Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/O3hDDk3KVwYQ27PzrJrQnkhzm2c.roa
File: O3hDDk3KVwYQ27PzrJrQnkhzm2c.roa (raw, json)
Hash identifier: 26ASWYXIYWl4pMgLslZt4gAIOookNy9gQcidU1izy+I=
Subject key identifier: 3B:78:43:0E:4D:CA:57:06:10:DB:B3:F3:AC:9A:D0:9E:48:73:9B:67
Certificate issuer: /CN=4e15df688c3aeae3f685ed44b396c2198395861d
Certificate serial: 0199BE52BF77123EAC1A00AA5B844018DE06
Authority key identifier: 4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/O3hDDk3KVwYQ27PzrJrQnkhzm2c.roa
Signing time: Tue 07 Oct 2025 10:58:37 +0000
ROA not before: Tue 07 Oct 2025 10:58:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29314
IP address blocks: 31.6.128.0/18 maxlen: 18
31.6.192.0/19 maxlen: 19
31.6.218.0/24 maxlen: 24
31.42.16.0/20 maxlen: 20
37.131.128.0/19 maxlen: 19
37.190.128.0/17 maxlen: 17
37.190.144.0/20 maxlen: 20
37.190.224.0/20 maxlen: 20
46.186.64.0/19 maxlen: 19
62.61.32.0/19 maxlen: 19
62.141.192.0/18 maxlen: 18
80.244.128.0/19 maxlen: 19
80.245.176.0/20 maxlen: 20
81.190.0.0/16 maxlen: 16
82.115.64.0/19 maxlen: 19
83.68.64.0/19 maxlen: 19
84.38.80.0/20 maxlen: 20
85.117.0.0/19 maxlen: 19
87.116.192.0/18 maxlen: 18
89.17.224.0/19 maxlen: 19
89.228.0.0/16 maxlen: 16
89.229.0.0/16 maxlen: 16
89.229.32.0/20 maxlen: 20
89.229.64.0/19 maxlen: 19
89.230.0.0/16 maxlen: 16
89.231.0.0/16 maxlen: 16
89.231.96.0/19 maxlen: 19
92.42.112.0/21 maxlen: 21
93.94.184.0/21 maxlen: 21
94.78.128.0/18 maxlen: 18
94.251.128.0/17 maxlen: 17
94.251.168.0/24 maxlen: 24
95.129.224.0/21 maxlen: 21
95.174.32.0/19 maxlen: 19
176.107.112.0/21 maxlen: 21
176.221.96.0/19 maxlen: 19
185.31.184.0/22 maxlen: 22
193.43.240.0/22 maxlen: 22
193.106.76.0/22 maxlen: 22
193.200.118.0/23 maxlen: 23
194.116.132.0/23 maxlen: 23
194.149.240.0/24 maxlen: 24
195.93.134.0/23 maxlen: 23
195.93.222.0/23 maxlen: 23
213.136.224.0/19 maxlen: 19
217.70.48.0/20 maxlen: 20
217.75.48.0/20 maxlen: 20
217.144.192.0/19 maxlen: 19
217.172.224.0/19 maxlen: 19
2a00:bde0::/34 maxlen: 34
2a00:bde0:4000::/34 maxlen: 34
2a00:bde0:8000::/34 maxlen: 34
2a00:bde0:c000::/34 maxlen: 34
2a02:2a40::/32 maxlen: 32
2a02:2a40::/34 maxlen: 34
2a02:2a40:4000::/34 maxlen: 34
2a02:2a40:8000::/34 maxlen: 34
2a02:2a40:c000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.mft
rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:52:bf:77:12:3e:ac:1a:00:aa:5b:84:40:18:de:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e15df688c3aeae3f685ed44b396c2198395861d
Validity
Not Before: Oct 7 10:58:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b78430e4dca570610dbb3f3ac9ad09e48739b67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:09:b6:75:f3:cc:e3:c4:75:f5:79:8e:05:a5:
b7:69:a6:98:fd:e6:c8:93:8a:3e:90:e9:a4:49:b5:
5d:34:29:d3:9a:cd:d6:0b:ec:78:2b:bd:3c:5b:07:
d0:b3:a5:ac:9e:32:5f:ad:9e:5c:d3:e2:35:d6:01:
07:08:6d:18:b3:1a:e2:ae:b7:b6:e3:f4:11:05:29:
86:57:a4:78:d8:d6:20:f7:b6:e4:fd:79:a5:c8:fa:
9b:8b:82:c2:72:f5:14:30:c1:cc:ca:1f:2c:51:59:
ea:31:ec:c1:58:8f:a7:85:de:14:51:d3:ca:27:65:
c4:9f:b4:94:91:6a:f6:67:d0:e2:e5:22:cc:53:45:
8e:ae:e2:de:d3:d9:50:2e:79:76:48:dc:0a:84:21:
0b:4a:ad:0e:d8:7b:9f:d0:d5:8c:8f:2a:70:28:1c:
ad:e7:d8:93:bd:6a:b8:9f:5d:dd:46:b0:e1:c8:be:
11:b2:aa:2f:ce:e2:c8:4a:57:b4:e4:9b:c8:a0:83:
48:d3:e9:4a:e0:9e:7b:5e:74:96:11:d5:30:08:c8:
ce:05:d3:86:73:10:1d:14:3e:64:75:4d:60:fe:f0:
f5:03:70:41:f0:18:a5:ba:f2:bc:20:a1:b6:7e:4b:
af:46:60:11:be:ee:32:fd:a2:6f:a7:c7:6a:25:3d:
dc:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:78:43:0E:4D:CA:57:06:10:DB:B3:F3:AC:9A:D0:9E:48:73:9B:67
X509v3 Authority Key Identifier:
keyid:4E:15:DF:68:8C:3A:EA:E3:F6:85:ED:44:B3:96:C2:19:83:95:86:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ThXfaIw66uP2he1Es5bCGYOVhh0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/O3hDDk3KVwYQ27PzrJrQnkhzm2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6b/0bf7ab-5aab-4337-a02a-8a6e554196bb/1/ThXfaIw66uP2he1Es5bCGYOVhh0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.6.128.0-31.6.223.255
31.42.16.0/20
37.131.128.0/19
37.190.128.0/17
46.186.64.0/19
62.61.32.0/19
62.141.192.0/18
80.244.128.0/19
80.245.176.0/20
81.190.0.0/16
82.115.64.0/19
83.68.64.0/19
84.38.80.0/20
85.117.0.0/19
87.116.192.0/18
89.17.224.0/19
89.228.0.0/14
92.42.112.0/21
93.94.184.0/21
94.78.128.0/18
94.251.128.0/17
95.129.224.0/21
95.174.32.0/19
176.107.112.0/21
176.221.96.0/19
185.31.184.0/22
193.43.240.0/22
193.106.76.0/22
193.200.118.0/23
194.116.132.0/23
194.149.240.0/24
195.93.134.0/23
195.93.222.0/23
213.136.224.0/19
217.70.48.0/20
217.75.48.0/20
217.144.192.0/19
217.172.224.0/19
IPv6:
2a00:bde0::/32
2a02:2a40::/32
Signature Algorithm: sha256WithRSAEncryption
58:36:23:ed:91:b1:4c:c5:1b:0d:48:9e:e9:13:49:90:d3:63:
30:45:01:30:2a:db:df:23:d1:e4:5d:83:2f:08:aa:7c:91:f4:
5f:fd:cd:c4:cc:a1:b8:8f:86:0a:6b:65:3c:47:70:03:1d:d3:
23:d6:4c:8c:96:44:04:10:e7:8f:a2:66:c3:6b:7b:93:9c:9d:
3a:79:7c:90:a8:b1:c7:18:e3:30:1a:1c:ef:07:c6:8e:5d:38:
2d:a6:ca:88:81:35:ae:6f:a1:10:93:83:b7:e5:95:3f:7f:7f:
ab:e3:54:65:fd:43:30:53:fc:62:8f:4d:9b:42:d8:c9:b5:92:
8f:24:e9:39:2c:63:5b:cd:1b:61:5c:97:26:05:79:d8:65:38:
94:10:8d:66:60:19:be:cd:a8:ab:2e:27:96:33:d4:b6:07:68:
78:7b:93:23:58:9e:e6:d4:ba:49:b4:18:5b:b8:c2:9a:ee:44:
5f:37:27:a6:ba:3a:5c:66:2d:11:43:f1:c6:07:71:cb:35:dd:
81:01:1f:9a:46:52:41:50:b5:24:ed:ed:5c:04:f9:6f:0e:b3:
aa:64:a4:1f:e7:d8:1c:7b:0b:d7:c2:6d:48:de:db:59:bd:97:
72:7a:01:03:b2:ee:ad:af:49:6a:77:d4:a3:c3:7c:76:8f:29:
48:fb:64:bb
-----BEGIN CERTIFICATE-----
MIIF/zCCBOegAwIBAgISAZm+Ur93Ej6sGgCqW4RAGN4GMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMTVkZjY4OGMzYWVhZTNmNjg1ZWQ0NGIzOTZjMjE5ODM5
NTg2MWQwHhcNMjUxMDA3MTA1ODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjc4NDMwZTRkY2E1NzA2MTBkYmIzZjNhYzlhZDA5ZTQ4NzM5YjY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlQm2dfPM48R19XmOBaW3aaaY/ebI
k4o+kOmkSbVdNCnTms3WC+x4K708WwfQs6WsnjJfrZ5c0+I11gEHCG0Ysxrirre2
4/QRBSmGV6R42NYg97bk/XmlyPqbi4LCcvUUMMHMyh8sUVnqMezBWI+nhd4UUdPK
J2XEn7SUkWr2Z9Di5SLMU0WOruLe09lQLnl2SNwKhCELSq0O2Huf0NWMjypwKByt
59iTvWq4n13dRrDhyL4RsqovzuLISle05JvIoINI0+lK4J57XnSWEdUwCMjOBdOG
cxAdFD5kdU1g/vD1A3BB8BiluvK8IKG2fkuvRmARvu4y/aJvp8dqJT3cuQIDAQAB
o4IDCzCCAwcwHQYDVR0OBBYEFDt4Qw5NylcGENuz86ya0J5Ic5tnMB8GA1UdIwQY
MBaAFE4V32iMOurj9oXtRLOWwhmDlYYdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEt
OGE2ZTU1NDE5NmJiLzEvTzNoRERrM0tWd1lRMjdQenJKclFua2h6bTJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Yi8wYmY3YWItNWFhYi00MzM3LWEwMmEtOGE2ZTU1NDE5NmJi
LzEvVGhYZmFJdzY2dVAyaGUxRXM1YkNHWU9WaGgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBHwYIKwYBBQUHAQcBAf8EggEOMIIBCjCB8QQCAAEwgeow
DAMEBx8GgAMEBR8GwAMEBB8qEAMEBSWDgAMEByW+gAMEBS66QAMEBT49IAMEBj6N
wAMEBVD0gAMEBFD1sAMDAFG+AwQFUnNAAwQFU0RAAwQEVCZQAwQFVXUAAwQGV3TA
AwQFWRHgAwMCWeQDBANcKnADBANdXrgDBAZeToADBAde+4ADBANfgeADBAVfriAD
BAOwa3ADBAWw3WADBAK5H7gDBALBK/ADBALBakwDBAHByHYDBAHCdIQDBADClfAD
BAHDXYYDBAHDXd4DBAXViOADBATZRjADBATZSzADBAXZkMADBAXZrOAwFAQCAAIw
DgMFACoAveADBQAqAipAMA0GCSqGSIb3DQEBCwUAA4IBAQBYNiPtkbFMxRsNSJ7p
E0mQ02MwRQEwKtvfI9HkXYMvCKp8kfRf/c3EzKG4j4YKa2U8R3ADHdMj1kyMlkQE
EOePombDa3uTnJ06eXyQqLHHGOMwGhzvB8aOXTgtpsqIgTWub6EQk4O35ZU/f3+r
41Rl/UMwU/xij02bQtjJtZKPJOk5LGNbzRthXJcmBXnYZTiUEI1mYBm+zairLieW
M9S2B2h4e5MjWJ7m1LpJtBhbuMKa7kRfNyemujpcZi0RQ/HGB3HLNd2BAR+aRlJB
ULUk7e1cBPlvDrOqZKQf59gcewvXwm1I3ttZvZdyegEDsu6tr0lqd9Sjw3x2jylI
+2S7
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:40:35 2025 by rpki-client