Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6xf4K9qmhLDRaLTpUOBmcLr5KoU.roa
File: 6xf4K9qmhLDRaLTpUOBmcLr5KoU.roa (raw, json)
Hash identifier: nfqaVxo5CfX/YBMsxz5j1c8vMzAnIZT8uE8TNh6c8Is=
Subject key identifier: EB:17:F8:2B:DA:A6:84:B0:D1:68:B4:E9:50:E0:66:70:BA:F9:2A:85
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199E7AC6794D4C9E40493805B3A3B2B24EB
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6xf4K9qmhLDRaLTpUOBmcLr5KoU.roa
Signing time: Wed 15 Oct 2025 11:40:59 +0000
ROA not before: Wed 15 Oct 2025 11:40:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 82.152.8.0/24 maxlen: 24
82.152.57.0/24 maxlen: 24
82.152.58.0/24 maxlen: 24
82.152.73.0/24 maxlen: 24
82.152.75.0/24 maxlen: 24
82.152.98.0/24 maxlen: 24
82.152.109.0/24 maxlen: 24
82.152.122.0/24 maxlen: 24
82.152.226.0/24 maxlen: 24
82.152.240.0/24 maxlen: 24
82.152.243.0/24 maxlen: 24
82.153.203.0/24 maxlen: 24
82.153.205.0/24 maxlen: 24
82.153.217.0/24 maxlen: 24
82.163.23.0/24 maxlen: 24
89.213.164.0/24 maxlen: 24
109.176.40.0/21 maxlen: 24
109.176.48.0/21 maxlen: 24
109.176.153.0/24 maxlen: 24
212.38.79.0/24 maxlen: 24
213.130.130.0/24 maxlen: 24
213.130.149.0/24 maxlen: 24
213.130.151.0/24 maxlen: 24
213.210.54.0/24 maxlen: 24
213.218.214.0/24 maxlen: 24
213.218.234.0/24 maxlen: 24
213.218.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:ac:67:94:d4:c9:e4:04:93:80:5b:3a:3b:2b:24:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 15 11:40:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb17f82bdaa684b0d168b4e950e06670baf92a85
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:d2:b9:dc:cf:64:e5:13:95:1f:55:e5:96:3f:
ab:14:1f:1c:7f:7d:ae:aa:dd:75:d9:a2:19:69:ca:
08:af:f8:db:db:8f:50:8d:86:0c:40:7e:ec:ee:e9:
a5:95:89:f3:df:4c:41:1c:7a:89:81:6b:7f:9d:f7:
88:54:b0:7e:0d:1c:9d:40:29:47:d3:e3:2a:3e:c9:
86:4a:ec:17:be:7f:77:1a:df:7b:b4:90:9e:93:8d:
ed:d0:4a:a1:2e:64:9a:0e:23:ae:0c:41:a5:33:24:
9e:ff:77:29:4a:55:8d:d3:1e:36:87:5f:c4:ae:47:
c8:75:52:5f:af:dd:0d:8c:69:7e:15:03:f3:c5:d7:
27:17:0b:80:95:92:ea:eb:c8:30:7a:37:a4:53:e5:
e6:3f:e9:97:22:a5:2d:12:b1:9f:e8:00:76:2d:91:
7d:a1:8a:da:22:0b:06:41:7e:d5:ca:31:f6:af:cb:
db:5d:ff:77:f4:b5:8f:ae:a3:37:fa:03:d9:97:be:
0d:7e:9e:07:e2:33:52:e6:d3:d2:24:fb:37:d9:19:
78:d0:cb:c9:de:ff:a4:18:82:0f:5a:c0:42:70:c9:
6e:ba:ae:f1:46:10:7c:8e:fb:88:24:4c:e7:18:cd:
9e:dc:45:c8:5a:e9:4e:cd:94:c2:36:8c:89:6d:cc:
6b:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:17:F8:2B:DA:A6:84:B0:D1:68:B4:E9:50:E0:66:70:BA:F9:2A:85
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/6xf4K9qmhLDRaLTpUOBmcLr5KoU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.8.0/24
82.152.57.0-82.152.58.255
82.152.73.0/24
82.152.75.0/24
82.152.98.0/24
82.152.109.0/24
82.152.122.0/24
82.152.226.0/24
82.152.240.0/24
82.152.243.0/24
82.153.203.0/24
82.153.205.0/24
82.153.217.0/24
82.163.23.0/24
89.213.164.0/24
109.176.40.0-109.176.55.255
109.176.153.0/24
212.38.79.0/24
213.130.130.0/24
213.130.149.0/24
213.130.151.0/24
213.210.54.0/24
213.218.214.0/24
213.218.234.0/24
213.218.238.0/24
Signature Algorithm: sha256WithRSAEncryption
44:7e:d4:62:d4:ef:e8:83:66:2a:3e:70:04:22:98:6e:75:b6:
ba:48:26:b5:be:08:6a:09:53:47:67:54:ea:c1:8d:14:9e:cf:
11:35:38:48:d8:63:21:81:2f:ee:3c:f9:61:39:5a:b4:ce:0c:
c4:58:af:d7:78:dd:97:ef:e8:d7:19:ea:c1:5a:2f:96:85:1b:
f0:67:87:f0:9b:ff:b1:d5:80:ba:92:e5:29:62:b2:fb:db:cb:
2d:7c:9c:50:d9:61:ce:b5:66:ef:97:3b:4a:57:63:83:1a:0c:
0e:78:ca:03:6b:2f:6c:04:19:96:7b:2a:ff:2e:83:9a:9c:51:
55:78:60:53:da:4e:a9:00:b2:18:95:2a:ae:93:22:e3:fe:03:
d3:19:e0:01:7e:b5:36:32:67:4b:0a:5c:a4:e4:ae:3b:0e:ef:
9e:98:71:9a:84:b0:2e:91:3a:53:7d:e0:d1:6c:c7:34:29:7c:
37:95:d8:b1:18:04:0d:a7:18:c9:d9:16:15:03:ab:8e:11:34:
68:ed:4c:2a:6a:95:d5:35:b4:b8:96:d8:1e:25:3e:16:be:69:
4a:20:ec:6e:d2:2a:ef:63:66:74:96:a9:cf:ad:61:68:cf:4b:
47:b9:b9:c8:4e:0f:8c:fb:d9:c6:e7:6e:67:05:02:6f:ff:a4:
5a:1a:ce:2d
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZnnrGeU1MnkBJOAWzo7KyTrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDE1MTE0MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjE3ZjgyYmRhYTY4NGIwZDE2OGI0ZTk1MGUwNjY3MGJhZjkyYTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0dK53M9k5ROVH1Xllj+rFB8cf32u
qt112aIZacoIr/jb249QjYYMQH7s7umllYnz30xBHHqJgWt/nfeIVLB+DRydQClH
0+MqPsmGSuwXvn93Gt97tJCek43t0EqhLmSaDiOuDEGlMySe/3cpSlWN0x42h1/E
rkfIdVJfr90NjGl+FQPzxdcnFwuAlZLq68gwejekU+XmP+mXIqUtErGf6AB2LZF9
oYraIgsGQX7VyjH2r8vbXf939LWPrqM3+gPZl74Nfp4H4jNS5tPSJPs32Rl40MvJ
3v+kGIIPWsBCcMluuq7xRhB8jvuIJEznGM2e3EXIWulOzZTCNoyJbcxrLQIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFOsX+CvapoSw0Wi06VDgZnC6+SqFMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNnhmNEs5cW1oTERSYUxUcFVPQm1jTHI1S29VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDCBrQQCAAEwgaYDBABS
mAgwDAMEAFKYOQMEAFKYOgMEAFKYSQMEAFKYSwMEAFKYYgMEAFKYbQMEAFKYegME
AFKY4gMEAFKY8AMEAFKY8wMEAFKZywMEAFKZzQMEAFKZ2QMEAFKjFwMEAFnVpDAM
AwQDbbAoAwQDbbAwAwQAbbCZAwQA1CZPAwQA1YKCAwQA1YKVAwQA1YKXAwQA1dI2
AwQA1drWAwQA1drqAwQA1druMA0GCSqGSIb3DQEBCwUAA4IBAQBEftRi1O/og2Yq
PnAEIphudba6SCa1vghqCVNHZ1TqwY0Uns8RNThI2GMhgS/uPPlhOVq0zgzEWK/X
eN2X7+jXGerBWi+WhRvwZ4fwm/+x1YC6kuUpYrL728stfJxQ2WHOtWbvlztKV2OD
GgwOeMoDay9sBBmWeyr/LoOanFFVeGBT2k6pALIYlSqukyLj/gPTGeABfrU2MmdL
Clyk5K47Du+emHGahLAukTpTfeDRbMc0KXw3ldixGAQNpxjJ2RYVA6uOETRo7Uwq
apXVNbS4ltgeJT4WvmlKIOxu0irvY2Z0lqnPrWFoz0tHubnITg+M+9nG525nBQJv
/6RaGs4t
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:25:38 2025 by rpki-client