
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/D4q5QeYMkgTngWc_wOjZD98RdmU.roa
File: D4q5QeYMkgTngWc_wOjZD98RdmU.roa (raw, json)
Hash identifier: TIn/p4u3LHbpQIcSm7Z411bo2Gcl4RIpFyXkWWJvvQY=
Subject key identifier: 0F:8A:B9:41:E6:0C:92:04:E7:81:67:3F:C0:E8:D9:0F:DF:11:76:65
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0199DCB51313FDB18B87FB1F5DFD5C211640
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/D4q5QeYMkgTngWc_wOjZD98RdmU.roa
Signing time: Mon 13 Oct 2025 08:34:38 +0000
ROA not before: Mon 13 Oct 2025 08:34:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 37.44.228.0/22 maxlen: 24
45.66.92.0/23 maxlen: 23
192.145.52.0/22 maxlen: 24
192.145.52.0/24 maxlen: 24
193.219.99.0/24 maxlen: 24
194.15.32.0/24 maxlen: 24
194.15.34.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dc:b5:13:13:fd:b1:8b:87:fb:1f:5d:fd:5c:21:16:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Oct 13 08:34:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f8ab941e60c9204e781673fc0e8d90fdf117665
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:a8:2d:57:67:e9:04:e7:11:ae:7a:fe:93:36:
4c:7d:cc:6a:e0:98:39:70:4c:7d:09:b3:40:b6:87:
3e:02:e8:da:de:14:5b:0d:b7:f3:95:69:dc:92:e1:
44:12:3b:80:7e:64:1a:9c:43:76:1f:70:c1:4c:33:
d2:f2:6c:1b:a8:9b:25:ba:bc:a6:95:39:af:e6:ee:
dc:1d:54:e2:33:07:ce:1d:a9:f3:bd:08:6a:1c:17:
73:0b:08:dc:55:41:04:4b:77:a8:f2:c0:7b:59:63:
43:b1:77:7d:0b:8a:98:77:51:fb:eb:63:dc:a3:51:
b6:0c:03:53:a7:d1:98:43:58:b5:4c:47:c5:27:c2:
a9:22:ef:25:82:45:b8:9b:d9:72:80:49:af:63:20:
3f:11:9d:db:47:bc:e2:d4:29:af:35:80:50:cb:16:
4d:d1:21:66:f9:d1:68:6a:60:3f:49:38:d9:44:c3:
bf:8a:f8:f7:f2:ff:b8:65:77:94:7d:be:09:93:94:
da:21:9f:92:6e:22:87:fc:b5:e0:46:33:70:dc:cf:
75:0b:bd:23:7c:b6:b8:42:27:f2:a9:a0:e6:77:36:
30:ba:f8:e2:ad:25:8d:37:f7:5b:7a:f4:6d:e0:fa:
92:f3:d8:9a:06:c0:72:b7:88:56:0a:f4:26:b6:4f:
05:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:8A:B9:41:E6:0C:92:04:E7:81:67:3F:C0:E8:D9:0F:DF:11:76:65
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/D4q5QeYMkgTngWc_wOjZD98RdmU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.228.0/22
45.66.92.0/23
192.145.52.0/22
193.219.99.0/24
194.15.32.0/24
194.15.34.0/24
Signature Algorithm: sha256WithRSAEncryption
25:34:6e:4a:c8:7d:95:b6:0f:d1:41:3e:09:14:d1:23:19:fa:
2d:76:73:7d:5e:c7:30:8a:d5:14:cf:0c:6f:c4:1f:5b:a5:57:
80:89:cf:84:48:1a:0d:73:4f:79:01:d0:05:94:61:72:74:4f:
c4:e6:4e:58:1b:af:dc:e5:69:0c:23:83:16:eb:8e:9f:8e:9c:
76:ee:95:67:ad:c8:f2:f9:32:58:6c:21:f4:a0:d7:fa:37:c9:
1d:d4:c0:06:c0:14:3a:73:4a:52:90:3c:98:ab:12:10:6d:b1:
fd:e8:b9:84:d6:4b:13:17:a8:b7:7d:80:7c:27:02:2e:02:90:
4c:c5:7d:84:64:49:f1:5c:15:5d:24:1e:f7:ee:66:53:11:d2:
f5:66:f0:1b:17:87:79:53:a7:f1:16:13:df:3f:3d:a8:51:a7:
70:7a:29:db:cc:7c:79:db:86:70:92:c2:2e:80:cf:5e:c2:f6:
be:a2:6d:c9:27:5a:4b:83:66:f1:a5:5e:35:78:86:23:02:40:
31:24:9a:69:a3:f9:3f:2d:be:5b:7e:9f:02:10:4a:21:3f:fd:
60:85:c8:7d:c3:50:f4:69:62:e2:b3:a8:4c:e5:af:4d:33:ce:
70:cf:2b:4d:4d:ae:fe:99:8b:e7:2e:bc:b1:a5:6e:f8:f4:80:
c7:db:38:67
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZnctRMT/bGLh/sfXf1cIRZAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUxMDEzMDgzNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjhhYjk0MWU2MGM5MjA0ZTc4MTY3M2ZjMGU4ZDkwZmRmMTE3NjY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxagtV2fpBOcRrnr+kzZMfcxq4Jg5
cEx9CbNAtoc+Auja3hRbDbfzlWnckuFEEjuAfmQanEN2H3DBTDPS8mwbqJslurym
lTmv5u7cHVTiMwfOHanzvQhqHBdzCwjcVUEES3eo8sB7WWNDsXd9C4qYd1H762Pc
o1G2DANTp9GYQ1i1TEfFJ8KpIu8lgkW4m9lygEmvYyA/EZ3bR7zi1CmvNYBQyxZN
0SFm+dFoamA/STjZRMO/ivj38v+4ZXeUfb4Jk5TaIZ+SbiKH/LXgRjNw3M91C70j
fLa4QifyqaDmdzYwuvjirSWNN/dbevRt4PqS89iaBsByt4hWCvQmtk8FUQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFA+KuUHmDJIE54FnP8Do2Q/fEXZlMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvRDRxNVFlWU1rZ1RuZ1djX3dPalpEOThSZG1VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQCJSzkAwQB
LUJcAwQCwJE0AwQAwdtjAwQAwg8gAwQAwg8iMA0GCSqGSIb3DQEBCwUAA4IBAQAl
NG5KyH2Vtg/RQT4JFNEjGfotdnN9XscwitUUzwxvxB9bpVeAic+ESBoNc095AdAF
lGFydE/E5k5YG6/c5WkMI4MW646fjpx27pVnrcjy+TJYbCH0oNf6N8kd1MAGwBQ6
c0pSkDyYqxIQbbH96LmE1ksTF6i3fYB8JwIuApBMxX2EZEnxXBVdJB737mZTEdL1
ZvAbF4d5U6fxFhPfPz2oUadweinbzHx524ZwksIugM9ewva+om3JJ1pLg2bxpV41
eIYjAkAxJJppo/k/Lb5bfp8CEEohP/1ghch9w1D0aWLis6hM5a9NM85wzytNTa7+
mYvnLryxpW749IDH2zhn
-----END CERTIFICATE-----
Generated at Sun Oct 19 14:41:41 2025 by rpki-client