Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/O_SKclTWbwMrHuJ-wu_A_gUlj98.roa
File: O_SKclTWbwMrHuJ-wu_A_gUlj98.roa (raw, json)
Hash identifier: wqqIe428dBMOphAjwqG0MbbSQPuyl8AVjDeCz3ynOtk=
Subject key identifier: 3B:F4:8A:72:54:D6:6F:03:2B:1E:E2:7E:C2:EF:C0:FE:05:25:8F:DF
Certificate issuer: /CN=c30d03e64676e720a4ff55179e196fec6591886b
Certificate serial: 0199A278FF9505722C6EEAE823522EFA95CD
Authority key identifier: C3:0D:03:E6:46:76:E7:20:A4:FF:55:17:9E:19:6F:EC:65:91:88:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ww0D5kZ25yCk_1UXnhlv7GWRiGs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/O_SKclTWbwMrHuJ-wu_A_gUlj98.roa
Signing time: Thu 02 Oct 2025 01:11:02 +0000
ROA not before: Thu 02 Oct 2025 01:11:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50840
IP address blocks: 85.204.27.0/24 maxlen: 24
86.106.91.0/24 maxlen: 24
185.41.68.0/24 maxlen: 24
185.41.69.0/24 maxlen: 24
185.41.70.0/24 maxlen: 24
185.41.71.0/24 maxlen: 24
185.242.132.0/24 maxlen: 24
185.242.133.0/24 maxlen: 24
185.242.134.0/24 maxlen: 24
185.242.135.0/24 maxlen: 24
193.177.164.0/24 maxlen: 24
193.177.165.0/24 maxlen: 24
193.178.42.0/24 maxlen: 24
193.178.43.0/24 maxlen: 24
194.59.140.0/24 maxlen: 24
194.59.141.0/24 maxlen: 24
194.59.158.0/24 maxlen: 24
194.59.159.0/24 maxlen: 24
2a07:9380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/ww0D5kZ25yCk_1UXnhlv7GWRiGs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/ww0D5kZ25yCk_1UXnhlv7GWRiGs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ww0D5kZ25yCk_1UXnhlv7GWRiGs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a2:78:ff:95:05:72:2c:6e:ea:e8:23:52:2e:fa:95:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c30d03e64676e720a4ff55179e196fec6591886b
Validity
Not Before: Oct 2 01:11:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3bf48a7254d66f032b1ee27ec2efc0fe05258fdf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:e5:7d:3c:13:79:b0:95:3b:8d:de:f0:62:d8:
9e:d7:21:7e:c2:16:1c:00:ed:5e:c2:e2:0f:03:97:
ad:c7:4b:41:07:cc:77:cf:99:a8:3f:ad:2b:ef:25:
a3:a3:2a:45:e6:a8:ef:5e:62:ed:a1:c6:4e:66:77:
9a:00:43:b4:95:4d:80:5b:88:39:c5:59:59:7f:d4:
92:77:db:4d:99:2f:b0:9a:1b:47:b8:a2:b1:1e:40:
28:94:a7:af:04:92:c5:4b:09:ee:bb:ac:e0:45:31:
0f:c3:3e:e1:d1:cc:62:8b:43:1e:6d:b6:aa:04:98:
a6:48:26:05:6e:5b:62:9e:1d:4d:b7:0c:3a:d8:29:
d7:43:a6:a9:f7:bb:23:67:9c:25:9f:83:7b:65:e7:
cd:fe:d6:01:b7:64:45:40:57:8e:44:88:52:3f:e1:
48:4a:ad:cd:59:50:c9:4d:5d:d9:a6:cf:0e:e7:17:
18:a1:d3:e5:72:70:a9:75:24:62:21:40:b8:bb:79:
d3:81:93:81:85:4a:b7:98:33:a0:a8:fd:b6:25:cb:
9a:54:b7:ba:db:ef:84:fd:55:f8:63:f4:f1:a2:94:
1e:70:a1:ab:2a:d2:75:46:67:ff:c2:c1:6f:98:f5:
fe:0e:74:c3:9d:e2:a3:31:35:57:b5:6b:22:4d:f4:
2a:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:F4:8A:72:54:D6:6F:03:2B:1E:E2:7E:C2:EF:C0:FE:05:25:8F:DF
X509v3 Authority Key Identifier:
keyid:C3:0D:03:E6:46:76:E7:20:A4:FF:55:17:9E:19:6F:EC:65:91:88:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ww0D5kZ25yCk_1UXnhlv7GWRiGs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/O_SKclTWbwMrHuJ-wu_A_gUlj98.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d8/329d41-f4ad-413c-bc07-38953f9ad057/1/ww0D5kZ25yCk_1UXnhlv7GWRiGs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.27.0/24
86.106.91.0/24
185.41.68.0/22
185.242.132.0/22
193.177.164.0/23
193.178.42.0/23
194.59.140.0/23
194.59.158.0/23
IPv6:
2a07:9380::/32
Signature Algorithm: sha256WithRSAEncryption
81:f1:f2:d1:4f:c4:86:e6:c6:d8:a7:5e:c1:83:f5:7a:62:ce:
f0:24:0a:d7:21:46:d1:f9:0b:8b:df:0d:1d:31:ad:bd:0a:24:
c4:d6:4f:22:a7:1c:c3:4e:76:8b:fe:41:d3:d3:65:42:0e:a8:
71:16:7c:60:55:02:39:46:ea:b4:02:2b:07:aa:82:9e:bc:2b:
11:3b:81:a7:50:05:f6:67:d1:66:e3:e8:90:3c:ef:41:c7:7d:
cc:f4:f8:fd:6e:fb:a6:6c:97:6b:2d:e3:19:01:c9:4a:2a:ac:
ad:84:eb:26:f0:9e:3d:e0:cb:ec:0a:41:f9:4c:d8:d3:b8:bf:
e4:63:b9:71:c7:7e:bb:0f:f0:e7:6c:da:47:40:3b:11:4c:a2:
fd:fb:29:1d:cf:23:61:12:16:fc:a6:0b:0c:07:1d:b6:48:ae:
98:17:a9:72:c3:fb:22:f9:24:78:0a:aa:74:2b:79:23:41:5c:
cd:cb:38:b9:59:b6:bf:3e:35:ec:d3:90:bb:c3:91:15:dc:a6:
39:36:5b:43:76:d6:38:1d:bd:77:bc:2e:cb:70:9a:98:bb:62:
f2:ad:84:8a:79:eb:03:59:72:ee:52:46:93:de:17:f4:f9:4b:
74:c8:cf:a8:79:a1:b3:64:c9:b0:e8:6c:11:7f:c1:a8:48:f3:
15:5a:d9:45
-----BEGIN CERTIFICATE-----
MIIFNjCCBB6gAwIBAgISAZmieP+VBXIsburoI1Iu+pXNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzMGQwM2U2NDY3NmU3MjBhNGZmNTUxNzllMTk2ZmVjNjU5
MTg4NmIwHhcNMjUxMDAyMDExMTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYmY0OGE3MjU0ZDY2ZjAzMmIxZWUyN2VjMmVmYzBmZTA1MjU4ZmRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2OV9PBN5sJU7jd7wYtie1yF+whYc
AO1ewuIPA5etx0tBB8x3z5moP60r7yWjoypF5qjvXmLtocZOZneaAEO0lU2AW4g5
xVlZf9SSd9tNmS+wmhtHuKKxHkAolKevBJLFSwnuu6zgRTEPwz7h0cxii0Mebbaq
BJimSCYFbltinh1Ntww62CnXQ6ap97sjZ5wln4N7ZefN/tYBt2RFQFeORIhSP+FI
Sq3NWVDJTV3Zps8O5xcYodPlcnCpdSRiIUC4u3nTgZOBhUq3mDOgqP22JcuaVLe6
2++E/VX4Y/TxopQecKGrKtJ1Rmf/wsFvmPX+DnTDneKjMTVXtWsiTfQq+wIDAQAB
o4ICQjCCAj4wHQYDVR0OBBYEFDv0inJU1m8DKx7ifsLvwP4FJY/fMB8GA1UdIwQY
MBaAFMMNA+ZGducgpP9VF54Zb+xlkYhrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvd3cwRDVrWjI1eUNrXzFVWG5obHY3R1dSaUdzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOC8zMjlkNDEtZjRhZC00MTNjLWJjMDct
Mzg5NTNmOWFkMDU3LzEvT19TS2NsVFdid01ySHVKLXd1X0FfZ1Vsajk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOC8zMjlkNDEtZjRhZC00MTNjLWJjMDctMzg5NTNmOWFkMDU3
LzEvd3cwRDVrWjI1eUNrXzFVWG5obHY3R1dSaUdzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFgGCCsGAQUFBwEHAQH/BEkwRzA2BAIAATAwAwQAVcwbAwQA
VmpbAwQCuSlEAwQCufKEAwQBwbGkAwQBwbIqAwQBwjuMAwQBwjueMA0EAgACMAcD
BQAqB5OAMA0GCSqGSIb3DQEBCwUAA4IBAQCB8fLRT8SG5sbYp17Bg/V6Ys7wJArX
IUbR+QuL3w0dMa29CiTE1k8ipxzDTnaL/kHT02VCDqhxFnxgVQI5Ruq0AisHqoKe
vCsRO4GnUAX2Z9Fm4+iQPO9Bx33M9Pj9bvumbJdrLeMZAclKKqythOsm8J494Mvs
CkH5TNjTuL/kY7lxx367D/DnbNpHQDsRTKL9+ykdzyNhEhb8pgsMBx22SK6YF6ly
w/si+SR4Cqp0K3kjQVzNyzi5Wba/PjXs05C7w5EV3KY5NltDdtY4Hb13vC7LcJqY
u2LyrYSKeesDWXLuUkaT3hf0+Ut0yM+oeaGzZMmw6GwRf8GoSPMVWtlF
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:36:44 2025 by rpki-client