Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/V6wiUC8DTSi2SOcR0wvMWpnorHg.roa
File: V6wiUC8DTSi2SOcR0wvMWpnorHg.roa (raw, json)
Hash identifier: bZwkNdIks3HiQQ0R/6+mUTsG8uY1A6U72JRWddLPjtI=
Subject key identifier: 57:AC:22:50:2F:03:4D:28:B6:48:E7:11:D3:0B:CC:5A:99:E8:AC:78
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199E2FBD4800379C564139D17873167D0BE
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/V6wiUC8DTSi2SOcR0wvMWpnorHg.roa
Signing time: Tue 14 Oct 2025 13:49:38 +0000
ROA not before: Tue 14 Oct 2025 13:49:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 36530
IP address blocks: 82.152.142.0/24 maxlen: 24
213.210.52.0/24 maxlen: 24
213.210.53.0/24 maxlen: 24
217.145.75.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:fb:d4:80:03:79:c5:64:13:9d:17:87:31:67:d0:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 14 13:49:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57ac22502f034d28b648e711d30bcc5a99e8ac78
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:01:9a:e2:77:51:79:77:16:e9:55:28:f6:9b:
51:f9:e1:43:3a:d8:5a:76:5d:40:a5:0e:ac:e5:39:
4e:d1:0b:26:64:89:26:e8:69:96:cd:88:2d:a6:d6:
b7:b1:6a:46:22:5f:9a:84:6f:c2:50:b4:fa:b1:04:
88:b9:4d:dd:9c:e0:60:29:1f:9e:89:61:ea:8e:89:
06:56:8b:0b:1b:02:fa:16:8b:7c:fc:cb:50:6c:1e:
4e:65:a7:92:b3:82:57:48:11:2d:9d:7e:3a:2e:d6:
95:76:44:a1:4b:e4:6f:18:77:fc:c2:20:75:d4:0a:
d1:53:88:34:b7:1f:12:fa:54:44:bb:1d:36:03:dd:
47:1a:6f:ac:55:56:68:23:9a:38:5b:2e:b8:9a:bb:
f2:d7:53:ef:f3:de:07:8c:33:74:c7:0a:c9:4f:0e:
25:05:ad:ad:b6:a7:58:12:5d:a3:21:e4:a4:af:98:
b1:11:87:c5:20:b2:8b:63:d8:b7:7e:1e:a3:6b:b5:
2b:88:a2:cd:e5:8f:10:d3:0e:5e:6d:83:98:ec:65:
7f:19:0b:62:ea:14:b8:85:40:64:dc:87:5b:53:4a:
bb:32:18:bb:ff:10:89:c2:73:fa:3f:a9:2b:f6:c5:
21:3a:b9:00:3e:2e:42:44:91:68:06:0a:65:79:a8:
d0:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:AC:22:50:2F:03:4D:28:B6:48:E7:11:D3:0B:CC:5A:99:E8:AC:78
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/V6wiUC8DTSi2SOcR0wvMWpnorHg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.142.0/24
213.210.52.0/23
217.145.75.0/24
Signature Algorithm: sha256WithRSAEncryption
a4:ac:30:5e:0a:29:10:23:88:ba:16:6e:64:8e:1b:70:de:b8:
18:94:25:64:32:a4:f8:8c:10:67:14:a0:2d:2c:21:e9:c5:b7:
e7:31:73:9a:08:95:20:96:ca:77:c0:e1:e1:6b:e0:3d:7c:5c:
ec:39:92:d5:e3:94:3d:2e:8a:85:70:43:e4:b8:ce:6e:2c:ec:
be:55:26:fc:3d:5a:a7:a4:d7:65:2f:7e:68:1f:9c:b3:0f:c1:
cc:e9:e1:4b:da:f8:4d:c1:ef:c3:69:db:dd:49:ad:77:64:c5:
e3:e6:00:96:fb:d1:57:31:07:f2:a8:64:d4:7f:64:f7:37:dc:
62:bd:6b:cc:1c:09:1f:1d:b9:15:2a:9e:23:c3:9d:fa:a5:8f:
1b:a5:27:ac:c8:4c:35:85:4e:81:af:c5:a3:fc:2b:fb:72:36:
46:e5:80:64:0f:1a:a6:8a:48:7e:f9:2b:08:8b:eb:60:e6:b1:
5e:54:0c:40:7a:a6:63:36:81:a9:a9:e3:98:b1:d0:cf:53:45:
f5:fd:87:26:0e:35:f9:44:b8:c2:4a:f8:39:3d:60:79:7a:e4:
2d:de:7b:7e:89:02:15:53:ff:6d:5e:63:5a:88:ae:cb:26:0d:
52:31:2a:b0:87:07:32:06:e0:ab:30:b8:63:fc:19:f0:57:21:
e7:b5:3a:8d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZni+9SAA3nFZBOdF4cxZ9C+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDE0MTM0OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2FjMjI1MDJmMDM0ZDI4YjY0OGU3MTFkMzBiY2M1YTk5ZThhYzc4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0AGa4ndReXcW6VUo9ptR+eFDOtha
dl1ApQ6s5TlO0QsmZIkm6GmWzYgtpta3sWpGIl+ahG/CULT6sQSIuU3dnOBgKR+e
iWHqjokGVosLGwL6Fot8/MtQbB5OZaeSs4JXSBEtnX46LtaVdkShS+RvGHf8wiB1
1ArRU4g0tx8S+lREux02A91HGm+sVVZoI5o4Wy64mrvy11Pv894HjDN0xwrJTw4l
Ba2ttqdYEl2jIeSkr5ixEYfFILKLY9i3fh6ja7UriKLN5Y8Q0w5ebYOY7GV/GQti
6hS4hUBk3IdbU0q7Mhi7/xCJwnP6P6kr9sUhOrkAPi5CRJFoBgpleajQlQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFesIlAvA00otkjnEdMLzFqZ6Kx4MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvVjZ3aVVDOERUU2kyU09jUjB3dk1XcG5vckhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAUpiOAwQB
1dI0AwQA2ZFLMA0GCSqGSIb3DQEBCwUAA4IBAQCkrDBeCikQI4i6Fm5kjhtw3rgY
lCVkMqT4jBBnFKAtLCHpxbfnMXOaCJUglsp3wOHha+A9fFzsOZLV45Q9LoqFcEPk
uM5uLOy+VSb8PVqnpNdlL35oH5yzD8HM6eFL2vhNwe/DadvdSa13ZMXj5gCW+9FX
MQfyqGTUf2T3N9xivWvMHAkfHbkVKp4jw536pY8bpSesyEw1hU6Br8Wj/Cv7cjZG
5YBkDxqmikh++SsIi+tg5rFeVAxAeqZjNoGpqeOYsdDPU0X1/YcmDjX5RLjCSvg5
PWB5euQt3nt+iQIVU/9tXmNaiK7LJg1SMSqwhwcyBuCrMLhj/BnwVyHntTqN
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:33 2025 by rpki-client