8b:
27:da:75:92:b9:f4:78:92:67:cc:0d:b5:ae:91:6b:
4f:44:1e:3f:37:91:70:3b:c0:76:b1:da:48:36:75:
03:c7:23:f1:75:96:83:ad:4a:5a:a3:60:7f:f4:04:
3c:39:9a:b1:c2:da:e4:34:fa:ec:32:7e:7f:93:db:
ce:d6:a2:1f:6a:a1:df:19:48:86:83:6d:54:b3:b1:
a0:62:1a:29:97:0d:4b:79:e7:d5:c0:89:7b:fc:0a:
94:87:e8:26:14:d1:22:3a:0f:cf:94:ea:2a:5d:54:
27:14:67:00:a2:6a:18:45:03:9a:d2:3f:e6:52:f3:
c5:e7:64:03:35:c0:8b:94:0f:b9:75:ed:c9:71:54:
4f:23:1b:2e:38:53:1c:8d:5f:56:8c:19:fe:d2:2d:
16:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:B0:53:3D:12:76:99:4C:C9:FA:72:A2:99:D4:2B:39:D1:9E:27:F5
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/37BTPRJ2mUzJ-nKimdQrOdGeJ_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.217.166.0/24
185.113.10.0/24
195.254.165.0/24
IPv6:
2a05:9080:5::/48
2a05:9080:14::/48
Signature Algorithm: sha256WithRSAEncryption
12:40:34:f1:5c:ab:bf:78:49:94:57:b7:1f:14:b6:61:9e:75:
8b:29:6c:ca:43:fa:f0:04:45:b9:a5:91:69:98:dc:e7:32:3a:
93:0e:50:cd:62:b7:66:61:01:bc:4c:1a:4a:e3:b2:97:9c:91:
d2:8c:53:bf:af:aa:ac:92:e3:14:e8:03:41:72:9a:f6:b7:22:
8a:d8:5f:e1:62:3a:d8:0d:3c:c0:7a:ba:61:20:2a:47:ec:c9:
78:67:bc:b5:3c:53:f7:c8:b8:60:9c:20:34:6c:4e:2b:d6:5b:
37:a4:a3:9c:bb:0c:6c:fe:c5:bd:c4:b6:99:39:54:1e:91:7a:
2f:69:37:22:0b:3c:91:21:d6:d7:e9:a3:11:e3:3f:2f:4a:7f:
6d:89:94:75:e3:ff:54:d4:1e:66:d4:b9:af:4c:ed:d8:3d:84:
bf:fe:9d:8e:2f:9f:ad:15:ad:6f:b7:ef:05:3a:1a:3f:fd:73:
22:b8:57:eb:4d:e4:64:e5:38:32:88:b4:18:e3:48:b2:31:f4:
e0:e9:c5:42:4b:b5:db:d9:89:a2:dc:43:7f:c0:e2:1d:7b:7a:
09:95:4f:82:ea:88:8c:5b:6e:79:b4:37:17:eb:56:a8:f9:24:
70:86:4e:49:44:a6:cd:60:a7:59:de:ff:0c:ed:c9:e7:97:13:
60:87:07:72
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZpZ2EktgCJF7beS5ganYAE/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUxMTA2MTU0NTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZmIwNTMzZDEyNzY5OTRjYzlmYTcyYTI5OWQ0MmIzOWQxOWUyN2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvUMkndyVauBVPPYMDZZtzzqbXjtB
Yc4PklgRIk7invfwcbIKJhn8b8FcoBG92NH2RyZJ0HGVRdKNh90Aby0gyxm/8uSD
ipPK2hua2rmSjX0AejJpUG02VTs7NLSKjhbtmjF0vN3Oi4sn2nWSufR4kmfMDbWu
kWtPRB4/N5FwO8B2sdpINnUDxyPxdZaDrUpao2B/9AQ8OZqxwtrkNPrsMn5/k9vO
1qIfaqHfGUiGg21Us7GgYhoplw1LeefVwIl7/AqUh+gmFNEiOg/PlOoqXVQnFGcA
omoYRQOa0j/mUvPF52QDNcCLlA+5de3JcVRPIxsuOFMcjV9WjBn+0i0WpQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFN+wUz0SdplMyfpyopnUKznRnif1MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvMzdCVFBSSjJtVXpKLW5LaW1kUXJPZEdlSl9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAYBAIAATASAwQAW9mmAwQA
uXEKAwQAw/6lMBgEAgACMBIDBwAqBZCAAAUDBwAqBZCAABQwDQYJKoZIhvcNAQEL
BQADggEBABJANPFcq794SZRXtx8UtmGedYspbMpD+vAERbmlkWmY3OcyOpMOUM1i
t2ZhAbxMGkrjspeckdKMU7+vqqyS4xToA0Fymva3IorYX+FiOtgNPMB6umEgKkfs
yXhnvLU8U/fIuGCcIDRsTivWWzeko5y7DGz+xb3Etpk5VB6Rei9pNyILPJEh1tfp
oxHjPy9Kf22JlHXj/1TUHmbUua9M7dg9hL/+nY4vn60VrW+37wU6Gj/9cyK4V+tN
5GTlODKItBjjSLIx9ODpxUJLtdvZiaLcQ3/A4h17egmVT4LqiIxbbnm0NxfrVqj5
JHCGTklEps1gp1ne/wztyeeXE2CHB3I=
-----END CERTIFICATE-----
Generated at Fri Nov 7 11:21:20 2025 by rpki-client