Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/N_vbY3lCR3ETd-yr7D6BYfFcQjM.roa
File: N_vbY3lCR3ETd-yr7D6BYfFcQjM.roa (raw, json)
Hash identifier: Khz+Di6YCKsHLhdtEUZHbKUCPRYuDhaEmDyXYe0lvHk=
Subject key identifier: 37:FB:DB:63:79:42:47:71:13:77:EC:AB:EC:3E:81:61:F1:5C:42:33
Certificate issuer: /CN=b05d28d16626bc5dcabf2e915435782b96e14071
Certificate serial: 019A4F1F00B72E8558008B3ABB43891A13E9
Authority key identifier: B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/N_vbY3lCR3ETd-yr7D6BYfFcQjM.roa
Signing time: Tue 04 Nov 2025 13:47:03 +0000
ROA not before: Tue 04 Nov 2025 13:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202553
IP address blocks: 147.181.4.0/22 maxlen: 24
147.181.8.0/22 maxlen: 24
147.181.12.0/22 maxlen: 24
147.181.16.0/23 maxlen: 24
147.181.32.0/22 maxlen: 24
147.181.36.0/22 maxlen: 24
147.181.44.0/22 maxlen: 24
147.181.48.0/22 maxlen: 22
147.181.52.0/22 maxlen: 22
147.181.128.0/20 maxlen: 24
2a04:9a00:1001::/48 maxlen: 48
2a04:9a00:1002::/48 maxlen: 48
2a04:9a00:1003::/48 maxlen: 48
2a04:9a00:1005::/48 maxlen: 48
2a04:9a00:1006::/48 maxlen: 48
2a04:9a00:1007::/48 maxlen: 48
2a04:9a00:100e::/48 maxlen: 48
2a04:9a05:1000::/36 maxlen: 36
2a04:9a05:1000::/47 maxlen: 48
2a04:9a05:1010::/44 maxlen: 48
2a04:9a05:1020::/44 maxlen: 48
2a04:9a05:1030::/44 maxlen: 48
2a04:9a05:1040::/44 maxlen: 48
2a04:9a05:1050::/44 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:1f:00:b7:2e:85:58:00:8b:3a:bb:43:89:1a:13:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b05d28d16626bc5dcabf2e915435782b96e14071
Validity
Not Before: Nov 4 13:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=37fbdb63794247711377ecabec3e8161f15c4233
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:75:6c:1c:89:b3:e2:67:04:6f:35:1e:fb:9c:
33:70:4c:f6:9e:0d:24:b9:17:4f:47:31:a7:f4:1d:
e9:5e:22:7b:d3:44:ab:e1:95:c4:93:94:54:88:d7:
52:5f:36:f8:e1:e0:29:52:b1:72:9c:f1:74:29:56:
e8:90:29:5d:01:c7:3d:6a:f1:78:2a:39:ff:a8:66:
b1:cd:79:4c:41:e8:58:20:04:b5:b6:1e:22:66:0d:
21:97:03:5a:d0:ce:e9:c4:a4:ed:2a:c5:eb:fb:1a:
5b:0e:a3:7a:37:d8:58:07:1e:9d:87:9d:ef:2c:78:
05:0d:5f:aa:83:ef:6c:65:03:29:c1:89:06:83:14:
70:2c:a4:d0:e5:1c:5c:72:e0:a2:01:16:fa:46:50:
44:28:dd:44:35:96:da:87:1c:e4:03:15:45:cc:2f:
56:55:a9:88:74:9b:ca:c3:69:f9:e3:8f:72:16:a1:
21:bf:8d:b8:f8:f9:c8:7b:17:b0:f9:00:f8:da:bd:
50:65:85:b5:5d:51:ee:d7:41:ab:f4:58:22:ef:bd:
79:57:06:d4:9e:61:1e:07:26:c1:17:7a:7b:87:1d:
fa:80:6d:4d:b5:83:96:4c:cf:6d:64:d6:c4:3d:db:
af:68:b6:28:0c:6d:6a:cf:09:e8:71:bd:9a:c1:b0:
f2:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:FB:DB:63:79:42:47:71:13:77:EC:AB:EC:3E:81:61:F1:5C:42:33
X509v3 Authority Key Identifier:
keyid:B0:5D:28:D1:66:26:BC:5D:CA:BF:2E:91:54:35:78:2B:96:E1:40:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/N_vbY3lCR3ETd-yr7D6BYfFcQjM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/bba973-7c9f-4b11-b611-ad575522b365/1/sF0o0WYmvF3Kvy6RVDV4K5bhQHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.181.4.0-147.181.17.255
147.181.32.0/21
147.181.44.0-147.181.55.255
147.181.128.0/20
IPv6:
2a04:9a00:1001::-2a04:9a00:1003:ffff:ffff:ffff:ffff:ffff
2a04:9a00:1005::-2a04:9a00:1007:ffff:ffff:ffff:ffff:ffff
2a04:9a00:100e::/48
2a04:9a05:1000::/36
Signature Algorithm: sha256WithRSAEncryption
c9:e5:12:1f:24:b0:c0:1d:8b:97:db:b0:b9:ec:e9:6f:4d:47:
f8:de:25:de:60:74:f8:44:c7:ce:11:8c:39:4a:4d:1b:35:d8:
bf:e1:a3:ef:1b:6e:d1:dd:0b:ac:18:98:1f:13:32:39:de:83:
5b:54:9a:41:35:95:8c:69:03:65:2f:8d:a2:68:84:56:1f:84:
f1:e9:9d:6e:47:65:a5:85:d9:6f:39:ff:a3:3a:ac:13:86:e7:
74:39:8e:ce:a6:dd:71:ef:09:b6:3f:f8:98:99:a0:1b:89:6f:
c7:05:af:c9:e8:31:fb:26:11:b9:72:44:17:66:6d:25:75:41:
46:e3:e5:47:a5:80:4b:17:8e:fe:69:b2:e5:32:3b:00:2a:a9:
e3:b9:e5:b1:4e:69:68:a2:aa:0b:48:f4:c8:a1:07:70:a8:ee:
bc:be:a9:ce:bd:cf:c9:0e:c5:29:1a:8a:4d:74:8c:2b:60:8b:
76:46:a8:88:03:7f:c5:ed:4e:9e:72:9a:5d:1b:a4:28:3e:97:
85:71:1e:3b:73:72:6d:c6:e8:75:29:b7:bc:9d:bb:7e:9d:4e:
0d:94:f7:30:35:e2:8d:f1:6e:43:03:05:2d:50:1a:20:3f:81:
3d:78:59:53:21:6f:8e:3c:75:2c:18:a7:41:f7:ab:4b:7c:16:
0e:83:9e:6b
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZpPHwC3LoVYAIs6u0OJGhPpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIwNWQyOGQxNjYyNmJjNWRjYWJmMmU5MTU0MzU3ODJiOTZl
MTQwNzEwHhcNMjUxMTA0MTM0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzN2ZiZGI2Mzc5NDI0NzcxMTM3N2VjYWJlYzNlODE2MWYxNWM0MjMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo3VsHImz4mcEbzUe+5wzcEz2ng0k
uRdPRzGn9B3pXiJ700Sr4ZXEk5RUiNdSXzb44eApUrFynPF0KVbokCldAcc9avF4
Kjn/qGaxzXlMQehYIAS1th4iZg0hlwNa0M7pxKTtKsXr+xpbDqN6N9hYBx6dh53v
LHgFDV+qg+9sZQMpwYkGgxRwLKTQ5RxccuCiARb6RlBEKN1ENZbahxzkAxVFzC9W
VamIdJvKw2n5449yFqEhv424+PnIexew+QD42r1QZYW1XVHu10Gr9Fgi7715VwbU
nmEeBybBF3p7hx36gG1NtYOWTM9tZNbEPduvaLYoDG1qzwnocb2awbDySwIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFDf722N5QkdxE3fsq+w+gWHxXEIzMB8GA1UdIwQY
MBaAFLBdKNFmJrxdyr8ukVQ1eCuW4UBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEt
YWQ1NzU1MjJiMzY1LzEvTl92YlkzbENSM0VUZC15cjdENkJZZkZjUWpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9iYmE5NzMtN2M5Zi00YjExLWI2MTEtYWQ1NzU1MjJiMzY1
LzEvc0YwbzBXWW12RjNLdnk2UlZEVjRLNWJoUUhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwLgQCAAEwKDAMAwQCk7UE
AwQBk7UQAwQDk7UgMAwDBAKTtSwDBAOTtTADBASTtYAwPwQCAAIwOTASAwcAKgSa
ABABAwcCKgSaABAAMBIDBwAqBJoAEAUDBwMqBJoAEAADBwAqBJoAEA4DBgQqBJoF
EDANBgkqhkiG9w0BAQsFAAOCAQEAyeUSHySwwB2Ll9uwuezpb01H+N4l3mB0+ETH
zhGMOUpNGzXYv+Gj7xtu0d0LrBiYHxMyOd6DW1SaQTWVjGkDZS+NomiEVh+E8emd
bkdlpYXZbzn/ozqsE4bndDmOzqbdce8Jtj/4mJmgG4lvxwWvyegx+yYRuXJEF2Zt
JXVBRuPlR6WASxeO/mmy5TI7ACqp47nlsU5paKKqC0j0yKEHcKjuvL6pzr3PyQ7F
KRqKTXSMK2CLdkaoiAN/xe1OnnKaXRukKD6XhXEeO3NybcbodSm3vJ27fp1ODZT3
MDXijfFuQwMFLVAaID+BPXhZUyFvjjx1LBinQferS3wWDoOeaw==
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:05:55 2025 by rpki-client