Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/w3xxqTiLQnAH3cHQYhrUZxFMWqg.roa
File: w3xxqTiLQnAH3cHQYhrUZxFMWqg.roa (raw, json)
Hash identifier: M5jABXYfv3dOr183BC0+Qkk5fkM0jwggytr5ejlAXco=
Subject key identifier: C3:7C:71:A9:38:8B:42:70:07:DD:C1:D0:62:1A:D4:67:11:4C:5A:A8
Certificate issuer: /CN=89056fa9625b6c87404267c6dc219924ac160045
Certificate serial: 019997FBC198B53397AF2E8E2785686C42E9
Authority key identifier: 89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/w3xxqTiLQnAH3cHQYhrUZxFMWqg.roa
Signing time: Tue 30 Sep 2025 00:18:02 +0000
ROA not before: Tue 30 Sep 2025 00:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136258
IP address blocks: 46.16.128.0/24 maxlen: 24
46.16.129.0/24 maxlen: 24
46.16.130.0/24 maxlen: 24
46.16.131.0/24 maxlen: 24
109.104.152.0/24 maxlen: 24
109.104.153.0/24 maxlen: 24
109.104.155.0/24 maxlen: 24
147.78.0.0/24 maxlen: 24
147.78.1.0/24 maxlen: 24
147.78.2.0/24 maxlen: 24
147.78.3.0/24 maxlen: 24
185.126.236.0/24 maxlen: 24
185.126.237.0/24 maxlen: 24
185.126.238.0/24 maxlen: 24
185.126.239.0/24 maxlen: 24
185.213.20.0/24 maxlen: 24
185.213.21.0/24 maxlen: 24
185.213.23.0/24 maxlen: 24
2a11:840:1::/48 maxlen: 48
2a11:840:3::/48 maxlen: 48
2a11:840:4::/48 maxlen: 48
2a11:840:5::/48 maxlen: 48
2a11:840:6::/48 maxlen: 48
2a11:840:7::/48 maxlen: 48
2a11:840:8::/48 maxlen: 48
2a11:840:9::/48 maxlen: 48
2a11:840:10::/48 maxlen: 48
2a11:840:11::/48 maxlen: 48
2a11:840:12::/48 maxlen: 48
2a11:840:13::/48 maxlen: 48
2a11:840:14::/48 maxlen: 48
2a11:840:16::/48 maxlen: 48
2a11:840:17::/48 maxlen: 48
2a11:840:18::/48 maxlen: 48
2a11:840:19::/48 maxlen: 48
2a11:840:20::/48 maxlen: 48
2a11:840:21::/48 maxlen: 48
2a11:840:22::/48 maxlen: 48
2a11:840:23::/48 maxlen: 48
2a11:840:24::/48 maxlen: 48
2a11:840:25::/48 maxlen: 48
2a11:840:26::/48 maxlen: 48
2a11:840:28::/48 maxlen: 48
2a11:840:30::/48 maxlen: 48
2a11:840:33::/48 maxlen: 48
2a11:840:40::/48 maxlen: 48
2a11:840:41::/48 maxlen: 48
2a11:840:47::/48 maxlen: 48
2a11:840:48::/48 maxlen: 48
2a11:840:54::/48 maxlen: 48
2a11:840:57::/48 maxlen: 48
2a11:840:60::/48 maxlen: 48
2a11:840:61::/48 maxlen: 48
2a11:840:62::/48 maxlen: 48
2a11:840:63::/48 maxlen: 48
2a11:840:64::/48 maxlen: 48
2a11:840:65::/48 maxlen: 48
2a11:840:66::/48 maxlen: 48
2a11:840:67::/48 maxlen: 48
2a11:840:68::/48 maxlen: 48
2a11:840:69::/48 maxlen: 48
2a11:840:70::/48 maxlen: 48
2a11:840:71::/48 maxlen: 48
2a11:840:72::/48 maxlen: 48
2a11:840:73::/48 maxlen: 48
2a11:840:73:1b::/64 maxlen: 64
2a11:840:74::/48 maxlen: 48
2a11:840:75::/48 maxlen: 48
2a11:840:76::/48 maxlen: 48
2a11:840:77::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.mft
rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:97:fb:c1:98:b5:33:97:af:2e:8e:27:85:68:6c:42:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=89056fa9625b6c87404267c6dc219924ac160045
Validity
Not Before: Sep 30 00:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c37c71a9388b427007ddc1d0621ad467114c5aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:fc:f8:04:14:ad:84:f2:c4:c3:84:10:aa:c7:
23:97:21:54:a3:0f:99:00:2f:d1:88:ac:6f:d5:5d:
82:e6:60:ae:36:78:f9:f1:52:7b:69:9a:39:2b:0f:
17:ae:3b:ec:70:4a:2b:11:30:9b:b6:85:b4:aa:dd:
ba:76:66:e6:d9:4c:30:61:1c:40:65:1f:14:e6:28:
b3:25:6f:e9:cf:75:ba:02:93:d5:fe:9c:eb:69:19:
59:31:5c:28:5b:0b:da:de:7b:7c:80:6f:5a:1f:da:
b4:fd:50:ed:a0:ad:50:25:66:ca:22:31:c7:6a:99:
24:4a:1c:81:a5:29:eb:f5:d8:46:f9:b1:a6:75:da:
5d:43:10:88:c2:73:f0:f2:06:36:8a:45:81:62:08:
15:e4:3e:36:7d:c8:3a:75:23:02:35:3f:3f:ee:a3:
8d:89:18:7d:35:42:13:21:8b:47:14:fc:ae:f4:c6:
f9:f8:95:a8:c9:1d:a7:12:75:94:da:61:5c:2c:55:
74:9d:5f:8c:ac:57:bb:71:04:e0:97:ea:7e:7b:08:
7b:8c:d8:05:c0:8a:a9:d3:56:56:16:f9:3c:43:0b:
4c:d7:2b:c1:2b:a7:96:83:f0:11:9b:92:50:e7:b7:
cd:fa:2d:5e:a6:fa:c7:8d:80:d2:0d:96:61:d3:09:
37:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C3:7C:71:A9:38:8B:42:70:07:DD:C1:D0:62:1A:D4:67:11:4C:5A:A8
X509v3 Authority Key Identifier:
keyid:89:05:6F:A9:62:5B:6C:87:40:42:67:C6:DC:21:99:24:AC:16:00:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iQVvqWJbbIdAQmfG3CGZJKwWAEU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/w3xxqTiLQnAH3cHQYhrUZxFMWqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/99ae2f-39cc-43f3-941d-51920373353c/1/iQVvqWJbbIdAQmfG3CGZJKwWAEU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.16.128.0/22
109.104.152.0/23
109.104.155.0/24
147.78.0.0/22
185.126.236.0/22
185.213.20.0/23
185.213.23.0/24
IPv6:
2a11:840:1::/48
2a11:840:3::-2a11:840:9:ffff:ffff:ffff:ffff:ffff
2a11:840:10::-2a11:840:14:ffff:ffff:ffff:ffff:ffff
2a11:840:16::-2a11:840:19:ffff:ffff:ffff:ffff:ffff
2a11:840:20::-2a11:840:26:ffff:ffff:ffff:ffff:ffff
2a11:840:28::/48
2a11:840:30::/48
2a11:840:33::/48
2a11:840:40::/47
2a11:840:47::-2a11:840:48:ffff:ffff:ffff:ffff:ffff
2a11:840:54::/48
2a11:840:57::/48
2a11:840:60::-2a11:840:69:ffff:ffff:ffff:ffff:ffff
2a11:840:70::/45
Signature Algorithm: sha256WithRSAEncryption
06:9e:6f:8a:b9:de:5a:68:0f:25:9d:7a:fc:1b:46:df:44:ea:
38:29:1d:70:83:0a:4b:e4:79:b7:6a:4e:64:e2:0f:5e:b4:5a:
bb:10:98:16:28:be:e5:9f:69:58:e7:a3:df:7d:cd:99:61:d5:
68:4c:38:7c:8a:cf:36:d6:27:af:c1:e8:59:a9:67:6a:f5:7b:
2d:f4:61:08:72:8c:3a:2f:21:ef:21:c3:16:d7:7d:ba:7a:e7:
54:2d:e7:52:5b:52:fa:b7:de:90:63:e5:e2:9c:75:fa:32:82:
ff:04:6a:b7:09:01:09:18:91:b1:65:a1:65:89:1b:dc:d2:d9:
e1:8d:e7:70:af:47:4d:06:12:ea:cf:cf:fe:fd:80:c6:0d:55:
db:eb:51:a7:83:8f:40:73:87:ef:d4:9b:91:fb:d2:62:d6:91:
2e:f5:10:af:60:8b:aa:f9:8c:fc:e3:ae:69:04:57:a4:21:b0:
70:a5:1c:57:12:52:0d:aa:84:91:b8:7a:0d:99:ce:11:4d:7c:
91:d1:8c:42:48:0c:ab:a6:4a:31:44:f8:4d:f2:f8:0d:30:41:
93:9e:db:c9:b3:10:01:94:1c:f6:17:03:cd:2d:81:fb:31:68:
17:a0:2f:5e:0b:81:95:78:7f:0e:d9:7e:c8:df:0e:c3:20:b8:
ac:eb:50:ae
-----BEGIN CERTIFICATE-----
MIIF7zCCBNegAwIBAgISAZmX+8GYtTOXry6OJ4VobELpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg5MDU2ZmE5NjI1YjZjODc0MDQyNjdjNmRjMjE5OTI0YWMx
NjAwNDUwHhcNMjUwOTMwMDAxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMzdjNzFhOTM4OGI0MjcwMDdkZGMxZDA2MjFhZDQ2NzExNGM1YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzvz4BBSthPLEw4QQqscjlyFUow+Z
AC/RiKxv1V2C5mCuNnj58VJ7aZo5Kw8XrjvscEorETCbtoW0qt26dmbm2UwwYRxA
ZR8U5iizJW/pz3W6ApPV/pzraRlZMVwoWwva3nt8gG9aH9q0/VDtoK1QJWbKIjHH
apkkShyBpSnr9dhG+bGmddpdQxCIwnPw8gY2ikWBYggV5D42fcg6dSMCNT8/7qON
iRh9NUITIYtHFPyu9Mb5+JWoyR2nEnWU2mFcLFV0nV+MrFe7cQTgl+p+ewh7jNgF
wIqp01ZWFvk8QwtM1yvBK6eWg/ARm5JQ57fN+i1epvrHjYDSDZZh0wk3XwIDAQAB
o4IC+zCCAvcwHQYDVR0OBBYEFMN8cak4i0JwB93B0GIa1GcRTFqoMB8GA1UdIwQY
MBaAFIkFb6liW2yHQEJnxtwhmSSsFgBFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQt
NTE5MjAzNzMzNTNjLzEvdzN4eHFUaUxRbkFIM2NIUVloclVaeEZNV3FnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi85OWFlMmYtMzljYy00M2YzLTk0MWQtNTE5MjAzNzMzNTNj
LzEvaVFWdnFXSmJiSWRBUW1mRzNDR1pKS3dXQUVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDwYIKwYBBQUHAQcBAf8Egf8wgfwwMAQCAAEwKgMEAi4Q
gAMEAW1omAMEAG1omwMEApNOAAMEArl+7AMEAbnVFAMEALnVFzCBxwQCAAIwgcAD
BwAqEQhAAAEwEgMHACoRCEAAAwMHASoRCEAACDASAwcEKhEIQAAQAwcAKhEIQAAU
MBIDBwEqEQhAABYDBwEqEQhAABgwEgMHBSoRCEAAIAMHACoRCEAAJgMHACoRCEAA
KAMHACoRCEAAMAMHACoRCEAAMwMHASoRCEAAQDASAwcAKhEIQABHAwcAKhEIQABI
AwcAKhEIQABUAwcAKhEIQABXMBIDBwUqEQhAAGADBwEqEQhAAGgDBwMqEQhAAHAw
DQYJKoZIhvcNAQELBQADggEBAAaeb4q53lpoDyWdevwbRt9E6jgpHXCDCkvkebdq
TmTiD160WrsQmBYovuWfaVjno999zZlh1WhMOHyKzzbWJ6/B6FmpZ2r1ey30YQhy
jDovIe8hwxbXfbp651Qt51JbUvq33pBj5eKcdfoygv8EarcJAQkYkbFloWWJG9zS
2eGN53CvR00GEurPz/79gMYNVdvrUaeDj0Bzh+/Um5H70mLWkS71EK9gi6r5jPzj
rmkEV6QhsHClHFcSUg2qhJG4eg2ZzhFNfJHRjEJIDKumSjFE+E3y+A0wQZOe28mz
EAGUHPYXA80tgfsxaBegL14LgZV4fw7ZfsjfDsMguKzrUK4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:12 2025 by rpki-client