Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tB-dpjEah7-kA518mefoakifGPY.roa
File: tB-dpjEah7-kA518mefoakifGPY.roa (raw, json)
Hash identifier: zJOUyeqqEIkkHILFuaRgCUtXRDySmHzFpYPS1t4iXso=
Subject key identifier: B4:1F:9D:A6:31:1A:87:BF:A4:03:9D:7C:99:E7:E8:6A:48:9F:18:F6
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 0199E84BB300BA2D90FB9CC2ED3A40742C37
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tB-dpjEah7-kA518mefoakifGPY.roa
Signing time: Wed 15 Oct 2025 14:34:59 +0000
ROA not before: Wed 15 Oct 2025 14:34:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208258
IP address blocks: 45.141.204.0/23 maxlen: 24
45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.154.238.0/24 maxlen: 24
45.154.239.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:4b:b3:00:ba:2d:90:fb:9c:c2:ed:3a:40:74:2c:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 15 14:34:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b41f9da6311a87bfa4039d7c99e7e86a489f18f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:09:34:7d:b0:36:94:15:7a:ba:52:3e:45:24:
f6:f0:60:5a:5a:31:d1:35:af:12:49:51:27:c5:a7:
e2:e3:7b:49:e1:49:84:48:77:cf:b0:8c:4f:58:72:
ef:da:74:76:ba:51:2a:db:97:23:aa:69:ef:ab:ca:
26:31:98:fd:48:40:6a:07:89:bc:f8:2d:71:db:aa:
e0:d1:d3:15:13:cc:26:f2:af:3b:0d:2b:58:35:0a:
9a:25:01:1b:cc:ca:c5:95:99:8b:e4:21:87:13:29:
a2:58:66:55:89:c7:c6:b8:36:2b:d9:87:3d:05:0d:
eb:22:7e:ec:31:f8:2c:f2:42:19:f8:61:ca:e3:1c:
ac:27:27:40:a5:a2:b8:4f:dd:7e:bb:99:cf:ce:f1:
50:6b:d5:b8:67:46:d5:35:86:30:cf:38:28:e1:04:
f9:b4:22:4c:09:fb:25:eb:0d:c0:4a:b7:8a:46:20:
ac:03:a1:96:24:b0:bc:25:58:de:86:de:40:59:8c:
a4:18:17:c5:da:1b:b6:01:73:7f:ee:17:f7:74:e8:
d6:f3:42:f4:4d:cc:ea:2d:f3:da:50:95:c5:e2:4a:
21:f4:43:b3:92:7f:aa:c3:d9:87:60:ad:53:69:ce:
be:1b:3c:bb:7a:36:a5:95:1f:40:c7:bf:b1:4b:eb:
16:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:1F:9D:A6:31:1A:87:BF:A4:03:9D:7C:99:E7:E8:6A:48:9F:18:F6
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tB-dpjEah7-kA518mefoakifGPY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
45.154.238.0/23
185.208.208.0/22
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
40:01:c5:68:13:77:cf:64:83:bc:78:62:30:e7:37:a9:e1:e7:
b5:ab:bd:d7:30:6e:29:a7:3b:12:d4:5a:50:1d:e5:b8:7d:ef:
4b:50:26:af:72:2c:ab:8a:e7:19:e4:22:64:21:37:36:37:ec:
86:c7:6a:20:6c:f7:11:6b:7d:35:72:7f:fc:31:4b:a7:b1:d0:
7c:b1:3a:32:58:42:98:2f:e0:e5:ab:b7:9a:d2:89:a6:05:b7:
44:83:8f:c6:fa:5e:06:ba:96:94:c9:eb:ef:56:e2:04:e1:81:
a3:92:01:7d:f4:48:e9:e6:a8:6c:3c:cf:43:5f:56:37:6c:94:
2e:54:2c:dd:15:0c:1c:bc:79:78:37:0a:7a:2c:4f:8b:a7:d1:
6b:e0:03:5f:1d:0f:b7:21:cd:cb:85:b5:cf:00:41:af:7d:da:
1a:fa:79:ca:01:4d:24:aa:af:5f:b1:81:b8:aa:c0:61:f4:f5:
27:d0:ae:0a:87:0a:8d:88:35:71:6f:92:cb:8b:38:5c:fd:34:
c1:32:c7:17:6c:27:51:fe:47:1e:cd:af:50:77:3d:fa:3e:1b:
d4:71:0c:f6:fc:e9:1f:32:05:f1:13:e7:0f:29:28:f9:6b:28:
2e:61:08:c7:43:30:08:bb:01:92:a1:a3:7c:21:5d:b9:fb:39:
15:99:9c:e1
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZnoS7MAui2Q+5zC7TpAdCw3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUxMDE1MTQzNDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNDFmOWRhNjMxMWE4N2JmYTQwMzlkN2M5OWU3ZTg2YTQ4OWYxOGY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2gk0fbA2lBV6ulI+RST28GBaWjHR
Na8SSVEnxafi43tJ4UmESHfPsIxPWHLv2nR2ulEq25cjqmnvq8omMZj9SEBqB4m8
+C1x26rg0dMVE8wm8q87DStYNQqaJQEbzMrFlZmL5CGHEymiWGZVicfGuDYr2Yc9
BQ3rIn7sMfgs8kIZ+GHK4xysJydApaK4T91+u5nPzvFQa9W4Z0bVNYYwzzgo4QT5
tCJMCfsl6w3ASreKRiCsA6GWJLC8JVjeht5AWYykGBfF2hu2AXN/7hf3dOjW80L0
TczqLfPaUJXF4koh9EOzkn+qw9mHYK1Tac6+Gzy7ejallR9Ax7+xS+sWGQIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFLQfnaYxGoe/pAOdfJnn6GpInxj2MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvdEItZHBqRWFoNy1rQTUxOG1lZm9ha2lmR1BZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DBSBAIAATBMAwQBLY3M
MAwDBAItkPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEAS2a7gMEArnQ0AMEALnjUgME
ALnkUwMEAbnzcAMEAMKSMAMEAcMaBjCBgQQCAAIwewMHACoLPEAAAQMHACoLPEAA
CTASAwcAKgs8QAARAwcAKgs8QAASMBIDBwAqCzxAABUDBwMqCzxAABADBwEqCzxA
ACADBwAqCzxAACUDBwAqCzxA/KYDBwAqDlVAAAAwEgMHBCoOVUAAEAMHACoOVUAA
EgMHACoOVUABADANBgkqhkiG9w0BAQsFAAOCAQEAQAHFaBN3z2SDvHhiMOc3qeHn
tau91zBuKac7EtRaUB3luH3vS1Amr3Isq4rnGeQiZCE3NjfshsdqIGz3EWt9NXJ/
/DFLp7HQfLE6MlhCmC/g5au3mtKJpgW3RIOPxvpeBrqWlMnr71biBOGBo5IBffRI
6eaobDzPQ19WN2yULlQs3RUMHLx5eDcKeixPi6fRa+ADXx0PtyHNy4W1zwBBr33a
Gvp5ygFNJKqvX7GBuKrAYfT1J9CuCocKjYg1cW+Sy4s4XP00wTLHF2wnUf5HHs2v
UHc9+j4b1HEM9vzpHzIF8RPnDyko+WsoLmEIx0MwCLsBkqGjfCFdufs5FZmc4Q==
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:16:39 2025 by rpki-client