Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/3xmsWGneySA3DC-ZXguOS63wWJg.roa
File: 3xmsWGneySA3DC-ZXguOS63wWJg.roa (raw, json)
Hash identifier: /EUgaqeX+JqBSV8zpMIdPwMfgqWhg29j69UOVD+BYMY=
Subject key identifier: DF:19:AC:58:69:DE:C9:20:37:0C:2F:99:5E:0B:8E:4B:AD:F0:58:98
Certificate issuer: /CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Certificate serial: 0199E4DE4D315B1DA2CA4E6C8A9D7DF71B1C
Authority key identifier: 96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/3xmsWGneySA3DC-ZXguOS63wWJg.roa
Signing time: Tue 14 Oct 2025 22:36:37 +0000
ROA not before: Tue 14 Oct 2025 22:36:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210545
IP address blocks: 91.233.8.0/24 maxlen: 24
91.233.9.0/24 maxlen: 24
91.233.10.0/24 maxlen: 24
91.233.11.0/24 maxlen: 24
176.102.168.0/24 maxlen: 24
176.102.169.0/24 maxlen: 24
176.102.170.0/24 maxlen: 24
176.102.171.0/24 maxlen: 24
176.102.172.0/24 maxlen: 24
176.102.173.0/24 maxlen: 24
176.102.174.0/24 maxlen: 24
176.102.175.0/24 maxlen: 24
193.25.170.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e4:de:4d:31:5b:1d:a2:ca:4e:6c:8a:9d:7d:f7:1b:1c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Validity
Not Before: Oct 14 22:36:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=df19ac5869dec920370c2f995e0b8e4badf05898
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:e1:dc:d9:28:0f:f7:df:89:56:cb:42:5a:90:
ff:cd:26:aa:84:61:88:43:fc:6d:db:21:15:4f:aa:
4d:a4:5e:1e:26:7e:d0:64:50:25:a5:c1:fb:76:47:
6a:90:16:ab:f9:92:5e:33:ab:d8:cb:25:3e:24:49:
4b:93:64:6d:6e:43:63:bf:5b:86:12:fc:fe:fd:d3:
40:81:d5:7a:23:65:50:9c:c1:50:0c:36:76:ef:64:
2f:57:f4:49:7a:9e:f3:51:1f:34:dc:18:c2:5a:9a:
3e:84:9d:b0:b6:b7:52:79:5d:7f:ac:2a:10:5f:99:
b4:fe:28:5a:d4:ee:e9:04:f7:4a:49:12:d5:95:0b:
0d:1b:7d:8e:9f:0a:f7:1c:d4:5b:e8:ef:d9:07:53:
5a:1a:44:b2:73:cd:9f:2a:15:38:58:3b:9d:b2:ac:
70:67:27:25:34:2a:24:51:8a:3b:03:47:18:8b:c3:
23:85:10:07:36:e3:4b:3f:f7:5b:8d:ac:47:8b:ab:
73:00:20:2a:7c:86:36:92:4f:7a:69:5d:06:14:93:
00:d7:3a:04:c5:ee:fc:1d:cc:79:53:c6:50:26:3e:
b2:30:36:1b:dc:e2:a1:df:85:5b:0d:33:ac:f7:98:
80:51:32:9b:da:17:da:d5:a5:f3:71:4a:78:d3:65:
44:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DF:19:AC:58:69:DE:C9:20:37:0C:2F:99:5E:0B:8E:4B:AD:F0:58:98
X509v3 Authority Key Identifier:
keyid:96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/3xmsWGneySA3DC-ZXguOS63wWJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.233.8.0/22
176.102.168.0/21
193.25.170.0/23
Signature Algorithm: sha256WithRSAEncryption
68:b5:12:6b:21:fd:93:c7:54:df:fa:bf:28:c8:5b:a0:de:f6:
55:50:49:7f:0e:cb:6c:30:6c:b8:10:3f:99:e0:7b:f2:f5:96:
50:3b:1a:61:35:3c:f6:aa:78:e0:e5:c4:ce:31:1d:ab:a4:9f:
86:6d:83:d6:8d:7c:e7:2d:53:54:d8:ce:93:63:d8:cf:06:1c:
9d:4f:13:0c:39:04:0b:0c:60:41:6d:36:34:0f:25:31:5d:30:
d8:dc:c5:5d:c2:02:59:53:ba:2f:1a:99:af:b3:ac:fa:36:f3:
5c:47:00:8b:35:b3:54:cc:7c:b5:59:81:ca:ae:13:04:8c:d5:
47:16:42:ab:7a:27:ce:27:b1:e5:71:93:dc:7a:3e:b8:a7:73:
92:d4:c7:7e:6a:7f:cb:f9:5a:e0:f5:14:39:a0:59:4c:3d:db:
74:e7:10:b0:d4:0a:54:d6:ab:dc:3b:42:6a:a8:0e:6c:5a:db:
b3:53:d7:50:e0:c0:69:61:07:f9:25:b0:88:4f:e4:3f:43:4d:
e1:8e:e8:f0:b7:4a:bd:77:ac:84:e4:7d:0e:af:e2:1e:73:b4:
5b:7f:6f:67:1a:4a:dc:6f:4c:25:d8:84:9a:83:66:41:26:70:
25:97:06:6c:2a:ef:05:31:5d:5a:ae:6f:d9:6e:21:5a:07:59:
48:f1:96:07
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnk3k0xWx2iyk5sip199xscMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDY2OTY2ZmZkYTBhNWQwZTEzMWQxMzRhNzlkOTMyMDVj
OGM1NTAwHhcNMjUxMDE0MjIzNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZjE5YWM1ODY5ZGVjOTIwMzcwYzJmOTk1ZTBiOGU0YmFkZjA1ODk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAouHc2SgP99+JVstCWpD/zSaqhGGI
Q/xt2yEVT6pNpF4eJn7QZFAlpcH7dkdqkBar+ZJeM6vYyyU+JElLk2RtbkNjv1uG
Evz+/dNAgdV6I2VQnMFQDDZ272QvV/RJep7zUR803BjCWpo+hJ2wtrdSeV1/rCoQ
X5m0/iha1O7pBPdKSRLVlQsNG32Onwr3HNRb6O/ZB1NaGkSyc82fKhU4WDudsqxw
ZyclNCokUYo7A0cYi8MjhRAHNuNLP/dbjaxHi6tzACAqfIY2kk96aV0GFJMA1zoE
xe78Hcx5U8ZQJj6yMDYb3OKh34VbDTOs95iAUTKb2hfa1aXzcUp402VE8QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFN8ZrFhp3skgNwwvmV4Ljkut8FiYMB8GA1UdIwQY
MBaAFJbWaWb/2gpdDhMdE0p52TIFyMVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYt
YjBlNjA1OGQ0ZGQ3LzEvM3htc1dHbmV5U0EzREMtWlhndU9TNjN3V0pnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYtYjBlNjA1OGQ0ZGQ3
LzEvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW+kIAwQD
sGaoAwQBwRmqMA0GCSqGSIb3DQEBCwUAA4IBAQBotRJrIf2Tx1Tf+r8oyFug3vZV
UEl/DstsMGy4ED+Z4Hvy9ZZQOxphNTz2qnjg5cTOMR2rpJ+GbYPWjXznLVNU2M6T
Y9jPBhydTxMMOQQLDGBBbTY0DyUxXTDY3MVdwgJZU7ovGpmvs6z6NvNcRwCLNbNU
zHy1WYHKrhMEjNVHFkKreifOJ7HlcZPcej64p3OS1Md+an/L+Vrg9RQ5oFlMPdt0
5xCw1ApU1qvcO0JqqA5sWtuzU9dQ4MBpYQf5JbCIT+Q/Q03hjujwt0q9d6yE5H0O
r+Iec7Rbf29nGkrcb0wl2ISag2ZBJnAllwZsKu8FMV1arm/ZbiFaB1lI8ZYH
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:33 2025 by rpki-client