Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/ICR_37PsCBP-8LWQQc9BQZWkbu8.roa
File: ICR_37PsCBP-8LWQQc9BQZWkbu8.roa (raw, json)
Hash identifier: qbGaCfhiVfxLumC4av9v0LJhrwsxTdIAQc0ayhncJww=
Subject key identifier: 20:24:7F:DF:B3:EC:08:13:FE:F0:B5:90:41:CF:41:41:95:A4:6E:EF
Certificate issuer: /CN=088e0321271332afc77e4c8579f0e5559cc09c50
Certificate serial: 0198F5360B47A8B8DC38DD9DAF7F81B1C18B
Authority key identifier: 08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/ICR_37PsCBP-8LWQQc9BQZWkbu8.roa
Signing time: Fri 29 Aug 2025 09:43:36 +0000
ROA not before: Fri 29 Aug 2025 09:43:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207104
IP address blocks: 185.163.156.0/24 maxlen: 24
185.163.157.0/24 maxlen: 24
185.163.158.0/24 maxlen: 24
185.163.159.0/24 maxlen: 24
185.191.32.0/24 maxlen: 24
185.191.33.0/24 maxlen: 24
185.191.34.0/24 maxlen: 24
2a0a:400:255::/48 maxlen: 48
2a0a:400:2000::/36 maxlen: 36
2a0a:400:3000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:36:0b:47:a8:b8:dc:38:dd:9d:af:7f:81:b1:c1:8b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=088e0321271332afc77e4c8579f0e5559cc09c50
Validity
Not Before: Aug 29 09:43:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=20247fdfb3ec0813fef0b59041cf414195a46eef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:80:d7:ff:8e:d8:f4:5f:91:40:bd:b3:23:9a:
d2:fb:6a:5b:a3:1d:f5:88:56:e4:73:3d:36:f8:89:
66:d4:eb:a2:91:47:ff:d9:8f:22:c1:6a:b1:65:45:
34:55:dd:4d:9f:65:86:9b:7f:f3:1d:13:47:a3:ea:
aa:d5:a8:5d:56:4f:c9:dc:c6:bd:8e:f7:2b:57:07:
ad:a0:1a:8c:7d:05:42:40:0b:67:14:c9:cc:01:91:
ea:2f:38:f2:ee:18:ed:47:fb:b5:fb:5d:31:a7:0c:
75:3d:5e:c6:35:c5:83:f4:0a:cf:a0:17:42:ec:91:
47:57:5f:90:d2:18:e1:12:79:53:ec:b9:da:77:7d:
2c:94:c4:e5:96:a0:d6:30:59:dd:a0:6f:79:95:d5:
d4:3d:c3:4b:f4:5f:b4:b5:10:a4:d0:bc:34:db:ee:
32:f0:05:84:56:ab:3b:24:7f:0d:dc:de:65:f6:d2:
22:91:4a:f9:33:50:b0:52:0b:09:af:f7:b5:f9:a1:
d3:9a:e6:5b:05:a8:c7:48:81:eb:f4:06:a3:21:8c:
f4:12:89:8d:74:d6:81:b6:2e:d0:e1:bf:f6:a9:d6:
0e:af:b4:73:0e:d2:f9:4c:0e:e6:9a:b0:e0:ae:95:
3e:08:03:37:15:28:70:b7:4f:49:cd:43:30:26:10:
83:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:24:7F:DF:B3:EC:08:13:FE:F0:B5:90:41:CF:41:41:95:A4:6E:EF
X509v3 Authority Key Identifier:
keyid:08:8E:03:21:27:13:32:AF:C7:7E:4C:85:79:F0:E5:55:9C:C0:9C:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CI4DIScTMq_HfkyFefDlVZzAnFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/ICR_37PsCBP-8LWQQc9BQZWkbu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/a2a52c-136a-43a8-967c-f6d966ca4f07/1/CI4DIScTMq_HfkyFefDlVZzAnFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.163.156.0/22
185.191.32.0-185.191.34.255
IPv6:
2a0a:400:255::/48
2a0a:400:2000::/35
Signature Algorithm: sha256WithRSAEncryption
31:7c:9b:81:1f:bf:b6:fd:8e:8e:f4:f9:b5:f5:7d:02:f6:93:
3c:15:54:a3:22:13:f9:b0:15:93:b5:9c:5d:c5:4b:28:34:ee:
09:99:d1:5f:90:fe:b9:ea:64:9b:94:92:dd:ca:84:1f:f9:a3:
95:88:79:dc:ff:44:b5:cf:68:be:1f:02:db:9c:9c:70:80:d6:
04:6b:d2:db:79:b6:13:ab:65:2d:fc:38:c1:e3:ec:4d:15:7a:
99:09:08:38:b2:92:93:02:24:86:8f:2d:14:bf:14:b8:2e:5c:
7d:41:a9:e2:4d:a5:61:92:c4:38:a7:c7:71:c6:f2:ed:d0:f9:
2c:dc:d1:23:45:49:c8:38:e5:b0:5b:7c:2f:ae:04:0f:98:91:
8e:5b:70:11:34:34:ed:b4:45:85:98:d1:18:f2:e3:c6:91:29:
df:ac:97:e7:2f:40:41:b5:ce:19:48:5d:bf:3d:83:d1:5e:1e:
4a:e3:b4:19:d4:27:19:7d:fa:b6:e8:44:c6:3a:e9:06:82:56:
d7:d1:c2:3d:74:34:2d:92:24:ed:59:0c:40:2d:f5:74:f2:e8:
eb:a7:fc:cd:e2:f3:6f:a8:56:1c:73:9c:66:84:b9:46:0b:a8:
e8:0b:ca:d6:9b:58:a8:80:3e:d3:76:1c:91:c0:1d:ca:5b:c3:
db:ae:75:97
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZj1NgtHqLjcON2dr3+BscGLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4OGUwMzIxMjcxMzMyYWZjNzdlNGM4NTc5ZjBlNTU1OWNj
MDljNTAwHhcNMjUwODI5MDk0MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDI0N2ZkZmIzZWMwODEzZmVmMGI1OTA0MWNmNDE0MTk1YTQ2ZWVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAooDX/47Y9F+RQL2zI5rS+2pbox31
iFbkcz02+Ilm1OuikUf/2Y8iwWqxZUU0Vd1Nn2WGm3/zHRNHo+qq1ahdVk/J3Ma9
jvcrVwetoBqMfQVCQAtnFMnMAZHqLzjy7hjtR/u1+10xpwx1PV7GNcWD9ArPoBdC
7JFHV1+Q0hjhEnlT7Lnad30slMTllqDWMFndoG95ldXUPcNL9F+0tRCk0Lw02+4y
8AWEVqs7JH8N3N5l9tIikUr5M1CwUgsJr/e1+aHTmuZbBajHSIHr9AajIYz0EomN
dNaBti7Q4b/2qdYOr7RzDtL5TA7mmrDgrpU+CAM3FShwt09JzUMwJhCDyQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFCAkf9+z7AgT/vC1kEHPQUGVpG7vMB8GA1UdIwQY
MBaAFAiOAyEnEzKvx35MhXnw5VWcwJxQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2Mt
ZjZkOTY2Y2E0ZjA3LzEvSUNSXzM3UHNDQlAtOExXUVFjOUJRWldrYnU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC9hMmE1MmMtMTM2YS00M2E4LTk2N2MtZjZkOTY2Y2E0ZjA3
LzEvQ0k0RElTY1RNcV9IZmt5RmVmRGxWWnpBbkZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAaBAIAATAUAwQCuaOcMAwD
BAW5vyADBAC5vyIwFwQCAAIwEQMHACoKBAACVQMGBSoKBAAgMA0GCSqGSIb3DQEB
CwUAA4IBAQAxfJuBH7+2/Y6O9Pm19X0C9pM8FVSjIhP5sBWTtZxdxUsoNO4JmdFf
kP656mSblJLdyoQf+aOViHnc/0S1z2i+HwLbnJxwgNYEa9LbebYTq2Ut/DjB4+xN
FXqZCQg4spKTAiSGjy0UvxS4Llx9QaniTaVhksQ4p8dxxvLt0Pks3NEjRUnIOOWw
W3wvrgQPmJGOW3ARNDTttEWFmNEY8uPGkSnfrJfnL0BBtc4ZSF2/PYPRXh5K47QZ
1CcZffq26ETGOukGglbX0cI9dDQtkiTtWQxALfV08ujrp/zN4vNvqFYcc5xmhLlG
C6joC8rWm1iogD7TdhyRwB3KW8PbrnWX
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:09:36 2025 by rpki-client