
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/iF9-NKAWtTux6MwMaI6QJdJJltI.roa
File: iF9-NKAWtTux6MwMaI6QJdJJltI.roa (raw, json)
Hash identifier: xbmH6KKP+n2z6UfbQYpzZpWwVeqplqlQYplIkYXDK08=
Subject key identifier: 88:5F:7E:34:A0:16:B5:3B:B1:E8:CC:0C:68:8E:90:25:D2:49:96:D2
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 019982CFD6A05BAC31F6D5E2B179C7653503
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/iF9-NKAWtTux6MwMaI6QJdJJltI.roa
Signing time: Thu 25 Sep 2025 21:38:02 +0000
ROA not before: Thu 25 Sep 2025 21:38:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51765
IP address blocks: 31.40.195.0/24 maxlen: 24
37.72.141.0/24 maxlen: 24
45.141.128.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
46.253.131.0/24 maxlen: 24
62.204.49.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
83.97.116.0/22 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
91.246.51.0/24 maxlen: 24
91.247.163.0/24 maxlen: 24
94.154.113.0/24 maxlen: 24
178.20.28.0/22 maxlen: 24
185.202.108.0/24 maxlen: 24
185.212.115.0/24 maxlen: 24
193.31.126.0/24 maxlen: 24
193.42.245.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.163.89.0/24 maxlen: 24
193.163.92.0/24 maxlen: 24
193.163.207.0/24 maxlen: 24
194.70.234.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
212.18.113.0/24 maxlen: 24
212.18.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:82:cf:d6:a0:5b:ac:31:f6:d5:e2:b1:79:c7:65:35:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Sep 25 21:38:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=885f7e34a016b53bb1e8cc0c688e9025d24996d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:02:d3:8d:db:6e:b1:31:ae:15:bb:c3:ec:98:
92:2f:16:9d:cd:50:2c:bc:af:9d:c8:62:66:ed:79:
e5:3f:de:26:a6:a5:a9:28:e5:de:54:5f:a8:d2:a7:
7a:7b:80:55:fd:af:3e:8d:0c:98:d1:e6:d7:82:b7:
e3:f3:d1:b7:95:94:d8:12:8b:83:64:2f:66:17:48:
34:53:5c:bc:3a:34:76:6b:55:e3:e0:76:b5:bb:8d:
8a:b1:6e:f0:49:1f:21:55:e8:24:c9:d5:40:9a:41:
d1:94:0b:d8:b7:df:95:df:4d:a7:dd:85:0d:3d:f7:
f6:4b:fc:4c:13:01:18:00:cc:57:ea:ca:1e:6c:47:
b7:b9:e0:68:43:01:b5:e2:3d:7b:51:32:da:8b:cf:
5b:f5:4a:c7:91:24:2a:0f:eb:3c:17:31:92:f2:bd:
00:e8:21:92:ca:3f:d3:e9:b2:69:2f:20:f9:c7:a5:
07:89:49:0e:f7:41:2d:d2:15:88:ea:bd:9e:80:51:
54:86:40:ad:8b:18:54:11:44:f2:85:b1:5e:93:7e:
55:2c:21:aa:02:20:ba:65:e6:80:c8:72:fe:f1:0e:
05:52:b5:00:a7:5a:0e:4a:b4:54:35:36:22:28:9c:
28:0c:85:41:5b:70:d9:c0:6c:91:45:ef:26:a1:e4:
71:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:5F:7E:34:A0:16:B5:3B:B1:E8:CC:0C:68:8E:90:25:D2:49:96:D2
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/iF9-NKAWtTux6MwMaI6QJdJJltI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.195.0/24
37.72.141.0/24
45.141.128.0/24
45.159.21.0-45.159.22.255
46.253.131.0/24
62.204.49.0/24
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
91.246.51.0/24
91.247.163.0/24
94.154.113.0/24
178.20.28.0/22
185.202.108.0/24
185.212.115.0/24
193.31.126.0/24
193.42.245.0/24
193.151.189.0-193.151.191.255
193.163.89.0/24
193.163.92.0/24
193.163.207.0/24
194.70.234.0/24
194.99.24.0/24
194.99.26.0/24
212.18.113.0/24
212.18.127.0/24
Signature Algorithm: sha256WithRSAEncryption
93:14:d4:b7:42:c5:da:9d:2a:1c:f3:bc:56:d3:40:a5:77:2d:
3a:f1:9f:ab:df:7a:bd:f5:06:62:ab:85:c3:d6:3a:d4:d8:e6:
ef:a6:58:d9:cf:a1:da:98:2b:95:a1:9c:c8:90:20:c9:d8:b3:
fc:c8:75:70:db:b8:37:5f:7b:96:dd:bf:a7:e3:81:4f:1c:09:
8a:e3:e5:c7:b1:50:03:3c:02:a3:0f:dd:c3:a3:51:0f:6a:8f:
b8:ca:9e:52:60:40:b3:2d:da:7c:53:2e:aa:0d:0f:80:75:2e:
7a:47:94:9f:cb:f9:19:25:52:5c:6b:d9:a5:52:39:17:09:69:
e4:1c:98:8e:6b:f1:09:13:e1:02:60:2b:5e:32:cf:60:d3:2d:
f4:d4:1a:9f:8e:f2:57:3a:17:b3:cd:3b:4f:eb:ea:68:dd:5e:
0c:d3:96:69:94:39:06:ac:be:01:c3:8d:e7:ae:12:fd:10:d7:
c6:1a:1c:95:68:f3:a0:be:b0:eb:ff:4b:93:7d:62:b2:6f:b1:
21:27:44:0f:4b:fe:7b:41:8e:52:20:d7:bc:7a:c9:8a:01:24:
88:0d:ae:af:7a:fa:98:d8:f6:5d:12:b2:5e:34:56:86:80:79:
6d:3a:55:a6:f4:db:f1:a7:8b:19:c1:74:29:1e:fa:04:08:2d:
34:f6:fc:f6
-----BEGIN CERTIFICATE-----
MIIFrjCCBJagAwIBAgISAZmCz9agW6wx9tXisXnHZTUDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwOTI1MjEzODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ODVmN2UzNGEwMTZiNTNiYjFlOGNjMGM2ODhlOTAyNWQyNDk5NmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4ALTjdtusTGuFbvD7JiSLxadzVAs
vK+dyGJm7XnlP94mpqWpKOXeVF+o0qd6e4BV/a8+jQyY0ebXgrfj89G3lZTYEouD
ZC9mF0g0U1y8OjR2a1Xj4Ha1u42KsW7wSR8hVegkydVAmkHRlAvYt9+V302n3YUN
Pff2S/xMEwEYAMxX6soebEe3ueBoQwG14j17UTLai89b9UrHkSQqD+s8FzGS8r0A
6CGSyj/T6bJpLyD5x6UHiUkO90Et0hWI6r2egFFUhkCtixhUEUTyhbFek35VLCGq
AiC6ZeaAyHL+8Q4FUrUAp1oOSrRUNTYiKJwoDIVBW3DZwGyRRe8moeRxSwIDAQAB
o4ICujCCArYwHQYDVR0OBBYEFIhffjSgFrU7sejMDGiOkCXSSZbSMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvaUY5LU5LQVd0VHV4Nk13TWFJNlFKZEpKbHRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHPBggrBgEFBQcBBwEB/wSBvzCBvDCBuQQCAAEwgbIDBAAf
KMMDBAAlSI0DBAAtjYAwDAMEAC2fFQMEAC2fFgMEAC79gwMEAD7MMQMEAk1TGAME
AlNhdAMEAFjaLQMEAFjaLwMEAFv2MwMEAFv3owMEAF6acQMEArIUHAMEALnKbAME
ALnUcwMEAMEffgMEAMEq9TAMAwQAwZe9AwQGwZeAAwQAwaNZAwQAwaNcAwQAwaPP
AwQAwkbqAwQAwmMYAwQAwmMaAwQA1BJxAwQA1BJ/MA0GCSqGSIb3DQEBCwUAA4IB
AQCTFNS3QsXanSoc87xW00Cldy068Z+r33q99QZiq4XD1jrU2ObvpljZz6HamCuV
oZzIkCDJ2LP8yHVw27g3X3uW3b+n44FPHAmK4+XHsVADPAKjD93Do1EPao+4yp5S
YECzLdp8Uy6qDQ+AdS56R5Sfy/kZJVJca9mlUjkXCWnkHJiOa/EJE+ECYCteMs9g
0y301BqfjvJXOhezzTtP6+po3V4M05ZplDkGrL4Bw43nrhL9ENfGGhyVaPOgvrDr
/0uTfWKyb7EhJ0QPS/57QY5SINe8esmKASSIDa6vevqY2PZdErJeNFaGgHltOlWm
9Nvxp4sZwXQpHvoECC009vz2
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:45:00 2025 by rpki-client