Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4C6SBkLAqoydNDL30z7KnDqMSWE.roa
File: 4C6SBkLAqoydNDL30z7KnDqMSWE.roa (raw, json)
Hash identifier: LxL9frw5C1z/wACOaJKO6nleNDsOIyIpKJqL+pn/ss0=
Subject key identifier: E0:2E:92:06:42:C0:AA:8C:9D:34:32:F7:D3:3E:CA:9C:3A:8C:49:61
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 019A083243E5CA204170D6204A5093E10119
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4C6SBkLAqoydNDL30z7KnDqMSWE.roa
Signing time: Tue 21 Oct 2025 19:15:03 +0000
ROA not before: Tue 21 Oct 2025 19:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59651
IP address blocks: 31.40.195.0/24 maxlen: 24
37.72.141.0/24 maxlen: 24
45.141.128.0/24 maxlen: 24
45.159.21.0/24 maxlen: 24
45.159.22.0/24 maxlen: 24
46.253.131.0/24 maxlen: 24
62.204.49.0/24 maxlen: 24
77.83.24.0/22 maxlen: 24
83.97.116.0/22 maxlen: 24
88.218.45.0/24 maxlen: 24
88.218.47.0/24 maxlen: 24
91.246.51.0/24 maxlen: 24
91.247.163.0/24 maxlen: 24
94.154.113.0/24 maxlen: 24
146.19.39.0/24 maxlen: 24
146.19.44.0/24 maxlen: 24
176.126.104.0/24 maxlen: 24
178.20.28.0/22 maxlen: 24
185.202.108.0/24 maxlen: 24
185.212.115.0/24 maxlen: 24
193.31.126.0/24 maxlen: 24
193.42.245.0/24 maxlen: 24
193.151.189.0/24 maxlen: 24
193.151.190.0/24 maxlen: 24
193.151.191.0/24 maxlen: 24
193.163.89.0/24 maxlen: 24
193.163.92.0/24 maxlen: 24
193.163.207.0/24 maxlen: 24
194.70.234.0/24 maxlen: 24
194.99.24.0/24 maxlen: 24
194.99.26.0/24 maxlen: 24
212.18.113.0/24 maxlen: 24
212.18.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:08:32:43:e5:ca:20:41:70:d6:20:4a:50:93:e1:01:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Oct 21 19:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e02e920642c0aa8c9d3432f7d33eca9c3a8c4961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:c3:cf:3e:ef:78:48:d9:d2:e9:90:f9:f4:1a:
57:61:51:28:72:11:25:df:e5:ea:d6:39:f7:a5:3d:
44:f8:49:22:34:9c:8e:1d:af:f9:aa:4a:e8:96:42:
5b:12:7f:82:05:c3:11:d0:be:ee:98:80:82:87:cb:
62:96:59:ce:8f:a7:51:4c:d5:3e:19:0d:33:9d:e8:
91:77:7a:05:b7:04:07:45:24:b2:c7:b5:4b:3a:c3:
b4:93:ad:85:e9:f5:04:04:39:ab:7a:be:c8:ce:db:
c9:8a:66:73:29:3e:c5:c9:b5:ed:86:f0:02:dd:c7:
47:a6:d9:8d:91:47:17:63:9a:2c:53:05:51:a2:6d:
b3:de:d2:a6:44:c5:33:28:e3:09:92:ad:70:74:18:
95:df:81:be:56:48:62:4d:ff:a2:06:b5:4b:a4:67:
8f:9d:39:1e:cf:10:fa:88:c1:1d:f2:a5:cd:c0:46:
35:0f:f8:0a:a5:e9:00:56:63:60:16:59:70:70:48:
03:7b:fd:16:df:4f:a2:6c:c7:7d:6c:e6:54:82:08:
4a:40:a4:b3:ae:c0:07:2b:af:20:5b:3c:16:74:d6:
aa:2b:15:67:28:5a:f5:a5:a0:05:c2:59:c9:4d:97:
98:05:50:8b:d8:1c:d4:15:ef:6f:70:6f:2b:59:6a:
eb:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:2E:92:06:42:C0:AA:8C:9D:34:32:F7:D3:3E:CA:9C:3A:8C:49:61
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4C6SBkLAqoydNDL30z7KnDqMSWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.195.0/24
37.72.141.0/24
45.141.128.0/24
45.159.21.0-45.159.22.255
46.253.131.0/24
62.204.49.0/24
77.83.24.0/22
83.97.116.0/22
88.218.45.0/24
88.218.47.0/24
91.246.51.0/24
91.247.163.0/24
94.154.113.0/24
146.19.39.0/24
146.19.44.0/24
176.126.104.0/24
178.20.28.0/22
185.202.108.0/24
185.212.115.0/24
193.31.126.0/24
193.42.245.0/24
193.151.189.0-193.151.191.255
193.163.89.0/24
193.163.92.0/24
193.163.207.0/24
194.70.234.0/24
194.99.24.0/24
194.99.26.0/24
212.18.113.0/24
212.18.127.0/24
Signature Algorithm: sha256WithRSAEncryption
9b:57:6e:61:9a:7f:3f:b7:1d:fb:42:ad:60:d9:23:24:4f:0d:
08:b8:f6:25:28:fd:d4:b8:5f:e5:fa:5f:b3:34:68:44:ab:bc:
1b:fa:d4:53:54:94:a3:db:ec:d4:54:e9:5c:b6:ab:ed:e6:6e:
2d:9e:30:1d:bc:5b:41:11:6b:9e:67:ee:0b:2e:a1:fb:bc:f7:
cb:97:c0:34:0d:4e:0c:68:73:d8:dd:e6:f7:e9:c8:ac:2d:51:
e3:62:b6:dc:40:ac:0c:08:39:38:05:d8:59:71:c3:e3:74:39:
5b:3a:c9:f5:a9:91:11:48:e6:15:3c:b3:2e:b3:a2:4a:70:66:
81:57:3c:6d:35:96:f3:fe:64:88:84:54:1f:fd:9b:0c:f1:ae:
6b:df:42:dc:34:2b:36:2a:7f:30:db:a3:8d:b1:bd:ea:67:55:
79:78:8d:73:b9:92:35:ee:30:bb:84:d7:df:a3:28:45:0d:94:
c3:54:65:c8:66:ba:cf:9d:e5:ee:54:98:cb:41:a8:79:5e:dd:
63:e8:cc:e9:ba:3d:da:a4:b5:a8:5f:6e:30:b1:89:df:61:79:
a7:16:a5:6a:d8:a3:e8:85:27:14:e4:91:e2:7b:72:86:f2:62:
b2:1f:a0:c6:c4:0d:7a:ad:2d:5f:8b:76:60:00:b2:6d:4c:cc:
7b:99:3b:c5
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZoIMkPlyiBBcNYgSlCT4QEZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUxMDIxMTkxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDJlOTIwNjQyYzBhYThjOWQzNDMyZjdkMzNlY2E5YzNhOGM0OTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw8PPPu94SNnS6ZD59BpXYVEochEl
3+Xq1jn3pT1E+EkiNJyOHa/5qkrolkJbEn+CBcMR0L7umICCh8tillnOj6dRTNU+
GQ0zneiRd3oFtwQHRSSyx7VLOsO0k62F6fUEBDmrer7IztvJimZzKT7FybXthvAC
3cdHptmNkUcXY5osUwVRom2z3tKmRMUzKOMJkq1wdBiV34G+VkhiTf+iBrVLpGeP
nTkezxD6iMEd8qXNwEY1D/gKpekAVmNgFllwcEgDe/0W30+ibMd9bOZUgghKQKSz
rsAHK68gWzwWdNaqKxVnKFr1paAFwlnJTZeYBVCL2BzUFe9vcG8rWWrrJwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFOAukgZCwKqMnTQy99M+ypw6jElhMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvNEM2U0JrTEFxb3lkTkRMMzB6N0tuRHFNU1dFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBywQCAAEwgcQDBAAf
KMMDBAAlSI0DBAAtjYAwDAMEAC2fFQMEAC2fFgMEAC79gwMEAD7MMQMEAk1TGAME
AlNhdAMEAFjaLQMEAFjaLwMEAFv2MwMEAFv3owMEAF6acQMEAJITJwMEAJITLAME
ALB+aAMEArIUHAMEALnKbAMEALnUcwMEAMEffgMEAMEq9TAMAwQAwZe9AwQGwZeA
AwQAwaNZAwQAwaNcAwQAwaPPAwQAwkbqAwQAwmMYAwQAwmMaAwQA1BJxAwQA1BJ/
MA0GCSqGSIb3DQEBCwUAA4IBAQCbV25hmn8/tx37Qq1g2SMkTw0IuPYlKP3UuF/l
+l+zNGhEq7wb+tRTVJSj2+zUVOlctqvt5m4tnjAdvFtBEWueZ+4LLqH7vPfLl8A0
DU4MaHPY3eb36cisLVHjYrbcQKwMCDk4BdhZccPjdDlbOsn1qZERSOYVPLMus6JK
cGaBVzxtNZbz/mSIhFQf/ZsM8a5r30LcNCs2Kn8w26ONsb3qZ1V5eI1zuZI17jC7
hNffoyhFDZTDVGXIZrrPneXuVJjLQah5Xt1j6Mzpuj3apLWoX24wsYnfYXmnFqVq
2KPohScU5JHie3KG8mKyH6DGxA16rS1fi3ZgALJtTMx7mTvF
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:37:09 2025 by rpki-client