Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w6lDCfwOJdsVKMqEZ4L5T8-ACYk.roa
File: w6lDCfwOJdsVKMqEZ4L5T8-ACYk.roa (raw, json)
Hash identifier: tVJnhYEHqLBAnqUxnBHL/D6FsYc3c7e3nv0OsgExqWg=
Subject key identifier: C3:A9:43:09:FC:0E:25:DB:15:28:CA:84:67:82:F9:4F:CF:80:09:89
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 0199CE2337D587A999B9CCD1836FC7E20EC8
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w6lDCfwOJdsVKMqEZ4L5T8-ACYk.roa
Signing time: Fri 10 Oct 2025 12:40:38 +0000
ROA not before: Fri 10 Oct 2025 12:40:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 64267
IP address blocks: 77.93.142.0/24 maxlen: 24
80.240.85.0/24 maxlen: 24
89.213.229.0/24 maxlen: 24
217.145.71.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:23:37:d5:87:a9:99:b9:cc:d1:83:6f:c7:e2:0e:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 10 12:40:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c3a94309fc0e25db1528ca846782f94fcf800989
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:4f:25:e4:a6:24:db:bf:a2:a2:d9:c4:7d:14:
15:19:ec:aa:5e:58:45:f8:4b:b0:cd:cb:af:e3:a7:
28:1a:1f:c4:57:aa:81:2a:3b:29:ff:ff:3c:68:ec:
54:9f:08:1a:07:6e:23:65:ff:74:bc:36:85:18:e4:
6d:ba:d3:37:59:b7:3c:71:a9:b7:b9:c0:22:57:51:
f7:2e:3b:85:2f:d8:c8:a2:75:b4:df:e6:0f:80:ce:
01:ac:d6:fd:31:4d:60:2b:27:52:79:af:99:91:0f:
8d:54:6b:a2:65:ab:9d:69:6e:40:c4:0f:46:62:dc:
bc:83:c7:7d:fe:12:69:a6:87:70:a6:26:f2:ea:3a:
fb:13:38:9e:6c:14:41:65:e9:b7:82:a8:58:9a:da:
cd:c8:13:5f:57:80:dd:5d:5f:1f:38:51:7e:4c:ee:
3f:b3:0f:34:7b:4b:f7:4c:dc:cc:d5:34:68:c3:07:
57:64:1c:60:9c:cf:37:a0:d7:b7:2b:7f:3b:ea:97:
af:d4:06:ea:8d:f5:e0:59:71:67:d3:e3:14:d3:11:
1b:ec:a8:b5:66:41:18:10:0b:11:1e:22:9f:f8:f9:
b7:15:c4:ee:00:5c:52:46:c9:f9:af:3b:14:bf:33:
92:75:1b:0f:be:36:91:f9:65:cb:57:5a:ed:03:84:
4d:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:A9:43:09:FC:0E:25:DB:15:28:CA:84:67:82:F9:4F:CF:80:09:89
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/w6lDCfwOJdsVKMqEZ4L5T8-ACYk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.93.142.0/24
80.240.85.0/24
89.213.229.0/24
217.145.71.0/24
Signature Algorithm: sha256WithRSAEncryption
6b:37:0b:36:75:be:42:f3:80:26:9c:89:d3:e8:20:e2:2e:5c:
0a:85:46:22:ce:67:80:83:6d:90:36:10:03:1d:a4:b1:52:8f:
67:35:79:7a:94:b2:b8:9f:0c:0b:70:e9:5e:91:2d:16:d5:f0:
8a:a1:83:d6:05:f9:fe:66:6a:5c:8d:cf:be:77:8c:3e:13:4c:
1d:35:0e:0d:8a:89:d6:23:19:42:58:f3:a8:55:a5:bb:17:9c:
15:7a:10:9a:1d:ac:85:cb:c3:62:ea:ab:2b:f4:96:24:3c:65:
69:85:2c:44:0a:2e:38:41:35:b9:f2:3a:e7:00:8c:d9:4e:41:
11:a0:3a:6d:2b:1b:e6:f6:b9:9b:09:ac:dd:dd:82:e7:bb:72:
9b:a4:be:d1:4f:e6:cf:91:f8:8a:34:2a:92:3b:eb:10:aa:a6:
ca:01:29:1b:d3:43:85:9a:7b:e7:07:3f:03:14:30:1f:c4:a8:
d7:43:0b:04:6b:b7:c7:d8:24:ee:36:89:5b:ef:ce:de:46:a8:
dc:c2:65:1d:9c:0c:10:d4:69:b5:9f:a5:fc:61:fc:cb:b0:e8:
1c:39:d2:47:64:69:9e:13:08:03:04:24:0b:a0:c4:0e:30:b9:
5e:93:63:fb:52:60:5b:10:9f:8b:af:38:b5:0e:e9:3e:d5:f8:
fa:95:17:cf
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnOIzfVh6mZuczRg2/H4g7IMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDEwMTI0MDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjM2E5NDMwOWZjMGUyNWRiMTUyOGNhODQ2NzgyZjk0ZmNmODAwOTg5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjk8l5KYk27+iotnEfRQVGeyqXlhF
+Euwzcuv46coGh/EV6qBKjsp//88aOxUnwgaB24jZf90vDaFGORtutM3Wbc8cam3
ucAiV1H3LjuFL9jIonW03+YPgM4BrNb9MU1gKydSea+ZkQ+NVGuiZaudaW5AxA9G
Yty8g8d9/hJppodwpiby6jr7EziebBRBZem3gqhYmtrNyBNfV4DdXV8fOFF+TO4/
sw80e0v3TNzM1TRowwdXZBxgnM83oNe3K3876pev1AbqjfXgWXFn0+MU0xEb7Ki1
ZkEYEAsRHiKf+Pm3FcTuAFxSRsn5rzsUvzOSdRsPvjaR+WXLV1rtA4RNtwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMOpQwn8DiXbFSjKhGeC+U/PgAmJMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvdzZsRENmd09KZHNWS01xRVo0TDVUOC1BQ1lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQATV2OAwQA
UPBVAwQAWdXlAwQA2ZFHMA0GCSqGSIb3DQEBCwUAA4IBAQBrNws2db5C84AmnInT
6CDiLlwKhUYizmeAg22QNhADHaSxUo9nNXl6lLK4nwwLcOlekS0W1fCKoYPWBfn+
Zmpcjc++d4w+E0wdNQ4NionWIxlCWPOoVaW7F5wVehCaHayFy8Ni6qsr9JYkPGVp
hSxECi44QTW58jrnAIzZTkERoDptKxvm9rmbCazd3YLnu3KbpL7RT+bPkfiKNCqS
O+sQqqbKASkb00OFmnvnBz8DFDAfxKjXQwsEa7fH2CTuNolb787eRqjcwmUdnAwQ
1Gm1n6X8YfzLsOgcOdJHZGmeEwgDBCQLoMQOMLlek2P7UmBbEJ+Lrzi1Duk+1fj6
lRfP
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:06 2025 by rpki-client