Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/_Y1GXKJ5A67loqKl1i2V9S3MWKg.roa
File: _Y1GXKJ5A67loqKl1i2V9S3MWKg.roa (raw, json)
Hash identifier: V3o7sWDlYKkS4Nqv4VMpbKGi6d6rMWmkClDxQRZCgxw=
Subject key identifier: FD:8D:46:5C:A2:79:03:AE:E5:A2:A2:A5:D6:2D:95:F5:2D:CC:58:A8
Certificate issuer: /CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Certificate serial: 01992EBB2C22A35712CCCE09AD913B53920E
Authority key identifier: 3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/_Y1GXKJ5A67loqKl1i2V9S3MWKg.roa
Signing time: Tue 09 Sep 2025 13:47:22 +0000
ROA not before: Tue 09 Sep 2025 13:47:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43376
IP address blocks: 86.104.176.0/24 maxlen: 24
86.104.177.0/24 maxlen: 24
86.104.178.0/24 maxlen: 24
86.104.179.0/24 maxlen: 24
86.104.180.0/24 maxlen: 24
86.104.182.0/24 maxlen: 24
86.104.183.0/24 maxlen: 24
91.194.234.0/24 maxlen: 24
93.115.243.0/24 maxlen: 24
185.163.104.0/24 maxlen: 24
185.163.105.0/24 maxlen: 24
185.163.106.0/24 maxlen: 24
185.163.107.0/24 maxlen: 24
188.240.82.0/24 maxlen: 24
2001:67c:2170::/48 maxlen: 48
2a0b:8800::/48 maxlen: 48
2a0b:8800:1::/48 maxlen: 48
2a0b:8800:2::/48 maxlen: 48
2a0b:8800:3::/48 maxlen: 48
2a0b:8800:580::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.mft
rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2e:bb:2c:22:a3:57:12:cc:ce:09:ad:91:3b:53:92:0e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e50d1dd31bc7449bacc1864b01af994c547efd3
Validity
Not Before: Sep 9 13:47:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd8d465ca27903aee5a2a2a5d62d95f52dcc58a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:70:9e:c3:87:a6:ae:5d:92:e8:a6:46:ef:3a:
52:43:d5:a2:93:e4:9d:08:84:39:48:7f:dd:71:ba:
1a:0d:dd:6d:31:89:de:ab:dd:c0:28:fa:5f:79:26:
78:e8:59:07:99:b9:24:b6:ce:7b:21:c3:07:1c:5f:
9b:0b:41:fe:15:30:77:31:2b:5f:54:72:40:73:b5:
8c:f0:32:9c:fd:e4:13:54:2e:79:7b:27:60:27:09:
6d:a6:32:15:ad:4f:d6:69:14:d2:9c:70:16:b7:83:
3c:0b:1e:f0:1d:55:ae:8b:48:d2:86:08:c2:33:4c:
6e:e2:89:2c:07:76:29:ab:60:a3:54:e0:ea:79:e2:
55:88:fe:31:38:c1:0f:80:22:4a:bd:28:69:cb:2d:
aa:be:05:37:66:18:5e:cc:46:06:ff:97:ed:e1:eb:
2b:de:73:82:ff:31:3b:36:4e:5d:68:a3:9c:f3:bd:
34:4e:ae:c3:25:db:94:6b:b3:0e:cd:26:d7:a8:be:
e0:82:d9:e9:d5:87:ba:be:cd:d2:09:a6:38:14:11:
3f:09:08:d5:a1:25:a4:a6:e8:29:39:eb:2e:8e:fa:
7b:61:ac:43:bd:6e:b7:14:e2:4c:df:12:c2:ed:1b:
1b:7c:10:c8:ee:31:bd:9a:8c:64:d6:f4:89:c8:22:
01:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:8D:46:5C:A2:79:03:AE:E5:A2:A2:A5:D6:2D:95:F5:2D:CC:58:A8
X509v3 Authority Key Identifier:
keyid:3E:50:D1:DD:31:BC:74:49:BA:CC:18:64:B0:1A:F9:94:C5:47:EF:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PlDR3TG8dEm6zBhksBr5lMVH79M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/_Y1GXKJ5A67loqKl1i2V9S3MWKg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/6ec39c-a9d4-4a12-810a-4f0650da545b/1/PlDR3TG8dEm6zBhksBr5lMVH79M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.104.176.0-86.104.180.255
86.104.182.0/23
91.194.234.0/24
93.115.243.0/24
185.163.104.0/22
188.240.82.0/24
IPv6:
2001:67c:2170::/48
2a0b:8800::/46
2a0b:8800:580::/48
Signature Algorithm: sha256WithRSAEncryption
8b:0c:a4:ca:bd:cb:55:04:11:3b:dd:2a:2a:31:cc:2c:45:de:
99:19:e5:ea:79:1b:17:63:4c:72:e7:11:42:a5:49:0d:f0:a5:
9a:a1:2d:20:69:bf:7a:1c:d8:b5:3c:25:9d:0c:a6:91:6f:b8:
4a:99:51:70:c2:bf:35:a9:92:81:87:60:21:87:a9:78:36:4d:
e4:56:a6:18:8e:d2:ac:22:34:e8:b0:8b:2c:71:e8:96:b8:f8:
39:44:eb:14:15:d6:4b:15:47:35:e3:fc:ef:63:cd:84:cf:9b:
d8:ec:c3:d8:b1:ab:be:56:e7:2f:c4:2c:21:2c:f5:2e:ac:cd:
ed:ed:85:c3:e9:88:ca:29:28:ca:34:a8:94:93:d3:10:3e:18:
4f:0c:ef:27:0e:27:e9:0d:55:4b:49:b9:b7:e3:22:df:3a:af:
df:62:ce:bf:d9:f8:19:b5:83:61:16:44:f2:82:20:4a:b9:cd:
ab:5e:d5:30:ee:bd:a4:9c:71:50:cb:3f:b5:00:c1:bb:c2:a0:
e6:c7:a7:70:bb:b3:d8:3e:8b:56:c8:f3:7f:44:f8:7d:ec:54:
da:05:0b:6b:87:a1:4d:c7:cf:73:8f:d3:da:bc:f3:db:4e:08:
b6:2e:b0:f8:98:29:74:59:95:c7:0f:0a:be:4a:c8:5d:4e:15:
d1:ed:b0:ce
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZkuuywio1cSzM4JrZE7U5IOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNTBkMWRkMzFiYzc0NDliYWNjMTg2NGIwMWFmOTk0YzU0
N2VmZDMwHhcNMjUwOTA5MTM0NzIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDhkNDY1Y2EyNzkwM2FlZTVhMmEyYTVkNjJkOTVmNTJkY2M1OGE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmnCew4emrl2S6KZG7zpSQ9Wik+Sd
CIQ5SH/dcboaDd1tMYneq93AKPpfeSZ46FkHmbkkts57IcMHHF+bC0H+FTB3MStf
VHJAc7WM8DKc/eQTVC55eydgJwltpjIVrU/WaRTSnHAWt4M8Cx7wHVWui0jShgjC
M0xu4oksB3Ypq2CjVODqeeJViP4xOMEPgCJKvShpyy2qvgU3ZhhezEYG/5ft4esr
3nOC/zE7Nk5daKOc8700Tq7DJduUa7MOzSbXqL7ggtnp1Ye6vs3SCaY4FBE/CQjV
oSWkpugpOesujvp7YaxDvW63FOJM3xLC7RsbfBDI7jG9moxk1vSJyCIBdwIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFP2NRlyieQOu5aKipdYtlfUtzFioMB8GA1UdIwQY
MBaAFD5Q0d0xvHRJuswYZLAa+ZTFR+/TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEt
NGYwNjUwZGE1NDViLzEvX1kxR1hLSjVBNjdsb3FLbDFpMlY5UzNNV0tnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC82ZWMzOWMtYTlkNC00YTEyLTgxMGEtNGYwNjUwZGE1NDVi
LzEvUGxEUjNURzhkRW02ekJoa3NCcjVsTVZINzlNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGgGCCsGAQUFBwEHAQH/BFkwVzAyBAIAATAsMAwDBARWaLAD
BABWaLQDBAFWaLYDBABbwuoDBABdc/MDBAK5o2gDBAC88FIwIQQCAAIwGwMHACAB
BnwhcAMHAioLiAAAAAMHACoLiAAFgDANBgkqhkiG9w0BAQsFAAOCAQEAiwykyr3L
VQQRO90qKjHMLEXemRnl6nkbF2NMcucRQqVJDfClmqEtIGm/ehzYtTwlnQymkW+4
SplRcMK/NamSgYdgIYepeDZN5FamGI7SrCI06LCLLHHolrj4OUTrFBXWSxVHNeP8
72PNhM+b2OzD2LGrvlbnL8QsISz1LqzN7e2Fw+mIyikoyjSolJPTED4YTwzvJw4n
6Q1VS0m5t+Mi3zqv32LOv9n4GbWDYRZE8oIgSrnNq17VMO69pJxxUMs/tQDBu8Kg
5sencLuz2D6LVsjzf0T4fexU2gULa4ehTcfPc4/T2rzz204Iti6w+JgpdFmVxw8K
vkrIXU4V0e2wzg==
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:32 2025 by rpki-client