Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7N6itxB5NXTTxUx5uwRRJLI0p8A.roa
File: 7N6itxB5NXTTxUx5uwRRJLI0p8A.roa (raw, json)
Hash identifier: baeFYu5VGIKpxrBX8QDZ6jnzvM8O2MNTfGK6LyhswkA=
Subject key identifier: EC:DE:A2:B7:10:79:35:74:D3:C5:4C:79:BB:04:51:24:B2:34:A7:C0
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199E71B86B4A7C7E6FD71BF014E2E134F3E
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7N6itxB5NXTTxUx5uwRRJLI0p8A.roa
Signing time: Wed 15 Oct 2025 09:02:44 +0000
ROA not before: Wed 15 Oct 2025 09:02:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:1b:86:b4:a7:c7:e6:fd:71:bf:01:4e:2e:13:4f:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 15 09:02:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ecdea2b710793574d3c54c79bb045124b234a7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c4:cf:6a:70:9d:41:c7:1b:ec:c4:52:fc:a4:
71:5d:70:14:44:16:5f:c9:78:5b:bd:fc:8e:7a:39:
48:e8:50:59:df:be:71:4d:b5:d0:25:b8:b9:60:bd:
d8:56:a8:f2:3c:4c:05:3d:05:d0:2f:c9:ba:1e:df:
0c:82:d4:16:58:ba:b1:07:47:04:79:2b:a0:2e:71:
dc:0f:3b:0b:e2:36:01:15:21:b0:6e:f1:14:25:a1:
e2:e1:ec:71:de:9d:7b:dd:75:d9:8d:ea:75:4b:e6:
95:a9:0f:7a:30:10:49:c9:a1:c5:da:f9:d3:e6:6d:
ce:8d:72:71:25:2d:8f:01:ab:45:6c:f2:e5:fb:84:
f6:7a:a7:51:bd:86:d6:8b:07:4a:53:8e:64:1b:dc:
ba:f3:14:12:85:2e:55:97:7a:1a:25:38:6d:f5:2a:
b3:92:fe:38:6b:c5:13:37:c2:57:09:6d:de:7a:26:
d4:78:cb:95:5e:f4:0b:c8:0a:25:d2:b4:ac:b8:37:
73:91:13:41:76:ec:1c:d8:7b:b4:fc:b3:a9:31:c6:
13:8b:33:c4:44:f1:2d:af:ec:62:75:3f:5a:20:9a:
89:b3:b4:db:97:49:7d:5d:bb:4c:82:05:4e:82:ae:
d1:a1:74:f6:0a:d1:1f:b1:6b:f2:90:2e:d3:1b:c4:
54:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:DE:A2:B7:10:79:35:74:D3:C5:4C:79:BB:04:51:24:B2:34:A7:C0
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7N6itxB5NXTTxUx5uwRRJLI0p8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.174.0/23
82.153.208.0/22
89.213.58.0/24
89.213.60.0/23
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.249.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:ae:d3:6f:f7:8b:b0:05:a4:63:e2:16:7c:a9:22:89:fa:cd:
d3:19:51:43:2c:78:0a:2b:02:78:c0:2c:7a:71:3a:0e:bf:18:
b2:36:74:52:cd:6c:bf:98:e5:28:d1:b3:7d:2a:18:6d:46:7d:
c0:64:67:75:df:45:9a:20:57:4a:57:28:41:6d:0d:18:e8:d0:
63:a0:a3:e9:22:b6:d8:31:69:8e:87:c0:98:08:f4:26:5e:fd:
5c:d8:b6:02:de:b6:51:64:06:c2:bf:a5:9d:37:ac:37:51:0d:
03:64:68:ab:a7:5d:de:e1:db:e5:9e:a0:f1:0e:48:57:92:47:
0c:5c:96:4a:d1:a3:3e:6f:74:97:b9:5e:dc:82:55:81:83:cb:
12:2e:d8:9c:9b:c2:b0:1a:28:d0:3f:57:05:54:7b:1b:ba:12:
4b:3f:20:85:21:fd:94:d0:e1:5b:6b:f9:ba:47:3b:6b:34:be:
f7:71:dc:7d:20:64:0b:e9:ec:d7:e5:7d:b4:ec:0f:d5:7e:14:
3d:59:5c:9c:f6:7b:52:22:c0:f2:8e:ec:95:ef:f6:fc:3a:da:
f4:e2:c6:89:59:46:d0:96:7f:4d:e0:22:6f:ad:43:76:f2:c1:
a3:79:d1:67:be:99:1f:aa:48:d5:e8:28:70:06:e6:d3:fd:52:
77:88:bf:f5
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZnnG4a0p8fm/XG/AU4uE08+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDE1MDkwMjQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlY2RlYTJiNzEwNzkzNTc0ZDNjNTRjNzliYjA0NTEyNGIyMzRhN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8TPanCdQccb7MRS/KRxXXAURBZf
yXhbvfyOejlI6FBZ375xTbXQJbi5YL3YVqjyPEwFPQXQL8m6Ht8MgtQWWLqxB0cE
eSugLnHcDzsL4jYBFSGwbvEUJaHi4exx3p173XXZjep1S+aVqQ96MBBJyaHF2vnT
5m3OjXJxJS2PAatFbPLl+4T2eqdRvYbWiwdKU45kG9y68xQShS5Vl3oaJTht9Sqz
kv44a8UTN8JXCW3eeibUeMuVXvQLyAol0rSsuDdzkRNBduwc2Hu0/LOpMcYTizPE
RPEtr+xidT9aIJqJs7Tbl0l9XbtMggVOgq7RoXT2CtEfsWvykC7TG8RUmQIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFOzeorcQeTV008VMebsEUSSyNKfAMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN042aXR4QjVOWFRUeFV4NXV3UlJKTEkwcDhBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQBUpiuAwQC
UpnQAwQAWdU6AwQBWdU8MAwDBAFZ1cYDBAFZ1cwDBABZ1eQDBABZ1fkwDQYJKoZI
hvcNAQELBQADggEBAKau02/3i7AFpGPiFnypIon6zdMZUUMseAorAnjALHpxOg6/
GLI2dFLNbL+Y5SjRs30qGG1GfcBkZ3XfRZogV0pXKEFtDRjo0GOgo+kittgxaY6H
wJgI9CZe/VzYtgLetlFkBsK/pZ03rDdRDQNkaKunXd7h2+WeoPEOSFeSRwxclkrR
oz5vdJe5XtyCVYGDyxIu2JybwrAaKNA/VwVUexu6Eks/IIUh/ZTQ4Vtr+bpHO2s0
vvdx3H0gZAvp7NflfbTsD9V+FD1ZXJz2e1IiwPKO7JXv9vw62vTixolZRtCWf03g
Im+tQ3bywaN50We+mR+qSNXoKHAG5tP9UneIv/U=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:52 2025 by rpki-client