Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/kICudPgt1e_bJiRs7eL36hXVFJM.roa
File: kICudPgt1e_bJiRs7eL36hXVFJM.roa (raw, json)
Hash identifier: KVED1NAZ2tci2qPBz14g1OCFcn2+TKD6ZV3Cld5m9SY=
Subject key identifier: 90:80:AE:74:F8:2D:D5:EF:DB:26:24:6C:ED:E2:F7:EA:15:D5:14:93
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0199BE976B9C2E6E3EB6646B4BC93466DCB3
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/kICudPgt1e_bJiRs7eL36hXVFJM.roa
Signing time: Tue 07 Oct 2025 12:13:38 +0000
ROA not before: Tue 07 Oct 2025 12:13:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6830
IP address blocks: 80.81.48.0/24 maxlen: 24
80.81.53.0/24 maxlen: 24
80.81.58.0/24 maxlen: 24
80.255.224.0/20 maxlen: 20
83.223.130.0/24 maxlen: 24
83.223.134.0/24 maxlen: 24
83.223.135.0/24 maxlen: 24
83.223.137.0/24 maxlen: 24
83.223.142.0/24 maxlen: 24
83.223.153.0/24 maxlen: 24
83.223.154.0/24 maxlen: 24
91.190.47.0/24 maxlen: 24
94.101.226.0/24 maxlen: 24
94.101.237.0/24 maxlen: 24
159.148.149.0/24 maxlen: 24
159.148.181.0/24 maxlen: 24
159.148.240.0/24 maxlen: 24
185.7.237.0/24 maxlen: 24
185.7.238.0/24 maxlen: 24
185.7.239.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:97:6b:9c:2e:6e:3e:b6:64:6b:4b:c9:34:66:dc:b3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Oct 7 12:13:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9080ae74f82dd5efdb26246cede2f7ea15d51493
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:4e:41:c1:2e:d7:6f:f8:b0:f0:a7:c8:bd:c8:
11:44:14:71:27:3d:1b:d6:f0:80:cc:57:4b:79:39:
f0:8e:6c:d6:7a:41:c3:8b:85:1a:c5:fc:7a:e4:67:
39:10:b9:90:9b:78:0e:5f:3a:b4:23:b7:f6:17:37:
44:06:90:67:50:2e:a1:36:af:af:23:69:87:91:22:
9d:fb:80:f3:b0:bd:e1:23:ec:3e:ad:67:a0:4d:6d:
58:cf:5d:9c:cc:e3:c7:ce:2b:89:7e:4e:04:d5:26:
9a:20:54:c6:86:ed:28:e9:49:b6:92:62:91:0e:55:
fa:f4:94:0e:d4:78:2d:75:4e:86:ca:48:9a:9b:c8:
66:32:0d:37:15:5c:53:df:9a:21:3b:d9:3d:ea:34:
9c:02:df:2f:f1:b2:d6:a7:51:90:7b:2e:42:81:4e:
cf:98:4b:25:1d:f1:bd:7a:05:ff:49:d1:4b:8c:d6:
02:34:76:d5:ba:c8:0d:f3:13:5d:a4:1d:ea:bb:2b:
45:52:55:a3:8e:4d:c4:50:ee:29:b2:0b:f8:bb:74:
26:e1:9b:95:35:53:79:fa:26:b5:d1:89:19:98:7f:
32:d7:b9:52:aa:a6:93:ac:ec:c7:31:59:59:2f:fd:
44:e7:42:a7:43:9b:b1:a4:42:10:19:9a:df:14:a6:
b4:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:80:AE:74:F8:2D:D5:EF:DB:26:24:6C:ED:E2:F7:EA:15:D5:14:93
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/kICudPgt1e_bJiRs7eL36hXVFJM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.81.48.0/24
80.81.53.0/24
80.81.58.0/24
80.255.224.0/20
83.223.130.0/24
83.223.134.0/23
83.223.137.0/24
83.223.142.0/24
83.223.153.0-83.223.154.255
91.190.47.0/24
94.101.226.0/24
94.101.237.0/24
159.148.149.0/24
159.148.181.0/24
159.148.240.0/24
185.7.237.0-185.7.239.255
Signature Algorithm: sha256WithRSAEncryption
41:76:1e:ca:23:08:88:73:8b:92:0e:90:3e:76:4b:fa:88:a4:
12:60:9d:2b:19:f9:c3:9b:e3:e5:2c:11:91:36:5c:c3:78:86:
f9:32:cb:bb:5b:9b:f7:3f:be:45:b3:91:e6:70:74:2e:a1:f7:
c2:f6:23:03:50:94:0f:16:13:ca:af:c7:0a:e8:af:9e:b8:6d:
97:40:40:dc:a9:8a:53:83:9b:17:2f:7b:47:94:a7:f4:8e:9d:
32:11:1c:07:1f:e2:69:10:53:b4:e2:a2:2e:e5:72:ed:7b:8d:
1b:b5:35:6e:02:ea:01:09:68:9f:22:82:89:2f:f6:d5:b6:3c:
37:35:b4:3d:6a:1a:4a:65:c2:d2:6a:ef:91:a9:bf:80:66:bb:
96:1c:c7:0a:7c:d4:8b:98:82:dd:07:c0:f8:e7:af:68:5c:05:
02:b0:dc:be:c8:f8:57:93:d8:bc:e1:03:9e:be:2f:09:d0:ff:
28:4a:67:7c:a2:75:6f:4a:07:6a:13:fd:77:aa:12:51:bf:f3:
7f:0b:24:e7:60:18:0d:8a:49:b6:2a:f5:83:dd:5b:1c:ea:68:
da:95:bb:49:f6:5c:27:cd:f4:bf:16:d9:da:14:78:41:09:9e:
5e:7b:13:c0:27:d4:78:f5:15:1a:ac:98:c5:46:32:ef:ca:aa:
19:96:ab:83
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZm+l2ucLm4+tmRrS8k0ZtyzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUxMDA3MTIxMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDgwYWU3NGY4MmRkNWVmZGIyNjI0NmNlZGUyZjdlYTE1ZDUxNDkzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2E5BwS7Xb/iw8KfIvcgRRBRxJz0b
1vCAzFdLeTnwjmzWekHDi4Uaxfx65Gc5ELmQm3gOXzq0I7f2FzdEBpBnUC6hNq+v
I2mHkSKd+4DzsL3hI+w+rWegTW1Yz12czOPHziuJfk4E1SaaIFTGhu0o6Um2kmKR
DlX69JQO1HgtdU6Gykiam8hmMg03FVxT35ohO9k96jScAt8v8bLWp1GQey5CgU7P
mEslHfG9egX/SdFLjNYCNHbVusgN8xNdpB3quytFUlWjjk3EUO4psgv4u3Qm4ZuV
NVN5+ia10YkZmH8y17lSqqaTrOzHMVlZL/1E50KnQ5uxpEIQGZrfFKa0nQIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJCArnT4LdXv2yYkbO3i9+oV1RSTMB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEva0lDdWRQZ3QxZV9iSmlSczdlTDM2aFhWRkpNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAFBRMAME
AFBRNQMEAFBROgMEBFD/4AMEAFPfggMEAVPfhgMEAFPfiQMEAFPfjjAMAwQAU9+Z
AwQAU9+aAwQAW74vAwQAXmXiAwQAXmXtAwQAn5SVAwQAn5S1AwQAn5TwMAwDBAC5
B+0DBAS5B+AwDQYJKoZIhvcNAQELBQADggEBAEF2HsojCIhzi5IOkD52S/qIpBJg
nSsZ+cOb4+UsEZE2XMN4hvkyy7tbm/c/vkWzkeZwdC6h98L2IwNQlA8WE8qvxwro
r564bZdAQNypilODmxcve0eUp/SOnTIRHAcf4mkQU7Tioi7lcu17jRu1NW4C6gEJ
aJ8igokv9tW2PDc1tD1qGkplwtJq75Gpv4Bmu5Ycxwp81IuYgt0HwPjnr2hcBQKw
3L7I+FeT2LzhA56+LwnQ/yhKZ3yidW9KB2oT/XeqElG/838LJOdgGA2KSbYq9YPd
WxzqaNqVu0n2XCfN9L8W2doUeEEJnl57E8An1Hj1FRqsmMVGMu/KqhmWq4M=
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:57 2025 by rpki-client