Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PYrj6Q-UxHtJwUeb_m9R8cqHKEE.roa
File: PYrj6Q-UxHtJwUeb_m9R8cqHKEE.roa (raw, json)
Hash identifier: Jl1qDKOhIHPhckL0Pr5e3wh24QkNWmFXDCd6nvl0ew4=
Subject key identifier: 3D:8A:E3:E9:0F:94:C4:7B:49:C1:47:9B:FE:6F:51:F1:CA:87:28:41
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019A0C08A019C560B38FE7815AF4F7ABA419
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PYrj6Q-UxHtJwUeb_m9R8cqHKEE.roa
Signing time: Wed 22 Oct 2025 13:08:03 +0000
ROA not before: Wed 22 Oct 2025 13:08:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 46.151.32.0/24 maxlen: 24
46.151.33.0/24 maxlen: 24
46.151.34.0/24 maxlen: 24
46.151.35.0/24 maxlen: 24
77.36.2.0/23 maxlen: 24
77.36.54.0/24 maxlen: 24
77.36.55.0/24 maxlen: 24
91.232.20.0/24 maxlen: 24
93.120.36.0/24 maxlen: 24
93.120.37.0/24 maxlen: 24
93.120.38.0/24 maxlen: 24
176.110.107.0/24 maxlen: 24
176.110.112.0/24 maxlen: 24
176.110.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:08:a0:19:c5:60:b3:8f:e7:81:5a:f4:f7:ab:a4:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 22 13:08:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d8ae3e90f94c47b49c1479bfe6f51f1ca872841
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:f6:cd:48:74:b6:2a:95:3c:21:ce:43:f3:6b:
57:46:4f:cb:2f:ea:b8:68:a6:a8:0e:c2:fe:f5:4d:
b0:3e:56:9e:33:6e:d8:ef:ea:41:e3:a0:cf:31:3a:
ba:0c:f9:0a:c4:a6:04:92:66:ef:3a:01:ae:79:c9:
66:a7:52:4e:99:bb:f7:1a:5e:ff:56:79:50:23:31:
41:6d:6f:7a:6c:0e:f5:db:51:13:fb:33:41:26:e6:
4f:40:41:b6:41:fd:5d:5e:cc:73:53:fa:03:d6:b9:
87:ee:02:57:71:0d:91:fb:41:13:ee:6b:29:81:be:
6f:87:01:a3:09:b9:30:ad:a3:3f:60:f7:19:2c:d2:
b9:74:21:54:89:63:0e:f8:a5:59:4d:06:12:ac:5c:
e2:f9:e2:26:a1:ce:c0:41:85:7d:75:6b:73:e9:ba:
68:ec:dd:1a:e7:56:07:be:ff:07:ed:34:ea:0a:fe:
c0:94:60:84:13:45:3f:62:47:73:a6:28:e6:2a:18:
60:e4:41:4b:fa:32:5a:42:cb:46:9c:47:6e:5b:e5:
aa:2b:30:e9:05:e5:17:6e:24:0b:72:17:24:d2:f2:
07:e2:fd:2c:0f:64:9d:8e:21:50:f1:e8:dd:93:fd:
a8:b6:8b:fa:68:ab:ca:4c:c5:84:59:db:bd:ee:4b:
fe:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:8A:E3:E9:0F:94:C4:7B:49:C1:47:9B:FE:6F:51:F1:CA:87:28:41
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/PYrj6Q-UxHtJwUeb_m9R8cqHKEE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.151.32.0/22
77.36.2.0/23
77.36.54.0/23
91.232.20.0/24
93.120.36.0-93.120.38.255
176.110.107.0/24
176.110.112.0/23
Signature Algorithm: sha256WithRSAEncryption
47:10:18:41:6d:86:7a:93:62:5b:fa:16:9e:4c:37:f4:93:c0:
7b:8c:8a:28:41:6b:66:36:6b:17:0e:22:23:be:f9:7e:8d:0f:
b6:d8:7d:cc:83:7a:b4:5e:68:a7:46:40:c6:12:5e:3a:fc:fd:
64:61:ae:2d:c8:1e:63:5b:40:ca:d6:f7:a1:e5:89:2b:e9:d2:
2f:e6:9e:fc:1d:cb:65:e0:be:47:b8:c8:0a:cd:06:45:96:98:
ef:57:0d:9f:ad:43:83:8c:e1:67:00:a7:5f:84:b3:64:66:5b:
1e:48:74:ea:0c:fa:05:39:37:4f:86:84:13:1c:99:31:f2:e5:
0d:00:68:fc:fc:2d:5d:28:6c:e2:70:b2:72:ef:c8:47:82:b9:
ca:39:9e:21:5b:cd:e4:9f:d7:4d:2e:35:43:50:d2:cd:94:9c:
32:95:37:d2:2d:a4:76:95:90:f1:69:13:69:91:4d:4a:ad:b9:
42:b4:eb:ab:ea:ef:d0:f3:94:6c:15:97:92:3f:1e:b1:7f:14:
25:1c:6c:3c:51:7b:72:a1:bf:fd:62:cd:93:8e:65:40:10:da:
e2:d7:fe:83:74:21:54:65:f7:26:a5:ee:b8:f2:95:2d:84:d3:
db:92:73:4e:dc:27:d7:fb:c8:b3:cb:78:42:bc:f7:cd:fd:0b:
dd:e2:20:eb
-----BEGIN CERTIFICATE-----
MIIFKTCCBBGgAwIBAgISAZoMCKAZxWCzj+eBWvT3q6QZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUxMDIyMTMwODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDhhZTNlOTBmOTRjNDdiNDljMTQ3OWJmZTZmNTFmMWNhODcyODQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApvbNSHS2KpU8Ic5D82tXRk/LL+q4
aKaoDsL+9U2wPlaeM27Y7+pB46DPMTq6DPkKxKYEkmbvOgGueclmp1JOmbv3Gl7/
VnlQIzFBbW96bA7121ET+zNBJuZPQEG2Qf1dXsxzU/oD1rmH7gJXcQ2R+0ET7msp
gb5vhwGjCbkwraM/YPcZLNK5dCFUiWMO+KVZTQYSrFzi+eImoc7AQYV9dWtz6bpo
7N0a51YHvv8H7TTqCv7AlGCEE0U/YkdzpijmKhhg5EFL+jJaQstGnEduW+WqKzDp
BeUXbiQLchck0vIH4v0sD2SdjiFQ8ejdk/2otov6aKvKTMWEWdu97kv+7QIDAQAB
o4ICNTCCAjEwHQYDVR0OBBYEFD2K4+kPlMR7ScFHm/5vUfHKhyhBMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvUFlyajZRLVV4SHRKd1VlYl9tOVI4Y3FIS0VFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEsGCCsGAQUFBwEHAQH/BDwwOjA4BAIAATAyAwQCLpcgAwQB
TSQCAwQBTSQ2AwQAW+gUMAwDBAJdeCQDBABdeCYDBACwbmsDBAGwbnAwDQYJKoZI
hvcNAQELBQADggEBAEcQGEFthnqTYlv6Fp5MN/STwHuMiihBa2Y2axcOIiO++X6N
D7bYfcyDerReaKdGQMYSXjr8/WRhri3IHmNbQMrW96HliSvp0i/mnvwdy2Xgvke4
yArNBkWWmO9XDZ+tQ4OM4WcAp1+Es2RmWx5IdOoM+gU5N0+GhBMcmTHy5Q0AaPz8
LV0obOJwsnLvyEeCuco5niFbzeSf100uNUNQ0s2UnDKVN9ItpHaVkPFpE2mRTUqt
uUK066vq79DzlGwVl5I/HrF/FCUcbDxRe3Khv/1izZOOZUAQ2uLX/oN0IVRl9yal
7rjylS2E09uSc07cJ9f7yLPLeEK89839C93iIOs=
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:36:21 2025 by rpki-client