Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/R9wvbwR8vf6XKX0eGcMmD8X8Klo.roa
File: R9wvbwR8vf6XKX0eGcMmD8X8Klo.roa (raw, json)
Hash identifier: MTZzbOkg2UHrN+bJCxm0dSAtniaWbyC3ZD9jm9TIAQw=
Subject key identifier: 47:DC:2F:6F:04:7C:BD:FE:97:29:7D:1E:19:C3:26:0F:C5:FC:2A:5A
Certificate issuer: /CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Certificate serial: 01995201D3F85273A17E50D0674A36598C25
Authority key identifier: 19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/R9wvbwR8vf6XKX0eGcMmD8X8Klo.roa
Signing time: Tue 16 Sep 2025 10:11:15 +0000
ROA not before: Tue 16 Sep 2025 10:11:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207375
IP address blocks: 45.145.108.0/22 maxlen: 25
80.64.232.0/21 maxlen: 25
91.236.231.0/24 maxlen: 24
93.88.24.0/22 maxlen: 25
146.19.16.0/24 maxlen: 24
178.211.143.0/24 maxlen: 24
185.11.60.0/24 maxlen: 24
185.80.88.0/24 maxlen: 24
185.145.53.0/24 maxlen: 24
185.205.201.0/24 maxlen: 24
185.234.217.0/24 maxlen: 24
193.33.34.0/24 maxlen: 24
193.178.114.0/24 maxlen: 24
193.243.146.0/24 maxlen: 24
194.31.110.0/24 maxlen: 24
2a0e:fdc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.mft
rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:52:01:d3:f8:52:73:a1:7e:50:d0:67:4a:36:59:8c:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19a43d81657a3c38c150de55797f1c7b5f0c2ebb
Validity
Not Before: Sep 16 10:11:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=47dc2f6f047cbdfe97297d1e19c3260fc5fc2a5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:ee:bb:01:b8:bd:f9:8b:c0:d6:93:6e:d3:b7:
13:15:24:53:9f:e7:12:b6:35:f9:c6:fa:1f:f0:72:
0a:98:d2:b5:7c:1d:88:a4:2e:22:78:9d:51:93:cf:
57:d0:31:3c:68:a7:71:56:de:21:37:73:d1:a6:59:
22:2b:10:d3:59:51:e4:49:ed:f6:20:19:b1:38:e5:
54:f8:8f:3e:8c:21:88:8a:08:c3:66:f0:07:6e:10:
06:86:15:66:c0:29:64:16:51:cb:26:b2:c5:86:24:
a7:44:24:9a:e6:20:1f:2f:04:4b:8a:a1:6a:b8:4e:
7e:55:d3:27:0f:80:54:88:d0:fb:88:e7:8d:73:f9:
5d:8e:db:54:c4:5d:8e:53:93:57:f5:5e:20:a9:d8:
1e:5d:b3:73:2a:d4:b6:a6:c2:fb:3c:ff:23:bd:e8:
d7:cb:e2:44:db:68:38:a7:18:c1:bb:c5:72:1d:d8:
f0:dc:6e:61:7b:0c:da:3a:5b:b4:81:32:34:36:ee:
b1:48:3c:b7:b8:25:48:f6:78:93:d7:05:7e:a9:55:
ac:b5:ee:ad:a6:d9:97:0e:a1:33:53:c3:8e:ce:aa:
a2:8f:bd:bf:2b:c3:7a:27:6a:80:32:9c:0a:59:5c:
74:69:71:c6:51:d4:aa:34:91:7e:b0:33:3d:c0:00:
c0:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:DC:2F:6F:04:7C:BD:FE:97:29:7D:1E:19:C3:26:0F:C5:FC:2A:5A
X509v3 Authority Key Identifier:
keyid:19:A4:3D:81:65:7A:3C:38:C1:50:DE:55:79:7F:1C:7B:5F:0C:2E:BB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GaQ9gWV6PDjBUN5VeX8ce18MLrs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/R9wvbwR8vf6XKX0eGcMmD8X8Klo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/0f3c61-02df-4af7-b93f-07f74c019732/1/GaQ9gWV6PDjBUN5VeX8ce18MLrs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.108.0/22
80.64.232.0/21
91.236.231.0/24
93.88.24.0/22
146.19.16.0/24
178.211.143.0/24
185.11.60.0/24
185.80.88.0/24
185.145.53.0/24
185.205.201.0/24
185.234.217.0/24
193.33.34.0/24
193.178.114.0/24
193.243.146.0/24
194.31.110.0/24
IPv6:
2a0e:fdc0::/29
Signature Algorithm: sha256WithRSAEncryption
7d:1b:8c:cc:64:ea:76:e2:dc:69:d0:35:e4:ac:eb:c9:02:03:
fa:40:fd:5d:98:d0:5f:25:01:3a:0d:34:63:13:29:01:f6:33:
bc:e4:aa:4f:33:c8:c5:5f:1b:ab:16:fc:86:25:73:bc:59:f9:
96:d3:d3:4b:d6:1d:42:aa:a6:1c:05:6d:26:7d:87:9b:5f:64:
9a:75:34:e6:44:d6:28:12:f1:fe:ac:88:ae:ff:8c:ed:65:08:
1a:20:bb:44:94:54:c2:0f:6d:ea:63:c7:79:d4:a3:58:13:d3:
ad:27:e7:d6:e1:48:99:ed:ee:8f:5d:3e:b1:93:68:7b:db:85:
1c:e8:42:83:68:99:df:51:71:9f:be:0a:c3:c8:aa:1d:30:dc:
b6:cc:35:b2:87:75:6b:48:cd:ef:a6:fe:a1:12:6c:46:8b:f2:
12:2e:82:ab:93:38:bf:b0:bd:d7:b9:a3:20:b0:6d:95:ba:d9:
e3:92:5f:a1:32:de:e4:01:5c:10:d4:e9:1c:32:c6:76:19:f2:
ee:d1:c7:92:8c:91:d9:78:eb:dc:3e:45:7a:76:9c:a5:f3:96:
05:d2:44:3e:fb:19:3d:34:fb:c8:f6:94:aa:86:d6:7b:10:62:
43:eb:a3:98:c8:92:6b:ef:da:a7:15:f8:10:98:7f:20:ab:0a:
70:16:2d:cf
-----BEGIN CERTIFICATE-----
MIIFYTCCBEmgAwIBAgISAZlSAdP4UnOhflDQZ0o2WYwlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5YTQzZDgxNjU3YTNjMzhjMTUwZGU1NTc5N2YxYzdiNWYw
YzJlYmIwHhcNMjUwOTE2MTAxMTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0N2RjMmY2ZjA0N2NiZGZlOTcyOTdkMWUxOWMzMjYwZmM1ZmMyYTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr+67Abi9+YvA1pNu07cTFSRTn+cS
tjX5xvof8HIKmNK1fB2IpC4ieJ1Rk89X0DE8aKdxVt4hN3PRplkiKxDTWVHkSe32
IBmxOOVU+I8+jCGIigjDZvAHbhAGhhVmwClkFlHLJrLFhiSnRCSa5iAfLwRLiqFq
uE5+VdMnD4BUiND7iOeNc/ldjttUxF2OU5NX9V4gqdgeXbNzKtS2psL7PP8jvejX
y+JE22g4pxjBu8VyHdjw3G5hewzaOlu0gTI0Nu6xSDy3uCVI9niT1wV+qVWste6t
ptmXDqEzU8OOzqqij72/K8N6J2qAMpwKWVx0aXHGUdSqNJF+sDM9wADA8wIDAQAB
o4ICbTCCAmkwHQYDVR0OBBYEFEfcL28EfL3+lyl9HhnDJg/F/CpaMB8GA1UdIwQY
MBaAFBmkPYFlejw4wVDeVXl/HHtfDC67MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2Yt
MDdmNzRjMDE5NzMyLzEvUjl3dmJ3Ujh2ZjZYS1gwZUdjTW1EOFg4S2xvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC8wZjNjNjEtMDJkZi00YWY3LWI5M2YtMDdmNzRjMDE5NzMy
LzEvR2FROWdXVjZQRGpCVU41VmVYOGNlMThNTHJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGCBggrBgEFBQcBBwEB/wRzMHEwYAQCAAEwWgMEAi2RbAME
A1BA6AMEAFvs5wMEAl1YGAMEAJITEAMEALLTjwMEALkLPAMEALlQWAMEALmRNQME
ALnNyQMEALnq2QMEAMEhIgMEAMGycgMEAMHzkgMEAMIfbjANBAIAAjAHAwUDKg79
wDANBgkqhkiG9w0BAQsFAAOCAQEAfRuMzGTqduLcadA15KzryQID+kD9XZjQXyUB
Og00YxMpAfYzvOSqTzPIxV8bqxb8hiVzvFn5ltPTS9YdQqqmHAVtJn2Hm19kmnU0
5kTWKBLx/qyIrv+M7WUIGiC7RJRUwg9t6mPHedSjWBPTrSfn1uFIme3uj10+sZNo
e9uFHOhCg2iZ31Fxn74Kw8iqHTDctsw1sod1a0jN76b+oRJsRovyEi6Cq5M4v7C9
17mjILBtlbrZ45JfoTLe5AFcENTpHDLGdhny7tHHkoyR2Xjr3D5FenacpfOWBdJE
PvsZPTT7yPaUqobWexBiQ+ujmMiSa+/apxX4EJh/IKsKcBYtzw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:46:44 2025 by rpki-client