Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/bDbEU-n8q6DljyAoCb2HG5IpwAM.roa
File: bDbEU-n8q6DljyAoCb2HG5IpwAM.roa (raw, json)
Hash identifier: eRAv8rRBi2xmtRMeoh59gG1sQ1a+pnNx2m0jnwKDhWQ=
Subject key identifier: 6C:36:C4:53:E9:FC:AB:A0:E5:8F:20:28:09:BD:87:1B:92:29:C0:03
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0199BEFEFF3FFAC8A50D89726985CC9879E3
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/bDbEU-n8q6DljyAoCb2HG5IpwAM.roa
Signing time: Tue 07 Oct 2025 14:06:46 +0000
ROA not before: Tue 07 Oct 2025 14:06:46 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/21 maxlen: 21
77.92.72.0/22 maxlen: 22
77.92.76.0/23 maxlen: 23
77.92.78.0/23 maxlen: 23
77.92.80.0/20 maxlen: 20
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 18
83.170.69.0/24 maxlen: 24
83.170.124.0/24 maxlen: 24
88.202.176.0/23 maxlen: 23
88.202.177.0/24 maxlen: 24
88.202.178.0/24 maxlen: 24
88.202.179.0/24 maxlen: 24
88.202.180.0/22 maxlen: 22
88.202.184.0/24 maxlen: 24
88.202.185.0/24 maxlen: 24
88.202.186.0/23 maxlen: 23
88.202.188.0/22 maxlen: 22
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 21
109.123.64.0/19 maxlen: 24
109.123.96.0/20 maxlen: 24
109.123.112.0/20 maxlen: 20
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/47 maxlen: 47
2a02:2498:4::/48 maxlen: 48
2a02:2498:5::/48 maxlen: 48
2a02:2498:16::/48 maxlen: 48
2a02:2498:1000::/36 maxlen: 36
2a02:2498:257b::/48 maxlen: 48
2a02:2498:53aa::/48 maxlen: 48
2a02:2498:6d7b::/48 maxlen: 48
2a02:2498:8000::/36 maxlen: 36
2a02:2498:9000::/36 maxlen: 36
2a02:2498:a000::/36 maxlen: 36
2a02:2498:b000::/36 maxlen: 36
2a02:2498:e000::/36 maxlen: 36
2a02:2498:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 14:01:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:fe:ff:3f:fa:c8:a5:0d:89:72:69:85:cc:98:79:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Oct 7 14:06:46 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6c36c453e9fcaba0e58f202809bd871b9229c003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:5a:37:f9:d3:95:67:f6:54:b0:7d:05:a9:42:
7c:97:3c:47:5d:a2:27:66:f3:87:b5:83:e5:0b:44:
8c:ec:e9:a7:44:93:fd:e0:f4:a5:a5:03:1f:08:00:
71:f9:39:54:ca:e1:18:50:df:a2:d6:ff:f2:ce:0d:
d7:e5:0d:e1:6f:01:3c:fc:c1:16:1d:9f:06:a9:8f:
72:00:9e:e2:80:40:f2:28:92:ff:a4:ad:cf:97:a2:
43:81:c7:58:13:66:23:f0:1d:75:f2:dc:c4:e5:66:
55:c7:22:dd:b3:e1:61:94:06:2a:05:bb:63:6b:d5:
17:75:64:7e:a9:11:cf:30:c5:71:34:e9:03:c8:bb:
e8:6d:8a:23:f7:04:a2:a5:69:a6:cc:81:a1:71:c1:
06:93:ed:5c:ed:4b:9c:98:42:f5:41:5b:31:5e:d7:
8d:ed:2d:63:00:cc:c8:19:be:3b:13:72:a5:9c:40:
34:57:c4:38:2d:9c:0a:89:73:48:40:ae:1c:53:dc:
6c:be:a9:8e:fb:98:89:18:00:d8:04:8f:0b:3d:9c:
70:a1:44:10:34:dc:81:82:cc:7b:e3:d6:7d:27:c2:
b9:c9:b0:56:cd:57:3f:37:63:65:94:5e:96:4a:1c:
73:97:b0:e6:0b:aa:e6:e9:ec:45:96:2b:e2:9e:57:
66:eb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:36:C4:53:E9:FC:AB:A0:E5:8F:20:28:09:BD:87:1B:92:29:C0:03
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/bDbEU-n8q6DljyAoCb2HG5IpwAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/47
2a02:2498:4::/47
2a02:2498:16::/48
2a02:2498:1000::/36
2a02:2498:257b::/48
2a02:2498:53aa::/48
2a02:2498:6d7b::/48
2a02:2498:8000::/34
2a02:2498:e000::/35
Signature Algorithm: sha256WithRSAEncryption
91:2b:43:12:45:88:70:ee:b6:c1:e8:ca:0f:2f:5b:93:ab:51:
cb:78:9c:90:69:e9:de:af:c2:b1:ec:47:fc:36:ae:7d:25:af:
c0:4d:2f:aa:74:de:5b:17:87:dd:97:f4:10:c6:31:5c:a6:fc:
70:b9:f6:9d:99:e8:07:ac:3b:7c:f2:80:fd:d8:5c:9d:f0:00:
88:78:23:4a:24:16:ef:f5:fe:05:f0:54:45:cf:4c:12:9e:71:
01:72:27:6b:fb:3c:ec:d7:12:0c:42:5c:ed:8a:5f:21:6f:77:
1b:f3:c7:f5:03:06:c5:af:18:27:05:7d:45:a4:cf:d8:40:e6:
fc:1e:27:72:4d:cd:d4:fe:2f:c1:56:90:40:1f:d2:37:54:53:
6a:3a:41:51:17:11:2e:0b:c4:61:16:40:ff:74:50:d9:a7:ed:
6d:aa:99:91:11:a8:45:47:8d:6f:95:ad:24:88:4d:b1:78:d9:
fa:a3:40:d3:47:e5:13:f9:22:30:31:89:17:e0:95:56:21:09:
0c:a2:72:5e:f3:a6:4d:8c:0c:5a:31:ad:38:e9:72:56:19:9e:
b3:67:c3:cc:bd:76:99:a7:b5:37:92:c3:d4:c6:3f:a9:f4:fc:
61:62:4a:1f:d8:14:62:45:03:08:74:72:11:76:c8:27:ee:1f:
15:7d:90:89
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZm+/v8/+silDYlyaYXMmHnjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUxMDA3MTQwNjQ2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YzM2YzQ1M2U5ZmNhYmEwZTU4ZjIwMjgwOWJkODcxYjkyMjljMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAslo3+dOVZ/ZUsH0FqUJ8lzxHXaIn
ZvOHtYPlC0SM7OmnRJP94PSlpQMfCABx+TlUyuEYUN+i1v/yzg3X5Q3hbwE8/MEW
HZ8GqY9yAJ7igEDyKJL/pK3Pl6JDgcdYE2Yj8B118tzE5WZVxyLds+FhlAYqBbtj
a9UXdWR+qRHPMMVxNOkDyLvobYoj9wSipWmmzIGhccEGk+1c7UucmEL1QVsxXteN
7S1jAMzIGb47E3KlnEA0V8Q4LZwKiXNIQK4cU9xsvqmO+5iJGADYBI8LPZxwoUQQ
NNyBgsx749Z9J8K5ybBWzVc/N2NllF6WShxzl7DmC6rm6exFlivinldm6wIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFGw2xFPp/Kug5Y8gKAm9hxuSKcADMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvYkRiRVUtbjhxNkRsanlBb0NiMkhHNUlwd0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujBiBAIAATBcAwQDHxjg
AwQDJXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23w
AwQGbXtAAwQDsEOgAwQAsEOpMAwDBACwQ6sDBASwQ6ADBAK5B+AwVAQCAAIwTgMH
ASoCJJgAAAMHASoCJJgABAMHACoCJJgAFgMGBCoCJJgQAwcAKgIkmCV7AwcAKgIk
mFOqAwcAKgIkmG17AwYGKgIkmIADBgUqAiSY4DANBgkqhkiG9w0BAQsFAAOCAQEA
kStDEkWIcO62wejKDy9bk6tRy3ickGnp3q/CsexH/DaufSWvwE0vqnTeWxeH3Zf0
EMYxXKb8cLn2nZnoB6w7fPKA/dhcnfAAiHgjSiQW7/X+BfBURc9MEp5xAXIna/s8
7NcSDEJc7YpfIW93G/PH9QMGxa8YJwV9RaTP2EDm/B4nck3N1P4vwVaQQB/SN1RT
ajpBURcRLgvEYRZA/3RQ2aftbaqZkRGoRUeNb5WtJIhNsXjZ+qNA00flE/kiMDGJ
F+CVViEJDKJyXvOmTYwMWjGtOOlyVhmes2fDzL12mae1N5LD1MY/qfT8YWJKH9gU
YkUDCHRyEXbIJ+4fFX2QiQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:12 2025 by rpki-client