Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/cAiZYZsjkJYboU1jBAB2-aVi3c8.roa
File: cAiZYZsjkJYboU1jBAB2-aVi3c8.roa (raw, json)
Hash identifier: zVd+6SKmzQHAi1eIiEQefD+DIc2tkdLtDoxv2GZgHuY=
Subject key identifier: 70:08:99:61:9B:23:90:96:1B:A1:4D:63:04:00:76:F9:A5:62:DD:CF
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0199CABE0ED75D3705EBA0752079DB7ECB60
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/cAiZYZsjkJYboU1jBAB2-aVi3c8.roa
Signing time: Thu 09 Oct 2025 20:51:17 +0000
ROA not before: Thu 09 Oct 2025 20:51:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213535
IP address blocks: 45.13.226.0/24 maxlen: 24
45.67.136.0/24 maxlen: 24
45.67.139.0/24 maxlen: 24
45.92.218.0/24 maxlen: 24
45.92.219.0/24 maxlen: 24
45.141.118.0/24 maxlen: 24
185.117.0.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ca:be:0e:d7:5d:37:05:eb:a0:75:20:79:db:7e:cb:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Oct 9 20:51:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=700899619b2390961ba14d63040076f9a562ddcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:45:33:85:6a:65:73:38:ef:d4:9f:0c:38:95:
fd:d6:af:f1:e4:18:70:e3:83:4b:21:a0:59:2a:c6:
23:e9:bf:e7:b9:d9:f6:4d:73:09:1b:b7:39:86:e3:
65:12:fb:67:f8:00:ef:96:66:d1:4e:19:8b:50:ca:
20:6c:e0:62:3a:3b:3f:09:77:11:8c:c8:71:2f:2b:
97:aa:8e:40:b3:13:ee:ee:d3:20:01:17:6d:ea:cd:
a2:14:0d:9f:3d:ce:e5:8c:89:bc:1c:1a:db:b6:db:
6b:de:28:9f:3e:d1:e1:c7:7e:4b:85:f7:88:15:74:
d1:5f:2d:9f:25:0b:43:31:72:85:17:3e:6d:fb:4f:
c1:2a:cc:e3:c5:42:c2:93:5f:d9:34:ec:97:83:40:
78:66:d6:8d:0a:1f:b3:ee:9c:8d:03:9e:1f:13:3a:
66:52:d4:85:05:18:20:b2:34:a5:32:a6:db:2e:16:
37:3f:ef:bc:30:af:65:6f:df:89:5d:f8:2b:74:bd:
65:36:1b:f0:2a:e0:68:80:56:89:8d:fb:1b:81:53:
2b:9d:72:9b:9a:93:09:4f:63:99:1d:92:98:c5:c4:
c9:b5:f9:d2:2d:96:49:10:b7:f2:99:51:87:e6:26:
22:d8:7f:c6:29:b2:0b:87:8d:92:f5:42:a9:1c:62:
69:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:08:99:61:9B:23:90:96:1B:A1:4D:63:04:00:76:F9:A5:62:DD:CF
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/cAiZYZsjkJYboU1jBAB2-aVi3c8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.13.226.0/24
45.67.136.0/24
45.67.139.0/24
45.92.218.0/23
45.141.118.0/24
185.117.0.0/24
Signature Algorithm: sha256WithRSAEncryption
77:11:a2:65:c8:3d:95:5e:45:8e:b5:f8:6b:e2:4a:e3:a4:7b:
bb:57:08:d4:ef:5c:c6:e8:d4:e7:89:f8:f8:ca:cb:28:8b:51:
10:01:ed:2b:57:87:a1:4f:c9:16:ec:2d:29:47:c3:84:10:25:
c9:c5:19:40:ad:dd:bc:2e:ff:63:25:b5:98:4b:f2:47:ed:f3:
25:bc:18:e6:3a:9d:77:57:58:12:c4:76:04:41:12:69:72:6c:
5b:25:3f:63:93:57:4c:43:37:14:18:49:49:30:00:3d:e6:83:
64:aa:10:4b:33:83:3f:e4:ae:68:d4:a2:50:f7:b7:07:e8:aa:
08:5b:05:eb:2b:25:84:79:06:8a:3d:59:d9:83:c6:5e:cd:e0:
36:29:69:b6:39:83:fe:75:e7:a4:4f:02:ce:0d:80:46:27:85:
0a:2f:06:4f:4c:bb:36:58:d6:7a:9f:26:aa:d6:60:cd:7f:87:
9e:98:a8:02:52:f1:58:10:cd:e9:5f:62:79:28:03:7f:8e:4e:
cb:c1:6f:7d:59:9d:21:03:b0:2d:d0:53:ad:18:9d:ba:2d:67:
04:1a:54:d2:e2:77:8e:73:cc:0f:fd:0f:a7:20:76:81:f6:7b:
ab:45:29:c6:66:68:30:bc:f8:cd:34:00:f6:77:41:17:c8:db:
ac:12:f4:cc
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZnKvg7XXTcF66B1IHnbfstgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUxMDA5MjA1MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDA4OTk2MTliMjM5MDk2MWJhMTRkNjMwNDAwNzZmOWE1NjJkZGNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwkUzhWplczjv1J8MOJX91q/x5Bhw
44NLIaBZKsYj6b/nudn2TXMJG7c5huNlEvtn+ADvlmbRThmLUMogbOBiOjs/CXcR
jMhxLyuXqo5AsxPu7tMgARdt6s2iFA2fPc7ljIm8HBrbtttr3iifPtHhx35LhfeI
FXTRXy2fJQtDMXKFFz5t+0/BKszjxULCk1/ZNOyXg0B4ZtaNCh+z7pyNA54fEzpm
UtSFBRggsjSlMqbbLhY3P++8MK9lb9+JXfgrdL1lNhvwKuBogFaJjfsbgVMrnXKb
mpMJT2OZHZKYxcTJtfnSLZZJELfymVGH5iYi2H/GKbILh42S9UKpHGJpQwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFHAImWGbI5CWG6FNYwQAdvmlYt3PMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvY0FpWllac2prSllib1UxakJBQjItYVZpM2M4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALQ3iAwQA
LUOIAwQALUOLAwQBLVzaAwQALY12AwQAuXUAMA0GCSqGSIb3DQEBCwUAA4IBAQB3
EaJlyD2VXkWOtfhr4krjpHu7VwjU71zG6NTnifj4yssoi1EQAe0rV4ehT8kW7C0p
R8OEECXJxRlArd28Lv9jJbWYS/JH7fMlvBjmOp13V1gSxHYEQRJpcmxbJT9jk1dM
QzcUGElJMAA95oNkqhBLM4M/5K5o1KJQ97cH6KoIWwXrKyWEeQaKPVnZg8ZezeA2
KWm2OYP+deekTwLODYBGJ4UKLwZPTLs2WNZ6nyaq1mDNf4eemKgCUvFYEM3pX2J5
KAN/jk7LwW99WZ0hA7At0FOtGJ26LWcEGlTS4neOc8wP/Q+nIHaB9nurRSnGZmgw
vPjNNAD2d0EXyNusEvTM
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:07 2025 by rpki-client