Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/f-D-2t4ytyvJKGAvf7NfkRmfNc8.roa
File: f-D-2t4ytyvJKGAvf7NfkRmfNc8.roa (raw, json)
Hash identifier: U0WVmquAHzMUMUTEnPnhzPfDK7j4A82hZtMYrMB6jCk=
Subject key identifier: 7F:E0:FE:DA:DE:32:B7:2B:C9:28:60:2F:7F:B3:5F:91:19:9F:35:CF
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199E71B8709F9926F1DA88035A2D6657484
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/f-D-2t4ytyvJKGAvf7NfkRmfNc8.roa
Signing time: Wed 15 Oct 2025 09:02:44 +0000
ROA not before: Wed 15 Oct 2025 09:02:44 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 77.93.137.0/24 maxlen: 24
77.93.149.0/24 maxlen: 24
82.152.174.0/23 maxlen: 23
82.153.208.0/22 maxlen: 22
82.163.19.0/24 maxlen: 24
89.213.58.0/24 maxlen: 24
89.213.60.0/23 maxlen: 24
89.213.108.0/23 maxlen: 24
89.213.110.0/24 maxlen: 24
89.213.122.0/24 maxlen: 24
89.213.126.0/24 maxlen: 24
89.213.194.0/23 maxlen: 24
89.213.198.0/23 maxlen: 24
89.213.200.0/23 maxlen: 24
89.213.202.0/23 maxlen: 24
89.213.204.0/23 maxlen: 24
89.213.228.0/24 maxlen: 24
89.213.240.0/23 maxlen: 24
89.213.249.0/24 maxlen: 24
89.213.250.0/24 maxlen: 24
213.210.16.0/24 maxlen: 24
213.210.18.0/24 maxlen: 24
213.210.33.0/24 maxlen: 24
213.210.51.0/24 maxlen: 24
213.218.220.0/24 maxlen: 24
217.144.151.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:1b:87:09:f9:92:6f:1d:a8:80:35:a2:d6:65:74:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 15 09:02:44 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7fe0fedade32b72bc928602f7fb35f91199f35cf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:cc:f2:df:3d:5e:30:19:21:3c:bb:e9:ab:94:
8c:7a:8c:d0:4d:06:0f:27:ba:ab:20:b9:42:d2:05:
6a:3c:f2:23:67:79:a4:bc:25:82:a7:c5:1f:c6:25:
49:93:fb:9a:16:7c:8d:34:2f:5d:a5:81:a5:de:78:
b4:0c:ed:40:0c:5c:a6:0f:08:27:37:46:00:d4:2e:
7b:7f:ef:0c:fc:08:46:a8:b3:96:df:c2:20:02:d5:
b1:5a:1c:51:c7:c1:e0:88:d9:5f:8e:da:cd:83:74:
f7:aa:25:11:90:bf:f3:36:55:87:31:08:d2:26:18:
22:0e:dc:ee:af:91:94:57:68:c3:54:d0:b1:6f:78:
46:c4:fa:58:cc:0f:58:49:0e:0b:75:8e:1e:bf:4d:
e8:eb:56:f3:9d:b7:13:b9:d1:dd:28:06:b1:a6:c0:
cc:d1:bb:6a:a8:a4:2e:01:0b:e2:8e:e0:56:15:4f:
61:a3:c1:24:a8:78:e0:dc:a3:67:43:71:87:86:8c:
7d:b3:5e:14:55:6f:85:e1:7d:e0:c0:bc:d7:c7:4e:
17:6e:05:44:e0:28:da:21:d5:6a:21:c1:c4:a9:b8:
62:cd:45:64:84:f2:6c:c8:80:1f:b2:85:11:10:0f:
a4:dd:a2:de:a6:72:28:f5:c4:eb:cf:7f:a0:d7:96:
58:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7F:E0:FE:DA:DE:32:B7:2B:C9:28:60:2F:7F:B3:5F:91:19:9F:35:CF
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/f-D-2t4ytyvJKGAvf7NfkRmfNc8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.137.0/24
77.93.149.0/24
82.152.174.0/23
82.153.208.0/22
82.163.19.0/24
89.213.58.0/24
89.213.60.0/23
89.213.108.0-89.213.110.255
89.213.122.0/24
89.213.126.0/24
89.213.194.0/23
89.213.198.0-89.213.205.255
89.213.228.0/24
89.213.240.0/23
89.213.249.0-89.213.250.255
213.210.16.0/24
213.210.18.0/24
213.210.33.0/24
213.210.51.0/24
213.218.220.0/24
217.144.151.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:16:6d:d7:64:ca:5c:6e:56:ec:72:fd:d0:18:60:2e:bc:66:
f8:43:57:21:71:cb:2d:36:1e:d4:90:b7:4f:f4:cf:cc:1d:7c:
a6:16:c4:88:50:47:01:1d:5b:59:3a:3b:d0:3a:bd:9f:06:03:
95:66:0c:10:81:13:a8:47:9a:c2:3f:ea:ee:41:5f:2a:06:71:
50:d0:c3:90:69:13:94:bc:dc:5f:0c:4f:ee:21:df:e0:b8:8e:
c6:c4:67:d7:55:74:ac:cd:d6:00:fe:02:65:71:a8:ce:11:bf:
0b:9d:38:98:dc:d8:d9:c5:f9:40:f5:60:c7:b7:21:87:a1:1e:
77:1e:df:30:0f:bb:37:b6:79:82:9c:08:cc:4a:12:e1:69:84:
28:26:43:22:ed:75:85:f9:a4:27:c2:7b:bc:55:d4:df:c4:a7:
32:f4:2c:29:bf:ab:de:d6:3a:21:af:22:f4:5c:40:d8:22:9f:
27:e9:7a:c1:0c:f4:9b:8f:0c:29:ed:41:36:32:2f:d7:ca:a3:
ab:59:bd:da:61:05:84:1a:cb:ef:90:d7:e1:e9:ba:33:56:88:
66:95:26:d9:f7:23:a3:9e:5b:ff:3c:ad:07:45:10:9e:a8:09:
d0:5c:a0:26:d4:ea:b9:55:a0:a2:5e:0c:a7:3c:ad:37:66:e3:
ca:33:e7:c1
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZnnG4cJ+ZJvHaiANaLWZXSEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDE1MDkwMjQ0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZmUwZmVkYWRlMzJiNzJiYzkyODYwMmY3ZmIzNWY5MTE5OWYzNWNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwMzy3z1eMBkhPLvpq5SMeozQTQYP
J7qrILlC0gVqPPIjZ3mkvCWCp8UfxiVJk/uaFnyNNC9dpYGl3ni0DO1ADFymDwgn
N0YA1C57f+8M/AhGqLOW38IgAtWxWhxRx8HgiNlfjtrNg3T3qiURkL/zNlWHMQjS
JhgiDtzur5GUV2jDVNCxb3hGxPpYzA9YSQ4LdY4ev03o61bznbcTudHdKAaxpsDM
0btqqKQuAQvijuBWFU9ho8EkqHjg3KNnQ3GHhox9s14UVW+F4X3gwLzXx04XbgVE
4CjaIdVqIcHEqbhizUVkhPJsyIAfsoUREA+k3aLepnIo9cTrz3+g15ZYMQIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFH/g/treMrcryShgL3+zX5EZnzXPMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvZi1ELTJ0NHl0eXZKS0dBdmY3TmZrUm1mTmM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBABN
XYkDBABNXZUDBAFSmK4DBAJSmdADBABSoxMDBABZ1ToDBAFZ1TwwDAMEAlnVbAME
AFnVbgMEAFnVegMEAFnVfgMEAVnVwjAMAwQBWdXGAwQBWdXMAwQAWdXkAwQBWdXw
MAwDBABZ1fkDBABZ1foDBADV0hADBADV0hIDBADV0iEDBADV0jMDBADV2twDBADZ
kJcwDQYJKoZIhvcNAQELBQADggEBAD0WbddkylxuVuxy/dAYYC68ZvhDVyFxyy02
HtSQt0/0z8wdfKYWxIhQRwEdW1k6O9A6vZ8GA5VmDBCBE6hHmsI/6u5BXyoGcVDQ
w5BpE5S83F8MT+4h3+C4jsbEZ9dVdKzN1gD+AmVxqM4RvwudOJjc2NnF+UD1YMe3
IYehHnce3zAPuze2eYKcCMxKEuFphCgmQyLtdYX5pCfCe7xV1N/EpzL0LCm/q97W
OiGvIvRcQNginyfpesEM9JuPDCntQTYyL9fKo6tZvdphBYQay++Q1+HpujNWiGaV
Jtn3I6OeW/88rQdFEJ6oCdBcoCbU6rlVoKJeDKc8rTdm48oz58E=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:07:01 2025 by rpki-client