Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/oI9eXrUnqXIeZ4ztVO4m-NJk3qc.roa
File: oI9eXrUnqXIeZ4ztVO4m-NJk3qc.roa (raw, json)
Hash identifier: j6x+eJ1q1ZQf5IaFCCvzASw3nEtg2xahSoGesTebmGw=
Subject key identifier: A0:8F:5E:5E:B5:27:A9:72:1E:67:8C:ED:54:EE:26:F8:D2:64:DE:A7
Certificate issuer: /CN=510b419f0c17b4c8be217f64388d268d14dc261e
Certificate serial: 019A4934B7E2C7A6714BF7559F66286822C0
Authority key identifier: 51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/oI9eXrUnqXIeZ4ztVO4m-NJk3qc.roa
Signing time: Mon 03 Nov 2025 10:13:03 +0000
ROA not before: Mon 03 Nov 2025 10:13:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398781
IP address blocks: 80.173.232.0/21 maxlen: 32
80.173.240.0/21 maxlen: 32
80.173.248.0/21 maxlen: 32
82.158.0.0/18 maxlen: 32
82.158.92.0/22 maxlen: 32
140.225.32.0/21 maxlen: 32
140.225.40.0/21 maxlen: 32
140.225.48.0/21 maxlen: 32
140.225.56.0/21 maxlen: 32
140.225.224.0/19 maxlen: 32
167.150.82.0/23 maxlen: 32
167.150.96.0/23 maxlen: 32
167.150.108.0/23 maxlen: 32
167.150.114.0/23 maxlen: 32
167.150.150.0/23 maxlen: 32
167.150.164.0/23 maxlen: 32
167.150.168.0/23 maxlen: 32
167.150.174.0/23 maxlen: 32
167.150.178.0/23 maxlen: 32
167.150.184.0/23 maxlen: 32
167.150.202.0/23 maxlen: 32
167.150.212.0/23 maxlen: 32
167.150.242.0/23 maxlen: 32
188.240.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.mft
rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:34:b7:e2:c7:a6:71:4b:f7:55:9f:66:28:68:22:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=510b419f0c17b4c8be217f64388d268d14dc261e
Validity
Not Before: Nov 3 10:13:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a08f5e5eb527a9721e678ced54ee26f8d264dea7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:ce:b6:ef:f3:ad:76:19:7b:3c:a7:de:31:2c:
86:f2:5a:c4:0e:92:c6:3a:ba:3f:e1:b3:4c:37:df:
5b:8d:49:d1:69:54:61:ba:9e:77:34:5d:50:4f:66:
3f:8a:33:15:2d:12:97:c0:a1:d7:86:5b:e8:fc:1e:
a5:f2:e3:8d:2f:de:34:f6:9a:cd:fb:bc:a3:99:53:
48:d1:76:cc:e9:a8:44:99:72:a6:ac:74:bf:31:00:
b0:b8:05:44:a4:98:fa:ec:15:cd:41:93:66:a2:44:
59:9e:9f:90:b9:c1:85:03:80:4b:51:e6:a5:59:e4:
69:61:c0:ec:9c:90:3b:86:a1:fe:bb:80:22:42:73:
c9:49:06:94:28:b9:8b:b4:6a:28:0e:49:6e:4a:12:
9c:1c:2c:ff:ce:89:83:40:68:eb:81:28:37:78:15:
e3:37:f2:f9:63:18:57:c6:50:69:ab:ae:8d:3c:c1:
7a:11:57:71:e1:a7:af:67:d2:a6:d2:64:ce:fc:d3:
12:b7:66:9f:df:9d:fd:4d:a3:40:f8:c3:6b:22:99:
85:59:83:05:a4:57:db:0f:9b:d6:db:6c:d1:83:5a:
25:53:7b:d3:d9:6b:72:d5:9b:bf:49:3a:08:50:0d:
04:b3:44:2a:b9:2e:9c:77:ff:eb:03:65:3d:65:40:
d8:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:8F:5E:5E:B5:27:A9:72:1E:67:8C:ED:54:EE:26:F8:D2:64:DE:A7
X509v3 Authority Key Identifier:
keyid:51:0B:41:9F:0C:17:B4:C8:BE:21:7F:64:38:8D:26:8D:14:DC:26:1E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UQtBnwwXtMi-IX9kOI0mjRTcJh4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/oI9eXrUnqXIeZ4ztVO4m-NJk3qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/68/30cd0a-93cf-45dc-9356-14a09993d671/1/UQtBnwwXtMi-IX9kOI0mjRTcJh4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.173.232.0-80.173.255.255
82.158.0.0/18
82.158.92.0/22
140.225.32.0/19
140.225.224.0/19
167.150.82.0/23
167.150.96.0/23
167.150.108.0/23
167.150.114.0/23
167.150.150.0/23
167.150.164.0/23
167.150.168.0/23
167.150.174.0/23
167.150.178.0/23
167.150.184.0/23
167.150.202.0/23
167.150.212.0/23
167.150.242.0/23
188.240.83.0/24
Signature Algorithm: sha256WithRSAEncryption
c9:ea:d0:ce:07:90:88:95:1b:a5:d6:fb:20:35:cf:e2:b9:a2:
1f:4f:d2:77:d5:0b:7b:59:07:8c:08:34:32:5a:73:5d:1c:61:
4e:ed:a2:58:9a:82:f6:af:33:b0:59:d9:cd:06:e8:aa:a4:75:
01:9a:c9:22:df:87:5d:c9:87:ce:d1:60:ca:81:41:5c:1c:ed:
03:f5:3a:c6:d6:c5:c3:50:cd:af:67:ce:f9:99:91:70:ac:51:
a6:fc:2b:83:12:8b:c1:50:0f:89:51:e3:18:f2:75:b4:71:a0:
06:21:b3:29:a8:21:c1:e0:25:06:2d:35:7f:1f:c1:06:69:de:
b0:af:98:5b:e2:80:da:de:84:41:1c:b9:3c:da:d6:3b:c6:69:
ba:6a:bc:f3:fa:90:44:75:e5:c6:71:99:09:99:c0:08:6c:32:
29:21:76:fc:15:6b:c0:ca:f0:60:95:dd:f7:b1:57:4d:0d:4d:
ac:15:a2:ec:96:aa:a4:35:ba:61:20:89:17:fb:27:37:9b:00:
13:f0:db:f3:7f:e9:06:75:ba:ab:20:83:4a:d0:0d:ee:02:c4:
63:af:e2:8e:0d:76:6e:e2:e1:27:3e:b9:46:72:9c:5a:6b:29:
b8:1a:1e:3b:0b:c6:61:ec:84:7b:55:b5:39:fd:d3:0b:71:db:
b5:89:e4:45
-----BEGIN CERTIFICATE-----
MIIFczCCBFugAwIBAgISAZpJNLfix6ZxS/dVn2YoaCLAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxMGI0MTlmMGMxN2I0YzhiZTIxN2Y2NDM4OGQyNjhkMTRk
YzI2MWUwHhcNMjUxMTAzMTAxMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDhmNWU1ZWI1MjdhOTcyMWU2NzhjZWQ1NGVlMjZmOGQyNjRkZWE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz8627/Otdhl7PKfeMSyG8lrEDpLG
Oro/4bNMN99bjUnRaVRhup53NF1QT2Y/ijMVLRKXwKHXhlvo/B6l8uONL9409prN
+7yjmVNI0XbM6ahEmXKmrHS/MQCwuAVEpJj67BXNQZNmokRZnp+QucGFA4BLUeal
WeRpYcDsnJA7hqH+u4AiQnPJSQaUKLmLtGooDkluShKcHCz/zomDQGjrgSg3eBXj
N/L5YxhXxlBpq66NPMF6EVdx4aevZ9Km0mTO/NMSt2af3539TaNA+MNrIpmFWYMF
pFfbD5vW22zRg1olU3vT2Wty1Zu/SToIUA0Es0QquS6cd//rA2U9ZUDYhQIDAQAB
o4ICfzCCAnswHQYDVR0OBBYEFKCPXl61J6lyHmeM7VTuJvjSZN6nMB8GA1UdIwQY
MBaAFFELQZ8MF7TIviF/ZDiNJo0U3CYeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYt
MTRhMDk5OTNkNjcxLzEvb0k5ZVhyVW5xWEllWjR6dFZPNG0tTkprM3FjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OC8zMGNkMGEtOTNjZi00NWRjLTkzNTYtMTRhMDk5OTNkNjcx
LzEvVVF0Qm53d1h0TWktSVg5a09JMG1qUlRjSmg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGUBggrBgEFBQcBBwEB/wSBhDCBgTB/BAIAATB5MAsDBANQ
regDAwFQrAMEBlKeAAMEAlKeXAMEBYzhIAMEBYzh4AMEAaeWUgMEAaeWYAMEAaeW
bAMEAaeWcgMEAaeWlgMEAaeWpAMEAaeWqAMEAaeWrgMEAaeWsgMEAaeWuAMEAaeW
ygMEAaeW1AMEAaeW8gMEALzwUzANBgkqhkiG9w0BAQsFAAOCAQEAyerQzgeQiJUb
pdb7IDXP4rmiH0/Sd9ULe1kHjAg0MlpzXRxhTu2iWJqC9q8zsFnZzQboqqR1AZrJ
It+HXcmHztFgyoFBXBztA/U6xtbFw1DNr2fO+ZmRcKxRpvwrgxKLwVAPiVHjGPJ1
tHGgBiGzKaghweAlBi01fx/BBmnesK+YW+KA2t6EQRy5PNrWO8Zpumq88/qQRHXl
xnGZCZnACGwyKSF2/BVrwMrwYJXd97FXTQ1NrBWi7JaqpDW6YSCJF/snN5sAE/Db
83/pBnW6qyCDStAN7gLEY6/ijg12buLhJz65RnKcWmspuBoeOwvGYeyEe1W1Of3T
C3HbtYnkRQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:24:11 2025 by rpki-client