Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dBlyoBwFzzeYwFFgiA_NaWHpzj8.roa
File: dBlyoBwFzzeYwFFgiA_NaWHpzj8.roa (raw, json)
Hash identifier: uyqDnTZ+F237ferFRY3aAIjLo14j+Xv3OKz0ZNLzO4M=
Subject key identifier: 74:19:72:A0:1C:05:CF:37:98:C0:51:60:88:0F:CD:69:61:E9:CE:3F
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01989E4568A699D5F506B923AB152BFFF02D
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dBlyoBwFzzeYwFFgiA_NaWHpzj8.roa
Signing time: Tue 12 Aug 2025 12:33:25 +0000
ROA not before: Tue 12 Aug 2025 12:33:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 137517
IP address blocks: 82.152.12.0/24 maxlen: 24
109.176.91.0/24 maxlen: 24
213.130.138.0/24 maxlen: 24
213.218.224.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:45:68:a6:99:d5:f5:06:b9:23:ab:15:2b:ff:f0:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 12 12:33:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=741972a01c05cf3798c05160880fcd6961e9ce3f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:23:12:99:12:e0:cb:bd:f0:47:38:38:75:f2:
7e:cc:2a:53:0c:82:26:fa:c3:c5:db:a8:70:5f:86:
8d:65:bc:29:b3:eb:43:c9:c3:a8:50:36:48:c3:cb:
f5:47:83:67:df:2c:96:5d:e1:73:7a:e5:16:29:57:
10:7a:7b:4a:a2:18:03:71:81:ae:43:d9:2e:3a:b9:
c8:03:17:c2:52:7b:a2:3e:a1:bc:92:0b:9a:90:0f:
89:51:42:6b:73:36:f9:7d:a7:22:cb:6e:53:ca:18:
d5:3b:50:8d:3f:1b:b8:a6:24:fc:ed:ff:c9:48:5b:
30:20:8e:fc:81:f8:9f:ba:f8:2e:d0:20:ca:67:89:
4b:3f:09:99:38:ce:77:6e:dd:50:8f:4f:8e:a3:79:
84:ae:aa:49:c0:32:4f:87:2b:07:ad:b1:59:20:d4:
70:d2:ab:73:9c:1e:85:4a:bc:a0:34:34:2e:fc:42:
5f:46:76:f7:e2:90:c3:fa:15:10:b6:fa:c5:d3:21:
70:d3:c8:ce:08:13:02:42:98:07:7a:f4:b6:10:75:
e9:4d:07:f2:52:41:ed:e6:79:82:bb:5f:1f:ee:4c:
0c:06:99:56:42:66:f6:d0:aa:7a:27:ba:c5:56:fa:
d3:c2:33:90:fe:95:03:b2:b4:7c:cc:9d:86:f4:53:
53:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
74:19:72:A0:1C:05:CF:37:98:C0:51:60:88:0F:CD:69:61:E9:CE:3F
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/dBlyoBwFzzeYwFFgiA_NaWHpzj8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.152.12.0/24
109.176.91.0/24
213.130.138.0/24
213.218.224.0/24
Signature Algorithm: sha256WithRSAEncryption
90:45:17:b4:a0:66:4b:1e:13:d3:3d:79:b2:3b:39:ff:15:e7:
fa:8b:dc:2f:ea:57:ac:3f:ee:2f:22:58:b7:e4:a3:27:c2:24:
0b:d8:5f:01:27:d7:f6:25:d8:54:73:25:a1:0d:ff:03:0a:d4:
ea:7f:27:e7:48:0b:71:25:6a:e2:c6:f1:a6:69:8d:6f:3f:f1:
b7:72:b1:b3:55:0a:dd:54:e5:22:96:3b:1b:1a:f6:93:9b:4e:
30:ca:e8:5a:0d:ee:2c:8a:35:98:9e:92:10:a4:51:ff:6c:07:
7d:50:30:ec:1a:8f:4a:61:95:61:a5:82:32:e7:b4:e6:46:a7:
a2:06:02:dd:f4:d1:19:a0:e5:db:9d:46:3c:75:73:7a:82:b6:
bf:b2:f6:58:07:56:66:5a:9f:86:f9:b9:1b:49:86:f6:a5:ec:
95:bc:69:79:69:9b:f5:2f:a4:f0:bc:12:6f:c5:8a:36:ab:47:
38:1f:68:98:dc:48:a2:11:8e:da:55:9c:5d:30:c9:9c:48:dc:
a4:d8:01:b0:ea:da:c0:96:64:cd:0a:80:f4:39:9d:65:12:cd:
83:cc:ad:ff:56:f2:8e:fb:59:a3:f6:0a:49:0e:8b:d5:19:af:
52:a6:d2:c1:0f:8f:4f:95:7a:a6:01:1a:af:98:17:74:02:94:
f5:d0:2e:9f
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZieRWimmdX1BrkjqxUr//AtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwODEyMTIzMzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NDE5NzJhMDFjMDVjZjM3OThjMDUxNjA4ODBmY2Q2OTYxZTljZTNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsyMSmRLgy73wRzg4dfJ+zCpTDIIm
+sPF26hwX4aNZbwps+tDycOoUDZIw8v1R4Nn3yyWXeFzeuUWKVcQentKohgDcYGu
Q9kuOrnIAxfCUnuiPqG8kguakA+JUUJrczb5faciy25TyhjVO1CNPxu4piT87f/J
SFswII78gfifuvgu0CDKZ4lLPwmZOM53bt1Qj0+Oo3mErqpJwDJPhysHrbFZINRw
0qtznB6FSrygNDQu/EJfRnb34pDD+hUQtvrF0yFw08jOCBMCQpgHevS2EHXpTQfy
UkHt5nmCu18f7kwMBplWQmb20Kp6J7rFVvrTwjOQ/pUDsrR8zJ2G9FNThQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHQZcqAcBc83mMBRYIgPzWlh6c4/MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZEJseW9Cd0Z6emVZd0ZGZ2lBX05hV0hwemo4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUpgMAwQA
bbBbAwQA1YKKAwQA1drgMA0GCSqGSIb3DQEBCwUAA4IBAQCQRRe0oGZLHhPTPXmy
Ozn/Fef6i9wv6lesP+4vIli35KMnwiQL2F8BJ9f2JdhUcyWhDf8DCtTqfyfnSAtx
JWrixvGmaY1vP/G3crGzVQrdVOUiljsbGvaTm04wyuhaDe4sijWYnpIQpFH/bAd9
UDDsGo9KYZVhpYIy57TmRqeiBgLd9NEZoOXbnUY8dXN6gra/svZYB1ZmWp+G+bkb
SYb2peyVvGl5aZv1L6TwvBJvxYo2q0c4H2iY3EiiEY7aVZxdMMmcSNyk2AGw6trA
lmTNCoD0OZ1lEs2DzK3/VvKO+1mj9gpJDovVGa9SptLBD49PlXqmARqvmBd0ApT1
0C6f
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:29:25 2025 by rpki-client