Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/29TbMLufIPxRE020kIvBxrijcXE.roa
File: 29TbMLufIPxRE020kIvBxrijcXE.roa (raw, json)
Hash identifier: yaWCKyUE+f0tiisSqvZhHpxJTfa3UwVcLIOHWKNCXpA=
Subject key identifier: DB:D4:DB:30:BB:9F:20:FC:51:13:4D:B4:90:8B:C1:C6:B8:A3:71:71
Certificate issuer: /CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Certificate serial: 0199E89F022F8DCB1596D4A5A862A37CD73D
Authority key identifier: DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/29TbMLufIPxRE020kIvBxrijcXE.roa
Signing time: Wed 15 Oct 2025 16:05:58 +0000
ROA not before: Wed 15 Oct 2025 16:05:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200350
IP address blocks: 31.44.8.0/21 maxlen: 24
37.230.172.0/22 maxlen: 24
37.230.188.0/22 maxlen: 24
45.133.96.0/22 maxlen: 24
46.21.244.0/22 maxlen: 24
46.243.209.0/24 maxlen: 24
46.243.212.0/24 maxlen: 24
51.250.0.0/17 maxlen: 24
62.84.112.0/20 maxlen: 24
84.201.128.0/18 maxlen: 24
84.252.128.0/20 maxlen: 24
89.104.112.0/23 maxlen: 24
89.169.128.0/18 maxlen: 24
89.232.188.0/22 maxlen: 24
92.255.1.0/24 maxlen: 24
92.255.3.0/24 maxlen: 24
92.255.13.0/24 maxlen: 24
93.77.160.0/19 maxlen: 24
111.88.144.0/20 maxlen: 24
111.88.240.0/20 maxlen: 24
130.193.32.0/19 maxlen: 24
158.160.0.0/16 maxlen: 24
178.154.192.0/18 maxlen: 24
185.206.164.0/22 maxlen: 24
185.216.194.0/23 maxlen: 24
193.32.216.0/22 maxlen: 24
194.247.51.0/24 maxlen: 24
213.165.192.0/19 maxlen: 24
217.28.224.0/20 maxlen: 24
217.198.168.0/21 maxlen: 24
2a0d:d6c0::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.mft
rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:9f:02:2f:8d:cb:15:96:d4:a5:a8:62:a3:7c:d7:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dc86e3e928c7f0c9db69515ff3aa1f678cee43c0
Validity
Not Before: Oct 15 16:05:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dbd4db30bb9f20fc51134db4908bc1c6b8a37171
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:53:d2:2f:95:91:78:0a:5e:40:9b:68:74:c9:
25:8f:63:99:93:70:4b:ed:dc:5a:6b:f6:a8:cb:fd:
b3:5c:7e:0c:f8:e5:f4:28:6b:d5:cc:08:39:44:1c:
0c:a9:66:c0:7e:ae:8c:24:30:8c:88:2a:14:e4:9e:
04:94:78:fe:4e:f8:11:3f:f5:73:df:56:ab:a7:a4:
dc:11:c6:c0:34:a0:60:47:e5:27:05:7c:46:5d:6c:
e2:06:95:26:ec:c5:af:57:16:9d:b8:8b:92:18:03:
b5:65:70:46:34:41:67:3b:00:71:e9:39:ab:cf:8c:
3b:15:06:a2:90:a6:87:b1:e7:13:41:66:bc:ea:ab:
5e:3c:db:7f:61:f9:d5:08:cc:ab:79:8b:5e:cd:90:
de:f8:63:3b:d0:4a:3a:28:0c:21:35:4b:c7:79:d1:
16:4a:55:58:5f:9c:f4:48:02:c4:de:3f:88:94:eb:
72:69:31:b2:47:6a:d8:fb:a5:bf:49:c9:30:de:dd:
5f:77:24:be:d7:a5:bb:b3:c6:2f:8d:4d:4a:69:64:
0f:66:6f:77:12:d7:a1:0b:b6:8b:c2:9d:05:cf:7c:
e0:b3:80:5f:bb:ac:65:d2:78:14:6e:12:45:c8:da:
f2:ad:12:39:14:75:d8:10:0e:d5:6f:50:77:5b:46:
30:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:D4:DB:30:BB:9F:20:FC:51:13:4D:B4:90:8B:C1:C6:B8:A3:71:71
X509v3 Authority Key Identifier:
keyid:DC:86:E3:E9:28:C7:F0:C9:DB:69:51:5F:F3:AA:1F:67:8C:EE:43:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/29TbMLufIPxRE020kIvBxrijcXE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/471aa5-c3f7-4afd-b122-9c8e59c2771c/1/3Ibj6SjH8MnbaVFf86ofZ4zuQ8A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.44.8.0/21
37.230.172.0/22
37.230.188.0/22
45.133.96.0/22
46.21.244.0/22
46.243.209.0/24
46.243.212.0/24
51.250.0.0/17
62.84.112.0/20
84.201.128.0/18
84.252.128.0/20
89.104.112.0/23
89.169.128.0/18
89.232.188.0/22
92.255.1.0/24
92.255.3.0/24
92.255.13.0/24
93.77.160.0/19
111.88.144.0/20
111.88.240.0/20
130.193.32.0/19
158.160.0.0/16
178.154.192.0/18
185.206.164.0/22
185.216.194.0/23
193.32.216.0/22
194.247.51.0/24
213.165.192.0/19
217.28.224.0/20
217.198.168.0/21
IPv6:
2a0d:d6c0::/29
Signature Algorithm: sha256WithRSAEncryption
3f:fd:c2:32:80:dc:30:7f:70:82:72:d7:80:bb:0f:63:ba:91:
90:3a:34:7b:db:f8:66:f3:46:66:58:05:4f:a8:f6:94:16:12:
58:3b:a1:12:fe:03:19:67:06:06:48:d1:d3:28:ad:69:7d:c7:
39:b8:bc:c4:d6:16:7a:50:96:61:99:45:8f:70:74:96:74:5d:
b0:ea:b4:79:9f:9a:82:7a:71:51:65:c7:cf:05:69:fd:0e:39:
25:9c:64:9d:e1:67:53:c7:fc:6d:c7:68:dc:47:cd:6c:94:31:
87:83:c5:a2:8c:cf:de:3c:9a:52:36:0e:dc:bb:eb:0b:2c:90:
e7:c5:7e:2e:7c:5c:9b:ac:b8:11:d4:d7:2d:ab:fc:ef:76:f0:
7b:ec:27:10:0d:08:76:3a:b8:2b:0f:9a:92:5d:ce:10:f3:07:
c0:f6:d5:1f:67:2c:b6:f6:a7:ad:96:b6:d9:28:77:af:54:8f:
63:e4:3c:89:d5:02:bb:04:29:79:16:4c:ee:10:06:28:e5:f4:
c9:60:97:97:b8:f7:4c:5a:a0:14:ea:1e:32:28:38:ab:fb:61:
84:bc:b7:b0:1b:39:58:33:5c:fe:b9:b9:41:8b:d6:e9:84:2a:
98:d2:4f:3f:e5:03:dc:13:be:29:45:96:65:6f:58:48:47:87:
26:31:bb:f6
-----BEGIN CERTIFICATE-----
MIIFvjCCBKagAwIBAgISAZnonwIvjcsVltSlqGKjfNc9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRjODZlM2U5MjhjN2YwYzlkYjY5NTE1ZmYzYWExZjY3OGNl
ZTQzYzAwHhcNMjUxMDE1MTYwNTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYmQ0ZGIzMGJiOWYyMGZjNTExMzRkYjQ5MDhiYzFjNmI4YTM3MTcxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0lPSL5WReApeQJtodMklj2OZk3BL
7dxaa/aoy/2zXH4M+OX0KGvVzAg5RBwMqWbAfq6MJDCMiCoU5J4ElHj+TvgRP/Vz
31arp6TcEcbANKBgR+UnBXxGXWziBpUm7MWvVxaduIuSGAO1ZXBGNEFnOwBx6Tmr
z4w7FQaikKaHsecTQWa86qtePNt/YfnVCMyreYtezZDe+GM70Eo6KAwhNUvHedEW
SlVYX5z0SALE3j+IlOtyaTGyR2rY+6W/Sckw3t1fdyS+16W7s8YvjU1KaWQPZm93
EtehC7aLwp0Fz3zgs4Bfu6xl0ngUbhJFyNryrRI5FHXYEA7Vb1B3W0Yw7QIDAQAB
o4ICyjCCAsYwHQYDVR0OBBYEFNvU2zC7nyD8URNNtJCLwca4o3FxMB8GA1UdIwQY
MBaAFNyG4+kox/DJ22lRX/OqH2eM7kPAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjIt
OWM4ZTU5YzI3NzFjLzEvMjlUYk1MdWZJUHhSRTAyMGtJdkJ4cmlqY1hFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC80NzFhYTUtYzNmNy00YWZkLWIxMjItOWM4ZTU5YzI3NzFj
LzEvM0liajZTakg4TW5iYVZGZjg2b2ZaNHp1UThBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHfBggrBgEFBQcBBwEB/wSBzzCBzDCBugQCAAEwgbMDBAMf
LAgDBAIl5qwDBAIl5rwDBAIthWADBAIuFfQDBAAu89EDBAAu89QDBAcz+gADBAQ+
VHADBAZUyYADBARU/IADBAFZaHADBAZZqYADBAJZ6LwDBABc/wEDBABc/wMDBABc
/w0DBAVdTaADBARvWJADBARvWPADBAWCwSADAwCeoAMEBrKawAMEArnOpAMEAbnY
wgMEAsEg2AMEAML3MwMEBdWlwAMEBNkc4AMEA9nGqDANBAIAAjAHAwUDKg3WwDAN
BgkqhkiG9w0BAQsFAAOCAQEAP/3CMoDcMH9wgnLXgLsPY7qRkDo0e9v4ZvNGZlgF
T6j2lBYSWDuhEv4DGWcGBkjR0yitaX3HObi8xNYWelCWYZlFj3B0lnRdsOq0eZ+a
gnpxUWXHzwVp/Q45JZxkneFnU8f8bcdo3EfNbJQxh4PFoozP3jyaUjYO3LvrCyyQ
58V+Lnxcm6y4EdTXLav873bwe+wnEA0Idjq4Kw+akl3OEPMHwPbVH2cstvanrZa2
2Sh3r1SPY+Q8idUCuwQpeRZM7hAGKOX0yWCXl7j3TFqgFOoeMig4q/thhLy3sBs5
WDNc/rm5QYvW6YQqmNJPP+UD3BO+KUWWZW9YSEeHJjG79g==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:12 2025 by rpki-client