Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/CegXcjWKkYbf_Mtu-eu8FyZqxu4.roa
File: CegXcjWKkYbf_Mtu-eu8FyZqxu4.roa (raw, json)
Hash identifier: JzYcfLcp0NWOaqlj/D/2sPVuBUCIgNaQuV9Yb0hBAUo=
Subject key identifier: 09:E8:17:72:35:8A:91:86:DF:FC:CB:6E:F9:EB:BC:17:26:6A:C6:EE
Certificate issuer: /CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Certificate serial: 0199C908C0EFA8C69831AB0BC37436A73C62
Authority key identifier: F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/CegXcjWKkYbf_Mtu-eu8FyZqxu4.roa
Signing time: Thu 09 Oct 2025 12:53:37 +0000
ROA not before: Thu 09 Oct 2025 12:53:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5607
IP address blocks: 2.120.0.0/13 maxlen: 13
2.216.0.0/13 maxlen: 13
5.64.0.0/13 maxlen: 13
46.64.0.0/15 maxlen: 15
51.19.0.0/16 maxlen: 16
51.146.0.0/16 maxlen: 16
51.182.0.0/15 maxlen: 15
51.182.0.0/18 maxlen: 18
51.182.64.0/18 maxlen: 18
51.182.128.0/18 maxlen: 18
51.182.192.0/18 maxlen: 18
51.183.0.0/18 maxlen: 18
51.183.64.0/18 maxlen: 18
51.183.128.0/18 maxlen: 18
51.183.192.0/18 maxlen: 18
51.186.0.0/15 maxlen: 15
51.186.0.0/18 maxlen: 18
51.186.64.0/18 maxlen: 18
51.186.128.0/18 maxlen: 18
51.186.192.0/18 maxlen: 18
51.187.0.0/18 maxlen: 18
51.187.64.0/18 maxlen: 18
51.187.128.0/18 maxlen: 18
51.187.192.0/18 maxlen: 18
51.190.0.0/15 maxlen: 15
51.194.0.0/16 maxlen: 16
51.198.0.0/18 maxlen: 18
51.198.72.0/21 maxlen: 21
51.198.80.0/20 maxlen: 20
51.198.96.0/19 maxlen: 19
51.198.128.0/17 maxlen: 17
51.199.0.0/17 maxlen: 17
51.199.128.0/18 maxlen: 18
51.199.192.0/19 maxlen: 19
51.199.224.0/20 maxlen: 20
51.199.240.0/21 maxlen: 21
51.199.248.0/22 maxlen: 22
51.241.0.0/16 maxlen: 16
78.86.0.0/16 maxlen: 16
78.105.0.0/16 maxlen: 16
87.80.0.0/15 maxlen: 15
90.192.0.0/11 maxlen: 11
93.96.0.0/17 maxlen: 17
93.96.128.0/18 maxlen: 18
93.96.224.0/19 maxlen: 19
93.96.224.0/23 maxlen: 23
93.96.228.0/23 maxlen: 23
94.0.0.0/12 maxlen: 12
94.192.0.0/14 maxlen: 14
149.241.0.0/16 maxlen: 16
151.224.0.0/13 maxlen: 13
176.24.0.0/14 maxlen: 14
176.248.0.0/13 maxlen: 13
176.255.213.0/24 maxlen: 24
176.255.240.0/24 maxlen: 24
176.255.241.0/24 maxlen: 24
176.255.242.0/24 maxlen: 24
188.220.0.0/14 maxlen: 14
2a02:c78::/29 maxlen: 29
2a02:c7a::/32 maxlen: 32
2a02:c7a:1200::/48 maxlen: 48
2a02:c7a:1202::/48 maxlen: 48
2a02:c7b::/32 maxlen: 32
2a02:c7c::/30 maxlen: 30
2a02:c7c::/33 maxlen: 33
2a02:c7c:8000::/33 maxlen: 33
2a02:c7d::/33 maxlen: 33
2a02:c7d:8000::/33 maxlen: 33
2a02:c7e::/33 maxlen: 33
2a02:c7e:8000::/33 maxlen: 33
2a02:c7f::/33 maxlen: 33
2a02:c7f:8000::/33 maxlen: 33
2a06:5900::/32 maxlen: 32
2a06:5900::/34 maxlen: 34
2a06:5900:4000::/34 maxlen: 34
2a06:5900:8000::/34 maxlen: 34
2a06:5900:c000::/34 maxlen: 34
2a06:5901::/33 maxlen: 33
2a06:5902::/31 maxlen: 31
2a06:5904::/31 maxlen: 31
2a06:5906::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.mft
rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c9:08:c0:ef:a8:c6:98:31:ab:0b:c3:74:36:a7:3c:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f71d4a4374df222ac3235b9602206d96bf1dac82
Validity
Not Before: Oct 9 12:53:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=09e81772358a9186dffccb6ef9ebbc17266ac6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:94:be:3d:f8:20:ec:44:d2:8d:ce:fb:d4:64:42:
f9:6d:c0:df:29:e9:e8:80:77:cf:9f:b9:ea:e1:37:
71:0c:89:33:42:6e:2c:1d:ef:b9:29:96:77:ee:4c:
4e:bc:11:91:91:28:8d:d2:79:5b:40:8b:36:d1:31:
6b:f9:82:ec:d1:35:b7:19:11:cb:01:3c:d7:35:f1:
8f:17:f0:8a:b5:72:9e:7f:33:c3:ee:3e:21:10:bc:
67:c0:ae:ae:d8:f6:69:6e:78:0d:e9:1f:b2:00:72:
0f:04:de:29:51:d7:25:57:b5:a6:43:cd:46:c3:7d:
7f:b5:62:4d:ba:d3:61:a7:83:a1:18:01:12:ec:40:
8f:2f:5f:ac:5a:34:07:e2:37:78:7a:1f:e6:1e:1e:
3d:32:66:09:59:72:0d:d1:6f:a8:1e:db:fa:bd:c9:
7a:be:33:3b:d9:65:98:4c:70:b3:44:1e:b7:86:b6:
a8:5c:e4:0b:32:f7:eb:f2:39:f2:1e:f1:7a:ec:11:
ff:0d:c4:d7:27:8d:21:2c:c5:7f:8d:37:d7:b4:49:
6f:8e:6b:d1:c3:99:e1:79:5a:7c:7e:fc:8d:f9:56:
55:75:8f:34:e3:6e:21:76:70:f9:16:37:3e:71:2f:
1a:93:2e:2f:c0:0b:de:53:22:18:3e:9d:4a:c4:df:
d2:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
09:E8:17:72:35:8A:91:86:DF:FC:CB:6E:F9:EB:BC:17:26:6A:C6:EE
X509v3 Authority Key Identifier:
keyid:F7:1D:4A:43:74:DF:22:2A:C3:23:5B:96:02:20:6D:96:BF:1D:AC:82
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9x1KQ3TfIirDI1uWAiBtlr8drII.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/CegXcjWKkYbf_Mtu-eu8FyZqxu4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/15/7739dc-1132-4837-9b85-e9ac2b00316a/1/9x1KQ3TfIirDI1uWAiBtlr8drII.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.120.0.0/13
2.216.0.0/13
5.64.0.0/13
46.64.0.0/15
51.19.0.0/16
51.146.0.0/16
51.182.0.0/15
51.186.0.0/15
51.190.0.0/15
51.194.0.0/16
51.198.0.0/18
51.198.72.0-51.199.251.255
51.241.0.0/16
78.86.0.0/16
78.105.0.0/16
87.80.0.0/15
90.192.0.0/11
93.96.0.0-93.96.191.255
93.96.224.0/19
94.0.0.0/12
94.192.0.0/14
149.241.0.0/16
151.224.0.0/13
176.24.0.0/14
176.248.0.0/13
188.220.0.0/14
IPv6:
2a02:c78::/29
2a06:5900::-2a06:5901:7fff:ffff:ffff:ffff:ffff:ffff
2a06:5902::-2a06:5907:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
14:44:1c:63:42:96:a8:75:1f:c0:49:5d:ce:c6:fd:fa:a0:f7:
8d:f2:e2:51:14:bd:1d:13:70:c4:70:53:f2:26:69:b0:93:e3:
11:c6:13:3b:04:b0:2b:84:d3:a6:17:a8:ba:f0:7e:a5:92:1c:
70:b9:e0:ab:d9:9f:39:23:38:99:4b:db:bd:48:01:66:c7:e7:
2f:ee:d3:c4:9c:e0:d6:00:86:7f:cf:b5:b7:8c:65:c4:d3:e0:
37:8f:47:72:d0:9e:f5:17:58:52:cd:fd:64:67:ee:67:1d:25:
8e:c6:4f:b1:64:14:00:d0:ff:81:17:99:a8:d1:97:9a:e7:26:
69:ce:dc:c8:3b:70:57:a2:51:ad:20:7c:1d:9c:70:fe:5b:64:
e3:bb:bb:3a:a2:3d:47:58:a3:43:fb:5e:ed:06:d1:12:47:56:
3d:fb:21:64:d4:76:92:db:82:b7:52:86:9a:20:fd:a1:bc:ba:
f6:f9:5a:7f:d7:0e:8e:95:1e:bf:f1:bc:a2:0a:af:cf:04:83:
e5:f6:7d:c7:07:e9:7f:84:ad:9d:f2:ae:77:cf:22:5e:d1:36:
ca:27:97:16:91:36:1f:cd:cc:ad:3c:05:29:38:0f:9f:88:03:
03:28:f2:3c:a4:92:61:c7:f0:12:20:25:e6:f7:e7:4e:1b:2e:
22:39:f3:c8
-----BEGIN CERTIFICATE-----
MIIFwDCCBKigAwIBAgISAZnJCMDvqMaYMasLw3Q2pzxiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY3MWQ0YTQzNzRkZjIyMmFjMzIzNWI5NjAyMjA2ZDk2YmYx
ZGFjODIwHhcNMjUxMDA5MTI1MzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwOWU4MTc3MjM1OGE5MTg2ZGZmY2NiNmVmOWViYmMxNzI2NmFjNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlL49+CDsRNKNzvvUZEL5bcDfKeno
gHfPn7nq4TdxDIkzQm4sHe+5KZZ37kxOvBGRkSiN0nlbQIs20TFr+YLs0TW3GRHL
ATzXNfGPF/CKtXKefzPD7j4hELxnwK6u2PZpbngN6R+yAHIPBN4pUdclV7WmQ81G
w31/tWJNutNhp4OhGAES7ECPL1+sWjQH4jd4eh/mHh49MmYJWXIN0W+oHtv6vcl6
vjM72WWYTHCzRB63hraoXOQLMvfr8jnyHvF67BH/DcTXJ40hLMV/jTfXtElvjmvR
w5nheVp8fvyN+VZVdY80424hdnD5Fjc+cS8aky4vwAveUyIYPp1KxN/SpwIDAQAB
o4ICzDCCAsgwHQYDVR0OBBYEFAnoF3I1ipGG3/zLbvnrvBcmasbuMB8GA1UdIwQY
MBaAFPcdSkN03yIqwyNblgIgbZa/HayCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUt
ZTlhYzJiMDAzMTZhLzEvQ2VnWGNqV0trWWJmX010dS1ldThGeVpxeHU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNS83NzM5ZGMtMTEzMi00ODM3LTliODUtZTlhYzJiMDAzMTZh
LzEvOXgxS1EzVGZJaXJESTF1V0FpQnRscjhkcklJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHhBggrBgEFBQcBBwEB/wSB0TCBzjCBnAQCAAEwgZUDAwMC
eAMDAwLYAwMDBUADAwEuQAMDADMTAwMAM5IDAwEztgMDATO6AwMBM74DAwAzwgME
BjPGADAMAwQDM8ZIAwQCM8f4AwMAM/EDAwBOVgMDAE5pAwMBV1ADAwVawDALAwMF
XWADBAZdYIADBAVdYOADAwReAAMDAl7AAwMAlfEDAwOX4AMDArAYAwMDsPgDAwK8
3DAtBAIAAjAnAwUDKgIMeDAOAwQAKgZZAwYHKgZZAQAwDgMFASoGWQIDBQMqBlkA
MA0GCSqGSIb3DQEBCwUAA4IBAQAURBxjQpaodR/ASV3Oxv36oPeN8uJRFL0dE3DE
cFPyJmmwk+MRxhM7BLArhNOmF6i68H6lkhxwueCr2Z85IziZS9u9SAFmx+cv7tPE
nODWAIZ/z7W3jGXE0+A3j0dy0J71F1hSzf1kZ+5nHSWOxk+xZBQA0P+BF5mo0Zea
5yZpztzIO3BXolGtIHwdnHD+W2Tju7s6oj1HWKND+17tBtESR1Y9+yFk1HaS24K3
UoaaIP2hvLr2+Vp/1w6OlR6/8byiCq/PBIPl9n3HB+l/hK2d8q53zyJe0TbKJ5cW
kTYfzcytPAUpOA+fiAMDKPI8pJJhx/ASICXm9+dOGy4iOfPI
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:55:31 2025 by rpki-client