Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Q0siGkZ4Tgk4w6SgQpwrDB4aAc.roa
File: 7Q0siGkZ4Tgk4w6SgQpwrDB4aAc.roa (raw, json)
Hash identifier: /QbGytOEcq4PvEgzfVWzhzRWd64sU7D1GQcJfdnRapo=
Subject key identifier: ED:0D:2C:88:69:19:E1:38:24:E3:0E:92:81:0A:70:AC:30:78:68:07
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199E2FBD5230B1B561F202BA1E00FC095F7
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Q0siGkZ4Tgk4w6SgQpwrDB4aAc.roa
Signing time: Tue 14 Oct 2025 13:49:38 +0000
ROA not before: Tue 14 Oct 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215304
IP address blocks: 82.152.142.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:fb:d5:23:0b:1b:56:1f:20:2b:a1:e0:0f:c0:95:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 14 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed0d2c886919e13824e30e92810a70ac30786807
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:90:e4:7d:02:cd:26:fd:5b:75:22:a2:f4:c5:
44:8a:cb:fa:6e:67:c7:bc:4f:32:21:a3:af:ab:44:
87:b5:c5:93:05:0a:20:5c:d9:8f:d6:31:1e:bc:f4:
76:25:b2:86:a8:4a:47:fa:bb:d4:28:11:34:d1:6a:
9b:72:1a:84:89:75:07:d8:2c:97:95:48:a8:1c:cf:
45:ff:38:33:ca:9a:fc:48:d3:cc:5e:fb:52:c4:7c:
5e:05:e8:74:4c:e1:8d:66:d6:cb:31:a1:13:79:20:
27:2c:4f:6b:06:07:b9:78:af:15:4a:92:16:87:93:
be:75:87:89:75:3f:8c:3f:fe:1b:f8:bc:45:d0:0c:
cc:70:33:fb:97:3d:e0:cc:9a:f7:de:89:05:cc:24:
b0:38:6f:07:bc:d6:eb:d8:69:58:57:43:b6:8e:c6:
07:63:72:01:e1:32:2b:04:62:07:ba:72:e0:bf:0f:
79:46:05:ed:3e:e6:c3:d6:ef:86:c8:28:17:f7:f4:
7d:5a:13:96:75:8d:f0:b5:4b:3f:ef:f4:60:4b:f5:
29:bb:ed:aa:0e:52:58:85:c6:9e:ec:69:18:66:76:
37:05:88:7c:79:48:54:51:2e:37:5f:b3:3d:ff:11:
18:8a:ff:81:a5:86:cd:7b:73:13:19:10:aa:ed:a8:
be:5b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:0D:2C:88:69:19:E1:38:24:E3:0E:92:81:0A:70:AC:30:78:68:07
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/7Q0siGkZ4Tgk4w6SgQpwrDB4aAc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
213.210.52.0/23
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
2a:3d:57:7e:5b:e1:c9:d5:f2:df:c1:ca:4d:8e:fb:20:3a:10:
c2:48:a2:94:93:1c:73:8e:f5:f0:26:55:4d:11:fb:17:8c:7d:
65:d9:66:59:1c:35:94:12:4c:d1:d5:64:23:cc:8a:77:c1:67:
c6:d0:f2:46:35:ed:94:2f:69:33:68:7a:5f:61:98:ac:14:68:
72:f3:0f:f5:f0:a2:df:b9:82:dc:90:55:0e:c3:81:b7:61:a0:
5e:fa:3a:c1:2c:9d:ce:a4:d3:36:e4:e0:ee:bd:e7:1d:83:01:
af:c6:fc:6a:56:60:27:24:11:da:b9:34:5b:c0:a0:7e:09:cd:
ce:a9:e1:99:34:a2:ea:76:8b:72:89:aa:47:90:c5:f9:60:ef:
4d:db:77:21:70:cf:d7:f2:5d:c9:b5:99:42:9a:f9:30:dd:b3:
0b:b5:a6:e7:ae:8a:1a:44:43:58:ee:1b:43:ac:3f:bc:9a:40:
57:08:4c:7d:a9:b5:e2:ae:d0:bb:12:5e:39:56:80:87:28:51:
f8:92:80:3e:01:b1:08:16:d0:17:80:8b:ff:81:a1:12:f5:d9:
c5:00:c8:be:46:c2:94:1c:f6:9f:d1:97:3a:94:98:d5:bc:0a:
d6:e6:51:7a:ca:2a:00:de:5b:9a:85:85:1d:f5:ca:61:6a:88:
86:4f:de:ca
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZni+9UjCxtWHyAroeAPwJX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDE0MTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDBkMmM4ODY5MTllMTM4MjRlMzBlOTI4MTBhNzBhYzMwNzg2ODA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuJDkfQLNJv1bdSKi9MVEisv6bmfH
vE8yIaOvq0SHtcWTBQogXNmP1jEevPR2JbKGqEpH+rvUKBE00WqbchqEiXUH2CyX
lUioHM9F/zgzypr8SNPMXvtSxHxeBeh0TOGNZtbLMaETeSAnLE9rBge5eK8VSpIW
h5O+dYeJdT+MP/4b+LxF0AzMcDP7lz3gzJr33okFzCSwOG8HvNbr2GlYV0O2jsYH
Y3IB4TIrBGIHunLgvw95RgXtPubD1u+GyCgX9/R9WhOWdY3wtUs/7/RgS/Upu+2q
DlJYhcae7GkYZnY3BYh8eUhUUS43X7M9/xEYiv+BpYbNe3MTGRCq7ai+WwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFO0NLIhpGeE4JOMOkoEKcKwweGgHMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvN1Ewc2lHa1o0VGdrNHc2U2dRcHdyREI0YUFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpiOAwQB
1dI0AwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQAqPVd+W+HJ1fLfwcpNjvsgOhDC
SKKUkxxzjvXwJlVNEfsXjH1l2WZZHDWUEkzR1WQjzIp3wWfG0PJGNe2UL2kzaHpf
YZisFGhy8w/18KLfuYLckFUOw4G3YaBe+jrBLJ3OpNM25ODuvecdgwGvxvxqVmAn
JBHauTRbwKB+Cc3OqeGZNKLqdotyiapHkMX5YO9N23chcM/X8l3JtZlCmvkw3bML
tabnrooaRENY7htDrD+8mkBXCEx9qbXirtC7El45VoCHKFH4koA+AbEIFtAXgIv/
gaES9dnFAMi+RsKUHPaf0Zc6lJjVvArW5lF6yioA3luahYUd9cphaoiGT97K
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:18 2025 by rpki-client