Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RVAjQ2zwV3Yp-64SOSrdQFT2UyU.roa
File: RVAjQ2zwV3Yp-64SOSrdQFT2UyU.roa (raw, json)
Hash identifier: ASkRHkcIQlZRtXwGv7Jbf/fygHwio+ToEVrkfbKfALU=
Subject key identifier: 45:50:23:43:6C:F0:57:76:29:FB:AE:12:39:2A:DD:40:54:F6:53:25
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019A4E30F9BC6A55367D43BB35CACDD003DA
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RVAjQ2zwV3Yp-64SOSrdQFT2UyU.roa
Signing time: Tue 04 Nov 2025 09:27:03 +0000
ROA not before: Tue 04 Nov 2025 09:27:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.252.26.0/24 maxlen: 24
77.93.136.0/24 maxlen: 24
79.99.76.0/24 maxlen: 24
82.152.61.0/24 maxlen: 24
82.152.71.0/24 maxlen: 24
82.152.107.0/24 maxlen: 24
82.153.41.0/24 maxlen: 24
82.153.144.0/24 maxlen: 24
82.153.220.0/24 maxlen: 24
82.153.255.0/24 maxlen: 24
89.213.127.0/24 maxlen: 24
89.213.129.0/24 maxlen: 24
89.213.132.0/24 maxlen: 24
89.213.167.0/24 maxlen: 24
89.213.212.0/24 maxlen: 24
89.213.224.0/24 maxlen: 24
213.130.135.0/24 maxlen: 24
213.210.11.0/24 maxlen: 24
217.144.153.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:49:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:30:f9:bc:6a:55:36:7d:43:bb:35:ca:cd:d0:03:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 4 09:27:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=455023436cf0577629fbae12392add4054f65325
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:8e:f7:07:73:24:a4:98:74:54:f0:8e:e0:18:
be:43:4b:7a:4a:7d:ad:05:ad:08:29:66:10:6c:0d:
2a:c6:be:1b:14:11:bd:81:37:d7:18:5b:25:11:dc:
1a:0d:33:ed:80:de:01:b4:b1:e2:86:c6:3e:e6:ae:
ff:18:8d:f0:f4:4d:08:fa:98:f2:40:01:28:88:f5:
f9:6e:6f:16:35:52:25:5a:f5:d8:ed:60:02:89:b4:
d0:16:9a:a7:a8:53:c0:b7:13:f4:11:e2:2f:1b:a6:
6f:15:57:ec:9f:17:b1:10:85:c6:bf:68:43:6c:16:
1b:80:96:fa:11:ca:be:b5:2b:cf:3f:fe:b7:97:ea:
59:27:a7:f0:77:47:c2:7b:d7:07:09:49:20:2c:f7:
4d:f4:0f:3d:79:1f:e4:fb:18:21:55:32:bf:ee:d9:
c6:b7:92:ec:08:47:c2:d7:56:37:48:9a:02:e4:1c:
20:1e:39:8d:38:5f:4d:6d:55:cf:a5:a9:ca:26:56:
8f:88:66:f9:2f:19:56:16:ce:f2:2c:7f:0b:c7:d5:
1c:b2:c1:91:e3:14:b5:cd:4d:07:97:79:ca:a1:df:
ec:9e:d4:59:41:18:a1:bc:14:9b:dd:cf:37:46:ad:
30:c6:c4:d2:76:2f:50:bf:71:56:81:d4:54:a1:03:
0c:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:50:23:43:6C:F0:57:76:29:FB:AE:12:39:2A:DD:40:54:F6:53:25
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/RVAjQ2zwV3Yp-64SOSrdQFT2UyU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.26.0/24
77.93.136.0/24
79.99.76.0/24
82.152.61.0/24
82.152.71.0/24
82.152.107.0/24
82.153.41.0/24
82.153.144.0/24
82.153.220.0/24
82.153.255.0/24
89.213.127.0/24
89.213.129.0/24
89.213.132.0/24
89.213.167.0/24
89.213.212.0/24
89.213.224.0/24
213.130.135.0/24
213.210.11.0/24
217.144.153.0/24
Signature Algorithm: sha256WithRSAEncryption
1e:77:22:f7:93:22:66:46:e6:fe:10:47:7f:f0:0d:e6:95:f0:
2a:12:be:f7:af:2f:03:de:11:63:19:f5:60:bd:61:4d:bd:43:
86:1d:7b:3d:d5:c9:08:ff:98:48:15:a4:ae:68:b1:0e:87:75:
14:88:36:72:a6:08:fe:83:87:dc:cf:c8:a8:90:b2:91:59:cb:
1d:37:47:2f:39:69:e8:d2:ae:52:68:01:bf:44:b6:85:0e:80:
7c:d6:b2:d9:3e:6b:dd:89:c7:90:d6:5a:82:7e:e6:95:16:89:
cc:99:43:db:5d:17:07:4f:99:2b:73:12:f5:f9:e1:aa:55:c5:
89:54:a3:ec:b0:01:42:95:30:e0:fe:a7:2c:4c:29:1e:5e:6e:
ec:1b:76:2b:6f:21:e0:6d:2c:a4:81:fb:3d:0a:7a:f7:ea:81:
f0:c5:da:3f:d7:90:29:3f:9c:b1:44:db:ca:3d:7a:b3:86:e1:
2a:16:de:40:21:a5:c7:23:6d:dc:79:46:bc:bf:7b:de:cb:57:
65:be:7d:28:b3:8e:38:39:c8:c4:77:a3:ef:bc:08:4c:b9:54:
13:d4:af:09:89:ea:7a:cc:c1:86:e8:99:05:60:7d:50:79:2a:
83:1b:c1:a1:c7:d7:a3:e9:e5:26:3b:09:72:ba:eb:be:ea:33:
a0:dd:ca:2c
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZpOMPm8alU2fUO7NcrN0APaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMTA0MDkyNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTUwMjM0MzZjZjA1Nzc2MjlmYmFlMTIzOTJhZGQ0MDU0ZjY1MzI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1o73B3MkpJh0VPCO4Bi+Q0t6Sn2t
Ba0IKWYQbA0qxr4bFBG9gTfXGFslEdwaDTPtgN4BtLHihsY+5q7/GI3w9E0I+pjy
QAEoiPX5bm8WNVIlWvXY7WACibTQFpqnqFPAtxP0EeIvG6ZvFVfsnxexEIXGv2hD
bBYbgJb6Ecq+tSvPP/63l+pZJ6fwd0fCe9cHCUkgLPdN9A89eR/k+xghVTK/7tnG
t5LsCEfC11Y3SJoC5BwgHjmNOF9NbVXPpanKJlaPiGb5LxlWFs7yLH8Lx9UcssGR
4xS1zU0Hl3nKod/sntRZQRihvBSb3c83Rq0wxsTSdi9Qv3FWgdRUoQMMHQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFEVQI0Ns8Fd2KfuuEjkq3UBU9lMlMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvUlZBalEyendWM1lwLTY0U09TcmRRRlQyVXlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEACX8GgME
AE1diAMEAE9jTAMEAFKYPQMEAFKYRwMEAFKYawMEAFKZKQMEAFKZkAMEAFKZ3AME
AFKZ/wMEAFnVfwMEAFnVgQMEAFnVhAMEAFnVpwMEAFnV1AMEAFnV4AMEANWChwME
ANXSCwMEANmQmTANBgkqhkiG9w0BAQsFAAOCAQEAHnci95MiZkbm/hBHf/AN5pXw
KhK+968vA94RYxn1YL1hTb1Dhh17PdXJCP+YSBWkrmixDod1FIg2cqYI/oOH3M/I
qJCykVnLHTdHLzlp6NKuUmgBv0S2hQ6AfNay2T5r3YnHkNZagn7mlRaJzJlD210X
B0+ZK3MS9fnhqlXFiVSj7LABQpUw4P6nLEwpHl5u7Bt2K28h4G0spIH7PQp69+qB
8MXaP9eQKT+csUTbyj16s4bhKhbeQCGlxyNt3HlGvL973stXZb59KLOOODnIxHej
77wITLlUE9SvCYnqeszBhuiZBWB9UHkqgxvBocfXo+nlJjsJcrrrvuozoN3KLA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 21:02:20 2025 by rpki-client