Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/RWBCbOOdbBGTferrrFeH21g0Q-s.roa
File: RWBCbOOdbBGTferrrFeH21g0Q-s.roa (raw, json)
Hash identifier: OgUeYLtx1plcBJ0e3g1wF6V6jlWOtr/OpNuK7tUONQE=
Subject key identifier: 45:60:42:6C:E3:9D:6C:11:93:7D:EA:EB:AC:57:87:DB:58:34:43:EB
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 0199534A808F92B48C2E9FF8FB504A5C2298
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/RWBCbOOdbBGTferrrFeH21g0Q-s.roa
Signing time: Tue 16 Sep 2025 16:10:15 +0000
ROA not before: Tue 16 Sep 2025 16:10:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46261
IP address blocks: 5.44.255.0/24 maxlen: 24
46.253.130.0/24 maxlen: 24
59.152.124.0/22 maxlen: 24
61.14.224.0/22 maxlen: 24
62.106.64.0/24 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/22 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
91.132.84.0/23 maxlen: 23
91.132.86.0/24 maxlen: 24
91.132.87.0/24 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
146.19.82.0/24 maxlen: 24
160.238.96.0/22 maxlen: 24
185.93.4.0/24 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.156.0/22 maxlen: 24
185.147.158.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.158.136.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.56.0/22 maxlen: 24
185.196.24.0/23 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.206.20.0/24 maxlen: 24
185.206.22.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.214.140.0/22 maxlen: 24
185.214.142.0/23 maxlen: 24
185.214.240.0/23 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.242.0/23 maxlen: 24
185.218.185.0/24 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.254.0/23 maxlen: 24
185.227.254.0/24 maxlen: 24
185.228.44.0/22 maxlen: 24
185.232.42.0/24 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.3.16.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.8.134.0/24 maxlen: 24
194.50.192.0/22 maxlen: 24
194.69.161.0/24 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
213.109.157.0/24 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580::/32 maxlen: 48
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:53:4a:80:8f:92:b4:8c:2e:9f:f8:fb:50:4a:5c:22:98
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Sep 16 16:10:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4560426ce39d6c11937deaebac5787db583443eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:c4:48:0e:1a:0e:b2:00:b1:b5:25:34:40:c4:
51:3b:66:a7:26:fe:0b:01:19:3b:03:72:07:aa:cc:
4f:a4:51:3c:eb:d4:5e:f4:f7:1c:2b:6d:4f:1c:30:
7d:57:e4:76:e7:cb:98:49:29:71:7d:14:b5:b4:4f:
f1:93:a6:b7:57:75:ce:82:3e:7a:80:df:f6:a2:73:
82:ea:db:77:44:d9:e6:8a:44:bd:26:99:94:d0:5f:
2b:0a:de:72:ac:f1:28:c1:a7:d8:12:8a:1b:4f:29:
0d:75:6a:31:b5:a8:78:da:65:ac:d1:f2:04:5d:08:
af:11:81:64:e4:21:53:14:6e:a3:85:19:21:1c:ee:
de:81:09:2e:e7:97:75:c9:29:cb:e0:30:02:bd:03:
29:f3:65:ef:96:60:5d:a6:c9:04:17:9c:31:3c:c9:
6a:1c:1a:7c:99:cc:fb:64:18:da:4f:cb:86:c2:49:
2b:cd:4b:bc:9e:b3:f6:c0:a2:73:92:fa:3a:26:98:
6c:27:e5:07:1c:69:d3:6d:6d:e5:8a:ec:a4:84:bb:
57:74:84:67:6b:33:67:cf:1e:97:c9:b1:96:df:e7:
ad:e0:98:7f:18:30:4c:57:5f:6f:9b:83:11:56:6f:
0e:2b:6b:99:95:c2:89:d3:cf:7d:d5:95:5f:81:d7:
1b:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:60:42:6C:E3:9D:6C:11:93:7D:EA:EB:AC:57:87:DB:58:34:43:EB
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/RWBCbOOdbBGTferrrFeH21g0Q-s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.255.0/24
46.253.130.0/24
59.152.124.0/22
61.14.224.0/22
62.106.64.0/24
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
146.19.82.0/24
160.238.96.0/22
185.93.4.0/24
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.158.136.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/22
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.218.185.0/24
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.232.42.0/24
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.3.16.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.8.134.0/24
194.50.192.0/22
194.69.161.0/24
195.216.148.0/22
195.245.74.0/23
213.109.157.0/24
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
18:04:a3:c1:b2:10:df:0e:b6:b7:10:55:7d:a5:52:88:a0:55:
62:c5:b3:d9:43:a7:ce:71:c9:ca:eb:88:da:75:5b:9d:82:ce:
e8:76:cd:9c:0e:dc:a0:37:c9:1a:b1:c7:22:0f:c5:58:45:8a:
48:76:66:b0:9b:ed:08:fa:54:e0:19:dd:66:6d:ec:06:31:dc:
7c:6b:02:3c:84:22:93:28:45:85:11:e5:9e:52:ed:8d:63:59:
6d:99:f2:8a:3c:72:d7:17:ec:a1:8b:a9:ff:4a:ab:f2:17:36:
77:8d:bd:16:20:51:ec:26:97:76:ed:aa:ed:b3:77:a3:d5:6f:
4d:46:3d:1c:1f:16:bb:58:42:01:e9:c3:e4:06:04:5b:c9:33:
ab:99:0f:10:42:c0:0c:0d:1b:78:da:b5:d4:0f:07:9e:df:6c:
9a:32:e3:fc:5e:0b:73:49:70:ca:11:ae:38:a7:35:d3:3b:9a:
b0:6c:5b:11:89:cd:fa:84:7c:41:8b:af:f0:5c:15:57:72:ff:
fb:89:fa:24:63:02:20:65:a7:6e:ba:74:c4:55:f4:80:76:26:
b6:d0:69:53:57:a1:b3:d7:a2:9c:ea:ac:74:a5:1d:1a:3a:c3:
2c:40:a1:5a:bb:73:4c:32:cc:5f:f0:46:46:de:59:29:12:a2:
e4:99:d6:40
-----BEGIN CERTIFICATE-----
MIIGSDCCBTCgAwIBAgISAZlTSoCPkrSMLp/4+1BKXCKYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjUwOTE2MTYxMDE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTYwNDI2Y2UzOWQ2YzExOTM3ZGVhZWJhYzU3ODdkYjU4MzQ0M2ViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvcRIDhoOsgCxtSU0QMRRO2anJv4L
ARk7A3IHqsxPpFE869Re9PccK21PHDB9V+R258uYSSlxfRS1tE/xk6a3V3XOgj56
gN/2onOC6tt3RNnmikS9JpmU0F8rCt5yrPEowafYEoobTykNdWoxtah42mWs0fIE
XQivEYFk5CFTFG6jhRkhHO7egQku55d1ySnL4DACvQMp82XvlmBdpskEF5wxPMlq
HBp8mcz7ZBjaT8uGwkkrzUu8nrP2wKJzkvo6JphsJ+UHHGnTbW3liuykhLtXdIRn
azNnzx6XybGW3+et4Jh/GDBMV19vm4MRVm8OK2uZlcKJ08991ZVfgdcbRQIDAQAB
o4IDVDCCA1AwHQYDVR0OBBYEFEVgQmzjnWwRk33q66xXh9tYNEPrMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvUldCQ2JPT2RiQkdUZmVycnJGZUgyMWcwUS1zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBaAYIKwYBBQUHAQcBAf8EggFXMIIBUzCCAUAEAgABMIIB
OAMEAAUs/wMEAC79ggMEAjuYfAMEAj0O4AMEAD5qQAMEA09usAMEAlUIlAMEAlXK
rAMEAluEVAMEAmfLKAMEAmfNVAMEAmfPoAMEAnkufAMEAJITUgMEAqDuYAMEALld
BAMEALlpCgMEArl2hAMEArmRLAMEArmTnAMEArmd6AMEArmeiAMEArmwWAMEArm+
OAMEArnEGAMEArnKLAMEArnOFAMEArnRgAMEArnVEAMEArnWjAMEArnW8AMEALna
uQMEArnbFAMEArnhDAMEArnj/AMEArnkLAMEALnoKgMEArnreAMEALnucwMEALny
uQMEAMEDEAMEAsEfcAMEAMGjIwMEAsGwdAMEAsG7tAMEAMIIhgMEAsIywAMEAMJF
oQMEAsPYlAMEAcP1SgMEANVtnQMEAtkSODANBAIAAjAHAwUDKgdFgDANBgkqhkiG
9w0BAQsFAAOCAQEAGASjwbIQ3w62txBVfaVSiKBVYsWz2UOnznHJyuuI2nVbnYLO
6HbNnA7coDfJGrHHIg/FWEWKSHZmsJvtCPpU4BndZm3sBjHcfGsCPIQikyhFhRHl
nlLtjWNZbZnyijxy1xfsoYup/0qr8hc2d429FiBR7CaXdu2q7bN3o9VvTUY9HB8W
u1hCAenD5AYEW8kzq5kPEELADA0beNq11A8Hnt9smjLj/F4Lc0lwyhGuOKc10zua
sGxbEYnN+oR8QYuv8FwVV3L/+4n6JGMCIGWnbrp0xFX0gHYmttBpU1ehs9einOqs
dKUdGjrDLEChWrtzTDLMX/BGRt5ZKRKi5JnWQA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:47:34 2025 by rpki-client