Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/_0v8B3PHRVD7yYQcASHCL5uWyOY.roa
File: _0v8B3PHRVD7yYQcASHCL5uWyOY.roa (raw, json)
Hash identifier: pu+m41bbVsvu3wkqU3+YbKOTAB8KfYUq9S8Plxm7sds=
Subject key identifier: FF:4B:FC:07:73:C7:45:50:FB:C9:84:1C:01:21:C2:2F:9B:96:C8:E6
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 01999B1F99446E323247FED54580A37483DF
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/_0v8B3PHRVD7yYQcASHCL5uWyOY.roa
Signing time: Tue 30 Sep 2025 14:56:03 +0000
ROA not before: Tue 30 Sep 2025 14:56:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209371
IP address blocks: 91.194.55.0/24 maxlen: 24
185.88.175.0/24 maxlen: 24
185.184.24.0/24 maxlen: 24
185.243.181.0/24 maxlen: 24
193.160.140.0/24 maxlen: 24
193.223.106.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9b:1f:99:44:6e:32:32:47:fe:d5:45:80:a3:74:83:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Sep 30 14:56:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ff4bfc0773c74550fbc9841c0121c22f9b96c8e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:1f:08:08:fb:bf:a0:61:13:85:9e:32:2b:53:
a5:cb:b9:7c:73:e2:b8:f5:71:f4:3c:e6:e5:14:d3:
3d:f0:0e:c7:df:5b:80:7b:fb:a6:8e:23:9c:cd:ce:
c7:06:e0:47:e3:6e:58:bf:fb:42:09:03:25:c1:8c:
af:cd:60:9d:62:ca:cc:0a:37:1a:91:b3:7d:45:be:
01:f1:37:7a:30:89:e7:b9:78:fe:fe:75:aa:8d:1d:
3d:c8:4d:a3:69:2b:44:3d:9e:7a:0b:8d:80:29:ce:
b9:3c:55:1e:b7:76:69:ce:2b:dd:64:cd:99:97:a9:
8e:1f:90:4e:e3:29:5b:f3:bf:54:2c:fc:29:c7:5f:
72:2d:5e:54:7c:42:f0:bc:8a:97:e4:7a:14:81:9f:
b6:d2:be:12:0f:ca:9e:3d:03:32:5f:4d:90:e6:7a:
37:aa:1b:31:20:e4:ef:6d:ae:03:18:82:e9:5f:f6:
32:32:ef:92:d8:fc:5c:91:93:41:4f:7f:94:01:61:
36:39:b2:93:f9:8d:b4:72:33:92:e3:fd:ef:00:68:
6b:62:b0:48:04:6a:81:b6:a0:a9:12:bb:26:45:31:
35:da:81:e6:5b:24:43:00:44:86:62:9d:f0:e1:83:
84:e9:f7:ea:35:da:dc:b7:54:07:bb:c8:78:01:c2:
51:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:4B:FC:07:73:C7:45:50:FB:C9:84:1C:01:21:C2:2F:9B:96:C8:E6
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/_0v8B3PHRVD7yYQcASHCL5uWyOY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.55.0/24
185.88.175.0/24
185.184.24.0/24
185.243.181.0/24
193.160.140.0/24
193.223.106.0/24
Signature Algorithm: sha256WithRSAEncryption
80:a7:1b:e3:3a:e1:41:11:57:e2:56:93:57:d6:79:d2:1e:17:
e1:86:e0:cb:c9:fa:71:97:61:8b:74:ee:b8:42:46:f0:39:51:
07:5a:59:1a:db:42:8c:e4:9d:70:ea:74:9b:77:1e:09:ce:8e:
c5:df:29:06:1b:e0:23:0f:ae:5f:b8:f5:2c:08:61:6e:9f:01:
44:60:89:f5:53:33:92:74:da:9b:65:cc:d4:ee:26:e2:ac:1c:
6b:6d:e8:88:fb:f3:4b:45:b7:a0:67:d3:59:81:79:21:5c:6a:
51:d9:83:a6:28:28:70:cc:f3:88:48:a1:fb:c6:1f:b8:d1:ae:
24:8e:e7:e3:9c:4a:bd:1d:f3:af:a6:a6:0e:0a:bb:3d:b5:03:
49:c7:22:ec:eb:c4:a3:39:78:fe:f6:66:9a:42:b9:bf:45:8a:
70:1c:2e:96:31:9e:3a:20:d7:90:dc:67:1d:61:da:fe:8d:da:
19:93:e6:13:89:39:b8:2b:b0:d2:4a:e8:0e:42:de:e8:d1:ca:
7c:9a:4d:a2:e2:a2:20:c5:07:2a:f1:1a:94:a2:5c:80:0d:e8:
74:ef:8d:f4:e4:8f:f5:97:a5:d2:5c:f7:f5:23:68:4c:6f:03:
39:f1:56:37:c1:db:d1:32:d2:58:00:8a:ca:a6:ae:00:ac:8d:
6c:3b:8a:90
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZmbH5lEbjIyR/7VRYCjdIPfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwOTMwMTQ1NjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjRiZmMwNzczYzc0NTUwZmJjOTg0MWMwMTIxYzIyZjliOTZjOGU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0h8ICPu/oGEThZ4yK1Oly7l8c+K4
9XH0POblFNM98A7H31uAe/umjiOczc7HBuBH425Yv/tCCQMlwYyvzWCdYsrMCjca
kbN9Rb4B8Td6MInnuXj+/nWqjR09yE2jaStEPZ56C42AKc65PFUet3ZpzivdZM2Z
l6mOH5BO4ylb879ULPwpx19yLV5UfELwvIqX5HoUgZ+20r4SD8qePQMyX02Q5no3
qhsxIOTvba4DGILpX/YyMu+S2PxckZNBT3+UAWE2ObKT+Y20cjOS4/3vAGhrYrBI
BGqBtqCpErsmRTE12oHmWyRDAESGYp3w4YOE6ffqNdrct1QHu8h4AcJRjQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFP9L/Adzx0VQ+8mEHAEhwi+blsjmMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvXzB2OEIzUEhSVkQ3eVlRY0FTSENMNXVXeU9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQAW8I3AwQA
uVivAwQAubgYAwQAufO1AwQAwaCMAwQAwd9qMA0GCSqGSIb3DQEBCwUAA4IBAQCA
pxvjOuFBEVfiVpNX1nnSHhfhhuDLyfpxl2GLdO64QkbwOVEHWlka20KM5J1w6nSb
dx4Jzo7F3ykGG+AjD65fuPUsCGFunwFEYIn1UzOSdNqbZczU7ibirBxrbeiI+/NL
RbegZ9NZgXkhXGpR2YOmKChwzPOISKH7xh+40a4kjufjnEq9HfOvpqYOCrs9tQNJ
xyLs68SjOXj+9maaQrm/RYpwHC6WMZ46INeQ3GcdYdr+jdoZk+YTiTm4K7DSSugO
Qt7o0cp8mk2i4qIgxQcq8RqUolyADeh074305I/1l6XSXPf1I2hMbwM58VY3wdvR
MtJYAIrKpq4ArI1sO4qQ
-----END CERTIFICATE-----
Generated at Sun Oct 19 09:42:12 2025 by rpki-client