Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/o5ZU3JqM9aa8cmERK1J0ByHBuOU.roa
File: o5ZU3JqM9aa8cmERK1J0ByHBuOU.roa (raw, json)
Hash identifier: goDJvxQY1E7dyxhJrZ+JzXdwLxwwyX3Wxl0bVceOcwQ=
Subject key identifier: A3:96:54:DC:9A:8C:F5:A6:BC:72:61:11:2B:52:74:07:21:C1:B8:E5
Certificate issuer: /CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Certificate serial: 0199FBCFBC0E7889F7DB71C5A04F09E9C00C
Authority key identifier: 1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/o5ZU3JqM9aa8cmERK1J0ByHBuOU.roa
Signing time: Sun 19 Oct 2025 09:31:59 +0000
ROA not before: Sun 19 Oct 2025 09:31:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49581
IP address blocks: 5.253.246.0/24 maxlen: 24
37.221.92.0/24 maxlen: 24
37.221.94.0/24 maxlen: 24
45.13.227.0/24 maxlen: 24
45.84.196.0/24 maxlen: 24
45.84.198.0/24 maxlen: 24
45.131.108.0/24 maxlen: 24
45.131.111.0/24 maxlen: 24
45.137.203.0/24 maxlen: 24
45.142.104.0/24 maxlen: 24
45.142.107.0/24 maxlen: 24
45.147.7.0/24 maxlen: 24
92.118.207.0/24 maxlen: 24
185.117.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.mft
rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 09:31:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:cf:bc:0e:78:89:f7:db:71:c5:a0:4f:09:e9:c0:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b0415bfc43b38e9cfd1a12995202e8763752fde
Validity
Not Before: Oct 19 09:31:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a39654dc9a8cf5a6bc7261112b52740721c1b8e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:ba:f3:26:68:dc:d4:1f:f7:a8:70:86:75:a7:
3c:04:e8:c2:d2:d1:6b:ef:c9:49:03:e9:ae:8b:8e:
f3:09:fd:27:10:b7:a3:ee:bc:7e:b3:ea:a8:e7:8b:
02:9f:c5:af:bb:f5:4d:64:a6:1f:02:a2:45:18:53:
16:9a:d6:98:1e:d6:32:8a:c2:a9:37:65:7c:8a:23:
d4:98:e0:79:17:7a:db:6b:3a:5e:fb:cc:5b:f1:b2:
f8:81:8e:3a:78:85:f1:04:36:3f:a7:89:18:df:47:
72:a6:fc:2b:3e:fc:c6:fa:63:57:f7:7a:70:e0:e7:
4c:4b:32:aa:9e:ba:68:e4:15:15:69:e8:c7:fb:90:
9d:4a:d3:e3:f1:41:ef:58:56:17:43:44:20:c4:e5:
81:20:3e:f7:09:2f:31:8e:f4:ed:17:01:92:fa:18:
2f:10:a0:39:81:1b:13:f1:61:4a:23:46:42:c6:0a:
ef:fa:a2:ae:4b:c7:5b:f9:7e:28:ad:54:03:e4:3c:
c8:d9:13:c9:38:47:27:d4:72:ce:9a:09:8f:b9:74:
d6:19:46:c6:a0:6e:b8:cb:e3:96:b0:98:f4:25:61:
13:8d:1a:5a:35:55:fe:d5:ba:86:6d:c2:75:a6:85:
20:17:cf:2d:e4:e9:0a:61:51:c9:9c:4b:d8:14:38:
db:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:96:54:DC:9A:8C:F5:A6:BC:72:61:11:2B:52:74:07:21:C1:B8:E5
X509v3 Authority Key Identifier:
keyid:1B:04:15:BF:C4:3B:38:E9:CF:D1:A1:29:95:20:2E:87:63:75:2F:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GwQVv8Q7OOnP0aEplSAuh2N1L94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/o5ZU3JqM9aa8cmERK1J0ByHBuOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/094081-8aeb-42bf-a578-a3ca0db83254/1/GwQVv8Q7OOnP0aEplSAuh2N1L94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.246.0/24
37.221.92.0/24
37.221.94.0/24
45.13.227.0/24
45.84.196.0/24
45.84.198.0/24
45.131.108.0/24
45.131.111.0/24
45.137.203.0/24
45.142.104.0/24
45.142.107.0/24
45.147.7.0/24
92.118.207.0/24
185.117.3.0/24
Signature Algorithm: sha256WithRSAEncryption
27:6c:33:e4:ba:32:9d:c3:34:9c:b0:a4:62:7a:36:1f:71:51:
5b:3b:c8:2a:9d:43:25:02:a2:4a:7c:47:f9:12:4f:bd:14:9b:
5a:a2:66:42:86:76:b7:25:3c:bc:7b:5c:3f:be:a5:bd:ed:b8:
d7:f7:2a:eb:29:76:36:7e:46:87:e5:14:fc:4b:67:01:b2:6b:
cc:a9:7e:9c:cd:a7:76:73:6b:cf:95:a0:15:ff:75:10:09:d2:
80:d9:c2:1c:bb:fa:8c:21:68:51:74:c3:27:33:ca:0e:e2:f6:
2c:c5:d8:c6:d8:d1:e2:48:2e:62:8a:2f:5e:aa:9e:76:24:8d:
e8:bd:95:d4:15:10:ca:2b:ed:7b:63:63:c7:4d:cf:dd:5a:47:
af:ac:4a:fd:aa:6d:5e:9a:2a:bd:88:79:35:5e:11:d7:1f:a9:
2a:07:34:12:16:08:6b:e5:d2:1b:2a:fb:bd:71:0e:dd:d0:b8:
22:6d:61:52:0c:3e:c4:48:8c:54:97:8d:ff:f1:3f:e6:59:57:
1a:6f:e9:00:5d:d7:5e:01:32:f9:dd:89:87:e2:d9:e1:d6:b0:
62:5c:25:29:eb:8d:40:b8:a5:ac:47:51:22:02:30:8f:f0:a6:
cb:4f:ee:ae:0c:d5:4d:97:aa:fb:78:df:99:4d:3e:c5:ed:15:
cd:6c:dc:82
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZn7z7wOeIn323HFoE8J6cAMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMDQxNWJmYzQzYjM4ZTljZmQxYTEyOTk1MjAyZTg3NjM3
NTJmZGUwHhcNMjUxMDE5MDkzMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzk2NTRkYzlhOGNmNWE2YmM3MjYxMTEyYjUyNzQwNzIxYzFiOGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbrzJmjc1B/3qHCGdac8BOjC0tFr
78lJA+mui47zCf0nELej7rx+s+qo54sCn8Wvu/VNZKYfAqJFGFMWmtaYHtYyisKp
N2V8iiPUmOB5F3rbazpe+8xb8bL4gY46eIXxBDY/p4kY30dypvwrPvzG+mNX93pw
4OdMSzKqnrpo5BUVaejH+5CdStPj8UHvWFYXQ0QgxOWBID73CS8xjvTtFwGS+hgv
EKA5gRsT8WFKI0ZCxgrv+qKuS8db+X4orVQD5DzI2RPJOEcn1HLOmgmPuXTWGUbG
oG64y+OWsJj0JWETjRpaNVX+1bqGbcJ1poUgF88t5OkKYVHJnEvYFDjbTwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKOWVNyajPWmvHJhEStSdAchwbjlMB8GA1UdIwQY
MBaAFBsEFb/EOzjpz9GhKZUgLodjdS/eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1Nzgt
YTNjYTBkYjgzMjU0LzEvbzVaVTNKcU05YWE4Y21FUksxSjBCeUhCdU9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi8wOTQwODEtOGFlYi00MmJmLWE1NzgtYTNjYTBkYjgzMjU0
LzEvR3dRVnY4UTdPT25QMGFFcGxTQXVoMk4xTDk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQABf32AwQA
Jd1cAwQAJd1eAwQALQ3jAwQALVTEAwQALVTGAwQALYNsAwQALYNvAwQALYnLAwQA
LY5oAwQALY5rAwQALZMHAwQAXHbPAwQAuXUDMA0GCSqGSIb3DQEBCwUAA4IBAQAn
bDPkujKdwzScsKRiejYfcVFbO8gqnUMlAqJKfEf5Ek+9FJtaomZChna3JTy8e1w/
vqW97bjX9yrrKXY2fkaH5RT8S2cBsmvMqX6czad2c2vPlaAV/3UQCdKA2cIcu/qM
IWhRdMMnM8oO4vYsxdjG2NHiSC5iii9eqp52JI3ovZXUFRDKK+17Y2PHTc/dWkev
rEr9qm1emiq9iHk1XhHXH6kqBzQSFghr5dIbKvu9cQ7d0LgibWFSDD7ESIxUl43/
8T/mWVcab+kAXddeATL53YmH4tnh1rBiXCUp641AuKWsR1EiAjCP8KbLT+6uDNVN
l6r7eN+ZTT7F7RXNbNyC
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:08:58 2025 by rpki-client