
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b9/5fcaea-2f14-4d4d-b55d-c8d84985bbd9/1/P3iaocB1zo3XgrwcxpGxPusAZdY.roa
File: P3iaocB1zo3XgrwcxpGxPusAZdY.roa (raw, json)
Hash identifier: 29dj862Am2pikrvIffloXuXMoWnAHSaQPfQpO37ynfQ=
Subject key identifier: 3F:78:9A:A1:C0:75:CE:8D:D7:82:BC:1C:C6:91:B1:3E:EB:00:65:D6
Certificate issuer: /CN=d302706f3dde2bb12e2ba911a9be05c8d4978c86
Certificate serial: 01993870522033F5F08050C1C5664C330282
Authority key identifier: D3:02:70:6F:3D:DE:2B:B1:2E:2B:A9:11:A9:BE:05:C8:D4:97:8C:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0wJwbz3eK7EuK6kRqb4FyNSXjIY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b9/5fcaea-2f14-4d4d-b55d-c8d84985bbd9/1/P3iaocB1zo3XgrwcxpGxPusAZdY.roa
Signing time: Thu 11 Sep 2025 11:01:49 +0000
ROA not before: Thu 11 Sep 2025 11:01:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205695
IP address blocks: 89.40.29.0/24 maxlen: 24
185.46.238.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b9/5fcaea-2f14-4d4d-b55d-c8d84985bbd9/1/0wJwbz3eK7EuK6kRqb4FyNSXjIY.crl
rsync://rpki.ripe.net/repository/DEFAULT/b9/5fcaea-2f14-4d4d-b55d-c8d84985bbd9/1/0wJwbz3eK7EuK6kRqb4FyNSXjIY.mft
rsync://rpki.ripe.net/repository/DEFAULT/0wJwbz3eK7EuK6kRqb4FyNSXjIY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:70:52:20:33:f5:f0:80:50:c1:c5:66:4c:33:02:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d302706f3dde2bb12e2ba911a9be05c8d4978c86
Validity
Not Before: Sep 11 11:01:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f789aa1c075ce8dd782bc1cc691b13eeb0065d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:67:e6:a2:59:0c:45:ff:f2:4b:65:8c:0b:d6:
e6:d4:23:2a:0f:76:a1:cb:9f:7c:46:b7:57:6d:15:
23:94:7f:cf:c5:a7:6b:8f:3a:24:2f:ba:de:20:6a:
74:49:1e:19:15:66:75:27:8a:41:6c:f8:b3:24:d5:
14:fc:63:75:a7:fe:0e:e0:ca:90:e7:fb:1d:7f:8b:
57:bf:3e:52:a9:65:f6:57:22:cd:86:3e:f3:d5:89:
29:9a:11:49:46:72:24:19:59:34:63:b6:af:36:eb:
bc:c4:68:01:b9:81:46:43:76:85:16:99:90:67:e9:
a0:a0:61:a0:95:00:10:d3:f2:04:fc:51:12:16:16:
ba:15:42:e1:e3:0e:82:fe:e6:81:be:af:3e:21:7f:
10:a9:3a:4e:ad:7c:f2:c9:a0:44:0d:64:e9:22:46:
8c:18:09:56:27:d8:af:40:71:03:89:db:c0:b2:84:
99:9e:b0:f6:e1:2e:9c:de:11:02:9d:b1:a0:a2:6d:
79:dd:88:3e:85:cf:27:0a:fe:7c:b4:95:ba:ee:d0:
80:d9:ef:e3:03:bb:53:ca:27:f4:f5:8b:86:72:e6:
ec:ff:85:35:ab:8f:a7:11:3a:9d:ff:89:f0:35:8a:
20:46:24:0a:e5:78:24:7a:49:9a:08:1a:b1:33:b5:
39:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:78:9A:A1:C0:75:CE:8D:D7:82:BC:1C:C6:91:B1:3E:EB:00:65:D6
X509v3 Authority Key Identifier:
keyid:D3:02:70:6F:3D:DE:2B:B1:2E:2B:A9:11:A9:BE:05:C8:D4:97:8C:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0wJwbz3eK7EuK6kRqb4FyNSXjIY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5fcaea-2f14-4d4d-b55d-c8d84985bbd9/1/P3iaocB1zo3XgrwcxpGxPusAZdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b9/5fcaea-2f14-4d4d-b55d-c8d84985bbd9/1/0wJwbz3eK7EuK6kRqb4FyNSXjIY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.40.29.0/24
185.46.238.0/24
Signature Algorithm: sha256WithRSAEncryption
62:d9:0f:1a:d9:d7:03:df:48:64:9c:16:35:c3:f3:49:da:3a:
bd:3a:88:32:ae:e4:96:bd:ed:0a:6f:92:7b:92:b0:ea:0d:31:
ad:a9:32:59:3a:b4:3a:e4:59:a7:99:66:09:e5:bb:e6:3e:7c:
bc:4d:3d:77:2a:14:c9:ed:bf:d1:79:35:64:2d:ed:e4:f3:d7:
37:4d:22:61:34:05:80:ca:c1:02:f2:e3:3c:bb:ca:11:b5:dc:
26:c2:4c:e2:06:14:e9:5e:7e:9a:a2:44:23:1f:ef:f6:d9:52:
74:e2:3a:d8:24:25:36:54:72:38:30:57:e6:04:9d:8d:4c:c5:
1d:10:eb:5f:d5:9c:ae:dd:e1:04:a3:b9:48:43:e6:22:71:cd:
a9:a3:fc:a5:ca:37:58:d3:d0:cd:00:e8:8f:7d:c1:de:cd:6e:
5a:74:7c:83:0c:c0:8a:7c:b8:e0:aa:af:f9:76:99:8a:d5:2e:
ad:74:01:a7:58:07:00:58:e4:d1:88:be:e8:5a:e3:97:a1:8d:
3c:42:f0:81:b7:c1:8b:97:d1:2d:38:48:9e:b1:16:5e:b1:d4:
06:e0:0d:cd:2b:19:d6:83:ee:64:fe:4b:4f:98:df:5c:33:bb:
20:f6:d5:04:ab:f2:61:07:fe:15:ca:6c:c0:8b:45:55:1c:25:
a2:15:30:6d
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZk4cFIgM/XwgFDBxWZMMwKCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzMDI3MDZmM2RkZTJiYjEyZTJiYTkxMWE5YmUwNWM4ZDQ5
NzhjODYwHhcNMjUwOTExMTEwMTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjc4OWFhMWMwNzVjZThkZDc4MmJjMWNjNjkxYjEzZWViMDA2NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0WfmolkMRf/yS2WMC9bm1CMqD3ah
y598RrdXbRUjlH/PxadrjzokL7reIGp0SR4ZFWZ1J4pBbPizJNUU/GN1p/4O4MqQ
5/sdf4tXvz5SqWX2VyLNhj7z1YkpmhFJRnIkGVk0Y7avNuu8xGgBuYFGQ3aFFpmQ
Z+mgoGGglQAQ0/IE/FESFha6FULh4w6C/uaBvq8+IX8QqTpOrXzyyaBEDWTpIkaM
GAlWJ9ivQHEDidvAsoSZnrD24S6c3hECnbGgom153Yg+hc8nCv58tJW67tCA2e/j
A7tTyif09YuGcubs/4U1q4+nETqd/4nwNYogRiQK5XgkekmaCBqxM7U5oQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFD94mqHAdc6N14K8HMaRsT7rAGXWMB8GA1UdIwQY
MBaAFNMCcG893iuxLiupEam+BcjUl4yGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMHdKd2J6M2VLN0V1SzZrUnFiNEZ5TlNYaklZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOS81ZmNhZWEtMmYxNC00ZDRkLWI1NWQt
YzhkODQ5ODViYmQ5LzEvUDNpYW9jQjF6bzNYZ3J3Y3hwR3hQdXNBWmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOS81ZmNhZWEtMmYxNC00ZDRkLWI1NWQtYzhkODQ5ODViYmQ5
LzEvMHdKd2J6M2VLN0V1SzZrUnFiNEZ5TlNYaklZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSgdAwQA
uS7uMA0GCSqGSIb3DQEBCwUAA4IBAQBi2Q8a2dcD30hknBY1w/NJ2jq9OogyruSW
ve0Kb5J7krDqDTGtqTJZOrQ65FmnmWYJ5bvmPny8TT13KhTJ7b/ReTVkLe3k89c3
TSJhNAWAysEC8uM8u8oRtdwmwkziBhTpXn6aokQjH+/22VJ04jrYJCU2VHI4MFfm
BJ2NTMUdEOtf1Zyu3eEEo7lIQ+Yicc2po/ylyjdY09DNAOiPfcHezW5adHyDDMCK
fLjgqq/5dpmK1S6tdAGnWAcAWOTRiL7oWuOXoY08QvCBt8GLl9EtOEiesRZesdQG
4A3NKxnWg+5k/ktPmN9cM7sg9tUEq/JhB/4VymzAi0VVHCWiFTBt
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:29 2025 by rpki-client