Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/IbVX3LrFTxhR2c5rwBAGXni2IVg.roa
File: IbVX3LrFTxhR2c5rwBAGXni2IVg.roa (raw, json)
Hash identifier: i1+kfW3A/ZOMrSzikc6dwjCq+A7FU54gNo87BfXeXlo=
Subject key identifier: 21:B5:57:DC:BA:C5:4F:18:51:D9:CE:6B:C0:10:06:5E:78:B6:21:58
Certificate issuer: /CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Certificate serial: 019A35766F7D440B43AC267860BD87FB0CBD
Authority key identifier: 42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/IbVX3LrFTxhR2c5rwBAGXni2IVg.roa
Signing time: Thu 30 Oct 2025 14:12:25 +0000
ROA not before: Thu 30 Oct 2025 14:12:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49129
IP address blocks: 31.192.0.0/18 maxlen: 18
31.192.0.0/20 maxlen: 20
31.192.16.0/20 maxlen: 20
31.192.32.0/20 maxlen: 20
31.192.48.0/20 maxlen: 20
77.242.48.0/20 maxlen: 20
77.242.48.0/21 maxlen: 21
77.242.56.0/21 maxlen: 21
80.77.48.0/20 maxlen: 20
80.77.48.0/21 maxlen: 21
80.77.56.0/21 maxlen: 21
178.236.48.0/20 maxlen: 21
178.236.48.0/21 maxlen: 21
178.236.56.0/21 maxlen: 21
185.110.164.0/22 maxlen: 22
185.110.164.0/23 maxlen: 23
185.110.166.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:76:6f:7d:44:0b:43:ac:26:78:60:bd:87:fb:0c:bd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=42de27fa887905e0c9c1f53f67f23f296d045f0e
Validity
Not Before: Oct 30 14:12:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21b557dcbac54f1851d9ce6bc010065e78b62158
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f3:30:44:de:b1:b3:5a:6d:58:8b:3a:e0:d7:
b5:6d:2b:fe:f5:19:8f:6d:fb:a8:f6:8d:38:a0:73:
01:7f:a0:52:5f:9d:28:56:33:29:3a:21:0a:87:38:
0e:c0:50:49:1f:e4:9f:d4:48:8e:ec:a4:b6:82:36:
db:6a:ca:f5:df:9b:0e:e9:aa:85:f2:82:3e:67:ce:
a5:ea:1c:49:39:96:e7:27:b9:39:21:62:55:9f:0d:
3c:d9:79:8a:3e:97:c9:fb:13:15:9f:a5:bf:6c:48:
39:f7:f7:18:5a:ae:ca:b2:53:4f:7f:f4:37:d1:db:
53:b9:6f:fe:4e:a1:cb:9d:ed:c8:a3:2e:92:99:91:
ea:f0:2d:c9:36:71:41:37:1e:c9:1d:ec:9b:79:49:
d1:5b:66:4a:35:a0:33:cb:78:de:80:84:34:70:53:
33:37:d6:26:d2:a8:77:2b:5b:ce:45:29:ed:f9:41:
65:f3:a8:00:3b:4a:f6:34:f5:7e:6f:7e:01:9e:36:
ef:30:f4:82:55:24:f6:ef:54:c9:f9:e1:9c:1a:f2:
e2:fb:54:70:38:a2:d8:77:b6:23:c7:40:b0:a3:d8:
f8:52:6b:2a:c8:07:6d:de:5d:56:b5:9d:1b:7e:a4:
08:d3:34:1c:c0:96:b1:ca:36:38:2f:4a:6a:0d:d4:
dd:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:B5:57:DC:BA:C5:4F:18:51:D9:CE:6B:C0:10:06:5E:78:B6:21:58
X509v3 Authority Key Identifier:
keyid:42:DE:27:FA:88:79:05:E0:C9:C1:F5:3F:67:F2:3F:29:6D:04:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/IbVX3LrFTxhR2c5rwBAGXni2IVg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/aa4cc4-5537-4aeb-9fed-d29b7d478631/1/Qt4n-oh5BeDJwfU_Z_I_KW0EXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.192.0.0/18
77.242.48.0/20
80.77.48.0/20
178.236.48.0/20
185.110.164.0/22
Signature Algorithm: sha256WithRSAEncryption
74:fe:01:9e:67:83:5b:ac:02:ef:6f:dc:d1:71:9e:57:a0:de:
4b:7d:23:df:20:46:27:23:7b:b4:db:cf:b0:b9:6a:7f:19:bd:
7d:57:86:40:ec:86:a2:2f:f6:c5:2e:96:16:76:0c:25:d6:34:
ab:91:a0:9b:6c:45:57:3f:49:ba:4d:ca:67:7f:0d:b8:06:0b:
4d:8d:2f:d2:9e:15:c0:66:9e:95:dc:d8:c5:fa:29:f5:fe:d9:
55:c8:a8:d1:25:fe:6d:d3:64:dc:1e:10:a5:ac:57:da:f1:b8:
b3:e0:ef:ba:7a:82:43:c2:4e:5c:58:f4:1b:03:d9:cd:5e:e2:
a7:0c:f2:cf:3d:d5:75:c8:40:b5:e5:70:67:dd:bf:c7:67:bd:
e8:a1:50:83:a9:c3:52:a4:40:14:3d:58:57:a7:6e:00:a9:0e:
66:70:de:af:3e:c8:88:16:a7:60:6b:27:7e:ed:82:c1:9c:2c:
db:c6:51:b6:78:e6:ab:19:85:37:2e:b5:0c:7a:5e:e8:b1:d4:
81:66:76:ba:bc:80:1c:fd:07:06:31:09:2f:2d:04:85:53:c2:
85:38:9c:c7:7b:d6:c5:e8:38:79:cf:02:83:34:8a:5d:b9:4b:
95:82:5d:b6:1d:15:5f:08:4d:94:6a:4c:de:63:38:29:18:33:
ad:13:93:32
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZo1dm99RAtDrCZ4YL2H+wy9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyZGUyN2ZhODg3OTA1ZTBjOWMxZjUzZjY3ZjIzZjI5NmQw
NDVmMGUwHhcNMjUxMDMwMTQxMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWI1NTdkY2JhYzU0ZjE4NTFkOWNlNmJjMDEwMDY1ZTc4YjYyMTU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfMwRN6xs1ptWIs64Ne1bSv+9RmP
bfuo9o04oHMBf6BSX50oVjMpOiEKhzgOwFBJH+Sf1EiO7KS2gjbbasr135sO6aqF
8oI+Z86l6hxJOZbnJ7k5IWJVnw082XmKPpfJ+xMVn6W/bEg59/cYWq7KslNPf/Q3
0dtTuW/+TqHLne3Ioy6SmZHq8C3JNnFBNx7JHeybeUnRW2ZKNaAzy3jegIQ0cFMz
N9Ym0qh3K1vORSnt+UFl86gAO0r2NPV+b34BnjbvMPSCVST271TJ+eGcGvLi+1Rw
OKLYd7Yjx0Cwo9j4UmsqyAdt3l1WtZ0bfqQI0zQcwJaxyjY4L0pqDdTdFQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCG1V9y6xU8YUdnOa8AQBl54tiFYMB8GA1UdIwQY
MBaAFELeJ/qIeQXgycH1P2fyPyltBF8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQt
ZDI5YjdkNDc4NjMxLzEvSWJWWDNMckZUeGhSMmM1cndCQUdYbmkySVZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS9hYTRjYzQtNTUzNy00YWViLTlmZWQtZDI5YjdkNDc4NjMx
LzEvUXQ0bi1vaDVCZURKd2ZVX1pfSV9LVzBFWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQGH8AAAwQE
TfIwAwQEUE0wAwQEsuwwAwQCuW6kMA0GCSqGSIb3DQEBCwUAA4IBAQB0/gGeZ4Nb
rALvb9zRcZ5XoN5LfSPfIEYnI3u028+wuWp/Gb19V4ZA7IaiL/bFLpYWdgwl1jSr
kaCbbEVXP0m6Tcpnfw24BgtNjS/SnhXAZp6V3NjF+in1/tlVyKjRJf5t02TcHhCl
rFfa8biz4O+6eoJDwk5cWPQbA9nNXuKnDPLPPdV1yEC15XBn3b/HZ73ooVCDqcNS
pEAUPVhXp24AqQ5mcN6vPsiIFqdgayd+7YLBnCzbxlG2eOarGYU3LrUMel7osdSB
Zna6vIAc/QcGMQkvLQSFU8KFOJzHe9bF6Dh5zwKDNIpduUuVgl22HRVfCE2Uakze
YzgpGDOtE5My
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:15:59 2025 by rpki-client