Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/PyylIxSidIL9Ah11tj6Ew_of5bs.roa
File: PyylIxSidIL9Ah11tj6Ew_of5bs.roa (raw, json)
Hash identifier: m7a/fDPuvIIOadWRbTFTs5H48jMYC+caGLDX7JLNXC4=
Subject key identifier: 3F:2C:A5:23:14:A2:74:82:FD:02:1D:75:B6:3E:84:C3:FA:1F:E5:BB
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0198903E000AE2830233AFCC37B349CB8FF7
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/PyylIxSidIL9Ah11tj6Ew_of5bs.roa
Signing time: Sat 09 Aug 2025 19:10:39 +0000
ROA not before: Sat 09 Aug 2025 19:10:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20910
IP address blocks: 37.148.168.0/21 maxlen: 32
62.84.0.0/20 maxlen: 32
62.205.192.0/18 maxlen: 32
77.38.128.0/17 maxlen: 32
85.115.96.0/19 maxlen: 32
85.254.120.0/23 maxlen: 23
87.226.0.0/17 maxlen: 32
89.18.192.0/19 maxlen: 32
89.201.0.0/17 maxlen: 32
91.142.0.0/20 maxlen: 32
91.188.32.0/19 maxlen: 32
93.177.192.0/18 maxlen: 32
94.30.128.0/17 maxlen: 32
109.110.0.0/19 maxlen: 32
136.169.0.0/17 maxlen: 32
185.144.184.0/22 maxlen: 32
188.112.128.0/18 maxlen: 32
195.62.128.0/19 maxlen: 32
195.244.128.0/20 maxlen: 32
213.180.96.0/19 maxlen: 32
217.198.224.0/20 maxlen: 32
217.199.96.0/19 maxlen: 32
2a00:9000::/29 maxlen: 32
2a00:f4a0::/29 maxlen: 32
2a03:6740::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:90:3e:00:0a:e2:83:02:33:af:cc:37:b3:49:cb:8f:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Aug 9 19:10:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f2ca52314a27482fd021d75b63e84c3fa1fe5bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:81:05:4f:b7:9d:8e:f6:ea:d8:f5:b4:1a:41:
5c:2e:18:cf:f2:2b:e2:f6:42:47:cd:29:68:eb:df:
c0:31:6d:2e:6f:45:85:fc:e6:7a:82:cc:80:22:9e:
db:8d:4e:96:53:f3:a4:a4:07:ef:7c:dc:cf:0e:d3:
61:2b:a7:fe:45:82:4a:ed:9f:8f:4f:c4:55:e0:76:
05:9a:1b:ee:ed:d6:82:8e:cf:33:cc:6d:96:a5:b3:
3f:9a:06:28:7e:34:74:9a:95:c5:06:f2:53:98:f2:
58:f6:9e:34:73:fd:9e:61:5b:09:a9:42:fb:f8:5a:
89:fb:a7:4f:69:a1:d9:83:69:de:d0:ce:a9:87:84:
6e:ca:c0:0c:68:37:05:61:d8:48:5c:08:e8:25:44:
4b:57:df:cc:16:38:d8:f1:96:61:07:9c:39:2b:cd:
ca:9d:d5:bc:16:fb:ba:77:27:f5:11:e0:43:d3:cc:
90:eb:bb:ec:5d:a8:49:32:ae:45:a7:73:be:d2:6a:
24:ca:1c:95:93:c2:20:72:3d:bf:5b:82:91:84:cc:
88:7b:28:63:af:24:2b:96:4a:6e:21:07:8e:77:02:
3d:d0:4d:a3:4e:b8:d2:a1:b1:6a:fd:a2:db:6b:00:
be:94:82:d7:0c:c2:19:43:e9:30:60:bb:4b:ae:ac:
e6:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:2C:A5:23:14:A2:74:82:FD:02:1D:75:B6:3E:84:C3:FA:1F:E5:BB
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/PyylIxSidIL9Ah11tj6Ew_of5bs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.168.0/21
62.84.0.0/20
62.205.192.0/18
77.38.128.0/17
85.115.96.0/19
85.254.120.0/23
87.226.0.0/17
89.18.192.0/19
89.201.0.0/17
91.142.0.0/20
91.188.32.0/19
93.177.192.0/18
94.30.128.0/17
109.110.0.0/19
136.169.0.0/17
185.144.184.0/22
188.112.128.0/18
195.62.128.0/19
195.244.128.0/20
213.180.96.0/19
217.198.224.0/20
217.199.96.0/19
IPv6:
2a00:9000::/29
2a00:f4a0::/29
2a03:6740::/29
Signature Algorithm: sha256WithRSAEncryption
86:c3:c4:16:c4:a4:88:62:7c:e2:c5:fa:ed:0d:e0:3d:75:d3:
9a:c1:aa:6c:f3:ad:41:ee:ec:20:55:30:e1:9f:82:91:0a:9b:
33:eb:93:f7:ec:47:ae:73:fc:e2:b8:70:f5:a8:f5:3f:16:e9:
53:f1:0d:8d:86:d3:86:d5:a6:07:52:de:d6:e8:b4:c8:b9:66:
a5:9e:07:ea:26:f0:96:7a:3a:b9:d5:ea:6c:e5:ab:9c:63:af:
78:65:f2:15:2c:22:fe:09:79:21:19:07:12:fe:1a:e0:e9:da:
89:f5:4e:33:d8:5a:b5:8a:5a:fb:88:3f:05:86:7c:54:ba:38:
cb:bf:3c:b6:f9:4a:f4:73:18:2f:ec:46:7f:2c:28:fe:0e:17:
e5:9d:92:6d:4f:9e:bf:b3:7e:f4:35:db:45:10:f3:88:7a:af:
e4:f3:d7:10:0f:be:ec:4f:4d:58:20:19:dc:43:b2:a6:a7:b1:
d2:80:d5:ea:9c:21:8f:c3:91:d9:88:ed:a9:d2:b6:cd:ff:7f:
fc:0b:c0:e6:be:dd:0f:b2:af:a8:0d:7d:8f:bb:25:2c:e0:39:
5e:5b:fe:2a:a8:b4:4c:52:f6:0f:18:ec:24:5a:19:bc:69:ae:
7c:98:1c:fc:ad:ed:f0:7c:95:73:68:01:7c:18:0f:8e:ea:23:
00:07:ab:b2
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZiQPgAK4oMCM6/MN7NJy4/3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwODA5MTkxMDM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjJjYTUyMzE0YTI3NDgyZmQwMjFkNzViNjNlODRjM2ZhMWZlNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtIEFT7edjvbq2PW0GkFcLhjP8ivi
9kJHzSlo69/AMW0ub0WF/OZ6gsyAIp7bjU6WU/OkpAfvfNzPDtNhK6f+RYJK7Z+P
T8RV4HYFmhvu7daCjs8zzG2WpbM/mgYofjR0mpXFBvJTmPJY9p40c/2eYVsJqUL7
+FqJ+6dPaaHZg2ne0M6ph4RuysAMaDcFYdhIXAjoJURLV9/MFjjY8ZZhB5w5K83K
ndW8Fvu6dyf1EeBD08yQ67vsXahJMq5Fp3O+0mokyhyVk8Igcj2/W4KRhMyIeyhj
ryQrlkpuIQeOdwI90E2jTrjSobFq/aLbawC+lILXDMIZQ+kwYLtLrqzmzwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFD8spSMUonSC/QIddbY+hMP6H+W7MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvUHl5bEl4U2lkSUw5QWgxMXRqNkV3X29mNWJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBiwQCAAEwgYQDBAMl
lKgDBAQ+VAADBAY+zcADBAdNJoADBAVVc2ADBAFV/ngDBAdX4gADBAVZEsADBAdZ
yQADBARbjgADBAVbvCADBAZdscADBAdeHoADBAVtbgADBAeIqQADBAK5kLgDBAa8
cIADBAXDPoADBATD9IADBAXVtGADBATZxuADBAXZx2AwGwQCAAIwFQMFAyoAkAAD
BQMqAPSgAwUDKgNnQDANBgkqhkiG9w0BAQsFAAOCAQEAhsPEFsSkiGJ84sX67Q3g
PXXTmsGqbPOtQe7sIFUw4Z+CkQqbM+uT9+xHrnP84rhw9aj1PxbpU/ENjYbThtWm
B1Le1ui0yLlmpZ4H6ibwlno6udXqbOWrnGOveGXyFSwi/gl5IRkHEv4a4OnaifVO
M9hatYpa+4g/BYZ8VLo4y788tvlK9HMYL+xGfywo/g4X5Z2SbU+ev7N+9DXbRRDz
iHqv5PPXEA++7E9NWCAZ3EOypqex0oDV6pwhj8OR2YjtqdK2zf9//AvA5r7dD7Kv
qA19j7slLOA5Xlv+Kqi0TFL2DxjsJFoZvGmufJgc/K3t8HyVc2gBfBgPjuojAAer
sg==
-----END CERTIFICATE-----
Generated at Sun Aug 24 01:17:09 2025 by rpki-client