Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/E83frRAKntD4nIpmLLlDFnDmwrE.roa
File: E83frRAKntD4nIpmLLlDFnDmwrE.roa (raw, json)
Hash identifier: no2xUk2K6bJpEcjtJeTqAFy6TGnwm5W/7draqh+RfBA=
Subject key identifier: 13:CD:DF:AD:10:0A:9E:D0:F8:9C:8A:66:2C:B9:43:16:70:E6:C2:B1
Certificate issuer: /CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Certificate serial: 01999908EBB0A63442B8808E5E64A48FDB44
Authority key identifier: 5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/E83frRAKntD4nIpmLLlDFnDmwrE.roa
Signing time: Tue 30 Sep 2025 05:12:02 +0000
ROA not before: Tue 30 Sep 2025 05:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62173
IP address blocks: 185.75.196.0/23 maxlen: 23
185.75.196.0/24 maxlen: 24
185.75.197.0/24 maxlen: 24
185.75.198.0/23 maxlen: 23
185.75.198.0/24 maxlen: 24
185.75.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl
rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.mft
rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:08:eb:b0:a6:34:42:b8:80:8e:5e:64:a4:8f:db:44
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c45ceb18b14a737282b75af0ba16cffd7a6abae
Validity
Not Before: Sep 30 05:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13cddfad100a9ed0f89c8a662cb9431670e6c2b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7a:ba:31:28:f0:c8:e4:18:54:e6:23:1a:a9:
68:e5:ab:1a:0a:76:be:40:06:af:f2:a7:5b:39:2f:
e1:c6:8c:fa:14:0e:aa:03:16:29:67:05:31:be:7b:
ba:ed:0e:86:27:91:19:e2:43:53:9e:7e:c0:35:d1:
fc:ef:49:3e:15:1b:85:eb:2d:a6:24:a4:ec:a9:07:
f3:d0:97:3b:ba:e1:3b:02:57:ba:f2:73:65:05:a1:
0a:55:5e:6b:5f:8b:cb:d9:ab:08:56:64:02:cf:5d:
a6:6c:7f:0d:a0:a5:ab:65:50:99:67:ed:2c:4b:ef:
23:69:98:52:3b:f5:b9:8a:72:8a:f3:56:29:1a:64:
d1:09:12:18:47:1e:16:7a:42:4f:17:9e:35:76:bb:
b2:33:1c:56:f9:81:1b:b9:d6:40:b3:a7:75:3b:d6:
eb:ba:7b:8d:87:b9:3f:b5:a1:5c:09:26:c8:f9:f8:
dc:a4:e0:29:0d:e1:90:9b:d8:d7:c8:05:0b:f3:91:
a7:21:bc:b1:db:44:5f:4a:9a:fd:f0:f3:f9:97:86:
b8:84:bf:b1:92:6a:f1:25:fc:cf:06:25:25:e8:84:
f0:38:ce:28:a1:f3:ed:36:2b:f7:78:46:84:8f:29:
a1:f5:f3:44:3a:a1:e9:4d:73:10:3a:dc:a2:c4:c5:
2a:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:CD:DF:AD:10:0A:9E:D0:F8:9C:8A:66:2C:B9:43:16:70:E6:C2:B1
X509v3 Authority Key Identifier:
keyid:5C:45:CE:B1:8B:14:A7:37:28:2B:75:AF:0B:A1:6C:FF:D7:A6:AB:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XEXOsYsUpzcoK3WvC6Fs_9emq64.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/E83frRAKntD4nIpmLLlDFnDmwrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3e/d71ef8-4b98-400a-89ee-c61bf7749df5/1/XEXOsYsUpzcoK3WvC6Fs_9emq64.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.75.196.0/22
Signature Algorithm: sha256WithRSAEncryption
14:63:74:92:5e:c0:a1:02:ab:25:4b:ec:56:df:3f:d9:89:14:
19:37:dd:4b:81:54:4e:47:d1:76:22:3c:d7:40:94:7c:10:7d:
4f:55:17:62:b5:d7:ac:d0:18:86:2e:d0:8d:ae:0a:ea:9e:53:
8a:c7:ea:52:1a:d8:84:92:14:da:15:18:ec:4b:4e:3d:b6:82:
71:d8:c6:61:5c:d4:5a:28:8e:96:06:92:12:8b:6c:b4:98:1c:
5c:06:6f:b9:b2:11:d0:5c:2f:97:dd:84:9a:22:41:d1:94:67:
4d:8e:77:7a:49:42:c1:97:75:75:b4:76:23:32:f9:b8:28:42:
2a:c6:96:dc:ce:47:e7:98:04:3f:48:85:8e:73:1f:80:5f:6d:
07:ee:53:92:4b:6e:6a:52:f3:35:32:fc:ff:b6:f7:ed:d6:ab:
7f:14:db:7d:67:ce:4c:b9:92:7f:70:2c:6c:fc:ce:86:b0:22:
24:48:94:fd:60:5d:05:ad:a8:4c:9d:73:d3:c1:be:60:f9:79:
b7:08:7a:c9:13:b7:2e:4e:d5:f5:60:06:3b:3c:f7:c9:77:98:
53:eb:d0:34:97:b6:0f:a7:b4:b0:d9:40:d0:c7:ca:85:9f:00:
4f:35:69:dd:63:ba:4b:ca:89:16:9e:bc:dd:90:2b:ae:60:6f:
7d:ce:4e:fa
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmZCOuwpjRCuICOXmSkj9tEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjNDVjZWIxOGIxNGE3MzcyODJiNzVhZjBiYTE2Y2ZmZDdh
NmFiYWUwHhcNMjUwOTMwMDUxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxM2NkZGZhZDEwMGE5ZWQwZjg5YzhhNjYyY2I5NDMxNjcwZTZjMmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArnq6MSjwyOQYVOYjGqlo5asaCna+
QAav8qdbOS/hxoz6FA6qAxYpZwUxvnu67Q6GJ5EZ4kNTnn7ANdH870k+FRuF6y2m
JKTsqQfz0Jc7uuE7Ale68nNlBaEKVV5rX4vL2asIVmQCz12mbH8NoKWrZVCZZ+0s
S+8jaZhSO/W5inKK81YpGmTRCRIYRx4WekJPF541druyMxxW+YEbudZAs6d1O9br
unuNh7k/taFcCSbI+fjcpOApDeGQm9jXyAUL85GnIbyx20RfSpr98PP5l4a4hL+x
kmrxJfzPBiUl6ITwOM4oofPtNiv3eEaEjymh9fNEOqHpTXMQOtyixMUqSQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFBPN360QCp7Q+JyKZiy5QxZw5sKxMB8GA1UdIwQY
MBaAFFxFzrGLFKc3KCt1rwuhbP/XpquuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUt
YzYxYmY3NzQ5ZGY1LzEvRTgzZnJSQUtudEQ0bklwbUxMbERGbkRtd3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZS9kNzFlZjgtNGI5OC00MDBhLTg5ZWUtYzYxYmY3NzQ5ZGY1
LzEvWEVYT3NZc1VwemNvSzNXdkM2RnNfOWVtcTY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCuUvEMA0G
CSqGSIb3DQEBCwUAA4IBAQAUY3SSXsChAqslS+xW3z/ZiRQZN91LgVROR9F2IjzX
QJR8EH1PVRditdes0BiGLtCNrgrqnlOKx+pSGtiEkhTaFRjsS049toJx2MZhXNRa
KI6WBpISi2y0mBxcBm+5shHQXC+X3YSaIkHRlGdNjnd6SULBl3V1tHYjMvm4KEIq
xpbczkfnmAQ/SIWOcx+AX20H7lOSS25qUvM1Mvz/tvft1qt/FNt9Z85MuZJ/cCxs
/M6GsCIkSJT9YF0FrahMnXPTwb5g+Xm3CHrJE7cuTtX1YAY7PPfJd5hT69A0l7YP
p7Sw2UDQx8qFnwBPNWndY7pLyokWnrzdkCuuYG99zk76
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:21 2025 by rpki-client