Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/O8qEciVBjDooFokDnHqAMc9PpWM.roa
File: O8qEciVBjDooFokDnHqAMc9PpWM.roa (raw, json)
Hash identifier: RGa2nLDp0/bHbVbOkr73dwyquGWNJsV+DHv7xfkWAwg=
Subject key identifier: 3B:CA:84:72:25:41:8C:3A:28:16:89:03:9C:7A:80:31:CF:4F:A5:63
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 0199AB06E84DE791F3D3FC20BED8D27156CA
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/O8qEciVBjDooFokDnHqAMc9PpWM.roa
Signing time: Fri 03 Oct 2025 17:03:00 +0000
ROA not before: Fri 03 Oct 2025 17:03:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.174.0/23 maxlen: 23
85.158.108.0/24 maxlen: 24
85.158.109.0/24 maxlen: 24
85.158.110.0/24 maxlen: 24
89.44.80.0/24 maxlen: 24
89.150.40.0/24 maxlen: 24
89.150.45.0/24 maxlen: 24
89.150.48.0/24 maxlen: 24
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
91.220.8.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.221.222.0/24 maxlen: 24
185.221.223.0/24 maxlen: 24
185.223.57.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
185.253.116.0/24 maxlen: 24
185.253.117.0/24 maxlen: 24
185.253.118.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
193.111.208.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
2a01:8640:15::/48 maxlen: 48
2a01:8640:17::/48 maxlen: 48
2a01:8640:18::/48 maxlen: 48
2a01:8640:1a::/48 maxlen: 48
2a01:8640:1b::/48 maxlen: 48
2a01:8640:1c::/48 maxlen: 48
2a01:8640:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ab:06:e8:4d:e7:91:f3:d3:fc:20:be:d8:d2:71:56:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Oct 3 17:03:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bca847225418c3a281689039c7a8031cf4fa563
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e8:5f:b8:f8:da:24:eb:08:d5:a0:f7:ef:90:
3d:8a:4e:10:14:a2:6d:1a:d1:d8:45:3e:f4:29:b1:
bf:19:9f:32:35:66:46:8b:3b:9c:6e:db:bd:ce:36:
92:51:03:91:ed:3d:66:1a:ad:25:11:4c:a7:a8:5d:
68:97:f7:e6:24:b1:d5:30:5e:83:06:b6:9d:0e:33:
53:20:b8:70:08:95:2c:8d:db:a1:98:0d:df:2e:3c:
98:33:a2:0c:ed:6a:e6:79:0b:52:bf:8c:6a:16:21:
4f:fd:fa:87:31:eb:6f:6b:3e:ae:87:fb:4f:38:b6:
08:ef:0b:f2:a6:58:9f:90:5a:d2:59:0d:d9:86:b8:
77:8e:24:09:d0:59:fd:ff:ea:17:b5:94:a6:e1:90:
26:85:26:db:11:71:dd:a6:d3:f9:80:dc:7e:29:78:
0c:c7:ae:bf:6f:ac:0f:d7:1b:3d:ba:2e:ec:6a:61:
5e:4d:75:40:4d:84:85:8d:38:95:a7:d4:67:1b:b3:
a8:40:04:03:77:4f:18:88:da:6a:bf:9a:99:63:f5:
a8:9d:66:f5:05:10:b7:fd:55:62:d9:b2:00:48:71:
a0:5a:f4:d2:44:2f:9b:b4:5b:29:9c:b6:86:83:cb:
74:1b:c3:86:6d:f7:3d:02:bc:cb:83:43:bd:e7:1a:
a1:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:CA:84:72:25:41:8C:3A:28:16:89:03:9C:7A:80:31:CF:4F:A5:63
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/O8qEciVBjDooFokDnHqAMc9PpWM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.174.0/23
85.158.108.0-85.158.110.255
89.44.80.0/24
89.150.40.0/24
89.150.45.0/24
89.150.48.0/24
89.150.57.0/24
91.193.18.0/24
91.220.8.0/24
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.221.222.0/23
185.223.57.0/24
185.235.137.0-185.235.138.255
185.253.116.0-185.253.118.255
193.42.36.0/24
193.42.39.0/24
193.111.208.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:15:ffff:ffff:ffff:ffff:ffff
2a01:8640:17::-2a01:8640:18:ffff:ffff:ffff:ffff:ffff
2a01:8640:1a::-2a01:8640:1d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
71:3b:e9:13:17:e6:97:36:3a:30:56:40:a3:bf:b2:b1:af:1c:
ca:50:27:e2:5c:f4:07:a5:c5:94:a8:55:29:95:3a:4a:b4:96:
ca:0a:c2:57:42:1c:f4:67:9d:7f:f6:06:dd:7d:8e:d7:63:39:
ce:9c:ca:05:cf:32:4a:ae:16:74:da:cd:47:c0:61:c6:13:11:
11:6b:0e:f2:73:cf:c4:21:b6:16:a8:f3:17:42:2e:df:91:12:
45:8c:ef:26:69:80:76:d2:9e:68:72:0b:d8:e5:34:b8:96:33:
0f:49:b6:ed:71:f5:66:1e:38:70:45:b8:c6:be:09:4c:8f:f0:
b2:bb:ac:3a:21:ae:e8:a5:16:2b:37:a6:61:f2:04:da:47:04:
9a:69:6b:9c:36:50:30:95:a6:90:63:b3:72:99:9e:79:33:b4:
a7:97:ef:b7:22:de:47:50:57:a8:f8:a1:4d:0b:c8:0d:9e:64:
60:86:e8:cf:d1:98:33:25:22:7e:63:1d:34:3d:0b:f6:8c:4d:
a3:7a:b6:b2:38:4f:5b:f6:ec:ca:90:84:bc:e7:c0:43:35:10:
47:53:00:f2:a5:53:69:07:78:c8:fb:a2:06:ae:66:7d:bf:3c:
c0:03:9c:27:97:4c:55:69:00:6f:ca:2b:f0:7c:1e:c6:05:60:
4c:f8:92:73
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgISAZmrBuhN55Hz0/wgvtjScVbKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjUxMDAzMTcwMzAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmNhODQ3MjI1NDE4YzNhMjgxNjg5MDM5YzdhODAzMWNmNGZhNTYzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+hfuPjaJOsI1aD375A9ik4QFKJt
GtHYRT70KbG/GZ8yNWZGizucbtu9zjaSUQOR7T1mGq0lEUynqF1ol/fmJLHVMF6D
BradDjNTILhwCJUsjduhmA3fLjyYM6IM7WrmeQtSv4xqFiFP/fqHMetvaz6uh/tP
OLYI7wvyplifkFrSWQ3Zhrh3jiQJ0Fn9/+oXtZSm4ZAmhSbbEXHdptP5gNx+KXgM
x66/b6wP1xs9ui7samFeTXVATYSFjTiVp9RnG7OoQAQDd08YiNpqv5qZY/WonWb1
BRC3/VVi2bIASHGgWvTSRC+btFspnLaGg8t0G8OGbfc9ArzLg0O95xqh+wIDAQAB
o4IDXTCCA1kwHQYDVR0OBBYEFDvKhHIlQYw6KBaJA5x6gDHPT6VjMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEvTzhxRWNpVkJqRG9vRm9rRG5IcUFNYzlQcFdNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcQYIKwYBBQUHAQcBAf8EggFgMIIBXDCB3QQCAAEwgdYD
BAEFlfgDBAEFlf4wDAMEAk1TxAMEAE1TxgMEAU+NpAMEAU+NrjAMAwQCVZ5sAwQA
VZ5uAwQAWSxQAwQAWZYoAwQAWZYtAwQAWZYwAwQAWZY5AwQAW8ESAwQAW9wIAwQA
uShWAwQCuVA0AwQBuVFyMAwDBAa5aMADBAC5aMIDBAK5dVgDBAC5e2YDBAC5roUD
BAC5rocDBAG53d4DBAC53zkwDAMEALnriQMEALnrijAMAwQCuf10AwQAuf12AwQA
wSokAwQAwSonAwQAwW/QAwQAw1+bMHoEAgACMHQDBwAqAYZAAAADBwAqAYZAAAID
BwAqAYZAAAYwEgMHACoBhkAACQMHACoBhkAACgMHACoBhkAADzASAwcAKgGGQAAR
AwcBKgGGQAAUMBIDBwAqAYZAABcDBwAqAYZAABgwEgMHASoBhkAAGgMHASoBhkAA
HDANBgkqhkiG9w0BAQsFAAOCAQEAcTvpExfmlzY6MFZAo7+ysa8cylAn4lz0B6XF
lKhVKZU6SrSWygrCV0Ic9Gedf/YG3X2O12M5zpzKBc8ySq4WdNrNR8BhxhMREWsO
8nPPxCG2FqjzF0Iu35ESRYzvJmmAdtKeaHIL2OU0uJYzD0m27XH1Zh44cEW4xr4J
TI/wsrusOiGu6KUWKzemYfIE2kcEmmlrnDZQMJWmkGOzcpmeeTO0p5fvtyLeR1BX
qPihTQvIDZ5kYIboz9GYMyUifmMdND0L9oxNo3q2sjhPW/bsypCEvOfAQzUQR1MA
8qVTaQd4yPuiBq5mfb88wAOcJ5dMVWkAb8or8HwexgVgTPiScw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:50 2025 by rpki-client