Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/5AXDwMNDZZJ0p2E5YCI5vVZD8a4.roa
File: 5AXDwMNDZZJ0p2E5YCI5vVZD8a4.roa (raw, json)
Hash identifier: FFW/pHdY/n3mzgFNkaOSLkOhdoLgzZsHvl8kfEiEWu8=
Subject key identifier: E4:05:C3:C0:C3:43:65:92:74:A7:61:39:60:22:39:BD:56:43:F1:AE
Certificate issuer: /CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Certificate serial: 0199B9D741D243AA836025F8FD69CBB9A38C
Authority key identifier: 23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/5AXDwMNDZZJ0p2E5YCI5vVZD8a4.roa
Signing time: Mon 06 Oct 2025 14:05:16 +0000
ROA not before: Mon 06 Oct 2025 14:05:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51449
IP address blocks: 82.144.136.0/24 maxlen: 24
82.144.143.0/24 maxlen: 24
82.144.146.0/24 maxlen: 24
82.144.147.0/24 maxlen: 24
2a02:d07::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.mft
rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b9:d7:41:d2:43:aa:83:60:25:f8:fd:69:cb:b9:a3:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23259da3b1b38ca0939f490fb9043fcd89cfd062
Validity
Not Before: Oct 6 14:05:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e405c3c0c343659274a76139602239bd5643f1ae
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:23:0e:d6:02:9a:91:3d:bb:5a:9d:53:15:93:
df:fc:b3:a3:d5:6e:f2:3b:8a:73:03:9a:42:08:07:
9c:c6:5b:a7:ae:69:10:9a:61:8e:7c:ba:ae:16:e0:
64:2d:af:df:97:f6:8d:eb:ff:8d:ad:31:82:96:e6:
ca:50:e4:5e:11:2e:ac:41:81:8e:59:34:77:19:d7:
1e:75:c7:1e:95:5d:8b:de:9a:48:35:2b:07:63:0f:
25:2b:f0:48:16:89:4c:13:02:de:99:46:8d:2f:95:
c9:3e:aa:98:b4:ab:9c:6b:ba:ad:1a:b8:72:21:38:
cd:5e:96:92:a2:39:45:88:1e:66:15:02:e1:b5:a9:
02:3b:41:e6:e5:19:9e:0c:27:f7:7b:55:db:66:06:
fc:02:2a:03:e1:16:37:29:73:61:f3:31:8c:1b:a4:
06:d7:ae:1b:39:f2:41:d7:7a:5d:5d:d0:bc:59:5e:
2e:bb:23:cd:b9:4a:d3:9d:e3:0c:03:6f:fe:13:7d:
5e:a1:04:45:6e:e0:f8:5a:84:05:2f:42:41:84:63:
37:c4:b1:9d:c4:1d:1e:7b:fe:23:bc:5b:bc:bf:87:
10:68:3d:95:a8:3f:64:e5:a6:ae:6c:67:38:60:90:
22:3a:05:b8:66:f2:79:f4:0f:a8:4c:0e:c4:82:cf:
4f:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:05:C3:C0:C3:43:65:92:74:A7:61:39:60:22:39:BD:56:43:F1:AE
X509v3 Authority Key Identifier:
keyid:23:25:9D:A3:B1:B3:8C:A0:93:9F:49:0F:B9:04:3F:CD:89:CF:D0:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/5AXDwMNDZZJ0p2E5YCI5vVZD8a4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/91a5fd-e56c-4d87-bd75-654dd6442ce4/1/IyWdo7GzjKCTn0kPuQQ_zYnP0GI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.144.136.0/24
82.144.143.0/24
82.144.146.0/23
IPv6:
2a02:d07::/32
Signature Algorithm: sha256WithRSAEncryption
2a:a7:9e:3b:5b:e1:72:f0:1c:90:9f:42:8f:17:44:a3:e9:d9:
fe:ec:8c:15:8c:c0:31:c6:16:d9:0d:f1:e3:e5:a0:d5:21:24:
16:3d:68:5c:68:e0:89:c0:e5:cb:fb:be:67:f8:81:72:4a:15:
aa:e4:12:4c:46:6d:f5:42:21:84:06:df:1c:4a:01:29:a3:2d:
7b:86:6e:3b:76:03:59:f9:19:a4:8b:db:52:47:ae:fa:4d:4c:
a8:14:20:c5:e0:88:42:25:e5:39:56:2f:43:d5:8f:67:c6:2c:
af:e3:20:89:07:9d:03:d5:b5:22:92:00:16:69:89:5d:84:87:
b3:4e:e3:9b:99:ae:b5:9e:d5:80:71:dc:80:9b:29:0d:47:c6:
32:c7:b8:51:eb:91:1d:d8:1d:fb:f8:06:09:6a:ce:3c:78:19:
5d:38:ab:47:ac:1c:4f:02:62:95:b7:34:51:2e:a4:d8:e0:31:
3f:40:3d:63:81:cf:84:ce:2b:d3:ed:fb:d4:5f:53:ad:88:d4:
72:09:02:57:f2:c2:14:bc:10:3a:50:2d:0e:33:0d:75:d2:71:
07:80:89:ae:3a:73:fb:83:54:e7:e5:0f:9b:88:7f:c4:fd:27:
e3:16:eb:77:d1:46:e1:14:0f:8d:c6:a6:9c:e2:2b:06:14:5b:
65:9b:40:55
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZm510HSQ6qDYCX4/WnLuaOMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzMjU5ZGEzYjFiMzhjYTA5MzlmNDkwZmI5MDQzZmNkODlj
ZmQwNjIwHhcNMjUxMDA2MTQwNTE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDA1YzNjMGMzNDM2NTkyNzRhNzYxMzk2MDIyMzliZDU2NDNmMWFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCMO1gKakT27Wp1TFZPf/LOj1W7y
O4pzA5pCCAecxlunrmkQmmGOfLquFuBkLa/fl/aN6/+NrTGClubKUOReES6sQYGO
WTR3GdcedccelV2L3ppINSsHYw8lK/BIFolMEwLemUaNL5XJPqqYtKuca7qtGrhy
ITjNXpaSojlFiB5mFQLhtakCO0Hm5RmeDCf3e1XbZgb8AioD4RY3KXNh8zGMG6QG
164bOfJB13pdXdC8WV4uuyPNuUrTneMMA2/+E31eoQRFbuD4WoQFL0JBhGM3xLGd
xB0ee/4jvFu8v4cQaD2VqD9k5aaubGc4YJAiOgW4ZvJ59A+oTA7Egs9POQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOQFw8DDQ2WSdKdhOWAiOb1WQ/GuMB8GA1UdIwQY
MBaAFCMlnaOxs4ygk59JD7kEP82Jz9BiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUt
NjU0ZGQ2NDQyY2U0LzEvNUFYRHdNTkRaWkowcDJFNVlDSTV2VlpEOGE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy85MWE1ZmQtZTU2Yy00ZDg3LWJkNzUtNjU0ZGQ2NDQyY2U0
LzEvSXlXZG83R3pqS0NUbjBrUHVRUV96WW5QMEdJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAUpCIAwQA
UpCPAwQBUpCSMA0EAgACMAcDBQAqAg0HMA0GCSqGSIb3DQEBCwUAA4IBAQAqp547
W+Fy8ByQn0KPF0Sj6dn+7IwVjMAxxhbZDfHj5aDVISQWPWhcaOCJwOXL+75n+IFy
ShWq5BJMRm31QiGEBt8cSgEpoy17hm47dgNZ+Rmki9tSR676TUyoFCDF4IhCJeU5
Vi9D1Y9nxiyv4yCJB50D1bUikgAWaYldhIezTuObma61ntWAcdyAmykNR8Yyx7hR
65Ed2B37+AYJas48eBldOKtHrBxPAmKVtzRRLqTY4DE/QD1jgc+EzivT7fvUX1Ot
iNRyCQJX8sIUvBA6UC0OMw110nEHgImuOnP7g1Tn5Q+biH/E/SfjFut30UbhFA+N
xqac4isGFFtlm0BV
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:13:09 2025 by rpki-client