Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/CnBdxPcv8KTrt5XMCJCPewVSZRg.roa
File: CnBdxPcv8KTrt5XMCJCPewVSZRg.roa (raw, json)
Hash identifier: HTGJ4pleXKotSI8qqw3gOs/mMqVAW43VM+27Wir5axs=
Subject key identifier: 0A:70:5D:C4:F7:2F:F0:A4:EB:B7:95:CC:08:90:8F:7B:05:52:65:18
Certificate issuer: /CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Certificate serial: 01998667870D6FE4A5D92F87C0DB9DD0C8EE
Authority key identifier: 6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/CnBdxPcv8KTrt5XMCJCPewVSZRg.roa
Signing time: Fri 26 Sep 2025 14:22:35 +0000
ROA not before: Fri 26 Sep 2025 14:22:35 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198193
IP address blocks: 31.214.155.0/24 maxlen: 24
37.252.98.0/24 maxlen: 24
37.252.100.0/24 maxlen: 24
37.252.101.0/24 maxlen: 24
46.253.139.0/24 maxlen: 24
89.32.64.0/24 maxlen: 24
89.32.65.0/24 maxlen: 24
89.32.66.0/24 maxlen: 24
89.32.67.0/24 maxlen: 24
158.255.239.0/24 maxlen: 24
162.33.200.0/22 maxlen: 22
162.33.204.0/22 maxlen: 22
162.33.204.0/24 maxlen: 24
162.33.205.0/24 maxlen: 24
162.33.206.0/24 maxlen: 24
162.33.207.0/24 maxlen: 24
185.66.172.0/24 maxlen: 24
185.66.174.0/24 maxlen: 24
185.75.22.0/23 maxlen: 23
185.86.208.0/23 maxlen: 23
185.88.202.0/23 maxlen: 23
185.206.121.0/24 maxlen: 24
185.212.114.0/24 maxlen: 24
185.225.8.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.mft
rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:86:67:87:0d:6f:e4:a5:d9:2f:87:c0:db:9d:d0:c8:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6bc5de7d7255b7d58260c65a120b164ef10ef903
Validity
Not Before: Sep 26 14:22:35 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a705dc4f72ff0a4ebb795cc08908f7b05526518
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:1d:94:67:5e:4b:c1:ab:5f:9d:ea:be:ae:f7:
af:60:8b:11:3b:71:0c:7c:cd:59:5e:66:f2:42:9e:
94:e1:dc:af:8c:4b:af:d4:f2:5f:64:8c:10:84:f6:
af:d4:ea:0c:f3:0c:c5:19:d4:ef:62:0a:3d:3b:06:
ea:f8:67:70:b8:7d:1f:4d:46:c6:35:51:4e:ff:40:
a0:8a:da:91:1e:c9:ed:74:db:bc:e6:05:76:91:e2:
7d:47:86:8b:12:d9:96:69:87:69:ee:a3:83:f0:06:
b2:61:f7:70:1a:77:36:fe:31:b8:14:45:5b:1f:c8:
0f:17:f6:6e:78:c3:29:78:da:4b:bb:4c:a0:69:15:
e7:34:42:f5:4b:8a:c6:0a:a5:24:68:ad:98:25:04:
a6:6b:ca:56:d2:7b:25:92:7e:a8:95:18:e4:ef:a5:
24:53:28:7e:d0:62:04:24:5d:1d:5a:29:b4:27:c6:
1d:11:7b:a6:a9:7b:a2:2f:e2:e7:e5:c0:36:f7:50:
4d:75:71:aa:dd:0c:e1:de:11:f4:35:c8:d9:12:5b:
ce:ad:16:3d:b4:df:b1:67:e4:43:0f:ee:26:df:f2:
2a:77:aa:ca:37:57:86:2d:1f:b4:56:68:d3:b6:ed:
6d:6b:44:75:97:d7:84:13:61:4b:7d:ce:f3:39:49:
f5:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:70:5D:C4:F7:2F:F0:A4:EB:B7:95:CC:08:90:8F:7B:05:52:65:18
X509v3 Authority Key Identifier:
keyid:6B:C5:DE:7D:72:55:B7:D5:82:60:C6:5A:12:0B:16:4E:F1:0E:F9:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/a8XefXJVt9WCYMZaEgsWTvEO-QM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/CnBdxPcv8KTrt5XMCJCPewVSZRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bb/32109e-24c9-4c88-a8e8-fdf6638d2c04/1/a8XefXJVt9WCYMZaEgsWTvEO-QM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.214.155.0/24
37.252.98.0/24
37.252.100.0/23
46.253.139.0/24
89.32.64.0/22
158.255.239.0/24
162.33.200.0/21
185.66.172.0/24
185.66.174.0/24
185.75.22.0/23
185.86.208.0/23
185.88.202.0/23
185.206.121.0/24
185.212.114.0/24
185.225.8.0/24
Signature Algorithm: sha256WithRSAEncryption
5e:61:a2:82:bd:a8:8e:2b:da:ce:04:61:d0:4a:ff:52:98:a5:
f5:8a:a3:0f:c6:dd:ab:95:9a:13:1b:da:9c:9f:62:f6:e2:9c:
53:31:5c:8f:e6:6d:4a:56:ad:e4:de:12:36:00:a9:5a:b1:e6:
d7:d3:dc:4c:ec:8a:cc:27:8b:e1:5e:3a:4e:3e:96:8e:04:7b:
2c:f9:16:0b:97:cb:8e:65:4f:6d:e2:88:86:e7:81:ba:6c:c7:
46:19:54:01:6e:3f:fa:24:a5:42:32:1b:96:c0:c7:ac:1c:8e:
1d:a9:83:be:45:70:ea:1a:bd:54:71:fe:a2:75:07:19:fd:65:
3d:cc:5c:a0:b0:db:20:d4:1f:90:bd:b4:3e:d3:25:94:7f:da:
56:55:50:f9:4c:17:d1:93:59:62:1a:ab:c8:a6:80:08:37:2c:
d0:60:6d:8c:b3:10:0c:99:ba:59:20:ec:c2:1c:f3:fe:fd:b6:
8d:77:cc:23:da:55:16:9d:d5:83:6d:dc:b4:5e:e6:11:6a:8f:
26:e6:19:dc:7c:fa:c0:53:6e:49:10:b1:e9:d1:81:47:eb:65:
91:03:a2:f6:ba:d4:bc:87:2f:31:d3:be:c9:1a:4c:1e:72:46:
17:da:12:41:a1:94:6f:d0:29:f3:80:c4:c8:b7:69:40:54:bc:
48:5c:2a:8e
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZmGZ4cNb+Sl2S+HwNud0MjuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiYzVkZTdkNzI1NWI3ZDU4MjYwYzY1YTEyMGIxNjRlZjEw
ZWY5MDMwHhcNMjUwOTI2MTQyMjM1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTcwNWRjNGY3MmZmMGE0ZWJiNzk1Y2MwODkwOGY3YjA1NTI2NTE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvB2UZ15Lwatfneq+rvevYIsRO3EM
fM1ZXmbyQp6U4dyvjEuv1PJfZIwQhPav1OoM8wzFGdTvYgo9Owbq+GdwuH0fTUbG
NVFO/0CgitqRHsntdNu85gV2keJ9R4aLEtmWaYdp7qOD8AayYfdwGnc2/jG4FEVb
H8gPF/ZueMMpeNpLu0ygaRXnNEL1S4rGCqUkaK2YJQSma8pW0nslkn6olRjk76Uk
Uyh+0GIEJF0dWim0J8YdEXumqXuiL+Ln5cA291BNdXGq3Qzh3hH0NcjZElvOrRY9
tN+xZ+RDD+4m3/Iqd6rKN1eGLR+0VmjTtu1ta0R1l9eEE2FLfc7zOUn1NwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFApwXcT3L/Ck67eVzAiQj3sFUmUYMB8GA1UdIwQY
MBaAFGvF3n1yVbfVgmDGWhILFk7xDvkDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgt
ZmRmNjYzOGQyYzA0LzEvQ25CZHhQY3Y4S1RydDVYTUNKQ1Bld1ZTWlJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYi8zMjEwOWUtMjRjOS00Yzg4LWE4ZTgtZmRmNjYzOGQyYzA0
LzEvYThYZWZYSlZ0OVdDWU1aYUVnc1dUdkVPLVFNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQAH9abAwQA
JfxiAwQBJfxkAwQALv2LAwQCWSBAAwQAnv/vAwQDoiHIAwQAuUKsAwQAuUKuAwQB
uUsWAwQBuVbQAwQBuVjKAwQAuc55AwQAudRyAwQAueEIMA0GCSqGSIb3DQEBCwUA
A4IBAQBeYaKCvaiOK9rOBGHQSv9SmKX1iqMPxt2rlZoTG9qcn2L24pxTMVyP5m1K
Vq3k3hI2AKlasebX09xM7IrMJ4vhXjpOPpaOBHss+RYLl8uOZU9t4oiG54G6bMdG
GVQBbj/6JKVCMhuWwMesHI4dqYO+RXDqGr1Ucf6idQcZ/WU9zFygsNsg1B+QvbQ+
0yWUf9pWVVD5TBfRk1liGqvIpoAINyzQYG2MsxAMmbpZIOzCHPP+/baNd8wj2lUW
ndWDbdy0XuYRao8m5hncfPrAU25JELHp0YFH62WRA6L2utS8hy8x077JGkweckYX
2hJBoZRv0CnzgMTIt2lAVLxIXCqO
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:23:00 2025 by rpki-client