
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sRXPg1vWq4mqXF4NvAsYvj7Qgrs.roa
File: sRXPg1vWq4mqXF4NvAsYvj7Qgrs.roa (raw, json)
Hash identifier: 0jzSYAbBNlL6TbC1uIyhuBHrur0rkaCr8BRicH3BrRU=
Subject key identifier: B1:15:CF:83:5B:D6:AB:89:AA:5C:5E:0D:BC:0B:18:BE:3E:D0:82:BB
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019885347A83D4ABC3D754411D5DFD5A2EA5
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sRXPg1vWq4mqXF4NvAsYvj7Qgrs.roa
Signing time: Thu 07 Aug 2025 15:44:25 +0000
ROA not before: Thu 07 Aug 2025 15:44:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 152868
IP address blocks: 109.176.25.0/24 maxlen: 24
213.218.208.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:34:7a:83:d4:ab:c3:d7:54:41:1d:5d:fd:5a:2e:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Aug 7 15:44:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b115cf835bd6ab89aa5c5e0dbc0b18be3ed082bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:29:78:75:77:1f:e4:9b:7f:40:e6:ef:b9:2c:
89:b6:09:2f:62:30:9e:dc:06:b0:ce:ef:c7:25:5f:
6c:b8:90:7a:fe:c6:ba:19:85:fe:21:6a:6a:78:12:
19:92:96:64:09:a9:ab:3a:52:e4:fa:e9:ad:a5:de:
33:2d:e0:4b:c2:0f:74:34:f2:7b:66:ff:b9:da:6a:
bc:a5:c8:22:5d:80:60:23:26:7e:84:21:1c:9a:f0:
08:d3:2f:6f:a7:2b:98:20:66:5f:25:ee:bc:54:e4:
7a:5c:09:f2:ca:52:c5:7e:24:ba:e5:da:ca:55:ed:
43:0a:48:8f:85:a0:25:71:b0:4a:74:66:b7:91:c0:
1c:20:32:dd:c4:29:2e:dc:3e:75:84:29:98:dc:34:
cc:0d:c7:6d:53:9f:4c:1a:8e:00:94:24:72:23:18:
e5:61:43:62:a2:72:66:ef:de:10:e8:e2:ae:c6:de:
4f:82:be:fc:27:b1:9d:36:b4:ac:a3:c4:1e:de:01:
f4:12:b9:e6:4b:c9:7c:d5:6c:58:44:9d:4c:2a:98:
65:86:98:29:b2:3a:98:03:8f:a8:36:ad:15:44:e7:
58:dc:8e:3f:04:61:1a:8b:7f:9a:80:d4:7c:f1:25:
ce:96:b9:95:19:4f:eb:79:d7:37:7c:fc:56:5c:0a:
fc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:15:CF:83:5B:D6:AB:89:AA:5C:5E:0D:BC:0B:18:BE:3E:D0:82:BB
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/sRXPg1vWq4mqXF4NvAsYvj7Qgrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.176.25.0/24
213.218.208.0/24
Signature Algorithm: sha256WithRSAEncryption
09:41:90:c6:5b:5e:27:bc:01:bd:14:70:09:f3:c1:93:31:ea:
b0:8e:da:d4:f6:40:1d:99:e3:00:60:3d:94:11:c9:bf:95:29:
c8:e0:8c:08:9f:92:bf:ce:78:8b:44:49:f8:f0:2e:e0:28:db:
6f:f8:0d:d8:6f:bb:41:33:bc:93:e5:d7:41:5e:a9:13:e7:86:
f9:39:fe:67:48:9f:45:be:53:cd:8e:b2:e9:31:c4:ea:60:96:
fa:c3:da:1a:ad:56:a7:8c:e8:f9:7b:1b:57:2c:85:ed:c2:5e:
f9:1d:44:f1:3f:85:8f:99:54:9e:00:3c:5f:60:b0:33:8c:15:
e0:1e:20:65:1a:38:42:8e:59:66:fa:20:59:77:fc:99:9f:80:
1a:b6:53:f9:77:5a:cb:59:a1:d2:e0:cb:a0:02:07:79:6d:04:
0e:de:f0:1e:e1:24:d9:3c:81:3e:0a:1e:6e:7a:3e:14:e3:68:
82:ba:c8:b9:b4:90:31:06:53:97:6e:11:f8:f2:2d:dc:3c:bc:
81:e1:6a:c5:20:a5:df:d4:db:2a:98:37:ff:9c:22:6c:a3:06:
01:aa:2e:24:3e:c3:14:ef:bd:1b:9b:eb:2a:28:bb:15:3f:51:
9f:21:88:3e:d8:83:d1:49:d2:b1:a0:93:7c:de:26:f5:f1:5e:
a2:70:0d:67
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZiFNHqD1KvD11RBHV39Wi6lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwODA3MTU0NDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTE1Y2Y4MzViZDZhYjg5YWE1YzVlMGRiYzBiMThiZTNlZDA4MmJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlyl4dXcf5Jt/QObvuSyJtgkvYjCe
3Aawzu/HJV9suJB6/sa6GYX+IWpqeBIZkpZkCamrOlLk+umtpd4zLeBLwg90NPJ7
Zv+52mq8pcgiXYBgIyZ+hCEcmvAI0y9vpyuYIGZfJe68VOR6XAnyylLFfiS65drK
Ve1DCkiPhaAlcbBKdGa3kcAcIDLdxCku3D51hCmY3DTMDcdtU59MGo4AlCRyIxjl
YUNionJm794Q6OKuxt5Pgr78J7GdNrSso8Qe3gH0ErnmS8l81WxYRJ1MKphlhpgp
sjqYA4+oNq0VROdY3I4/BGEai3+agNR88SXOlrmVGU/redc3fPxWXAr8fQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFLEVz4Nb1quJqlxeDbwLGL4+0IK7MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvc1JYUGcxdldxNG1xWEY0TnZBc1l2ajdRZ3JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAbbAZAwQA
1drQMA0GCSqGSIb3DQEBCwUAA4IBAQAJQZDGW14nvAG9FHAJ88GTMeqwjtrU9kAd
meMAYD2UEcm/lSnI4IwIn5K/zniLREn48C7gKNtv+A3Yb7tBM7yT5ddBXqkT54b5
Of5nSJ9FvlPNjrLpMcTqYJb6w9oarVanjOj5extXLIXtwl75HUTxP4WPmVSeADxf
YLAzjBXgHiBlGjhCjllm+iBZd/yZn4AatlP5d1rLWaHS4MugAgd5bQQO3vAe4STZ
PIE+Ch5uej4U42iCusi5tJAxBlOXbhH48i3cPLyB4WrFIKXf1NsqmDf/nCJsowYB
qi4kPsMU770bm+sqKLsVP1GfIYg+2IPRSdKxoJN83ib18V6icA1n
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:00:45 2025 by rpki-client