
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/23bca3VQeIrruEqgH6VNWFAiuWs.roa
File: 23bca3VQeIrruEqgH6VNWFAiuWs.roa (raw, json)
Hash identifier: AgG1ZxIJ9G4cx9MANuRKQ+cw/0IS8xxAcB1MqAzxpGw=
Subject key identifier: DB:76:DC:6B:75:50:78:8A:EB:B8:4A:A0:1F:A5:4D:58:50:22:B9:6B
Certificate issuer: /CN=27d7304c1b59dc22731bb53eff5a84ed9a30614c
Certificate serial: 0199382B5E58D95712730E001577A9F15AF4
Authority key identifier: 27:D7:30:4C:1B:59:DC:22:73:1B:B5:3E:FF:5A:84:ED:9A:30:61:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/23bca3VQeIrruEqgH6VNWFAiuWs.roa
Signing time: Thu 11 Sep 2025 09:46:30 +0000
ROA not before: Thu 11 Sep 2025 09:46:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60781
IP address blocks: 5.79.64.0/18 maxlen: 18
37.48.64.0/18 maxlen: 18
62.212.64.0/19 maxlen: 19
81.17.47.0/24 maxlen: 24
81.17.49.0/24 maxlen: 24
81.17.50.0/24 maxlen: 24
81.17.51.0/24 maxlen: 24
81.17.52.0/24 maxlen: 24
81.17.53.0/24 maxlen: 24
81.17.54.0/24 maxlen: 24
81.17.55.0/24 maxlen: 24
81.171.0.0/19 maxlen: 19
82.192.64.0/19 maxlen: 19
83.149.64.0/18 maxlen: 18
85.17.0.0/16 maxlen: 16
89.149.192.0/18 maxlen: 18
89.149.192.0/20 maxlen: 20
94.75.192.0/18 maxlen: 18
95.168.160.0/20 maxlen: 20
95.211.0.0/16 maxlen: 16
95.211.51.0/24 maxlen: 24
95.211.85.0/24 maxlen: 24
173.234.68.0/22 maxlen: 22
178.162.128.0/18 maxlen: 23
178.162.162.0/23 maxlen: 23
178.162.164.0/22 maxlen: 22
178.162.168.0/22 maxlen: 22
178.162.176.0/20 maxlen: 20
185.17.184.0/22 maxlen: 22
212.7.192.0/20 maxlen: 20
212.7.208.0/22 maxlen: 22
212.32.224.0/19 maxlen: 19
213.227.128.0/19 maxlen: 19
2001:1af8::/32 maxlen: 32
2001:1af8:8000::/36 maxlen: 36
2001:1af8:8000::/40 maxlen: 40
2001:1af8:8100::/44 maxlen: 44
2001:1af8:8110::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.mft
rsync://rpki.ripe.net/repository/DEFAULT/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:2b:5e:58:d9:57:12:73:0e:00:15:77:a9:f1:5a:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=27d7304c1b59dc22731bb53eff5a84ed9a30614c
Validity
Not Before: Sep 11 09:46:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db76dc6b7550788aebb84aa01fa54d585022b96b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:df:a2:63:7d:06:4e:76:c0:95:5c:a4:c7:ca:
36:00:56:82:bc:3d:fe:b0:0c:a6:4c:a9:c7:22:52:
a9:df:68:de:a2:fc:96:b0:02:0f:3c:ca:86:94:6d:
30:ed:00:01:e3:25:58:00:aa:39:58:fb:05:49:ad:
7a:4b:e2:26:d6:b9:2a:8c:f5:d5:38:62:a4:cf:be:
a4:a3:ff:c1:fc:c9:6b:76:c3:98:47:46:af:3d:8f:
f3:27:7f:f2:ef:47:40:51:ed:f7:40:70:7d:b7:f4:
a6:ed:ae:ad:9a:86:d3:56:bc:9e:7d:af:54:73:c1:
cc:88:f4:18:3e:7b:fe:a3:e9:5e:3d:05:a8:f2:af:
89:b7:58:42:b2:ba:20:f9:b3:fc:d3:77:7b:30:52:
2d:64:e5:df:05:47:e2:15:81:dd:c3:2d:cb:43:0d:
33:11:30:73:d6:30:07:bd:0b:0e:87:1e:5d:bb:c9:
ba:10:10:f4:9f:59:19:1d:aa:19:23:45:93:7c:2c:
41:89:58:4b:75:f1:76:45:9a:95:6e:51:a3:8c:d5:
28:1d:48:29:3a:00:db:09:f0:ab:ad:87:96:16:02:
ac:af:5b:46:83:11:fc:e2:65:1c:b0:e4:3a:f6:0a:
89:60:c8:b1:a1:9b:2a:16:95:02:bf:64:2a:03:cb:
37:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:76:DC:6B:75:50:78:8A:EB:B8:4A:A0:1F:A5:4D:58:50:22:B9:6B
X509v3 Authority Key Identifier:
keyid:27:D7:30:4C:1B:59:DC:22:73:1B:B5:3E:FF:5A:84:ED:9A:30:61:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/23bca3VQeIrruEqgH6VNWFAiuWs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/c13e12-e50d-4338-8a2f-fffb5a4e762a/1/J9cwTBtZ3CJzG7U-_1qE7ZowYUw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.79.64.0/18
37.48.64.0/18
62.212.64.0/19
81.17.47.0/24
81.17.49.0-81.17.55.255
81.171.0.0/19
82.192.64.0/19
83.149.64.0/18
85.17.0.0/16
89.149.192.0/18
94.75.192.0/18
95.168.160.0/20
95.211.0.0/16
173.234.68.0/22
178.162.128.0/18
185.17.184.0/22
212.7.192.0-212.7.211.255
212.32.224.0/19
213.227.128.0/19
IPv6:
2001:1af8::/32
Signature Algorithm: sha256WithRSAEncryption
29:75:3e:03:10:a8:56:30:67:26:58:b9:92:9a:a9:48:97:83:
fc:7c:e5:b3:eb:60:14:95:df:13:e6:53:fd:c6:96:53:df:fe:
a3:cf:9f:db:68:13:a3:fb:72:36:59:ea:c0:b4:bf:4b:ad:e9:
2f:b9:5f:18:f9:8d:18:6f:a5:45:3e:c3:f6:db:6e:c1:43:67:
23:d4:83:04:01:96:2c:90:b0:ec:e3:69:07:45:c6:57:95:15:
c8:9b:cd:6d:b4:3e:6c:35:fd:00:01:e4:24:8a:e8:5a:11:51:
e6:a0:e8:dd:f0:9c:d1:d4:08:0f:4e:41:26:f0:39:d3:ea:72:
c3:f0:6b:cb:3a:65:da:a6:23:2c:54:f7:7f:bd:7e:c8:7d:fe:
e9:08:f9:c0:9e:1d:bd:e3:ab:5f:84:6d:28:d3:80:ed:26:30:
e0:38:89:4e:4c:96:9e:e3:9b:9d:4d:fc:e3:8b:b1:ac:64:8e:
46:24:a5:65:a5:a9:61:18:79:43:c7:95:ca:17:b2:3d:c3:e5:
ee:85:87:19:ed:0b:d9:5f:6d:cd:2b:fa:d0:71:9a:e3:72:c8:
e9:80:ca:4e:67:1e:55:4b:c9:58:8d:df:b6:bc:e1:bf:82:f4:
cc:20:42:60:89:66:57:21:5c:56:d3:94:53:08:57:f2:a7:c9:
d2:f2:44:ff
-----BEGIN CERTIFICATE-----
MIIFizCCBHOgAwIBAgISAZk4K15Y2VcScw4AFXep8Vr0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3ZDczMDRjMWI1OWRjMjI3MzFiYjUzZWZmNWE4NGVkOWEz
MDYxNGMwHhcNMjUwOTExMDk0NjMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjc2ZGM2Yjc1NTA3ODhhZWJiODRhYTAxZmE1NGQ1ODUwMjJiOTZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA19+iY30GTnbAlVykx8o2AFaCvD3+
sAymTKnHIlKp32jeovyWsAIPPMqGlG0w7QAB4yVYAKo5WPsFSa16S+Im1rkqjPXV
OGKkz76ko//B/MlrdsOYR0avPY/zJ3/y70dAUe33QHB9t/Sm7a6tmobTVryefa9U
c8HMiPQYPnv+o+lePQWo8q+Jt1hCsrog+bP803d7MFItZOXfBUfiFYHdwy3LQw0z
ETBz1jAHvQsOhx5du8m6EBD0n1kZHaoZI0WTfCxBiVhLdfF2RZqVblGjjNUoHUgp
OgDbCfCrrYeWFgKsr1tGgxH84mUcsOQ69gqJYMixoZsqFpUCv2QqA8s3iQIDAQAB
o4IClzCCApMwHQYDVR0OBBYEFNt23Gt1UHiK67hKoB+lTVhQIrlrMB8GA1UdIwQY
MBaAFCfXMEwbWdwicxu1Pv9ahO2aMGFMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjljd1RCdFozQ0p6RzdVLV8xcUU3Wm93WVV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9jMTNlMTItZTUwZC00MzM4LThhMmYt
ZmZmYjVhNGU3NjJhLzEvMjNiY2EzVlFlSXJydUVxZ0g2Vk5XRkFpdVdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9jMTNlMTItZTUwZC00MzM4LThhMmYtZmZmYjVhNGU3NjJh
LzEvSjljd1RCdFozQ0p6RzdVLV8xcUU3Wm93WVV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGsBggrBgEFBQcBBwEB/wSBnDCBmTCBhwQCAAEwgYADBAYF
T0ADBAYlMEADBAU+1EADBABRES8wDAMEAFERMQMEA1ERMAMEBVGrAAMEBVLAQAME
BlOVQAMDAFURAwQGWZXAAwQGXkvAAwQEX6igAwMAX9MDBAKt6kQDBAayooADBAK5
EbgwDAMEBtQHwAMEAtQH0AMEBdQg4AMEBdXjgDANBAIAAjAHAwUAIAEa+DANBgkq
hkiG9w0BAQsFAAOCAQEAKXU+AxCoVjBnJli5kpqpSJeD/Hzls+tgFJXfE+ZT/caW
U9/+o8+f22gTo/tyNlnqwLS/S63pL7lfGPmNGG+lRT7D9ttuwUNnI9SDBAGWLJCw
7ONpB0XGV5UVyJvNbbQ+bDX9AAHkJIroWhFR5qDo3fCc0dQID05BJvA50+pyw/Br
yzpl2qYjLFT3f71+yH3+6Qj5wJ4dveOrX4RtKNOA7SYw4DiJTkyWnuObnU3844ux
rGSORiSlZaWpYRh5Q8eVyheyPcPl7oWHGe0L2V9tzSv60HGa43LI6YDKTmceVUvJ
WI3ftrzhv4L0zCBCYIlmVyFcVtOUUwhX8qfJ0vJE/w==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:50:51 2025 by rpki-client