Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3vyaDbAdZnVDpT4VQzsLrP644A0.roa
File: 3vyaDbAdZnVDpT4VQzsLrP644A0.roa (raw, json)
Hash identifier: MsCYcfDvZTbrjqEu/fsGJ2fXlbbjyhPV8LCrNQFHaz4=
Subject key identifier: DE:FC:9A:0D:B0:1D:66:75:43:A5:3E:15:43:3B:0B:AC:FE:B8:E0:0D
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 019999D16D74C824CBB6E7B1F347FB2BCF18
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3vyaDbAdZnVDpT4VQzsLrP644A0.roa
Signing time: Tue 30 Sep 2025 08:51:03 +0000
ROA not before: Tue 30 Sep 2025 08:51:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201178
IP address blocks: 45.84.220.0/24 maxlen: 24
45.84.221.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
93.123.37.0/24 maxlen: 24
93.123.64.0/24 maxlen: 24
193.148.252.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:d1:6d:74:c8:24:cb:b6:e7:b1:f3:47:fb:2b:cf:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Sep 30 08:51:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=defc9a0db01d667543a53e15433b0bacfeb8e00d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:e4:68:f2:83:0f:e5:f9:8a:1c:fb:20:71:5c:
75:83:19:3c:3a:f2:29:27:64:b4:e2:99:fa:64:f6:
52:66:38:86:0f:dd:35:48:0a:87:de:af:42:6f:b3:
9f:9d:b9:51:d0:b7:a0:68:cb:57:81:d5:96:62:46:
27:f3:df:47:07:b7:33:bb:bc:6b:7a:45:95:95:39:
c5:ca:34:90:91:c2:39:83:8f:45:77:68:d6:67:65:
7b:58:34:f9:15:c4:6d:79:18:ad:36:95:43:61:7f:
08:98:7a:52:85:72:29:02:02:31:ea:87:64:71:cf:
e0:5f:fb:71:3e:1b:a8:7e:e8:bd:13:ce:f5:e5:8d:
f6:f7:88:71:77:fd:b7:a6:45:e2:9d:60:e9:92:45:
97:f2:f2:a3:88:4a:f1:02:65:df:50:5b:4a:42:47:
f0:53:2e:ea:4e:72:4d:d2:58:fd:d3:15:4d:2f:17:
57:d6:12:4f:51:62:12:82:3b:7a:11:3d:cd:0f:4f:
e8:d5:7e:6c:6e:76:ef:2d:1f:32:d5:5d:c7:38:48:
f1:f5:fc:8e:4e:5b:1f:e6:cb:e0:84:23:64:b8:13:
f7:34:53:90:b9:ff:32:5b:40:a5:d8:78:6f:eb:66:
48:15:28:f6:13:d5:c6:95:a3:3f:4e:33:cd:ed:cc:
04:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:FC:9A:0D:B0:1D:66:75:43:A5:3E:15:43:3B:0B:AC:FE:B8:E0:0D
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/3vyaDbAdZnVDpT4VQzsLrP644A0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.84.220.0/23
91.92.70.0/24
93.123.37.0/24
93.123.64.0/24
193.148.252.0/24
Signature Algorithm: sha256WithRSAEncryption
66:37:13:94:94:a8:ba:4f:b8:b5:96:4e:b8:c3:6a:d1:61:10:
25:60:48:8c:6d:50:32:cc:f7:30:82:6f:d1:95:16:38:30:ca:
33:a2:a8:f9:57:3e:bb:6d:87:c1:27:b8:a3:1a:88:d0:01:dd:
19:ef:bc:d9:ee:07:b7:c0:2c:a7:84:94:1b:a0:be:63:ce:20:
0a:79:7d:8f:b6:42:1b:9d:28:f2:01:fc:bf:85:dd:30:e4:05:
56:8a:bd:54:78:8d:7f:28:99:c2:4a:de:69:2d:1d:b7:e4:33:
bd:2a:75:c7:45:0e:31:54:c0:df:0e:c2:c8:91:c8:d5:97:35:
69:9c:12:e1:2f:6e:85:a4:52:a7:1c:fd:e4:73:dd:6d:af:c1:
92:28:46:ee:18:5d:7d:16:e3:6c:a5:70:73:34:45:87:f1:f4:
f8:02:2f:47:05:b7:ef:bf:7a:fb:fc:21:88:a8:89:54:c4:4f:
a9:cd:3d:9b:2b:d7:90:ca:2f:c5:80:45:86:e4:a3:f7:a1:6f:
e6:9a:78:80:55:f6:76:00:8a:02:4f:15:0a:07:26:7b:96:66:
3b:c8:61:bb:db:07:d9:a4:7b:e1:01:3d:20:d6:db:f8:fc:81:
c6:40:31:16:3d:1a:a5:37:f6:3e:bf:90:97:d0:54:7e:f0:90:
8d:ee:01:ff
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZmZ0W10yCTLtuex80f7K88YMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwOTMwMDg1MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWZjOWEwZGIwMWQ2Njc1NDNhNTNlMTU0MzNiMGJhY2ZlYjhlMDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnuRo8oMP5fmKHPsgcVx1gxk8OvIp
J2S04pn6ZPZSZjiGD901SAqH3q9Cb7OfnblR0LegaMtXgdWWYkYn899HB7czu7xr
ekWVlTnFyjSQkcI5g49Fd2jWZ2V7WDT5FcRteRitNpVDYX8ImHpShXIpAgIx6odk
cc/gX/txPhuofui9E8715Y3294hxd/23pkXinWDpkkWX8vKjiErxAmXfUFtKQkfw
Uy7qTnJN0lj90xVNLxdX1hJPUWISgjt6ET3ND0/o1X5sbnbvLR8y1V3HOEjx9fyO
Tlsf5svghCNkuBP3NFOQuf8yW0Cl2Hhv62ZIFSj2E9XGlaM/TjPN7cwEYwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFN78mg2wHWZ1Q6U+FUM7C6z+uOANMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvM3Z5YURiQWRablZEcFQ0VlF6c0xyUDY0NEEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBLVTcAwQA
W1xGAwQAXXslAwQAXXtAAwQAwZT8MA0GCSqGSIb3DQEBCwUAA4IBAQBmNxOUlKi6
T7i1lk64w2rRYRAlYEiMbVAyzPcwgm/RlRY4MMozoqj5Vz67bYfBJ7ijGojQAd0Z
77zZ7ge3wCynhJQboL5jziAKeX2PtkIbnSjyAfy/hd0w5AVWir1UeI1/KJnCSt5p
LR235DO9KnXHRQ4xVMDfDsLIkcjVlzVpnBLhL26FpFKnHP3kc91tr8GSKEbuGF19
FuNspXBzNEWH8fT4Ai9HBbfvv3r7/CGIqIlUxE+pzT2bK9eQyi/FgEWG5KP3oW/m
mniAVfZ2AIoCTxUKByZ7lmY7yGG72wfZpHvhAT0g1tv4/IHGQDEWPRqlN/Y+v5CX
0FR+8JCN7gH/
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:58 2025 by rpki-client