Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/H4mX0idq9aa-2-behcELkDI1jEk.roa
File: H4mX0idq9aa-2-behcELkDI1jEk.roa (raw, json)
Hash identifier: huYpiP8shZ1qtuKsgdaiOX3XPq9aXGUT/wJFL/doYxg=
Subject key identifier: 1F:89:97:D2:27:6A:F5:A6:BE:DB:E6:DE:85:C1:0B:90:32:35:8C:49
Certificate issuer: /CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Certificate serial: 01999E75C790583D19CB55DE471506ED01AD
Authority key identifier: 49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/H4mX0idq9aa-2-behcELkDI1jEk.roa
Signing time: Wed 01 Oct 2025 06:29:02 +0000
ROA not before: Wed 01 Oct 2025 06:29:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215597
IP address blocks: 5.181.196.0/24 maxlen: 24
5.181.197.0/24 maxlen: 24
82.199.222.0/23 maxlen: 23
82.199.222.0/24 maxlen: 24
82.199.223.0/24 maxlen: 24
91.213.191.0/24 maxlen: 24
91.217.185.0/24 maxlen: 24
185.90.252.0/24 maxlen: 24
185.95.206.0/23 maxlen: 23
185.95.206.0/24 maxlen: 24
185.95.207.0/24 maxlen: 24
212.95.142.0/24 maxlen: 24
212.95.148.0/24 maxlen: 24
212.95.156.0/24 maxlen: 24
2a12:f680:200::/48 maxlen: 48
2a12:f680:201::/48 maxlen: 48
2a12:f680:204::/48 maxlen: 48
2a12:f680:205::/48 maxlen: 48
2a12:f680:206::/48 maxlen: 48
2a12:f680:207::/48 maxlen: 48
2a12:f680:220::/43 maxlen: 43
2a12:f680:240::/43 maxlen: 43
2a12:f680:260::/43 maxlen: 43
2a12:f680:600::/48 maxlen: 48
2a12:f680:601::/48 maxlen: 48
2a12:f680:602::/48 maxlen: 48
2a12:f680:604::/48 maxlen: 48
2a12:f680:620::/43 maxlen: 43
2a12:f680:640::/43 maxlen: 43
2a12:f680:660::/43 maxlen: 43
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9e:75:c7:90:58:3d:19:cb:55:de:47:15:06:ed:01:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49dd8f1a62a5d7f80212de0f3efe75b2fa338ffe
Validity
Not Before: Oct 1 06:29:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f8997d2276af5a6bedbe6de85c10b9032358c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:d7:fa:c0:ed:29:f9:88:ee:cb:10:dd:73:74:
88:c2:da:e4:d0:00:c3:f9:41:3a:40:ad:fe:80:b9:
1e:7a:40:86:44:b9:eb:a0:79:13:71:6c:16:15:65:
33:09:50:3c:a7:2d:ef:1e:57:2d:6b:ae:4d:85:3b:
cc:45:f6:f8:8d:e5:27:ac:75:1d:c8:19:df:96:11:
b4:fa:cb:89:28:72:a7:67:b0:bd:79:e9:61:d9:e9:
7a:af:64:5d:2a:c5:f1:05:59:12:a8:13:91:6e:47:
24:fd:22:74:0d:b2:f1:05:0b:60:5b:a6:b7:c4:0b:
af:7a:d9:db:0e:3c:14:e6:56:d1:71:b0:24:42:19:
a0:95:ad:11:30:6f:e9:8e:af:3f:70:f8:eb:40:b9:
ad:56:57:fc:8a:f4:21:c7:95:1d:e4:3d:19:26:58:
5d:67:80:a0:c8:cf:5d:2b:1b:de:b9:d5:dc:83:1d:
55:4a:ce:3c:4a:59:a9:4d:8c:b2:64:b0:8c:2f:96:
ff:20:be:c0:d8:1c:2e:de:c7:96:71:b1:1f:21:3d:
6c:ea:7c:00:12:76:2b:2b:9e:e3:8a:2a:a4:d1:e7:
36:3a:dd:cf:c1:48:f5:9a:5c:a9:56:77:e7:10:2b:
8c:3c:ef:fb:38:33:75:f1:16:e2:7a:73:20:fe:55:
7e:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:89:97:D2:27:6A:F5:A6:BE:DB:E6:DE:85:C1:0B:90:32:35:8C:49
X509v3 Authority Key Identifier:
keyid:49:DD:8F:1A:62:A5:D7:F8:02:12:DE:0F:3E:FE:75:B2:FA:33:8F:FE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Sd2PGmKl1_gCEt4PPv51svozj_4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/H4mX0idq9aa-2-behcELkDI1jEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/01b1ef-233b-4d6f-8dcf-ceec49124c0f/1/Sd2PGmKl1_gCEt4PPv51svozj_4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.196.0/23
82.199.222.0/23
91.213.191.0/24
91.217.185.0/24
185.90.252.0/24
185.95.206.0/23
212.95.142.0/24
212.95.148.0/24
212.95.156.0/24
IPv6:
2a12:f680:200::/47
2a12:f680:204::/46
2a12:f680:220::-2a12:f680:27f:ffff:ffff:ffff:ffff:ffff
2a12:f680:600::-2a12:f680:602:ffff:ffff:ffff:ffff:ffff
2a12:f680:604::/48
2a12:f680:620::-2a12:f680:67f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5a:da:03:54:85:7f:17:d6:8d:ae:1c:70:67:e0:0c:61:ca:6f:
6c:05:1e:7f:28:4b:39:b4:6c:d8:69:43:6e:3f:8f:2c:ce:31:
42:45:00:64:d9:2b:e1:10:bf:fe:f1:9e:a1:85:8f:79:0b:33:
e2:40:34:c8:72:30:4b:ce:ef:83:3d:4d:fb:1a:a3:aa:d5:5d:
24:93:90:fa:8f:ce:b5:0e:a9:f5:be:39:60:d3:7b:fd:2e:c9:
1b:27:31:44:e4:66:96:38:60:78:52:90:09:d1:07:b0:70:31:
7e:8b:d4:96:55:bc:d6:4f:7d:c1:5b:a5:79:e5:79:8f:53:09:
e1:da:ad:42:b3:f3:40:b4:81:70:2d:77:9b:54:82:4a:f9:c7:
c8:39:1b:cf:dc:30:1b:0c:da:5c:ab:1f:9a:b5:51:44:a9:c1:
e1:13:63:7e:66:b0:7a:f5:73:ae:ce:bc:59:a6:9d:e4:84:b7:
bb:71:7e:9f:8a:90:54:cc:e3:00:28:0f:a0:09:64:eb:a1:b0:
05:d7:90:14:f9:07:85:e5:87:18:e7:1a:58:47:5a:83:9a:0f:
97:42:2e:e8:a9:e9:5f:b5:7c:cb:a0:09:1a:78:c6:e5:a0:6b:
d6:ee:d7:5b:47:5c:d0:89:53:8d:57:46:32:e8:a8:2b:98:d3:
d7:6d:28:78
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZmedceQWD0Zy1XeRxUG7QGtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZGQ4ZjFhNjJhNWQ3ZjgwMjEyZGUwZjNlZmU3NWIyZmEz
MzhmZmUwHhcNMjUxMDAxMDYyOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjg5OTdkMjI3NmFmNWE2YmVkYmU2ZGU4NWMxMGI5MDMyMzU4YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuNf6wO0p+YjuyxDdc3SIwtrk0ADD
+UE6QK3+gLkeekCGRLnroHkTcWwWFWUzCVA8py3vHlcta65NhTvMRfb4jeUnrHUd
yBnflhG0+suJKHKnZ7C9eelh2el6r2RdKsXxBVkSqBORbkck/SJ0DbLxBQtgW6a3
xAuvetnbDjwU5lbRcbAkQhmgla0RMG/pjq8/cPjrQLmtVlf8ivQhx5Ud5D0ZJlhd
Z4CgyM9dKxveudXcgx1VSs48SlmpTYyyZLCML5b/IL7A2Bwu3seWcbEfIT1s6nwA
EnYrK57jiiqk0ec2Ot3PwUj1mlypVnfnECuMPO/7ODN18RbienMg/lV+hQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFB+Jl9InavWmvtvm3oXBC5AyNYxJMB8GA1UdIwQY
MBaAFEndjxpipdf4AhLeDz7+dbL6M4/+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2Yt
Y2VlYzQ5MTI0YzBmLzEvSDRtWDBpZHE5YWEtMi1iZWhjRUxrREkxakVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi8wMWIxZWYtMjMzYi00ZDZmLThkY2YtY2VlYzQ5MTI0YzBm
LzEvU2QyUEdtS2wxX2dDRXQ0UFB2NTFzdm96al80LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDA8BAIAATA2AwQBBbXE
AwQBUsfeAwQAW9W/AwQAW9m5AwQAuVr8AwQBuV/OAwQA1F+OAwQA1F+UAwQA1F+c
MFwEAgACMFYDBwEqEvaAAgADBwIqEvaAAgQwEgMHBSoS9oACIAMHByoS9oACADAR
AwYBKhL2gAYDBwAqEvaABgIDBwAqEvaABgQwEgMHBSoS9oAGIAMHByoS9oAGADAN
BgkqhkiG9w0BAQsFAAOCAQEAWtoDVIV/F9aNrhxwZ+AMYcpvbAUefyhLObRs2GlD
bj+PLM4xQkUAZNkr4RC//vGeoYWPeQsz4kA0yHIwS87vgz1N+xqjqtVdJJOQ+o/O
tQ6p9b45YNN7/S7JGycxRORmljhgeFKQCdEHsHAxfovUllW81k99wVuleeV5j1MJ
4dqtQrPzQLSBcC13m1SCSvnHyDkbz9wwGwzaXKsfmrVRRKnB4RNjfmawevVzrs68
Waad5IS3u3F+n4qQVMzjACgPoAlk66GwBdeQFPkHheWHGOcaWEdag5oPl0Iu6Knp
X7V8y6AJGnjG5aBr1u7XW0dc0IlTjVdGMuioK5jT120oeA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:23:20 2025 by rpki-client