
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/vOp_UITWFGVt2jGfMrWmzuthpqI.roa
File: vOp_UITWFGVt2jGfMrWmzuthpqI.roa (raw, json)
Hash identifier: 1bMGiYOm0Kx3ElLq8L1WL3zMZf5MO3ffpKWuj6CbaJY=
Subject key identifier: BC:EA:7F:50:84:D6:14:65:6D:DA:31:9F:32:B5:A6:CE:EB:61:A6:A2
Certificate issuer: /CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Certificate serial: 019976F640C115046203347DCC6457A82CEE
Authority key identifier: EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/vOp_UITWFGVt2jGfMrWmzuthpqI.roa
Signing time: Tue 23 Sep 2025 14:24:33 +0000
ROA not before: Tue 23 Sep 2025 14:24:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3316
IP address blocks: 86.62.49.0/24 maxlen: 24
193.232.85.0/24 maxlen: 24
193.232.131.0/24 maxlen: 24
194.85.105.0/24 maxlen: 24
194.85.106.0/24 maxlen: 24
194.85.117.0/24 maxlen: 24
194.85.118.0/24 maxlen: 24
194.85.119.0/24 maxlen: 24
194.190.132.0/22 maxlen: 22
194.190.132.0/24 maxlen: 24
194.190.134.0/24 maxlen: 24
194.190.138.0/24 maxlen: 24
194.190.141.0/24 maxlen: 24
194.190.142.0/24 maxlen: 24
194.190.145.0/24 maxlen: 24
194.190.148.0/24 maxlen: 24
194.190.156.0/24 maxlen: 24
194.226.29.0/24 maxlen: 24
194.226.44.0/24 maxlen: 24
194.226.46.0/23 maxlen: 23
195.19.26.0/24 maxlen: 24
195.208.22.0/23 maxlen: 23
195.209.4.0/24 maxlen: 24
195.209.8.0/24 maxlen: 24
195.209.16.0/24 maxlen: 24
195.209.146.0/24 maxlen: 24
212.193.118.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.mft
rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 06:01:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:f6:40:c1:15:04:62:03:34:7d:cc:64:57:a8:2c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef1c665b038692b93bdf5d1d8f3cea3e98697a03
Validity
Not Before: Sep 23 14:24:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bcea7f5084d614656dda319f32b5a6ceeb61a6a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:ba:1e:e9:cc:cf:a3:d7:56:bf:a5:ae:68:42:
ed:99:ea:6f:0a:31:10:98:08:43:51:65:a1:57:65:
fc:dd:56:0a:68:f2:2b:9a:b7:ed:95:6f:81:65:7f:
e4:4b:db:25:88:42:cc:d7:66:15:5a:a9:62:9c:c4:
8e:a2:39:47:66:c5:e1:ec:d2:41:6a:47:c6:21:80:
84:a7:3a:62:20:cb:aa:86:c6:a2:36:70:7b:ae:79:
36:bc:03:71:51:5d:e3:79:c7:9e:f4:6a:c2:fc:2a:
cb:be:d1:8b:26:83:77:24:76:31:ed:4c:21:58:5d:
ee:fc:b9:da:6d:9e:c3:1c:7d:88:d9:ad:e9:d5:78:
42:62:6c:4c:03:cd:2b:c9:23:de:6e:21:64:b8:d8:
f4:c2:37:4f:fc:65:58:87:3f:35:cc:52:80:63:40:
a4:28:7b:c2:e2:34:e2:b3:87:7f:54:07:be:95:51:
a1:e4:e2:48:d8:92:93:fc:c7:7c:14:8a:bf:cb:d3:
85:c8:87:07:e2:87:47:ec:59:10:8c:a1:bc:31:5f:
cf:04:b7:0c:90:ca:1f:64:92:c5:32:3d:30:c6:45:
16:e8:23:cf:bf:6f:dc:db:9e:f7:d6:77:c1:f2:94:
39:29:32:13:ed:76:a9:9e:5a:3d:6a:ad:32:fe:ea:
93:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:EA:7F:50:84:D6:14:65:6D:DA:31:9F:32:B5:A6:CE:EB:61:A6:A2
X509v3 Authority Key Identifier:
keyid:EF:1C:66:5B:03:86:92:B9:3B:DF:5D:1D:8F:3C:EA:3E:98:69:7A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7xxmWwOGkrk7310djzzqPphpegM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/vOp_UITWFGVt2jGfMrWmzuthpqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/2925a3-871b-4676-ae10-688d333ed9d5/1/7xxmWwOGkrk7310djzzqPphpegM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
86.62.49.0/24
193.232.85.0/24
193.232.131.0/24
194.85.105.0-194.85.106.255
194.85.117.0-194.85.119.255
194.190.132.0/22
194.190.138.0/24
194.190.141.0-194.190.142.255
194.190.145.0/24
194.190.148.0/24
194.190.156.0/24
194.226.29.0/24
194.226.44.0/24
194.226.46.0/23
195.19.26.0/24
195.208.22.0/23
195.209.4.0/24
195.209.8.0/24
195.209.16.0/24
195.209.146.0/24
212.193.118.0/24
Signature Algorithm: sha256WithRSAEncryption
9e:cb:ca:be:d2:39:e3:5c:eb:54:10:ed:d4:61:4d:e3:8a:22:
56:f3:48:78:51:ba:85:07:59:a5:86:54:22:2f:11:75:f3:3c:
a6:ca:35:17:4c:54:72:8d:27:cc:a3:cc:af:8f:e3:d7:8b:fd:
c4:fd:b9:37:e7:30:58:d4:5a:4c:f1:d8:9c:49:e4:71:eb:01:
be:f0:67:42:f5:64:35:2c:d5:34:81:e7:c8:5f:d5:de:05:f8:
49:7b:74:2a:75:14:d0:28:79:37:5a:08:2d:3f:5e:43:af:ab:
bd:22:fb:cc:0c:8d:36:ab:01:57:46:6f:5b:3f:62:6e:42:30:
7a:6f:7b:f7:c4:23:c4:3c:94:02:b9:b7:23:57:3a:f5:78:10:
aa:16:d1:b2:62:3a:4b:54:52:35:84:4e:af:a8:41:49:58:7f:
d9:95:14:9b:6b:bd:8d:b0:97:bc:a6:7f:36:e8:9c:73:5b:15:
25:af:8d:75:4a:1e:9e:f1:ee:e1:71:69:6c:8e:74:ef:99:6b:
27:ad:6e:f9:94:53:50:09:9e:6e:f1:a6:e2:3f:e7:57:5f:ae:
33:d9:f6:20:15:ba:61:4d:36:3f:fd:98:67:2f:27:5c:7d:34:
2c:88:af:e1:4d:25:dd:a1:5a:00:e2:f7:a8:bd:50:93:ab:f6:
0e:01:4d:58
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZl29kDBFQRiAzR9zGRXqCzuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmMWM2NjViMDM4NjkyYjkzYmRmNWQxZDhmM2NlYTNlOTg2
OTdhMDMwHhcNMjUwOTIzMTQyNDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiY2VhN2Y1MDg0ZDYxNDY1NmRkYTMxOWYzMmI1YTZjZWViNjFhNmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1roe6czPo9dWv6WuaELtmepvCjEQ
mAhDUWWhV2X83VYKaPIrmrftlW+BZX/kS9sliELM12YVWqlinMSOojlHZsXh7NJB
akfGIYCEpzpiIMuqhsaiNnB7rnk2vANxUV3jecee9GrC/CrLvtGLJoN3JHYx7Uwh
WF3u/LnabZ7DHH2I2a3p1XhCYmxMA80rySPebiFkuNj0wjdP/GVYhz81zFKAY0Ck
KHvC4jTis4d/VAe+lVGh5OJI2JKT/Md8FIq/y9OFyIcH4odH7FkQjKG8MV/PBLcM
kMofZJLFMj0wxkUW6CPPv2/c25731nfB8pQ5KTIT7Xapnlo9aq0y/uqTNwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFLzqf1CE1hRlbdoxnzK1ps7rYaaiMB8GA1UdIwQY
MBaAFO8cZlsDhpK5O99dHY886j6YaXoDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAt
Njg4ZDMzM2VkOWQ1LzEvdk9wX1VJVFdGR1Z0MmpHZk1yV216dXRocHFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC8yOTI1YTMtODcxYi00Njc2LWFlMTAtNjg4ZDMzM2VkOWQ1
LzEvN3h4bVd3T0drcms3MzEwZGp6enFQcGhwZWdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBABW
PjEDBADB6FUDBADB6IMwDAMEAMJVaQMEAMJVajAMAwQAwlV1AwQDwlVwAwQCwr6E
AwQAwr6KMAwDBADCvo0DBADCvo4DBADCvpEDBADCvpQDBADCvpwDBADC4h0DBADC
4iwDBAHC4i4DBADDExoDBAHD0BYDBADD0QQDBADD0QgDBADD0RADBADD0ZIDBADU
wXYwDQYJKoZIhvcNAQELBQADggEBAJ7Lyr7SOeNc61QQ7dRhTeOKIlbzSHhRuoUH
WaWGVCIvEXXzPKbKNRdMVHKNJ8yjzK+P49eL/cT9uTfnMFjUWkzx2JxJ5HHrAb7w
Z0L1ZDUs1TSB58hf1d4F+El7dCp1FNAoeTdaCC0/XkOvq70i+8wMjTarAVdGb1s/
Ym5CMHpve/fEI8Q8lAK5tyNXOvV4EKoW0bJiOktUUjWETq+oQUlYf9mVFJtrvY2w
l7ymfzbonHNbFSWvjXVKHp7x7uFxaWyOdO+ZayetbvmUU1AJnm7xpuI/51dfrjPZ
9iAVumFNNj/9mGcvJ1x9NCyIr+FNJd2hWgDi96i9UJOr9g4BTVg=
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:22 2025 by rpki-client