Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rvxwWdPBwUEDeub1SKW47DVWEmI.roa
File: rvxwWdPBwUEDeub1SKW47DVWEmI.roa (raw, json)
Hash identifier: 5Fz4NipysVwhza6RRmS7qJbBV/XzxV+pB0l2qBalJ28=
Subject key identifier: AE:FC:70:59:D3:C1:C1:41:03:7A:E6:F5:48:A5:B8:EC:35:56:12:62
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 019A1731FE3E7F3B9A568322ED392A66C797
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rvxwWdPBwUEDeub1SKW47DVWEmI.roa
Signing time: Fri 24 Oct 2025 17:09:03 +0000
ROA not before: Fri 24 Oct 2025 17:09:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50835
IP address blocks: 37.97.121.0/24 maxlen: 24
46.173.248.0/22 maxlen: 24
46.173.254.0/23 maxlen: 23
77.36.58.0/24 maxlen: 24
77.36.66.0/23 maxlen: 23
81.161.48.0/22 maxlen: 22
91.193.30.0/23 maxlen: 23
91.233.200.0/24 maxlen: 24
91.236.76.0/24 maxlen: 24
91.239.226.0/24 maxlen: 24
91.246.203.0/24 maxlen: 24
93.120.34.0/23 maxlen: 23
93.120.40.0/23 maxlen: 23
109.207.128.0/24 maxlen: 24
109.207.130.0/24 maxlen: 24
109.207.132.0/24 maxlen: 24
176.96.94.0/24 maxlen: 24
176.115.236.0/22 maxlen: 24
176.116.236.0/24 maxlen: 24
176.121.108.0/23 maxlen: 24
194.33.66.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:17:31:fe:3e:7f:3b:9a:56:83:22:ed:39:2a:66:c7:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Oct 24 17:09:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aefc7059d3c1c141037ae6f548a5b8ec35561262
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:21:9a:22:36:e3:88:0e:13:52:94:34:49:9f:
d2:ba:d3:a9:34:69:f0:1e:0a:3c:ac:8f:69:2a:c2:
cd:53:dc:60:26:f6:42:7a:ea:ff:d4:41:a0:9c:d7:
57:71:2c:6b:02:1a:76:2c:1c:19:4f:87:2d:88:4e:
af:51:89:8b:8d:76:76:ac:de:a2:1f:c3:ba:bd:ab:
27:ae:59:a9:46:31:80:1e:7c:4f:90:9f:1d:8d:6c:
70:29:54:aa:db:b8:45:76:06:26:12:16:b0:5f:e6:
08:ee:03:92:05:3b:c3:7c:8c:fa:31:bc:3f:f5:2d:
25:83:8c:a6:bb:1e:80:bb:38:c6:90:76:7d:5b:db:
a2:28:be:a5:37:d9:85:79:8a:ea:32:d1:23:81:e7:
e8:82:6a:eb:13:05:6e:dc:a2:5f:f7:c8:48:64:e2:
2c:d3:d5:4f:ec:4a:74:53:55:65:90:a7:e8:f4:c1:
94:5f:1d:87:51:94:3d:8d:ab:1b:dd:0a:88:08:1a:
20:be:ec:e6:91:fb:c2:5f:d8:2c:d6:a1:96:d1:a5:
33:dc:44:06:8d:0e:6d:fb:b3:c3:53:60:92:d6:d9:
bd:11:a7:b5:a9:12:72:ed:a6:b3:ee:26:b0:fa:71:
ac:f5:3f:77:fe:9b:fe:87:5d:73:1a:61:57:39:ab:
65:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FC:70:59:D3:C1:C1:41:03:7A:E6:F5:48:A5:B8:EC:35:56:12:62
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/rvxwWdPBwUEDeub1SKW47DVWEmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.97.121.0/24
46.173.248.0/22
46.173.254.0/23
77.36.58.0/24
77.36.66.0/23
81.161.48.0/22
91.193.30.0/23
91.233.200.0/24
91.236.76.0/24
91.239.226.0/24
91.246.203.0/24
93.120.34.0/23
93.120.40.0/23
109.207.128.0/24
109.207.130.0/24
109.207.132.0/24
176.96.94.0/24
176.115.236.0/22
176.116.236.0/24
176.121.108.0/23
194.33.66.0/23
Signature Algorithm: sha256WithRSAEncryption
51:df:b6:2f:71:6d:38:6f:e6:13:22:2f:ba:ac:b8:a6:44:61:
64:f5:7f:78:d1:74:ee:40:c0:39:a9:4c:31:ec:97:d6:f2:3d:
4d:d8:10:1d:9f:29:d8:d5:29:e6:51:81:a6:32:2f:8d:9f:b0:
38:32:cf:12:50:ca:00:7a:69:7b:08:15:3c:a1:e3:04:6f:85:
49:51:b7:eb:29:34:e1:9c:b6:b6:3d:e5:c5:c2:e3:54:20:c7:
19:66:ec:22:fb:94:08:c0:42:00:2e:69:d5:08:f1:16:b1:51:
d0:92:68:a2:dc:30:10:07:29:a0:f0:11:93:56:86:57:f0:51:
1f:1b:ce:9b:27:7f:59:99:e9:38:7d:b9:25:0f:d0:6a:78:66:
06:9d:36:71:92:d0:f0:0b:60:52:9f:0a:6d:06:e6:6a:24:27:
46:46:62:e4:95:66:6d:47:b2:6b:de:15:b5:b9:48:c0:e4:32:
81:ab:c2:b8:47:ff:b9:8e:28:5a:54:41:38:2b:f9:9a:b6:c1:
0d:78:2e:f2:de:88:3f:51:be:5b:b3:68:4d:b5:6a:f8:96:c7:
20:3e:63:47:53:f5:36:27:21:0b:44:47:f8:e5:8a:90:1a:a2:
3e:1f:bc:bd:5a:8d:6e:6c:9b:75:da:5b:5f:45:ee:6c:7a:1a:
40:ab:66:b6
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZoXMf4+fzuaVoMi7TkqZseXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUxMDI0MTcwOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZjNzA1OWQzYzFjMTQxMDM3YWU2ZjU0OGE1YjhlYzM1NTYxMjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2iGaIjbjiA4TUpQ0SZ/SutOpNGnw
Hgo8rI9pKsLNU9xgJvZCeur/1EGgnNdXcSxrAhp2LBwZT4ctiE6vUYmLjXZ2rN6i
H8O6vasnrlmpRjGAHnxPkJ8djWxwKVSq27hFdgYmEhawX+YI7gOSBTvDfIz6Mbw/
9S0lg4ymux6AuzjGkHZ9W9uiKL6lN9mFeYrqMtEjgefogmrrEwVu3KJf98hIZOIs
09VP7Ep0U1VlkKfo9MGUXx2HUZQ9jasb3QqICBogvuzmkfvCX9gs1qGW0aUz3EQG
jQ5t+7PDU2CS1tm9Eae1qRJy7aaz7iaw+nGs9T93/pv+h11zGmFXOatliwIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFK78cFnTwcFBA3rm9UiluOw1VhJiMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvcnZ4d1dkUEJ3VUVEZXViMVNLVzQ3RFZXRW1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzCBhAQCAAEwfgMEACVh
eQMEAi6t+AMEAS6t/gMEAE0kOgMEAU0kQgMEAlGhMAMEAVvBHgMEAFvpyAMEAFvs
TAMEAFvv4gMEAFv2ywMEAV14IgMEAV14KAMEAG3PgAMEAG3PggMEAG3PhAMEALBg
XgMEArBz7AMEALB07AMEAbB5bAMEAcIhQjANBgkqhkiG9w0BAQsFAAOCAQEAUd+2
L3FtOG/mEyIvuqy4pkRhZPV/eNF07kDAOalMMeyX1vI9TdgQHZ8p2NUp5lGBpjIv
jZ+wODLPElDKAHppewgVPKHjBG+FSVG36yk04Zy2tj3lxcLjVCDHGWbsIvuUCMBC
AC5p1QjxFrFR0JJootwwEAcpoPARk1aGV/BRHxvOmyd/WZnpOH25JQ/QanhmBp02
cZLQ8AtgUp8KbQbmaiQnRkZi5JVmbUeya94VtblIwOQygavCuEf/uY4oWlRBOCv5
mrbBDXgu8t6IP1G+W7NoTbVq+JbHID5jR1P1NichC0RH+OWKkBqiPh+8vVqNbmyb
ddpbX0XubHoaQKtmtg==
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:29:18 2025 by rpki-client