
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/3vQJX1qiDpD0wMY9PTYA0PPaBPY.roa
File: 3vQJX1qiDpD0wMY9PTYA0PPaBPY.roa (raw, json)
Hash identifier: 9p9BvXjVY0nIdlxupAXb84lfifwZdaujC3Pou0+e2uY=
Subject key identifier: DE:F4:09:5F:5A:A2:0E:90:F4:C0:C6:3D:3D:36:00:D0:F3:DA:04:F6
Certificate issuer: /CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Certificate serial: 0199E1E1D688B068457448A4355B9658BA74
Authority key identifier: 6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/3vQJX1qiDpD0wMY9PTYA0PPaBPY.roa
Signing time: Tue 14 Oct 2025 08:41:38 +0000
ROA not before: Tue 14 Oct 2025 08:41:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2799
IP address blocks: 147.186.0.0/16 maxlen: 16
2001:67c:49c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.mft
rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:e1:d6:88:b0:68:45:74:48:a4:35:5b:96:58:ba:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ffb0f9bdc3a2fae47b47e70218993c919f10fb0
Validity
Not Before: Oct 14 08:41:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=def4095f5aa20e90f4c0c63d3d3600d0f3da04f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:dd:49:9f:02:47:e6:da:34:f3:a1:31:85:13:
5d:05:25:54:fc:fb:da:cd:8f:4a:ad:3e:14:86:5c:
23:de:e4:29:ec:df:a3:0b:b9:90:10:1c:41:08:d2:
d9:9a:63:af:8d:94:cd:6f:f7:fd:44:ab:ba:b5:e4:
47:71:49:1c:15:6e:be:5a:a3:c7:2e:12:f0:93:fa:
be:6c:8a:5d:3c:14:b4:17:48:ab:cf:56:eb:32:73:
ba:e8:2e:a5:6c:24:5f:3c:85:7e:73:34:7b:67:2d:
00:5f:e8:b3:21:8c:91:79:67:10:49:68:d5:f2:69:
3a:52:46:86:ae:52:85:57:aa:69:94:21:b2:f1:b1:
99:29:3e:d1:35:0e:54:71:b9:c7:19:e9:5d:1f:eb:
78:c5:7b:6e:56:1a:89:22:31:d0:21:31:0e:ba:31:
7d:1a:16:ac:ac:61:ae:2c:33:38:a7:af:a5:b9:ba:
f8:a2:6c:12:a6:f6:b1:b8:31:47:5c:e6:44:d4:bb:
b7:e9:fb:ae:7a:10:79:72:ec:c7:a1:ea:12:ce:9c:
56:07:b9:05:be:36:c4:f0:22:60:20:34:2b:ba:cc:
8f:4d:27:09:ed:ab:50:9c:2b:fb:dd:f9:f1:ac:ff:
a1:70:d8:4d:92:de:e0:8f:85:2e:1a:d2:5b:fa:ec:
4d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:F4:09:5F:5A:A2:0E:90:F4:C0:C6:3D:3D:36:00:D0:F3:DA:04:F6
X509v3 Authority Key Identifier:
keyid:6F:FB:0F:9B:DC:3A:2F:AE:47:B4:7E:70:21:89:93:C9:19:F1:0F:B0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b_sPm9w6L65HtH5wIYmTyRnxD7A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/3vQJX1qiDpD0wMY9PTYA0PPaBPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/84acdf-ba85-4a81-a306-f9ab3b052349/1/b_sPm9w6L65HtH5wIYmTyRnxD7A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.186.0.0/16
IPv6:
2001:67c:49c::/48
Signature Algorithm: sha256WithRSAEncryption
25:c4:4e:2c:83:6e:68:c5:01:9c:72:67:c7:12:2f:97:d3:b3:
07:f6:b3:82:cb:04:c3:78:d3:6b:1e:a1:79:21:fb:7a:89:2e:
e4:f3:37:3f:ca:94:6a:37:8f:12:3e:fa:70:e8:9c:13:ef:33:
96:48:a8:2c:1d:ac:da:b9:0f:56:e6:6e:0f:03:fe:58:0a:f7:
29:37:62:40:0b:18:eb:09:99:5a:29:4c:69:63:79:6d:ec:9c:
94:98:9e:65:77:34:cc:b5:4e:97:2f:33:13:b5:7f:98:1a:17:
b1:8e:bb:29:4d:6a:8b:f4:3a:e6:9e:b9:d1:74:79:0f:79:3f:
56:ec:0f:19:6c:20:8b:37:c8:85:da:6e:c8:05:ad:49:9a:5e:
39:20:51:a3:e7:5d:99:18:c4:cb:50:28:31:63:fd:49:df:7d:
56:f7:5d:cf:cd:a4:24:06:6f:83:44:c5:f0:46:50:e3:92:06:
aa:67:0f:ee:5d:e6:16:c7:2a:b5:59:1d:75:65:aa:f0:8d:38:
1e:69:4d:33:a9:20:17:bb:3b:79:7f:df:cf:02:25:f0:64:30:
7e:a0:82:d8:fb:fb:e8:e8:6c:9f:a8:b1:02:c6:e0:28:ed:f1:
33:29:ef:cd:6c:e5:06:10:92:c6:f8:25:13:e6:c0:6a:03:a2:
3c:59:15:f7
-----BEGIN CERTIFICATE-----
MIIFDTCCA/WgAwIBAgISAZnh4daIsGhFdEikNVuWWLp0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmZmIwZjliZGMzYTJmYWU0N2I0N2U3MDIxODk5M2M5MTlm
MTBmYjAwHhcNMjUxMDE0MDg0MTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWY0MDk1ZjVhYTIwZTkwZjRjMGM2M2QzZDM2MDBkMGYzZGEwNGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlt1JnwJH5to086ExhRNdBSVU/Pva
zY9KrT4Uhlwj3uQp7N+jC7mQEBxBCNLZmmOvjZTNb/f9RKu6teRHcUkcFW6+WqPH
LhLwk/q+bIpdPBS0F0irz1brMnO66C6lbCRfPIV+czR7Zy0AX+izIYyReWcQSWjV
8mk6UkaGrlKFV6pplCGy8bGZKT7RNQ5UcbnHGeldH+t4xXtuVhqJIjHQITEOujF9
GhasrGGuLDM4p6+lubr4omwSpvaxuDFHXOZE1Lu36fuuehB5cuzHoeoSzpxWB7kF
vjbE8CJgIDQrusyPTScJ7atQnCv73fnxrP+hcNhNkt7gj4UuGtJb+uxNHQIDAQAB
o4ICGTCCAhUwHQYDVR0OBBYEFN70CV9aog6Q9MDGPT02ANDz2gT2MB8GA1UdIwQY
MBaAFG/7D5vcOi+uR7R+cCGJk8kZ8Q+wMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYt
ZjlhYjNiMDUyMzQ5LzEvM3ZRSlgxcWlEcEQwd01ZOVBUWUEwUFBhQlBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84NGFjZGYtYmE4NS00YTgxLWEzMDYtZjlhYjNiMDUyMzQ5
LzEvYl9zUG05dzZMNjVIdEg1d0lZbVR5Um54RDdBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC8GCCsGAQUFBwEHAQH/BCAwHjALBAIAATAFAwMAk7owDwQC
AAIwCQMHACABBnwEnDANBgkqhkiG9w0BAQsFAAOCAQEAJcROLINuaMUBnHJnxxIv
l9OzB/azgssEw3jTax6heSH7eoku5PM3P8qUajePEj76cOicE+8zlkioLB2s2rkP
VuZuDwP+WAr3KTdiQAsY6wmZWilMaWN5beyclJieZXc0zLVOly8zE7V/mBoXsY67
KU1qi/Q65p650XR5D3k/VuwPGWwgizfIhdpuyAWtSZpeOSBRo+ddmRjEy1AoMWP9
Sd99Vvddz82kJAZvg0TF8EZQ45IGqmcP7l3mFscqtVkddWWq8I04HmlNM6kgF7s7
eX/fzwIl8GQwfqCC2Pv76Ohsn6ixAsbgKO3xMynvzWzlBhCSxvglE+bAagOiPFkV
9w==
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:52 2025 by rpki-client