Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/18w4n4c0cDQGOifCmmXS0bSE8_s.roa
File: 18w4n4c0cDQGOifCmmXS0bSE8_s.roa (raw, json)
Hash identifier: SIMK8PNO0s5rEeFGwVzs3xf4SYDZZHqpyYYANgJ+BE4=
Subject key identifier: D7:CC:38:9F:87:34:70:34:06:3A:27:C2:9A:65:D2:D1:B4:84:F3:FB
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 0198E3654FF7539563C5A1E21696BA899F52
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/18w4n4c0cDQGOifCmmXS0bSE8_s.roa
Signing time: Mon 25 Aug 2025 22:42:04 +0000
ROA not before: Mon 25 Aug 2025 22:42:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
37.99.200.0/21 maxlen: 21
37.123.120.0/21 maxlen: 21
109.75.96.0/24 maxlen: 24
109.75.97.0/24 maxlen: 24
109.75.98.0/24 maxlen: 24
109.75.99.0/24 maxlen: 24
109.75.100.0/22 maxlen: 22
109.75.102.0/24 maxlen: 24
109.75.104.0/24 maxlen: 24
109.75.105.0/24 maxlen: 24
109.75.106.0/24 maxlen: 24
109.75.107.0/24 maxlen: 24
109.75.108.0/22 maxlen: 22
153.92.32.0/21 maxlen: 21
185.8.84.0/23 maxlen: 23
185.8.86.0/23 maxlen: 23
185.62.88.0/22 maxlen: 22
185.65.196.0/23 maxlen: 23
185.65.198.0/23 maxlen: 23
185.68.76.0/22 maxlen: 22
185.211.16.0/22 maxlen: 22
193.57.0.0/22 maxlen: 22
195.42.244.0/22 maxlen: 22
195.178.0.0/23 maxlen: 23
2a04:6ec0::/29 maxlen: 29
2a04:6ec0::/32 maxlen: 32
2a0b:6240::/29 maxlen: 29
2a0c:90c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e3:65:4f:f7:53:95:63:c5:a1:e2:16:96:ba:89:9f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Aug 25 22:42:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7cc389f87347034063a27c29a65d2d1b484f3fb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:d6:b7:fc:6d:4e:05:a5:14:24:8b:8e:01:
7a:ba:62:fc:19:97:b7:18:7c:9b:f9:47:93:91:c0:
8f:06:44:44:a7:1b:0a:a2:ba:13:bd:f3:38:20:b5:
2b:a7:82:fc:15:c5:1b:c8:68:d3:45:c9:ad:fa:a1:
4f:93:27:60:f2:90:5c:9a:57:89:61:96:13:be:fd:
43:86:a1:ea:23:53:5e:f4:b5:0b:ee:f6:5a:96:59:
a0:0a:b3:85:6f:1c:8c:9c:3f:27:30:a0:64:55:2e:
40:69:2f:a3:52:02:05:13:d9:58:f7:e8:be:1a:72:
af:89:72:6b:68:77:b8:57:f9:97:a5:e6:9c:9a:8b:
b4:72:0c:f2:72:22:b6:09:f0:10:fb:6a:58:46:33:
47:b4:05:09:9b:d5:8d:3d:f8:e6:6e:7d:f9:a3:58:
44:c2:20:54:7b:84:28:7a:a8:ce:39:bd:64:07:b0:
6e:38:7c:26:00:18:25:30:b7:04:90:41:89:d8:4d:
5e:bc:26:51:b1:fe:3c:2f:46:7c:cf:1a:2e:c0:b5:
9d:6a:e8:6e:bb:49:ab:c4:23:e9:5a:48:1c:b0:ad:
59:cd:6e:62:7d:ea:e5:0e:68:41:50:a4:7c:9a:be:
52:2d:6d:37:84:45:23:fe:27:c0:37:ad:bd:9b:da:
36:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:CC:38:9F:87:34:70:34:06:3A:27:C2:9A:65:D2:D1:B4:84:F3:FB
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/18w4n4c0cDQGOifCmmXS0bSE8_s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.99.200.0/21
37.123.120.0/21
109.75.96.0/20
153.92.32.0/21
185.8.84.0/22
185.62.88.0/22
185.65.196.0/22
185.68.76.0/22
185.211.16.0/22
193.57.0.0/22
195.42.244.0/22
195.178.0.0/23
IPv6:
2a04:6ec0::/29
2a0b:6240::/29
2a0c:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
22:f0:ab:7d:45:3b:09:4a:07:95:5f:44:d0:d2:f0:b4:d5:26:
d5:4b:b8:40:e1:70:b6:6a:3d:ac:08:ce:15:a1:23:ab:d1:42:
0f:d6:59:33:cf:38:54:83:1e:8a:ed:e5:ef:63:c5:95:50:bc:
14:2b:27:81:3d:53:45:4b:16:f7:d6:ee:95:df:f3:07:f6:ed:
cc:76:a1:1d:c3:aa:bc:b9:70:ec:6c:e5:b0:79:1d:b5:0f:3d:
19:39:4e:b0:96:ad:d1:9b:d6:d1:35:aa:c5:9f:5b:af:a7:e9:
df:65:4b:b2:8a:6f:9d:34:6c:35:14:7e:96:f9:4e:a7:7c:f7:
04:54:e1:d8:15:fb:6e:ae:31:55:f6:f9:6f:b4:bf:5b:5b:43:
08:05:04:bb:32:f9:69:64:9b:ef:b5:38:55:0c:72:ba:ad:bc:
c5:7e:6c:34:0e:2c:91:27:63:04:ad:60:0c:37:0c:d9:4d:35:
a3:75:aa:2c:fa:28:8e:be:65:82:ec:21:ed:cb:c3:25:eb:a2:
05:90:b7:82:db:a2:3e:32:d8:82:99:8b:14:1b:d7:08:0c:dc:
bd:8f:aa:f5:f7:02:65:4b:4b:28:a5:bc:ce:fb:04:3c:39:a3:
8d:8a:bb:fb:27:c1:18:ea:90:ea:8f:79:f6:f4:04:60:6d:a2:
07:30:20:33
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZjjZU/3U5VjxaHiFpa6iZ9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjUwODI1MjI0MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2NjMzg5Zjg3MzQ3MDM0MDYzYTI3YzI5YTY1ZDJkMWI0ODRmM2ZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzzWt/xtTgWlFCSLjgF6umL8GZe3
GHyb+UeTkcCPBkREpxsKoroTvfM4ILUrp4L8FcUbyGjTRcmt+qFPkydg8pBcmleJ
YZYTvv1DhqHqI1Ne9LUL7vZallmgCrOFbxyMnD8nMKBkVS5AaS+jUgIFE9lY9+i+
GnKviXJraHe4V/mXpeacmou0cgzyciK2CfAQ+2pYRjNHtAUJm9WNPfjmbn35o1hE
wiBUe4QoeqjOOb1kB7BuOHwmABglMLcEkEGJ2E1evCZRsf48L0Z8zxouwLWdauhu
u0mrxCPpWkgcsK1ZzW5iferlDmhBUKR8mr5SLW03hEUj/ifAN629m9o22wIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFNfMOJ+HNHA0Bjonwppl0tG0hPP7MB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvMTh3NG40YzBjRFFHT2lmQ21tWFMwYlNFOF9zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwVAQCAAEwTgMEAx8ZmAME
AyVjyAMEAyV7eAMEBG1LYAMEA5lcIAMEArkIVAMEArk+WAMEArlBxAMEArlETAME
ArnTEAMEAsE5AAMEAsMq9AMEAcOyADAbBAIAAjAVAwUDKgRuwAMFAyoLYkADBQMq
DJDAMA0GCSqGSIb3DQEBCwUAA4IBAQAi8Kt9RTsJSgeVX0TQ0vC01SbVS7hA4XC2
aj2sCM4VoSOr0UIP1lkzzzhUgx6K7eXvY8WVULwUKyeBPVNFSxb31u6V3/MH9u3M
dqEdw6q8uXDsbOWweR21Dz0ZOU6wlq3Rm9bRNarFn1uvp+nfZUuyim+dNGw1FH6W
+U6nfPcEVOHYFfturjFV9vlvtL9bW0MIBQS7MvlpZJvvtThVDHK6rbzFfmw0DiyR
J2MErWAMNwzZTTWjdaos+iiOvmWC7CHty8Ml66IFkLeC26I+MtiCmYsUG9cIDNy9
j6r19wJlS0sopbzO+wQ8OaONirv7J8EY6pDqj3n29ARgbaIHMCAz
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:20 2025 by rpki-client