Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/DirpbPXV9PEsSkJGkxNuGe42xHI.roa
File: DirpbPXV9PEsSkJGkxNuGe42xHI.roa (raw, json)
Hash identifier: VBDmf9F3mz15N8FEL0FBBmeC/+Di4FvRutCT5g1tWEg=
Subject key identifier: 0E:2A:E9:6C:F5:D5:F4:F1:2C:4A:42:46:93:13:6E:19:EE:36:C4:72
Certificate issuer: /CN=54296d23def4c8521c647dc68acb3c123f611d89
Certificate serial: 0199C8688943B5E3B34F9C07CFEA4AA16C38
Authority key identifier: 54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/DirpbPXV9PEsSkJGkxNuGe42xHI.roa
Signing time: Thu 09 Oct 2025 09:58:38 +0000
ROA not before: Thu 09 Oct 2025 09:58:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8953
IP address blocks: 37.156.224.0/24 maxlen: 24
37.251.208.0/20 maxlen: 24
62.217.192.0/18 maxlen: 24
86.106.83.0/24 maxlen: 24
89.37.97.0/24 maxlen: 24
89.39.71.0/24 maxlen: 24
89.39.81.0/24 maxlen: 24
89.42.27.0/24 maxlen: 24
92.82.176.0/20 maxlen: 20
92.84.64.0/18 maxlen: 24
92.114.38.0/24 maxlen: 24
92.114.82.0/24 maxlen: 24
93.113.56.0/24 maxlen: 24
93.115.244.0/23 maxlen: 24
93.122.128.0/17 maxlen: 24
109.166.128.0/17 maxlen: 24
109.166.212.0/24 maxlen: 24
128.127.112.0/20 maxlen: 24
185.53.196.0/22 maxlen: 24
185.133.64.0/24 maxlen: 24
2a02:a58::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:68:89:43:b5:e3:b3:4f:9c:07:cf:ea:4a:a1:6c:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=54296d23def4c8521c647dc68acb3c123f611d89
Validity
Not Before: Oct 9 09:58:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e2ae96cf5d5f4f12c4a424693136e19ee36c472
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:03:01:ff:eb:d1:5d:d2:8c:c9:db:0c:e9:ed:
8b:3c:f9:42:54:53:42:fd:ad:6c:09:e9:9a:02:63:
ef:27:d4:eb:5d:8a:fb:d6:59:00:b9:f5:79:89:0e:
1c:2d:79:31:7c:f9:b0:20:26:81:3f:37:ca:d5:82:
28:dd:58:22:6f:a1:14:28:bc:a6:ea:84:cc:f5:9a:
59:d3:57:29:5e:47:70:11:cc:01:59:cb:1a:27:53:
3a:a0:45:93:44:98:66:55:01:f4:6b:b8:2c:f4:c0:
fa:f7:f0:db:da:13:aa:ae:ce:07:b7:4a:45:cc:f0:
8d:c0:59:ee:d2:3f:6e:1f:1f:b9:c9:40:3d:72:29:
be:9f:fa:ae:ad:6e:8f:11:33:92:c9:a5:bd:e4:ae:
20:f5:0b:17:d1:61:ad:f3:39:73:48:c8:42:de:7a:
4e:04:73:a7:56:5a:66:24:dd:1c:0e:fa:95:c4:0a:
5c:82:e2:e7:c0:d3:32:c7:e4:25:92:3f:63:54:1f:
46:d0:af:4c:2c:b3:fd:94:e0:cc:06:89:c4:17:a4:
d7:41:f0:cb:f7:f6:92:50:49:2d:2d:aa:f5:83:ff:
01:c8:fa:39:0f:e2:f0:ed:8f:08:bb:cd:34:e8:2c:
53:a9:38:4e:6a:5f:b0:87:55:db:ec:c6:8f:50:f4:
be:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:2A:E9:6C:F5:D5:F4:F1:2C:4A:42:46:93:13:6E:19:EE:36:C4:72
X509v3 Authority Key Identifier:
keyid:54:29:6D:23:DE:F4:C8:52:1C:64:7D:C6:8A:CB:3C:12:3F:61:1D:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VCltI970yFIcZH3Giss8Ej9hHYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/DirpbPXV9PEsSkJGkxNuGe42xHI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fc/5cb454-7bee-4e5d-b295-942482f8d2ea/1/VCltI970yFIcZH3Giss8Ej9hHYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.224.0/24
37.251.208.0/20
62.217.192.0/18
86.106.83.0/24
89.37.97.0/24
89.39.71.0/24
89.39.81.0/24
89.42.27.0/24
92.82.176.0/20
92.84.64.0/18
92.114.38.0/24
92.114.82.0/24
93.113.56.0/24
93.115.244.0/23
93.122.128.0/17
109.166.128.0/17
128.127.112.0/20
185.53.196.0/22
185.133.64.0/24
IPv6:
2a02:a58::/32
Signature Algorithm: sha256WithRSAEncryption
4a:e6:1e:03:89:11:13:41:95:9b:2a:db:f9:9f:a6:fe:5f:6e:
2c:cc:eb:96:22:2f:0b:d2:bc:57:67:18:52:6b:24:d7:a0:d7:
9f:12:c6:e9:c6:43:fa:9d:6e:91:a7:2f:ae:e4:b2:2d:86:63:
77:d2:f6:60:d0:ed:81:51:23:3e:a2:69:c2:72:e4:61:9d:c2:
7e:0f:59:a3:21:9f:30:8a:78:6e:93:33:1c:43:49:cf:0c:d3:
69:27:88:68:52:39:a5:2e:c3:86:3a:6b:9e:09:33:fa:d2:7d:
0c:36:4f:90:e0:b3:dc:b8:2a:a5:a3:38:39:3a:e0:36:18:d3:
bd:13:ed:fe:cf:e9:ba:c0:5f:4a:ef:28:a6:c8:bf:23:89:64:
43:4d:d7:9a:80:a8:72:33:7d:31:d7:5b:e0:bc:3c:3b:36:3b:
80:4b:48:ae:37:97:ee:e9:ef:60:3f:f9:48:8e:c8:cf:b7:9f:
6e:6c:29:c6:c6:9f:3b:61:49:85:23:52:cd:cc:81:89:50:07:
6e:99:25:ce:2b:39:b7:4e:56:d0:6b:8e:0c:8d:fb:05:e7:2a:
41:f6:9b:2c:e6:65:ae:a6:00:ab:54:95:bc:c6:3d:9c:56:6f:
09:1c:24:f8:b2:4f:2c:b2:d2:05:e2:ce:9d:5e:4c:b9:10:ae:
4b:f0:81:ac
-----BEGIN CERTIFICATE-----
MIIFezCCBGOgAwIBAgISAZnIaIlDteOzT5wHz+pKoWw4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0Mjk2ZDIzZGVmNGM4NTIxYzY0N2RjNjhhY2IzYzEyM2Y2
MTFkODkwHhcNMjUxMDA5MDk1ODM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTJhZTk2Y2Y1ZDVmNGYxMmM0YTQyNDY5MzEzNmUxOWVlMzZjNDcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzQMB/+vRXdKMydsM6e2LPPlCVFNC
/a1sCemaAmPvJ9TrXYr71lkAufV5iQ4cLXkxfPmwICaBPzfK1YIo3Vgib6EUKLym
6oTM9ZpZ01cpXkdwEcwBWcsaJ1M6oEWTRJhmVQH0a7gs9MD69/Db2hOqrs4Ht0pF
zPCNwFnu0j9uHx+5yUA9cim+n/qurW6PETOSyaW95K4g9QsX0WGt8zlzSMhC3npO
BHOnVlpmJN0cDvqVxApcguLnwNMyx+Qlkj9jVB9G0K9MLLP9lODMBonEF6TXQfDL
9/aSUEktLar1g/8ByPo5D+Lw7Y8Iu8006CxTqThOal+wh1Xb7MaPUPS+CQIDAQAB
o4IChzCCAoMwHQYDVR0OBBYEFA4q6Wz11fTxLEpCRpMTbhnuNsRyMB8GA1UdIwQY
MBaAFFQpbSPe9MhSHGR9xorLPBI/YR2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUt
OTQyNDgyZjhkMmVhLzEvRGlycGJQWFY5UEVzU2tKR2t4TnVHZTQyeEhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYy81Y2I0NTQtN2JlZS00ZTVkLWIyOTUtOTQyNDgyZjhkMmVh
LzEvVkNsdEk5NzB5RkljWkgzR2lzczhFajloSFlrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGcBggrBgEFBQcBBwEB/wSBjDCBiTB4BAIAATByAwQAJZzg
AwQEJfvQAwQGPtnAAwQAVmpTAwQAWSVhAwQAWSdHAwQAWSdRAwQAWSobAwQEXFKw
AwQGXFRAAwQAXHImAwQAXHJSAwQAXXE4AwQBXXP0AwQHXXqAAwQHbaaAAwQEgH9w
AwQCuTXEAwQAuYVAMA0EAgACMAcDBQAqAgpYMA0GCSqGSIb3DQEBCwUAA4IBAQBK
5h4DiRETQZWbKtv5n6b+X24szOuWIi8L0rxXZxhSayTXoNefEsbpxkP6nW6Rpy+u
5LIthmN30vZg0O2BUSM+omnCcuRhncJ+D1mjIZ8winhukzMcQ0nPDNNpJ4hoUjml
LsOGOmueCTP60n0MNk+Q4LPcuCqlozg5OuA2GNO9E+3+z+m6wF9K7yimyL8jiWRD
TdeagKhyM30x11vgvDw7NjuAS0iuN5fu6e9gP/lIjsjPt59ubCnGxp87YUmFI1LN
zIGJUAdumSXOKzm3TlbQa44MjfsF5ypB9pss5mWupgCrVJW8xj2cVm8JHCT4sk8s
stIF4s6dXky5EK5L8IGs
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:45:57 2025 by rpki-client