Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/kBXwPrMJB0ThDVQR40IlfFPNkyw.roa
File: kBXwPrMJB0ThDVQR40IlfFPNkyw.roa (raw, json)
Hash identifier: WSIqxfMf5Dc+EQRIcgzKS/cBelm31rF0dfb36H7aaLg=
Subject key identifier: 90:15:F0:3E:B3:09:07:44:E1:0D:54:11:E3:42:25:7C:53:CD:93:2C
Certificate issuer: /CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Certificate serial: 019A314343BE2190E281CAA2ECFEEF20B3A8
Authority key identifier: 17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/kBXwPrMJB0ThDVQR40IlfFPNkyw.roa
Signing time: Wed 29 Oct 2025 18:38:03 +0000
ROA not before: Wed 29 Oct 2025 18:38:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44444
IP address blocks: 85.115.32.0/24 maxlen: 24
85.115.33.0/24 maxlen: 24
85.115.34.0/24 maxlen: 24
85.115.35.0/24 maxlen: 24
85.115.36.0/24 maxlen: 24
85.115.37.0/24 maxlen: 24
85.115.38.0/24 maxlen: 24
85.115.39.0/24 maxlen: 24
85.115.40.0/24 maxlen: 24
85.115.41.0/24 maxlen: 24
85.115.42.0/24 maxlen: 24
85.115.43.0/24 maxlen: 24
85.115.44.0/24 maxlen: 24
85.115.45.0/24 maxlen: 24
85.115.46.0/24 maxlen: 24
85.115.47.0/24 maxlen: 24
85.115.48.0/24 maxlen: 24
85.115.49.0/24 maxlen: 24
85.115.50.0/24 maxlen: 24
85.115.51.0/24 maxlen: 24
85.115.52.0/24 maxlen: 24
85.115.53.0/24 maxlen: 24
85.115.54.0/24 maxlen: 24
85.115.55.0/24 maxlen: 24
85.115.56.0/24 maxlen: 24
85.115.57.0/24 maxlen: 24
85.115.58.0/24 maxlen: 24
85.115.59.0/24 maxlen: 24
85.115.60.0/24 maxlen: 24
85.115.61.0/24 maxlen: 24
85.115.62.0/24 maxlen: 24
85.115.63.0/24 maxlen: 24
86.111.222.0/24 maxlen: 24
86.111.223.0/24 maxlen: 24
157.167.4.0/24 maxlen: 24
157.167.5.0/24 maxlen: 24
157.167.6.0/24 maxlen: 24
157.167.10.0/24 maxlen: 24
157.167.11.0/24 maxlen: 24
157.167.12.0/24 maxlen: 24
157.167.13.0/24 maxlen: 24
157.167.14.0/24 maxlen: 24
157.167.15.0/24 maxlen: 24
157.167.16.0/24 maxlen: 24
157.167.17.0/24 maxlen: 24
157.167.18.0/24 maxlen: 24
157.167.19.0/24 maxlen: 24
157.167.20.0/24 maxlen: 24
157.167.21.0/24 maxlen: 24
157.167.22.0/24 maxlen: 24
157.167.23.0/24 maxlen: 24
157.167.24.0/24 maxlen: 24
157.167.25.0/24 maxlen: 24
157.167.26.0/24 maxlen: 24
157.167.27.0/24 maxlen: 24
157.167.28.0/24 maxlen: 24
157.167.29.0/24 maxlen: 24
157.167.30.0/24 maxlen: 24
157.167.31.0/24 maxlen: 24
157.167.32.0/24 maxlen: 24
157.167.33.0/24 maxlen: 24
157.167.34.0/24 maxlen: 24
157.167.35.0/24 maxlen: 24
157.167.36.0/24 maxlen: 24
157.167.37.0/24 maxlen: 24
157.167.38.0/24 maxlen: 24
157.167.39.0/24 maxlen: 24
157.167.40.0/24 maxlen: 24
157.167.41.0/24 maxlen: 24
157.167.42.0/24 maxlen: 24
157.167.43.0/24 maxlen: 24
157.167.44.0/24 maxlen: 24
157.167.45.0/24 maxlen: 24
157.167.46.0/24 maxlen: 24
157.167.47.0/24 maxlen: 24
157.167.48.0/24 maxlen: 24
157.167.49.0/24 maxlen: 24
157.167.50.0/24 maxlen: 24
157.167.51.0/24 maxlen: 24
157.167.52.0/24 maxlen: 24
157.167.53.0/24 maxlen: 24
157.167.54.0/24 maxlen: 24
157.167.55.0/24 maxlen: 24
157.167.56.0/24 maxlen: 24
157.167.57.0/24 maxlen: 24
157.167.58.0/24 maxlen: 24
157.167.59.0/24 maxlen: 24
157.167.60.0/24 maxlen: 24
157.167.61.0/24 maxlen: 24
157.167.62.0/24 maxlen: 24
157.167.63.0/24 maxlen: 24
157.167.64.0/24 maxlen: 24
157.167.65.0/24 maxlen: 24
157.167.66.0/24 maxlen: 24
157.167.67.0/24 maxlen: 24
157.167.68.0/24 maxlen: 24
157.167.69.0/24 maxlen: 24
157.167.70.0/24 maxlen: 24
157.167.71.0/24 maxlen: 24
157.167.72.0/24 maxlen: 24
157.167.73.0/24 maxlen: 24
157.167.74.0/24 maxlen: 24
157.167.75.0/24 maxlen: 24
157.167.76.0/24 maxlen: 24
157.167.77.0/24 maxlen: 24
157.167.78.0/24 maxlen: 24
157.167.79.0/24 maxlen: 24
157.167.80.0/24 maxlen: 24
157.167.81.0/24 maxlen: 24
157.167.82.0/24 maxlen: 24
157.167.83.0/24 maxlen: 24
157.167.84.0/24 maxlen: 24
157.167.85.0/24 maxlen: 24
157.167.86.0/24 maxlen: 24
157.167.87.0/24 maxlen: 24
157.167.88.0/24 maxlen: 24
157.167.89.0/24 maxlen: 24
157.167.90.0/24 maxlen: 24
157.167.91.0/24 maxlen: 24
157.167.92.0/24 maxlen: 24
157.167.93.0/24 maxlen: 24
157.167.94.0/24 maxlen: 24
157.167.95.0/24 maxlen: 24
157.167.96.0/24 maxlen: 24
157.167.97.0/24 maxlen: 24
157.167.98.0/24 maxlen: 24
157.167.99.0/24 maxlen: 24
157.167.100.0/24 maxlen: 24
157.167.101.0/24 maxlen: 24
157.167.102.0/24 maxlen: 24
157.167.103.0/24 maxlen: 24
157.167.104.0/24 maxlen: 24
157.167.105.0/24 maxlen: 24
157.167.106.0/24 maxlen: 24
157.167.107.0/24 maxlen: 24
157.167.108.0/24 maxlen: 24
157.167.109.0/24 maxlen: 24
157.167.110.0/24 maxlen: 24
157.167.111.0/24 maxlen: 24
157.167.112.0/24 maxlen: 24
157.167.113.0/24 maxlen: 24
157.167.114.0/24 maxlen: 24
157.167.115.0/24 maxlen: 24
157.167.116.0/24 maxlen: 24
157.167.117.0/24 maxlen: 24
157.167.118.0/24 maxlen: 24
157.167.119.0/24 maxlen: 24
157.167.120.0/24 maxlen: 24
157.167.121.0/24 maxlen: 24
157.167.122.0/24 maxlen: 24
157.167.123.0/24 maxlen: 24
157.167.124.0/24 maxlen: 24
157.167.125.0/24 maxlen: 24
157.167.126.0/24 maxlen: 24
157.167.127.0/24 maxlen: 24
157.167.128.0/24 maxlen: 24
157.167.129.0/24 maxlen: 24
157.167.130.0/24 maxlen: 24
157.167.131.0/24 maxlen: 24
157.167.132.0/24 maxlen: 24
157.167.133.0/24 maxlen: 24
157.167.157.0/24 maxlen: 24
157.167.158.0/24 maxlen: 24
157.167.159.0/24 maxlen: 24
157.167.160.0/24 maxlen: 24
157.167.161.0/24 maxlen: 24
157.167.162.0/24 maxlen: 24
157.167.163.0/24 maxlen: 24
157.167.164.0/24 maxlen: 24
157.167.165.0/24 maxlen: 24
157.167.192.0/24 maxlen: 24
157.167.200.0/24 maxlen: 24
185.4.96.0/24 maxlen: 24
185.4.97.0/24 maxlen: 24
185.4.98.0/24 maxlen: 24
185.4.99.0/24 maxlen: 24
2001:4010::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:31:43:43:be:21:90:e2:81:ca:a2:ec:fe:ef:20:b3:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=17dd9c23af69ec2cdb6fe2b9936eb494cfd1621f
Validity
Not Before: Oct 29 18:38:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9015f03eb3090744e10d5411e342257c53cd932c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:be:70:10:ed:8e:7a:03:37:2a:a4:c1:3c:0a:
de:94:bf:65:e4:d1:df:12:b1:c3:32:6c:5a:a9:38:
f1:7c:77:69:14:f0:e4:22:bd:f0:25:5d:6b:cb:5c:
39:d7:f6:d6:45:04:81:95:23:88:d4:0d:a4:87:eb:
c1:c3:2a:55:30:e0:07:91:1e:f2:c0:d7:dd:be:39:
3b:e5:f0:01:6e:4d:82:61:87:3d:ae:c8:8a:61:9a:
0b:05:8c:e2:e3:f6:cd:1b:ca:e1:dc:82:7a:f5:ee:
29:88:d3:4f:b4:04:7e:da:0c:86:ad:d2:31:b1:20:
3f:45:50:52:09:bd:2d:94:43:fc:3c:57:e7:fa:bf:
63:c9:11:37:b6:81:48:d7:ef:5a:0f:5f:a4:ba:11:
30:37:cd:a1:fc:7f:fd:ab:ff:25:93:5a:4d:99:cc:
06:db:28:ea:ae:f7:c0:c1:67:5f:b3:b3:bd:56:af:
7e:ed:78:fa:b3:1c:99:d8:66:60:79:07:c7:57:38:
f1:aa:74:e6:34:95:d6:da:22:f4:dc:f0:6d:8c:61:
9e:36:10:72:f8:d8:87:f6:54:04:73:2c:1b:b3:d8:
86:f4:0b:2e:02:56:46:bc:5b:13:e0:62:81:7f:d4:
5a:87:0d:41:91:a2:bd:c4:a8:fb:88:f8:0f:f1:ae:
f5:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:15:F0:3E:B3:09:07:44:E1:0D:54:11:E3:42:25:7C:53:CD:93:2C
X509v3 Authority Key Identifier:
keyid:17:DD:9C:23:AF:69:EC:2C:DB:6F:E2:B9:93:6E:B4:94:CF:D1:62:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F92cI69p7Czbb-K5k260lM_RYh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/kBXwPrMJB0ThDVQR40IlfFPNkyw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/76/8357e2-a106-44ae-b866-8fa7b4c53073/1/F92cI69p7Czbb-K5k260lM_RYh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.115.32.0/19
86.111.222.0/23
157.167.4.0-157.167.6.255
157.167.10.0-157.167.133.255
157.167.157.0-157.167.165.255
157.167.192.0/24
157.167.200.0/24
185.4.96.0/22
IPv6:
2001:4010::/32
Signature Algorithm: sha256WithRSAEncryption
2f:0b:d1:bb:60:24:a2:34:a9:6a:de:6e:df:41:29:86:ca:eb:
0c:b1:86:ea:34:c8:dc:7d:82:80:1b:7d:39:43:1d:4d:89:bf:
10:70:bf:23:c2:86:92:5f:b5:84:34:10:8c:4d:f5:dd:7e:4c:
fb:53:4f:cf:51:64:86:5c:88:35:8f:b4:31:58:74:98:09:68:
63:bd:a5:1b:0f:31:f6:90:a9:5f:51:1a:df:7c:45:4a:d3:e4:
10:4a:34:4f:4b:aa:2a:b9:82:d1:54:f1:96:e6:e1:3d:f1:a8:
8f:6e:e4:9d:ed:de:26:37:8a:d6:c4:50:5e:70:f4:76:6f:94:
07:72:18:2d:b4:35:bd:b3:a8:ba:d9:3f:18:20:01:46:9f:a4:
66:b4:bc:af:ed:26:e2:e0:66:a4:0e:39:cb:1a:88:df:be:2c:
5c:75:72:33:cf:32:da:0b:bd:a1:e4:d3:33:ef:12:c4:f7:d1:
0b:51:70:e8:3c:2d:cc:8f:4b:2b:d3:9f:75:5f:ec:2a:6e:80:
e7:82:f7:05:24:85:03:32:bc:73:17:2e:65:6e:1d:e1:68:2a:
6c:b9:0b:42:ef:49:c5:a9:6b:7a:a4:37:80:e5:69:1f:a4:bf:
0b:b7:2f:c2:03:5e:d2:f5:80:f3:71:f9:ef:5f:a9:a1:78:20:
d1:cf:17:b6
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZoxQ0O+IZDigcqi7P7vILOoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3ZGQ5YzIzYWY2OWVjMmNkYjZmZTJiOTkzNmViNDk0Y2Zk
MTYyMWYwHhcNMjUxMDI5MTgzODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDE1ZjAzZWIzMDkwNzQ0ZTEwZDU0MTFlMzQyMjU3YzUzY2Q5MzJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApb5wEO2OegM3KqTBPArelL9l5NHf
ErHDMmxaqTjxfHdpFPDkIr3wJV1ry1w51/bWRQSBlSOI1A2kh+vBwypVMOAHkR7y
wNfdvjk75fABbk2CYYc9rsiKYZoLBYzi4/bNG8rh3IJ69e4piNNPtAR+2gyGrdIx
sSA/RVBSCb0tlEP8PFfn+r9jyRE3toFI1+9aD1+kuhEwN82h/H/9q/8lk1pNmcwG
2yjqrvfAwWdfs7O9Vq9+7Xj6sxyZ2GZgeQfHVzjxqnTmNJXW2iL03PBtjGGeNhBy
+NiH9lQEcywbs9iG9AsuAlZGvFsT4GKBf9Rahw1BkaK9xKj7iPgP8a71awIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFJAV8D6zCQdE4Q1UEeNCJXxTzZMsMB8GA1UdIwQY
MBaAFBfdnCOvaews22/iuZNutJTP0WIfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYt
OGZhN2I0YzUzMDczLzEva0JYd1ByTUpCMFRoRFZRUjQwSWxmRlBOa3l3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Ni84MzU3ZTItYTEwNi00NGFlLWI4NjYtOGZhN2I0YzUzMDcz
LzEvRjkyY0k2OXA3Q3piYi1LNWsyNjBsTV9SWWg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQFVXMgAwQB
Vm/eMAwDBAKdpwQDBACdpwYwDAMEAZ2nCgMEAZ2nhDAMAwQAnaedAwQBnaekAwQA
nafAAwQAnafIAwQCuQRgMA0EAgACMAcDBQAgAUAQMA0GCSqGSIb3DQEBCwUAA4IB
AQAvC9G7YCSiNKlq3m7fQSmGyusMsYbqNMjcfYKAG305Qx1Nib8QcL8jwoaSX7WE
NBCMTfXdfkz7U0/PUWSGXIg1j7QxWHSYCWhjvaUbDzH2kKlfURrffEVK0+QQSjRP
S6oquYLRVPGW5uE98aiPbuSd7d4mN4rWxFBecPR2b5QHchgttDW9s6i62T8YIAFG
n6RmtLyv7Sbi4GakDjnLGojfvixcdXIzzzLaC72h5NMz7xLE99ELUXDoPC3Mj0sr
0591X+wqboDngvcFJIUDMrxzFy5lbh3haCpsuQtC70nFqWt6pDeA5WkfpL8Lty/C
A17S9YDzcfnvX6mheCDRzxe2
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:07:22 2025 by rpki-client