Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-hTaVKUSp_vbGDynGzlSrNvt3Xc.roa
File: 1-hTaVKUSp_vbGDynGzlSrNvt3Xc.roa (raw, json)
Hash identifier: 3g034ReaEMMc8p7hrV3XfnUZZ/timX+HH5hG+enIq+8=
Subject key identifier: FA:14:DA:54:A5:12:A7:FB:DB:18:3C:A7:1B:39:52:AC:DB:ED:DD:77
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019A35927A9F3DE5CBAF872F590817893D34
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-hTaVKUSp_vbGDynGzlSrNvt3Xc.roa
Signing time: Thu 30 Oct 2025 14:43:03 +0000
ROA not before: Thu 30 Oct 2025 14:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214366
IP address blocks: 82.153.55.0/24 maxlen: 24
82.153.58.0/24 maxlen: 24
82.153.90.0/24 maxlen: 24
82.153.222.0/24 maxlen: 24
82.153.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:35:92:7a:9f:3d:e5:cb:af:87:2f:59:08:17:89:3d:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Oct 30 14:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa14da54a512a7fbdb183ca71b3952acdbeddd77
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:2f:d3:2b:13:0b:00:10:64:52:e1:2a:6a:c9:
8e:fe:b5:e1:23:6e:c9:02:2f:2c:63:f3:61:f1:ac:
ab:ad:ac:16:e2:96:23:81:34:04:74:73:20:b7:dd:
02:47:65:e3:70:65:53:6e:2c:cc:4b:8e:3b:2a:30:
0d:64:82:59:99:98:23:65:be:a9:3a:51:4f:0d:c4:
82:59:9d:ce:f9:99:02:11:4e:3f:af:07:38:1e:19:
67:04:73:3e:13:66:43:10:4b:7a:d4:15:68:3b:aa:
1c:32:ee:ba:67:53:28:5a:00:3c:c1:64:f4:ce:0c:
59:7a:65:be:cc:ef:7f:a8:ff:70:cd:56:1e:69:a2:
0b:9c:a6:27:a4:75:bf:77:94:34:21:14:5e:4e:cd:
0e:87:e4:e5:d3:ad:b5:6f:d7:00:70:30:04:6b:5c:
47:f3:5a:ca:51:a2:f1:12:79:47:b1:e5:e2:cd:51:
b3:1e:e9:d4:f0:46:e7:0b:d3:d1:b9:5c:10:2a:41:
c9:fe:9a:c3:0f:e5:76:42:8b:9a:5d:ab:96:88:cf:
d4:59:29:9c:ae:51:ed:f5:28:88:e9:3b:bc:23:9c:
8a:8d:88:36:fc:75:58:dc:e5:3a:c7:dc:c1:dc:13:
bb:2c:8e:85:d7:91:85:a5:0a:26:f9:d4:89:e8:65:
a2:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:14:DA:54:A5:12:A7:FB:DB:18:3C:A7:1B:39:52:AC:DB:ED:DD:77
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-hTaVKUSp_vbGDynGzlSrNvt3Xc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.55.0/24
82.153.58.0/24
82.153.90.0/24
82.153.222.0/24
82.153.243.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:89:39:29:d1:2e:c5:73:da:71:66:76:c9:6b:c2:8f:3f:32:
39:8b:58:75:48:2f:82:cc:37:3b:37:36:75:b2:dc:b5:27:31:
10:ef:4c:54:db:96:83:05:44:13:5b:90:17:62:ba:ff:12:4f:
07:be:a9:8c:ae:0e:2c:12:8e:12:e7:41:5a:bb:ed:0b:24:c6:
09:04:20:e5:7f:04:a0:b0:e3:f4:5b:99:d7:96:da:26:24:8b:
fe:21:82:0c:e9:b2:ae:05:aa:d7:bf:b4:46:d1:c7:4b:49:ae:
68:02:ed:49:5b:f7:b6:cc:c2:2a:72:8f:03:0b:d8:bb:8e:c8:
a7:3e:fb:a6:8a:12:49:68:fe:ca:d6:7e:f2:6a:c1:b4:82:51:
b2:df:0a:6f:71:a8:f1:be:a0:ea:e6:bb:be:1a:47:b6:5e:d3:
cd:4d:29:f6:1e:25:d1:0d:46:49:2e:8e:68:60:b4:5e:0e:63:
b8:82:a1:c5:f0:08:5a:2e:fc:ba:55:34:da:6f:38:1c:8a:01:
21:56:46:85:a3:49:c4:da:93:1e:2c:90:e9:c9:c2:0b:ff:32:
97:5f:6c:81:90:41:d1:e1:aa:e2:d9:bd:4f:86:e3:39:ca:2f:
d7:ce:6f:93:0f:7d:5c:26:c4:ca:d9:f6:98:c2:45:0b:c0:0c:
80:95:22:cd
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZo1knqfPeXLr4cvWQgXiT00MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMDMwMTQ0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTE0ZGE1NGE1MTJhN2ZiZGIxODNjYTcxYjM5NTJhY2RiZWRkZDc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3C/TKxMLABBkUuEqasmO/rXhI27J
Ai8sY/Nh8ayrrawW4pYjgTQEdHMgt90CR2XjcGVTbizMS447KjANZIJZmZgjZb6p
OlFPDcSCWZ3O+ZkCEU4/rwc4HhlnBHM+E2ZDEEt61BVoO6ocMu66Z1MoWgA8wWT0
zgxZemW+zO9/qP9wzVYeaaILnKYnpHW/d5Q0IRReTs0Oh+Tl0621b9cAcDAEa1xH
81rKUaLxEnlHseXizVGzHunU8EbnC9PRuVwQKkHJ/prDD+V2QouaXauWiM/UWSmc
rlHt9SiI6Tu8I5yKjYg2/HVY3OU6x9zB3BO7LI6F15GFpQom+dSJ6GWi5QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPoU2lSlEqf72xg8pxs5Uqzb7d13MB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1oVGFWS1VTcF92YkdEeW5HemxTck52dDNYYy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjA3BggrBgEFBQcBBwEB/wQoMCYwJAQCAAEwHgMEAFKZNwME
AFKZOgMEAFKZWgMEAFKZ3gMEAFKZ8zANBgkqhkiG9w0BAQsFAAOCAQEAqIk5KdEu
xXPacWZ2yWvCjz8yOYtYdUgvgsw3Ozc2dbLctScxEO9MVNuWgwVEE1uQF2K6/xJP
B76pjK4OLBKOEudBWrvtCyTGCQQg5X8EoLDj9FuZ15baJiSL/iGCDOmyrgWq17+0
RtHHS0muaALtSVv3tszCKnKPAwvYu47Ipz77pooSSWj+ytZ+8mrBtIJRst8Kb3Go
8b6g6ua7vhpHtl7TzU0p9h4l0Q1GSS6OaGC0Xg5juIKhxfAIWi78ulU02m84HIoB
IVZGhaNJxNqTHiyQ6cnCC/8yl19sgZBB0eGq4tm9T4bjOcov185vkw99XCbEytn2
mMJFC8AMgJUizQ==
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:44:54 2025 by rpki-client