
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/r3KGCxCjv96IO7-73DJmbR2vbyc.roa
File: r3KGCxCjv96IO7-73DJmbR2vbyc.roa (raw, json)
Hash identifier: Luwss69T/0U8tEoPzqcLlCHMuF2RU6WIe+S3JTcP9Ko=
Subject key identifier: AF:72:86:0B:10:A3:BF:DE:88:3B:BF:BB:DC:32:66:6D:1D:AF:6F:27
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0199F05A6214D16F45B86C15DFE520EF3A13
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/r3KGCxCjv96IO7-73DJmbR2vbyc.roa
Signing time: Fri 17 Oct 2025 04:07:59 +0000
ROA not before: Fri 17 Oct 2025 04:07:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.231.70.0/24 maxlen: 24
5.231.234.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
85.93.1.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
89.144.25.0/24 maxlen: 24
89.144.44.0/24 maxlen: 24
89.144.46.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.170.0/24 maxlen: 24
94.249.183.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f0:5a:62:14:d1:6f:45:b8:6c:15:df:e5:20:ef:3a:13
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 17 04:07:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=af72860b10a3bfde883bbfbbdc32666d1daf6f27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c2:a4:be:38:cc:35:82:84:15:7a:fb:7c:0b:
f3:70:d6:7c:ac:7f:50:ed:0f:cf:9b:4c:a8:9c:8f:
f2:b1:ea:12:2d:a5:c2:3d:0f:24:84:98:b9:f4:45:
60:64:7b:2d:71:05:49:01:7f:c9:b3:c1:e1:5a:1e:
4e:89:6c:1f:a4:af:52:ae:a3:1c:20:32:68:f9:e3:
31:3e:6b:6c:20:3a:ec:9a:68:55:85:9e:80:b7:43:
df:e9:24:13:b7:bd:d3:ab:d0:1f:4a:ac:e5:70:fe:
0b:73:cc:90:47:9e:68:bd:ce:ea:65:e4:02:8f:04:
b8:50:55:1b:e0:34:71:73:bb:b0:f1:73:af:c2:e8:
3e:c0:0a:77:b0:59:88:d1:41:27:64:e1:c8:d2:28:
03:01:b3:e2:dd:59:83:67:8b:df:e8:a5:93:82:b1:
af:b5:ad:52:20:fc:23:07:a6:14:ca:af:13:1d:84:
6a:ee:5f:c7:45:6d:a2:4c:ff:0e:df:84:3b:8d:01:
54:f7:ce:de:30:6f:7f:cf:9b:ef:d2:3c:fe:e3:5f:
d3:1a:ee:b8:8b:90:92:d6:51:82:bc:e3:eb:c4:dc:
46:d0:36:0a:db:ed:3e:5a:66:38:00:4e:74:57:c6:
fb:69:fc:b3:25:8b:1b:68:b5:8d:c6:12:44:da:fb:
bb:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AF:72:86:0B:10:A3:BF:DE:88:3B:BF:BB:DC:32:66:6D:1D:AF:6F:27
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/r3KGCxCjv96IO7-73DJmbR2vbyc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.70.0/24
5.231.234.0/24
77.90.22.0/24
77.90.41.0/24
77.90.52.0/24
85.93.1.0/24
89.144.17.0-89.144.18.255
89.144.25.0/24
89.144.44.0/24
89.144.46.0/24
94.249.168.0-94.249.170.255
94.249.183.0/24
178.18.147.0/24
Signature Algorithm: sha256WithRSAEncryption
63:d4:2b:2c:e4:e2:4b:6e:f2:f8:64:50:50:9b:b8:5c:3a:14:
dc:86:a1:57:51:8d:dd:a4:cf:92:a9:6f:ae:f4:be:0c:b4:a9:
17:f9:9b:5d:cc:ff:50:51:66:bc:d3:c4:fb:dc:be:97:dd:b4:
24:a7:42:03:37:1a:ed:f9:3e:26:32:32:f8:79:cd:79:2d:09:
7c:f8:dd:32:3a:e9:47:e4:f9:a1:81:17:d9:0d:6a:e8:e8:59:
ca:64:3c:3a:09:5a:6b:58:2f:4c:63:46:5f:53:b8:63:4d:88:
ef:fc:23:92:f1:43:99:ce:5e:0c:0c:a7:df:ca:c8:5a:90:3f:
e2:6a:88:6b:97:f6:0c:b5:cf:16:99:e7:99:04:da:ff:93:e7:
00:40:bb:f0:aa:53:8d:75:8d:90:4d:94:40:8b:97:c6:6e:13:
06:cc:e8:54:f2:ab:f2:89:e6:d7:02:a2:78:77:b9:5c:c2:1d:
5d:6d:c0:a3:b8:22:aa:7b:e1:4e:d8:b0:9a:08:f8:09:ce:1f:
1b:0c:df:7d:17:ec:7b:8d:2b:36:88:31:f0:58:ba:1d:0d:c8:
29:dd:a0:96:74:03:46:a4:6e:44:84:c7:5e:d0:fa:a8:e9:00:
1e:5b:13:2a:a7:68:a7:17:0c:9b:1d:37:6e:e4:6b:c4:82:f5:
08:d7:92:c5
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZnwWmIU0W9FuGwV3+Ug7zoTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDE3MDQwNzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZjcyODYwYjEwYTNiZmRlODgzYmJmYmJkYzMyNjY2ZDFkYWY2ZjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMKkvjjMNYKEFXr7fAvzcNZ8rH9Q
7Q/Pm0yonI/yseoSLaXCPQ8khJi59EVgZHstcQVJAX/Js8HhWh5OiWwfpK9SrqMc
IDJo+eMxPmtsIDrsmmhVhZ6At0Pf6SQTt73Tq9AfSqzlcP4Lc8yQR55ovc7qZeQC
jwS4UFUb4DRxc7uw8XOvwug+wAp3sFmI0UEnZOHI0igDAbPi3VmDZ4vf6KWTgrGv
ta1SIPwjB6YUyq8THYRq7l/HRW2iTP8O34Q7jQFU987eMG9/z5vv0jz+41/TGu64
i5CS1lGCvOPrxNxG0DYK2+0+WmY4AE50V8b7afyzJYsbaLWNxhJE2vu7rQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFK9yhgsQo7/eiDu/u9wyZm0dr28nMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvcjNLR0N4Q2p2OTZJTzctNzNESm1iUjJ2YnljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQABedGAwQA
BefqAwQATVoWAwQATVopAwQATVo0AwQAVV0BMAwDBABZkBEDBABZkBIDBABZkBkD
BABZkCwDBABZkC4wDAMEA175qAMEAF75qgMEAF75twMEALISkzANBgkqhkiG9w0B
AQsFAAOCAQEAY9QrLOTiS27y+GRQUJu4XDoU3IahV1GN3aTPkqlvrvS+DLSpF/mb
Xcz/UFFmvNPE+9y+l920JKdCAzca7fk+JjIy+HnNeS0JfPjdMjrpR+T5oYEX2Q1q
6OhZymQ8Oglaa1gvTGNGX1O4Y02I7/wjkvFDmc5eDAyn38rIWpA/4mqIa5f2DLXP
FpnnmQTa/5PnAEC78KpTjXWNkE2UQIuXxm4TBszoVPKr8onm1wKieHe5XMIdXW3A
o7giqnvhTtiwmgj4Cc4fGwzffRfse40rNogx8Fi6HQ3IKd2glnQDRqRuRITHXtD6
qOkAHlsTKqdopxcMmx03buRrxIL1CNeSxQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:28:57 2025 by rpki-client