Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/51NXVgAr2I1eXTe9a9kizTFuHJ4.roa
File: 51NXVgAr2I1eXTe9a9kizTFuHJ4.roa (raw, json)
Hash identifier: 1iN5vxfuwXGFtbxcnMWPqsUykL0ZxXTKprGUJelmE44=
Subject key identifier: E7:53:57:56:00:2B:D8:8D:5E:5D:37:BD:6B:D9:22:CD:31:6E:1C:9E
Certificate issuer: /CN=145ceb292089e0df75719db3e96c509754f94837
Certificate serial: 019970D30CDED951324C934D2747609FC5C9
Authority key identifier: 14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/51NXVgAr2I1eXTe9a9kizTFuHJ4.roa
Signing time: Mon 22 Sep 2025 09:48:23 +0000
ROA not before: Mon 22 Sep 2025 09:48:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49028
IP address blocks: 2.59.188.0/22 maxlen: 22
45.151.8.0/22 maxlen: 22
185.153.136.0/22 maxlen: 22
185.170.20.0/22 maxlen: 22
185.252.236.0/22 maxlen: 22
193.203.52.0/22 maxlen: 22
2a09:f7c0::/29 maxlen: 29
2a0a:300::/29 maxlen: 29
2a0a:6d80::/29 maxlen: 29
2a0c:2dc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.mft
rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:d3:0c:de:d9:51:32:4c:93:4d:27:47:60:9f:c5:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=145ceb292089e0df75719db3e96c509754f94837
Validity
Not Before: Sep 22 09:48:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7535756002bd88d5e5d37bd6bd922cd316e1c9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:67:90:07:29:37:63:57:b0:89:87:df:1f:bd:
fd:13:dd:11:8f:79:e8:bd:f2:4f:4c:04:88:e5:2d:
35:2f:b2:1d:2f:40:5c:46:61:05:67:05:15:3a:d8:
57:f0:0e:53:b6:de:af:44:2a:f0:58:0e:6a:d7:17:
b4:7b:c7:7e:e6:1b:3b:71:d8:d6:c8:a5:a9:07:88:
19:15:32:74:ac:8a:62:ab:77:78:0f:51:58:7e:40:
d7:d6:43:20:b2:1c:62:0e:e6:73:d6:48:6f:dc:88:
44:84:c4:70:ab:d1:8b:62:db:03:de:22:90:f1:eb:
49:7f:db:db:aa:2c:9f:2a:92:b9:69:01:a8:98:52:
10:ad:1a:63:53:be:d7:02:03:16:2b:70:22:70:a6:
9e:09:d4:db:fb:3f:cd:a6:41:e2:10:b5:6f:d4:a3:
a5:28:01:b8:e5:c1:a9:96:25:f3:3a:5e:cb:c4:46:
37:45:f5:ac:45:57:e4:f7:ce:0e:9d:cf:e0:ba:91:
60:87:6a:99:04:33:b4:d0:39:e1:a5:6b:f7:8f:48:
f6:e7:ec:f7:b9:e9:a5:a5:51:74:13:b3:46:06:fa:
c8:36:87:1f:62:a8:69:9e:66:97:aa:3e:20:cc:3e:
c2:66:a0:12:da:b3:00:43:84:ab:67:11:94:5b:68:
8d:f9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:53:57:56:00:2B:D8:8D:5E:5D:37:BD:6B:D9:22:CD:31:6E:1C:9E
X509v3 Authority Key Identifier:
keyid:14:5C:EB:29:20:89:E0:DF:75:71:9D:B3:E9:6C:50:97:54:F9:48:37
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/51NXVgAr2I1eXTe9a9kizTFuHJ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/c71fde-3ef2-4bf7-8641-12719c261cc0/1/FFzrKSCJ4N91cZ2z6WxQl1T5SDc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.188.0/22
45.151.8.0/22
185.153.136.0/22
185.170.20.0/22
185.252.236.0/22
193.203.52.0/22
IPv6:
2a09:f7c0::/29
2a0a:300::/29
2a0a:6d80::/29
2a0c:2dc0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:be:9c:b0:a8:d0:1e:82:cd:6c:dc:a0:39:6c:96:05:97:31:
6e:b2:ba:19:c4:ba:1e:7b:43:90:23:02:85:e2:51:93:72:45:
23:e5:e3:57:6e:a9:64:22:f2:e8:8e:7b:f3:83:f6:d4:f8:38:
8f:52:74:89:c6:92:76:01:00:62:dd:7c:ae:80:f1:2e:fd:69:
b0:4f:80:3a:1d:83:3d:16:16:a8:08:0c:f0:39:af:13:19:db:
69:6b:6e:9c:f3:fc:da:3d:69:36:78:f6:97:da:58:ba:c9:23:
a1:42:9b:30:df:56:20:86:eb:62:67:2c:3c:0d:ae:c1:7c:f8:
cf:0e:1a:65:df:d7:b3:15:76:bd:a9:ba:f2:c3:63:cd:8c:9a:
a5:80:ed:96:43:71:9e:18:b6:9d:6a:b6:60:f2:a9:b7:cb:ab:
e9:b3:55:e3:6e:7b:0d:61:97:0c:75:a7:a8:4f:5a:94:6f:eb:
2b:ab:0c:cc:6d:56:a3:18:13:a6:a4:e6:3c:1f:74:42:0f:7e:
c6:4f:a9:be:9b:4d:e4:c8:78:17:90:23:47:d0:7c:8d:83:15:
73:da:f4:74:7e:f7:6c:50:bb:80:d5:47:a7:7e:89:b9:c7:3f:
09:69:79:a8:08:c8:f2:c6:a8:81:81:03:23:94:6b:8c:ae:9b:
9b:54:15:64
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZlw0wze2VEyTJNNJ0dgn8XJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0NWNlYjI5MjA4OWUwZGY3NTcxOWRiM2U5NmM1MDk3NTRm
OTQ4MzcwHhcNMjUwOTIyMDk0ODIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNzUzNTc1NjAwMmJkODhkNWU1ZDM3YmQ2YmQ5MjJjZDMxNmUxYzllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmWeQByk3Y1ewiYffH739E90Rj3no
vfJPTASI5S01L7IdL0BcRmEFZwUVOthX8A5Ttt6vRCrwWA5q1xe0e8d+5hs7cdjW
yKWpB4gZFTJ0rIpiq3d4D1FYfkDX1kMgshxiDuZz1khv3IhEhMRwq9GLYtsD3iKQ
8etJf9vbqiyfKpK5aQGomFIQrRpjU77XAgMWK3AicKaeCdTb+z/NpkHiELVv1KOl
KAG45cGpliXzOl7LxEY3RfWsRVfk984Onc/gupFgh2qZBDO00DnhpWv3j0j25+z3
uemlpVF0E7NGBvrINocfYqhpnmaXqj4gzD7CZqAS2rMAQ4SrZxGUW2iN+QIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFOdTV1YAK9iNXl03vWvZIs0xbhyeMB8GA1UdIwQY
MBaAFBRc6ykgieDfdXGds+lsUJdU+Ug3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEt
MTI3MTljMjYxY2MwLzEvNTFOWFZnQXIySTFlWFRlOWE5a2l6VEZ1SEo0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS9jNzFmZGUtM2VmMi00YmY3LTg2NDEtMTI3MTljMjYxY2Mw
LzEvRkZ6cktTQ0o0TjkxY1oyejZXeFFsMVQ1U0RjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDAqBAIAATAkAwQCAju8AwQC
LZcIAwQCuZmIAwQCuaoUAwQCufzsAwQCwcs0MCIEAgACMBwDBQMqCffAAwUDKgoD
AAMFAyoKbYADBQMqDC3AMA0GCSqGSIb3DQEBCwUAA4IBAQAfvpywqNAegs1s3KA5
bJYFlzFusroZxLoee0OQIwKF4lGTckUj5eNXbqlkIvLojnvzg/bU+DiPUnSJxpJ2
AQBi3XyugPEu/WmwT4A6HYM9FhaoCAzwOa8TGdtpa26c8/zaPWk2ePaX2li6ySOh
Qpsw31YghutiZyw8Da7BfPjPDhpl39ezFXa9qbryw2PNjJqlgO2WQ3GeGLadarZg
8qm3y6vps1XjbnsNYZcMdaeoT1qUb+srqwzMbVajGBOmpOY8H3RCD37GT6m+m03k
yHgXkCNH0HyNgxVz2vR0fvdsULuA1Uenfom5xz8JaXmoCMjyxqiBgQMjlGuMrpub
VBVk
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:59 2025 by rpki-client