Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6X_azjUCowht92Zwn9TjsJyCJMY.roa
File: 6X_azjUCowht92Zwn9TjsJyCJMY.roa (raw, json)
Hash identifier: WTfIxq7Gq9hE4i160D7m7hxcHWcEuqUC8ymhLhoENZU=
Subject key identifier: E9:7F:DA:CE:35:02:A3:08:6D:F7:66:70:9F:D4:E3:B0:9C:82:24:C6
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0199F82BB99D09C3024B19CDD47980FCB028
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6X_azjUCowht92Zwn9TjsJyCJMY.roa
Signing time: Sat 18 Oct 2025 16:33:59 +0000
ROA not before: Sat 18 Oct 2025 16:33:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
103.210.13.0/24 maxlen: 24
103.210.14.0/24 maxlen: 24
103.210.15.0/24 maxlen: 24
103.216.198.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.92.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f8:2b:b9:9d:09:c3:02:4b:19:cd:d4:79:80:fc:b0:28
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Oct 18 16:33:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e97fdace3502a3086df766709fd4e3b09c8224c6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3f:8e:4b:60:8c:93:a1:6d:ac:04:76:03:69:
93:aa:70:fd:fe:a4:c9:15:b6:f0:e1:d9:83:c3:c9:
96:ea:6c:3f:4b:e8:86:73:19:e0:9a:9f:4d:c9:a3:
66:57:a7:7d:fe:b9:78:fb:e6:fd:cb:e0:98:c3:90:
53:0d:8d:d9:cd:8f:3c:05:52:a7:7a:c3:9b:db:21:
ee:3f:e2:ab:f8:48:aa:2b:4f:73:b3:72:51:42:58:
98:88:2b:10:ca:2c:4c:62:38:8d:ec:53:d0:86:4e:
bb:37:0d:a3:85:b5:d4:2e:f1:50:b1:44:67:70:c8:
71:4f:c1:92:61:3a:27:87:35:be:64:93:5d:df:c5:
7f:12:f1:d8:6b:27:e6:ab:32:69:8f:32:c9:2d:69:
e6:50:b2:ea:20:ab:5f:7d:c9:7e:ba:a2:f1:fa:82:
0c:6e:86:8d:6c:f7:07:19:97:3c:23:b0:58:89:c0:
b5:ba:bf:4b:03:9a:85:1f:c0:40:02:84:3b:9e:82:
19:e0:90:d0:da:b9:9a:75:0c:5a:a4:a6:74:ff:06:
60:e9:53:03:6e:05:8d:c0:ba:fb:91:cc:92:1e:e9:
6d:dd:8b:fa:b2:75:8b:0f:df:5f:bd:c0:cf:7c:b8:
e4:ed:5a:dd:f9:a6:35:c5:8e:a2:96:5f:f1:8a:4e:
63:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E9:7F:DA:CE:35:02:A3:08:6D:F7:66:70:9F:D4:E3:B0:9C:82:24:C6
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/6X_azjUCowht92Zwn9TjsJyCJMY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
103.130.176.0/23
103.210.13.0-103.210.15.255
103.216.198.0/24
104.232.36.0/24
147.78.207.0/24
162.218.92.0/24
185.52.139.0/24
185.161.190.0/24
185.187.214.0/23
185.201.42.0/24
185.208.152.0/23
185.230.121.0/24
185.253.120.0/23
212.60.13.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:8::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
89:8d:71:2f:89:12:ea:92:00:64:37:55:36:d6:57:54:36:99:
34:c3:6b:49:24:a2:82:8c:c0:d8:10:35:c6:db:a5:a1:c8:f5:
d2:8d:2f:35:fa:43:84:19:b4:fb:c4:a4:9d:e9:16:94:65:d6:
41:94:5b:44:c9:15:94:c7:64:14:c7:4c:ff:24:0a:ab:c0:69:
6f:22:f3:da:5c:ca:72:bf:af:6c:26:8a:d9:84:0f:e1:6c:32:
b5:18:c7:57:a8:cc:f0:9f:79:61:37:75:9d:a7:4b:b1:9f:74:
a3:f2:d4:bc:a7:d6:12:bb:ac:0f:f6:07:b7:31:70:7d:ee:87:
eb:69:99:bd:4d:cd:2c:7d:c3:d7:4e:83:61:8c:7a:fa:05:b1:
a5:f3:fa:02:7a:56:8c:a9:cf:7d:0a:a0:90:9e:d0:dd:65:24:
a5:10:61:7f:ef:18:ca:ee:9d:c5:25:94:eb:db:90:04:0b:a1:
70:8c:6e:f0:a0:14:01:22:ef:d0:b8:ae:e9:c2:a2:65:c2:3c:
6f:ff:ea:3a:ae:fb:f9:db:f5:19:dd:38:77:c3:d5:58:b4:6c:
d3:64:52:f3:64:68:4e:16:14:88:a0:02:f3:68:f0:cf:c2:7b:
af:cb:85:30:b1:21:47:f4:da:d0:ab:2a:ac:4d:85:e6:52:1f:
11:ac:9d:33
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZn4K7mdCcMCSxnN1HmA/LAoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUxMDE4MTYzMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOTdmZGFjZTM1MDJhMzA4NmRmNzY2NzA5ZmQ0ZTNiMDljODIyNGM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwj+OS2CMk6FtrAR2A2mTqnD9/qTJ
Fbbw4dmDw8mW6mw/S+iGcxngmp9NyaNmV6d9/rl4++b9y+CYw5BTDY3ZzY88BVKn
esOb2yHuP+Kr+EiqK09zs3JRQliYiCsQyixMYjiN7FPQhk67Nw2jhbXULvFQsURn
cMhxT8GSYTonhzW+ZJNd38V/EvHYayfmqzJpjzLJLWnmULLqIKtffcl+uqLx+oIM
boaNbPcHGZc8I7BYicC1ur9LA5qFH8BAAoQ7noIZ4JDQ2rmadQxapKZ0/wZg6VMD
bgWNwLr7kcySHult3Yv6snWLD99fvcDPfLjk7Vrd+aY1xY6ill/xik5joQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFOl/2s41AqMIbfdmcJ/U47CcgiTGMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNlhfYXpqVUNvd2h0OTJad245VGpzSnlDSk1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBgAQCAAEwegMEAAW2
uQMEAQW2xAMEAE9itwMEAFz5HQMEAF6aqwMEAWeCsDAMAwQAZ9INAwQEZ9IAAwQA
Z9jGAwQAaOgkAwQAk07PAwQAotpcAwQAuTSLAwQAuaG+AwQBubvWAwQAuckqAwQB
udCYAwQAueZ5AwQBuf14AwQA1DwNMCwEAgACMCYDBwAqCo9AAAMwEgMHAyoKj0AA
CAMHACoKj0AADAMHACoKj0AAHDANBgkqhkiG9w0BAQsFAAOCAQEAiY1xL4kS6pIA
ZDdVNtZXVDaZNMNrSSSigozA2BA1xtulocj10o0vNfpDhBm0+8SknekWlGXWQZRb
RMkVlMdkFMdM/yQKq8BpbyLz2lzKcr+vbCaK2YQP4WwytRjHV6jM8J95YTd1nadL
sZ90o/LUvKfWErusD/YHtzFwfe6H62mZvU3NLH3D106DYYx6+gWxpfP6AnpWjKnP
fQqgkJ7Q3WUkpRBhf+8Yyu6dxSWU69uQBAuhcIxu8KAUASLv0Liu6cKiZcI8b//q
Oq77+dv1Gd04d8PVWLRs02RS82RoThYUiKAC82jwz8J7r8uFMLEhR/Ta0KsqrE2F
5lIfEaydMw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:01 2025 by rpki-client