Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/xv9B7fjfa2G32O9EZ2NMxp1nDsM.roa
File: xv9B7fjfa2G32O9EZ2NMxp1nDsM.roa (raw, json)
Hash identifier: J6qlmSvg5k/OtuuDCnUuzmwEI/vDAGKuXR0HbLyDHls=
Subject key identifier: C6:FF:41:ED:F8:DF:6B:61:B7:D8:EF:44:67:63:4C:C6:9D:67:0E:C3
Certificate issuer: /CN=24f51bbdf01088d34c6baaeef86bda25a9f02196
Certificate serial: 019A48AB640D7B9C78F639BF78AC6932B3B5
Authority key identifier: 24:F5:1B:BD:F0:10:88:D3:4C:6B:AA:EE:F8:6B:DA:25:A9:F0:21:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/xv9B7fjfa2G32O9EZ2NMxp1nDsM.roa
Signing time: Mon 03 Nov 2025 07:43:03 +0000
ROA not before: Mon 03 Nov 2025 07:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 85.198.34.0/24 maxlen: 24
85.198.35.0/24 maxlen: 24
85.198.38.0/24 maxlen: 24
85.198.39.0/24 maxlen: 24
85.198.42.0/24 maxlen: 24
85.198.43.0/24 maxlen: 24
91.123.12.0/24 maxlen: 24
91.123.13.0/24 maxlen: 24
91.123.14.0/24 maxlen: 24
91.123.15.0/24 maxlen: 24
190.106.177.0/24 maxlen: 24
190.106.178.0/24 maxlen: 24
190.106.179.0/24 maxlen: 24
190.106.180.0/24 maxlen: 24
190.106.181.0/24 maxlen: 24
190.106.182.0/24 maxlen: 24
190.106.184.0/24 maxlen: 24
206.195.137.0/24 maxlen: 24
206.195.138.0/24 maxlen: 24
206.195.139.0/24 maxlen: 24
206.195.140.0/24 maxlen: 24
206.195.141.0/24 maxlen: 24
206.195.142.0/24 maxlen: 24
206.195.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/JPUbvfAQiNNMa6ru-GvaJanwIZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/JPUbvfAQiNNMa6ru-GvaJanwIZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:ab:64:0d:7b:9c:78:f6:39:bf:78:ac:69:32:b3:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24f51bbdf01088d34c6baaeef86bda25a9f02196
Validity
Not Before: Nov 3 07:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c6ff41edf8df6b61b7d8ef4467634cc69d670ec3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:ea:ff:7e:08:12:67:43:37:29:4f:82:7a:29:
f1:b0:b7:55:b4:a4:69:ba:f4:87:98:e7:9c:69:84:
88:94:a9:4d:99:6c:58:7d:35:f2:d8:3c:9a:5d:b2:
e5:79:69:f6:d0:83:2e:0c:f5:da:76:01:ae:c8:02:
78:b2:d9:7e:ae:fe:f8:a6:5c:d5:09:71:ba:ed:28:
78:f2:9b:4a:a3:a9:45:96:4c:a3:15:85:40:77:2a:
7a:79:06:9f:93:b8:b9:a7:3d:d1:f2:aa:d1:59:10:
d4:0d:c4:92:ab:14:e4:f9:43:2f:21:ff:fc:3b:b8:
f5:7b:4e:ab:9f:ea:61:04:6e:0b:5a:45:4c:13:b1:
07:75:29:b2:fc:09:5d:ae:4d:64:b2:a6:c9:51:8b:
22:55:17:c1:30:8f:1b:2f:1b:ec:d8:f4:ba:6f:49:
a8:49:27:17:35:95:61:bc:4a:5c:e8:be:00:6d:4b:
e6:5b:33:96:20:b0:f5:d1:88:ee:c2:0b:b2:b8:2e:
4e:0d:94:71:85:78:c9:79:43:fe:5a:d7:4a:f5:ca:
fe:2a:ca:62:f2:d1:ea:c6:35:47:9e:c6:67:29:eb:
bf:cc:85:07:9e:dd:76:e9:18:c0:98:1e:da:a7:5b:
5b:ee:fa:9c:70:d7:45:36:75:ac:8d:c8:97:6c:6b:
87:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C6:FF:41:ED:F8:DF:6B:61:B7:D8:EF:44:67:63:4C:C6:9D:67:0E:C3
X509v3 Authority Key Identifier:
keyid:24:F5:1B:BD:F0:10:88:D3:4C:6B:AA:EE:F8:6B:DA:25:A9:F0:21:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JPUbvfAQiNNMa6ru-GvaJanwIZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/xv9B7fjfa2G32O9EZ2NMxp1nDsM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9f/e8ebd6-561d-42af-bb36-5201a23d7a49/1/JPUbvfAQiNNMa6ru-GvaJanwIZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.198.34.0/23
85.198.38.0/23
85.198.42.0/23
91.123.12.0/22
190.106.177.0-190.106.182.255
190.106.184.0/24
206.195.137.0-206.195.143.255
Signature Algorithm: sha256WithRSAEncryption
3c:46:52:ac:a9:23:e0:78:06:14:1a:51:48:e9:d1:9e:b2:ad:
e5:a5:62:ab:54:7d:55:d7:bc:0a:57:aa:32:b8:cd:e7:bd:ef:
25:23:e5:20:87:49:10:51:48:77:0a:da:91:41:a2:7e:cf:66:
70:af:18:b3:fb:d9:19:17:f3:5d:6b:d9:e4:c3:db:de:08:35:
40:f2:1b:f6:69:cc:d7:44:a7:15:7f:24:8a:a7:d5:89:6d:d1:
62:77:de:95:12:f4:42:f5:8f:3d:be:54:8b:98:c2:79:9c:55:
54:31:4b:62:a7:d9:c4:43:46:a0:99:7c:27:2b:66:b1:04:18:
24:ab:b9:60:e0:56:69:4e:54:f7:a9:99:0d:38:b3:a8:c6:26:
da:e7:4c:9b:a5:65:8d:72:7a:dc:6a:40:2e:39:b1:a0:37:e5:
4c:ef:fd:4f:44:bb:19:a2:ae:53:3a:ef:e5:21:f3:67:67:6a:
fb:e5:20:7e:59:f2:c4:6f:5f:59:8e:d5:55:6c:9b:af:ba:a4:
9d:6d:16:83:60:55:6d:51:ba:cd:0a:50:7c:93:34:a6:76:94:
bf:22:1d:05:30:dc:eb:4c:ed:5b:7e:5e:21:37:a8:7e:5a:39:
21:d3:61:47:02:fe:9d:b5:fa:dd:73:35:8b:18:89:ce:c7:15:
f7:89:d3:ee
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZpIq2QNe5x49jm/eKxpMrO1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0ZjUxYmJkZjAxMDg4ZDM0YzZiYWFlZWY4NmJkYTI1YTlm
MDIxOTYwHhcNMjUxMTAzMDc0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNmZmNDFlZGY4ZGY2YjYxYjdkOGVmNDQ2NzYzNGNjNjlkNjcwZWMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoer/fggSZ0M3KU+CeinxsLdVtKRp
uvSHmOecaYSIlKlNmWxYfTXy2DyaXbLleWn20IMuDPXadgGuyAJ4stl+rv74plzV
CXG67Sh48ptKo6lFlkyjFYVAdyp6eQafk7i5pz3R8qrRWRDUDcSSqxTk+UMvIf/8
O7j1e06rn+phBG4LWkVME7EHdSmy/Aldrk1ksqbJUYsiVRfBMI8bLxvs2PS6b0mo
SScXNZVhvEpc6L4AbUvmWzOWILD10YjuwguyuC5ODZRxhXjJeUP+WtdK9cr+Kspi
8tHqxjVHnsZnKeu/zIUHnt126RjAmB7ap1tb7vqccNdFNnWsjciXbGuHxwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFMb/Qe3432tht9jvRGdjTMadZw7DMB8GA1UdIwQY
MBaAFCT1G73wEIjTTGuq7vhr2iWp8CGWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSlBVYnZmQVFpTk5NYTZydS1HdmFKYW53SVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Zi9lOGViZDYtNTYxZC00MmFmLWJiMzYt
NTIwMWEyM2Q3YTQ5LzEveHY5QjdmamZhMkczMk85RVoyTk14cDFuRHNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Zi9lOGViZDYtNTYxZC00MmFmLWJiMzYtNTIwMWEyM2Q3YTQ5
LzEvSlBVYnZmQVFpTk5NYTZydS1HdmFKYW53SVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQBVcYiAwQB
VcYmAwQBVcYqAwQCW3sMMAwDBAC+arEDBAC+arYDBAC+argwDAMEAM7DiQMEBM7D
gDANBgkqhkiG9w0BAQsFAAOCAQEAPEZSrKkj4HgGFBpRSOnRnrKt5aViq1R9Vde8
CleqMrjN573vJSPlIIdJEFFIdwrakUGifs9mcK8Ys/vZGRfzXWvZ5MPb3gg1QPIb
9mnM10SnFX8kiqfViW3RYnfelRL0QvWPPb5Ui5jCeZxVVDFLYqfZxENGoJl8Jytm
sQQYJKu5YOBWaU5U96mZDTizqMYm2udMm6VljXJ63GpALjmxoDflTO/9T0S7GaKu
Uzrv5SHzZ2dq++UgflnyxG9fWY7VVWybr7qknW0Wg2BVbVG6zQpQfJM0pnaUvyId
BTDc60ztW35eITeoflo5IdNhRwL+nbX63XM1ixiJzscV94nT7g==
-----END CERTIFICATE-----
Generated at Wed Nov 5 05:38:17 2025 by rpki-client