Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/8oEJVvsajcBRoUJrjPZ44H-lDvU.roa
File: 8oEJVvsajcBRoUJrjPZ44H-lDvU.roa (raw, json)
Hash identifier: s8IZbmglKempNB2FF6VAP5r2WVPZqYqiGBObGrONRsw=
Subject key identifier: F2:81:09:56:FB:1A:8D:C0:51:A1:42:6B:8C:F6:78:E0:7F:A5:0E:F5
Certificate issuer: /CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Certificate serial: 0199CCE58642989AEC687FC008CBD96420B1
Authority key identifier: 66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/8oEJVvsajcBRoUJrjPZ44H-lDvU.roa
Signing time: Fri 10 Oct 2025 06:53:38 +0000
ROA not before: Fri 10 Oct 2025 06:53:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64289
IP address blocks: 185.225.24.0/24 maxlen: 24
185.225.26.0/24 maxlen: 24
192.189.157.0/24 maxlen: 24
194.110.60.0/24 maxlen: 24
2a14:3f80::/45 maxlen: 45
2a14:3f80:8::/45 maxlen: 45
2a14:3f80:10::/45 maxlen: 45
2a14:3f80:18::/45 maxlen: 45
2a14:3f80:20::/45 maxlen: 45
2a14:3f80:28::/45 maxlen: 45
2a14:3f80:60::/45 maxlen: 45
2a14:3f80:80::/45 maxlen: 45
2a14:3f80:88::/45 maxlen: 45
2a14:3f80:100::/45 maxlen: 45
2a14:3f80:108::/45 maxlen: 45
2a14:3f80:3d1::/48 maxlen: 48
2a14:3f80:800::/38 maxlen: 38
2a14:3f80:c00::/38 maxlen: 38
2a14:3f80:1000::/38 maxlen: 38
2a14:3f80:1400::/38 maxlen: 38
2a14:3f80:1800::/38 maxlen: 38
2a14:3f80:1ed0::/45 maxlen: 45
2a14:3f80:2000::/38 maxlen: 38
2a14:3f80:2400::/38 maxlen: 38
2a14:3f80:2800::/38 maxlen: 38
2a14:3f80:2b40::/42 maxlen: 42
2a14:3f80:3000::/38 maxlen: 38
2a14:3f80:3400::/38 maxlen: 38
2a14:3f80:3800::/38 maxlen: 38
2a14:3f80:3c00::/38 maxlen: 38
2a14:3f80:4000::/38 maxlen: 38
2a14:3f80:4400::/38 maxlen: 38
2a14:3f80:5000::/38 maxlen: 38
2a14:3f80:6000::/38 maxlen: 38
2a14:3f80:7000::/38 maxlen: 38
2a14:3f80:8800::/38 maxlen: 38
2a14:3f80:af38::/45 maxlen: 45
2a14:3f81:5800::/38 maxlen: 38
2a14:3f82:4000::/38 maxlen: 38
2a14:3f82:6000::/38 maxlen: 38
2a14:3f82:7000::/38 maxlen: 38
2a14:3f82:8800::/38 maxlen: 38
2a14:3f87:2800::/38 maxlen: 38
2a14:3f87:4800::/38 maxlen: 38
2a14:3f87:6800::/38 maxlen: 38
2a14:3f87:6920::/44 maxlen: 44
2a14:3f87:6ba0::/44 maxlen: 44
2a14:3f87:9800::/38 maxlen: 38
2a14:3f87:c800::/38 maxlen: 38
2a14:3f87:e000::/38 maxlen: 38
2a14:3f87:f000::/38 maxlen: 38
2a14:3f87:f001::/48 maxlen: 48
2a14:3f87:f002::/48 maxlen: 48
2a14:3f87:fc00::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cc:e5:86:42:98:9a:ec:68:7f:c0:08:cb:d9:64:20:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66ed3ba68c78bff2c4724400ade6348482fb4364
Validity
Not Before: Oct 10 06:53:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2810956fb1a8dc051a1426b8cf678e07fa50ef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:90:ea:e0:12:74:2d:cc:20:a1:26:dc:42:5b:
84:dc:9e:42:4d:f7:e0:38:94:f7:1b:c8:ff:1a:56:
60:38:f3:a1:2a:5c:8b:42:20:e9:b1:71:57:cd:44:
7e:10:50:58:28:f7:84:6b:ae:6c:5c:a4:a1:d5:85:
d9:92:c2:23:53:c2:8c:1a:d4:b9:1f:4a:ee:0f:66:
36:f1:ce:05:b3:23:11:65:80:d5:26:5e:da:6e:7e:
5e:05:bd:3e:ca:8e:a3:15:0d:4c:61:4d:85:c7:fb:
bb:a8:50:dc:84:9c:24:c6:a7:24:24:ad:cf:b3:60:
c1:bd:d8:ca:3a:19:e3:af:d5:d5:32:a8:82:c4:7d:
44:fe:04:af:8f:89:5c:5e:33:97:ec:37:32:b4:75:
fd:27:e7:10:bc:5c:0b:10:7e:c0:0c:08:e2:45:48:
7d:ea:2d:ef:60:7d:73:46:c5:4c:57:00:e9:4a:19:
19:ec:8d:0a:31:12:1a:2a:67:b9:78:eb:6b:04:fd:
f5:2f:b4:fc:1e:30:41:de:30:64:68:c5:1a:d3:62:
b9:60:cc:ed:17:48:ab:21:7a:fe:90:e1:03:29:e4:
78:85:9d:e6:4e:c3:26:b8:df:0f:f8:5a:ab:b6:33:
62:23:41:18:4a:16:3c:1b:c6:6f:f9:5b:28:ee:11:
ad:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:81:09:56:FB:1A:8D:C0:51:A1:42:6B:8C:F6:78:E0:7F:A5:0E:F5
X509v3 Authority Key Identifier:
keyid:66:ED:3B:A6:8C:78:BF:F2:C4:72:44:00:AD:E6:34:84:82:FB:43:64
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zu07pox4v_LEckQAreY0hIL7Q2Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/8oEJVvsajcBRoUJrjPZ44H-lDvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/b79a68-5b02-4097-a2e3-0a43b7a3eb54/1/Zu07pox4v_LEckQAreY0hIL7Q2Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.225.24.0/24
185.225.26.0/24
192.189.157.0/24
194.110.60.0/24
IPv6:
2a14:3f80::-2a14:3f80:2f:ffff:ffff:ffff:ffff:ffff
2a14:3f80:60::/45
2a14:3f80:80::/44
2a14:3f80:100::/44
2a14:3f80:3d1::/48
2a14:3f80:800::-2a14:3f80:1bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:1ed0::/45
2a14:3f80:2000::-2a14:3f80:2bff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:3000::-2a14:3f80:47ff:ffff:ffff:ffff:ffff:ffff
2a14:3f80:5000::/38
2a14:3f80:6000::/38
2a14:3f80:7000::/38
2a14:3f80:8800::/38
2a14:3f80:af38::/45
2a14:3f81:5800::/38
2a14:3f82:4000::/38
2a14:3f82:6000::/38
2a14:3f82:7000::/38
2a14:3f82:8800::/38
2a14:3f87:2800::/38
2a14:3f87:4800::/38
2a14:3f87:6800::/38
2a14:3f87:9800::/38
2a14:3f87:c800::/38
2a14:3f87:e000::/38
2a14:3f87:f000::/38
2a14:3f87:fc00::/38
Signature Algorithm: sha256WithRSAEncryption
65:1a:97:c8:15:54:e6:f7:ee:1a:14:64:ec:1d:15:a9:b2:1f:
45:5c:27:42:45:f3:7f:5d:9e:50:c4:aa:85:72:66:0d:86:31:
b0:d0:a6:7d:16:81:f0:dd:b5:8e:ee:55:55:da:43:d0:a7:af:
8a:17:c8:c9:7f:fb:49:5b:cf:ed:35:c1:c8:c1:45:a0:6e:02:
9a:89:3b:ab:ff:32:7c:90:30:8c:c5:da:f3:d1:63:a7:26:2a:
6a:4d:52:43:3b:61:86:2e:28:41:19:bc:52:81:7d:b6:c7:84:
7c:7e:44:f9:32:36:01:85:5f:70:0d:69:4d:64:0f:50:c1:53:
f7:88:6b:a2:87:2c:87:fd:4b:64:12:36:40:25:b0:99:30:60:
ec:5c:16:38:fd:b2:a5:98:b4:b0:c2:52:b3:d8:f8:e1:c7:a6:
19:32:50:27:b1:d9:22:70:00:03:d5:96:d3:95:b8:4e:60:bd:
d9:b5:ea:36:24:f8:f0:d9:66:c7:39:38:11:36:89:b7:09:5b:
10:c2:ae:20:71:80:07:4c:48:c6:5a:47:42:18:dd:84:8b:81:
76:d8:46:66:3b:16:d1:40:b0:21:03:23:b6:66:d6:4e:b5:e8:
77:0d:e8:18:b8:75:d7:37:c0:f6:15:33:2c:c4:13:11:5d:47:
d2:4e:81:7d
-----BEGIN CERTIFICATE-----
MIIGJzCCBQ+gAwIBAgISAZnM5YZCmJrsaH/ACMvZZCCxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZWQzYmE2OGM3OGJmZjJjNDcyNDQwMGFkZTYzNDg0ODJm
YjQzNjQwHhcNMjUxMDEwMDY1MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMjgxMDk1NmZiMWE4ZGMwNTFhMTQyNmI4Y2Y2NzhlMDdmYTUwZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpDq4BJ0LcwgoSbcQluE3J5CTffg
OJT3G8j/GlZgOPOhKlyLQiDpsXFXzUR+EFBYKPeEa65sXKSh1YXZksIjU8KMGtS5
H0ruD2Y28c4FsyMRZYDVJl7abn5eBb0+yo6jFQ1MYU2Fx/u7qFDchJwkxqckJK3P
s2DBvdjKOhnjr9XVMqiCxH1E/gSvj4lcXjOX7DcytHX9J+cQvFwLEH7ADAjiRUh9
6i3vYH1zRsVMVwDpShkZ7I0KMRIaKme5eOtrBP31L7T8HjBB3jBkaMUa02K5YMzt
F0irIXr+kOEDKeR4hZ3mTsMmuN8P+FqrtjNiI0EYShY8G8Zv+Vso7hGtYQIDAQAB
o4IDMzCCAy8wHQYDVR0OBBYEFPKBCVb7Go3AUaFCa4z2eOB/pQ71MB8GA1UdIwQY
MBaAFGbtO6aMeL/yxHJEAK3mNISC+0NkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMt
MGE0M2I3YTNlYjU0LzEvOG9FSlZ2c2FqY0JSb1VKcmpQWjQ0SC1sRHZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS9iNzlhNjgtNWIwMi00MDk3LWEyZTMtMGE0M2I3YTNlYjU0
LzEvWnUwN3BveDR2X0xFY2tRQXJlWTBoSUw3UTJRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRwYIKwYBBQUHAQcBAf8EggE2MIIBMjAeBAIAATAYAwQA
ueEYAwQAueEaAwQAwL2dAwQAwm48MIIBDgQCAAIwggEGMBADBQcqFD+AAwcEKhQ/
gAAgAwcDKhQ/gABgAwcEKhQ/gACAAwcEKhQ/gAEAAwcAKhQ/gAPRMBADBgMqFD+A
CAMGAioUP4AYAwcDKhQ/gB7QMBADBgUqFD+AIAMGAioUP4AoMBADBgQqFD+AMAMG
AyoUP4BAAwYCKhQ/gFADBgIqFD+AYAMGAioUP4BwAwYCKhQ/gIgDBwMqFD+ArzgD
BgIqFD+BWAMGAioUP4JAAwYCKhQ/gmADBgIqFD+CcAMGAioUP4KIAwYCKhQ/hygD
BgIqFD+HSAMGAioUP4doAwYCKhQ/h5gDBgIqFD+HyAMGAioUP4fgAwYCKhQ/h/AD
BgIqFD+H/DANBgkqhkiG9w0BAQsFAAOCAQEAZRqXyBVU5vfuGhRk7B0VqbIfRVwn
QkXzf12eUMSqhXJmDYYxsNCmfRaB8N21ju5VVdpD0KevihfIyX/7SVvP7TXByMFF
oG4Cmok7q/8yfJAwjMXa89FjpyYqak1SQzthhi4oQRm8UoF9tseEfH5E+TI2AYVf
cA1pTWQPUMFT94hroocsh/1LZBI2QCWwmTBg7FwWOP2ypZi0sMJSs9j44cemGTJQ
J7HZInAAA9WW05W4TmC92bXqNiT48Nlmxzk4ETaJtwlbEMKuIHGAB0xIxlpHQhjd
hIuBdthGZjsW0UCwIQMjtmbWTrXodw3oGLh11zfA9hUzLMQTEV1H0k6BfQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:40 2025 by rpki-client