Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/m4ru5TcymZwyZ3cxRDnq3gnEaOw.roa
File: m4ru5TcymZwyZ3cxRDnq3gnEaOw.roa (raw, json)
Hash identifier: dTsqnxjibxvmK4QjJP+2GB4FrGtrYTrsCusxLqvYBKE=
Subject key identifier: 9B:8A:EE:E5:37:32:99:9C:32:67:77:31:44:39:EA:DE:09:C4:68:EC
Certificate issuer: /CN=bdd244214d76468d3fb72abad1892ef23dede978
Certificate serial: 01997D88D633A6A68F42B18CFDD7151B3AEC
Authority key identifier: BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/m4ru5TcymZwyZ3cxRDnq3gnEaOw.roa
Signing time: Wed 24 Sep 2025 21:02:23 +0000
ROA not before: Wed 24 Sep 2025 21:02:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6730
IP address blocks: 31.10.128.0/17 maxlen: 17
31.10.128.0/18 maxlen: 18
31.10.192.0/18 maxlen: 18
46.126.0.0/15 maxlen: 15
46.126.0.0/16 maxlen: 16
46.127.0.0/16 maxlen: 16
46.140.0.0/16 maxlen: 16
46.140.0.0/17 maxlen: 17
46.140.128.0/17 maxlen: 17
62.2.0.0/16 maxlen: 16
62.2.0.0/17 maxlen: 17
62.2.128.0/17 maxlen: 17
77.56.0.0/14 maxlen: 14
77.56.0.0/15 maxlen: 15
77.58.0.0/15 maxlen: 15
80.218.0.0/15 maxlen: 15
80.218.0.0/16 maxlen: 16
80.219.0.0/16 maxlen: 16
81.7.224.0/19 maxlen: 19
81.7.224.0/20 maxlen: 20
81.7.240.0/20 maxlen: 20
84.20.32.0/20 maxlen: 20
84.20.32.0/21 maxlen: 21
84.20.40.0/21 maxlen: 21
84.20.48.0/21 maxlen: 21
84.20.48.0/22 maxlen: 22
84.20.52.0/22 maxlen: 22
84.72.0.0/14 maxlen: 14
84.72.0.0/15 maxlen: 16
84.73.0.0/16 maxlen: 16
84.74.0.0/15 maxlen: 15
84.74.0.0/16 maxlen: 17
84.74.128.0/17 maxlen: 17
84.75.0.0/16 maxlen: 16
178.82.0.0/15 maxlen: 15
178.82.0.0/16 maxlen: 17
178.83.0.0/16 maxlen: 16
194.29.0.0/19 maxlen: 19
194.29.0.0/20 maxlen: 20
194.29.16.0/20 maxlen: 20
195.202.192.0/18 maxlen: 18
195.202.192.0/19 maxlen: 19
195.202.224.0/19 maxlen: 19
212.47.160.0/19 maxlen: 19
212.47.160.0/20 maxlen: 20
212.47.176.0/20 maxlen: 20
213.193.64.0/18 maxlen: 18
213.193.64.0/19 maxlen: 19
213.193.96.0/19 maxlen: 19
217.162.0.0/16 maxlen: 16
217.162.0.0/17 maxlen: 17
217.162.128.0/17 maxlen: 17
217.168.32.0/19 maxlen: 19
217.168.32.0/20 maxlen: 20
217.168.48.0/20 maxlen: 20
2a00:e2c0::/32 maxlen: 32
2a00:e2c0::/33 maxlen: 33
2a00:e2c0:8000::/33 maxlen: 33
2a02:aa00::/27 maxlen: 27
2a02:aa00::/28 maxlen: 28
2a02:aa10::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.mft
rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 13:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7d:88:d6:33:a6:a6:8f:42:b1:8c:fd:d7:15:1b:3a:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bdd244214d76468d3fb72abad1892ef23dede978
Validity
Not Before: Sep 24 21:02:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b8aeee53732999c326777314439eade09c468ec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:54:c7:2c:d2:51:5d:05:29:0c:82:f9:68:be:
39:c4:01:ee:99:49:62:e9:a9:c1:f0:16:92:cd:c0:
b1:30:4e:10:02:40:ae:59:33:eb:dc:2d:15:c8:f4:
41:8d:83:c0:7b:48:bb:82:3a:ff:f2:81:c7:12:39:
67:5d:2c:a7:f9:7f:0b:f1:21:7f:b9:7f:44:2c:b7:
1d:df:d1:03:44:2d:2f:f3:bc:b8:24:00:39:d8:f9:
4b:61:14:67:09:ac:a3:03:22:ef:9d:4f:67:2c:5f:
f2:61:8a:80:dd:1b:b8:7f:f5:8b:bb:cf:d9:84:0f:
e3:7a:3e:e5:3f:63:d4:d9:1e:6f:c8:a6:81:bc:05:
c4:76:86:a5:0f:94:d3:72:e1:8f:35:5b:f1:1b:76:
e8:7c:40:65:de:c5:13:1a:33:4b:40:dc:03:e7:af:
2f:c6:c0:32:15:f1:c4:e2:d2:b0:a6:f8:7d:eb:2c:
c9:c4:41:f7:bc:b7:6a:9a:78:be:45:bd:9e:68:dd:
1a:f2:60:96:d6:e0:10:ac:28:d7:b3:0a:5f:af:57:
4d:0c:26:c2:ee:2e:a2:36:2a:02:13:28:15:b7:7e:
69:96:d7:60:c0:d1:1c:83:f8:f2:f0:7f:c6:7e:0a:
41:13:d8:de:f0:5e:7b:82:34:00:db:f6:b6:83:a8:
56:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:8A:EE:E5:37:32:99:9C:32:67:77:31:44:39:EA:DE:09:C4:68:EC
X509v3 Authority Key Identifier:
keyid:BD:D2:44:21:4D:76:46:8D:3F:B7:2A:BA:D1:89:2E:F2:3D:ED:E9:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vdJEIU12Ro0_tyq60Yku8j3t6Xg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/m4ru5TcymZwyZ3cxRDnq3gnEaOw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/756eef-6629-463a-99ff-46a43ef0221b/1/vdJEIU12Ro0_tyq60Yku8j3t6Xg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.10.128.0/17
46.126.0.0/15
46.140.0.0/16
62.2.0.0/16
77.56.0.0/14
80.218.0.0/15
81.7.224.0/19
84.20.32.0-84.20.55.255
84.72.0.0/14
178.82.0.0/15
194.29.0.0/19
195.202.192.0/18
212.47.160.0/19
213.193.64.0/18
217.162.0.0/16
217.168.32.0/19
IPv6:
2a00:e2c0::/32
2a02:aa00::/27
Signature Algorithm: sha256WithRSAEncryption
61:db:c4:2b:0c:5f:8f:69:92:f4:3a:9c:82:df:75:50:c7:04:
03:f2:95:91:26:90:93:09:9e:48:56:97:16:e8:4d:52:f5:80:
e6:e2:2f:70:9c:cc:c8:44:7c:de:91:cc:f4:8d:e2:77:52:3e:
66:ab:fa:13:f1:85:8c:51:84:11:c6:c4:92:77:1e:80:d7:a5:
39:94:c7:39:f5:24:aa:1b:96:4d:89:58:7e:a8:d0:9a:5d:de:
02:94:c8:56:73:29:b9:b5:c1:58:49:b6:2c:eb:4e:a6:d5:4e:
34:03:ad:29:34:1d:ea:46:b7:5d:dd:0c:e8:85:9f:bb:4d:a3:
6c:f8:ec:d5:52:4b:3c:35:a6:32:e2:89:74:69:86:d4:b7:f0:
86:7a:64:73:6d:1a:fc:48:8a:1a:ad:ce:e0:70:0c:ee:3d:14:
c1:17:ab:7c:7d:69:9e:07:b1:71:b1:a9:16:1d:98:74:ce:9d:
c6:dc:43:99:8a:cf:ae:46:67:6b:c8:95:75:e9:1a:6d:b1:b6:
45:4f:96:96:ad:f7:73:ea:8b:c9:3b:06:ff:62:b9:ec:13:4e:
28:18:21:b3:c7:27:f9:26:7e:6e:ba:f2:8b:b1:15:68:f9:33:
b4:64:28:da:cc:b9:4c:e8:94:16:25:53:2d:e3:09:a8:02:1d:
b9:b0:fb:2a
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZl9iNYzpqaPQrGM/dcVGzrsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJkZDI0NDIxNGQ3NjQ2OGQzZmI3MmFiYWQxODkyZWYyM2Rl
ZGU5NzgwHhcNMjUwOTI0MjEwMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjhhZWVlNTM3MzI5OTljMzI2Nzc3MzE0NDM5ZWFkZTA5YzQ2OGVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6lTHLNJRXQUpDIL5aL45xAHumUli
6anB8BaSzcCxME4QAkCuWTPr3C0VyPRBjYPAe0i7gjr/8oHHEjlnXSyn+X8L8SF/
uX9ELLcd39EDRC0v87y4JAA52PlLYRRnCayjAyLvnU9nLF/yYYqA3Ru4f/WLu8/Z
hA/jej7lP2PU2R5vyKaBvAXEdoalD5TTcuGPNVvxG3bofEBl3sUTGjNLQNwD568v
xsAyFfHE4tKwpvh96yzJxEH3vLdqmni+Rb2eaN0a8mCW1uAQrCjXswpfr1dNDCbC
7i6iNioCEygVt35pltdgwNEcg/jy8H/GfgpBE9je8F57gjQA2/a2g6hWOQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFJuK7uU3MpmcMmd3MUQ56t4JxGjsMB8GA1UdIwQY
MBaAFL3SRCFNdkaNP7cqutGJLvI97el4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYt
NDZhNDNlZjAyMjFiLzEvbTRydTVUY3ltWnd5WjNjeFJEbnEzZ25FYU93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC83NTZlZWYtNjYyOS00NjNhLTk5ZmYtNDZhNDNlZjAyMjFi
LzEvdmRKRUlVMTJSbzBfdHlxNjBZa3U4ajN0NlhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGYEAgABMGADBAcfCoAD
AwEufgMDAC6MAwMAPgIDAwJNOAMDAVDaAwQFUQfgMAwDBAVUFCADBANUFDADAwJU
SAMDAbJSAwQFwh0AAwQGw8rAAwQF1C+gAwQG1cFAAwMA2aIDBAXZqCAwFAQCAAIw
DgMFACoA4sADBQUqAqoAMA0GCSqGSIb3DQEBCwUAA4IBAQBh28QrDF+PaZL0OpyC
33VQxwQD8pWRJpCTCZ5IVpcW6E1S9YDm4i9wnMzIRHzekcz0jeJ3Uj5mq/oT8YWM
UYQRxsSSdx6A16U5lMc59SSqG5ZNiVh+qNCaXd4ClMhWcym5tcFYSbYs606m1U40
A60pNB3qRrdd3QzohZ+7TaNs+OzVUks8NaYy4ol0aYbUt/CGemRzbRr8SIoarc7g
cAzuPRTBF6t8fWmeB7FxsakWHZh0zp3G3EOZis+uRmdryJV16RptsbZFT5aWrfdz
6ovJOwb/YrnsE04oGCGzxyf5Jn5uuvKLsRVo+TO0ZCjazLlM6JQWJVMt4wmoAh25
sPsq
-----END CERTIFICATE-----
Generated at Wed Oct 8 17:40:37 2025 by rpki-client