Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/kLOHs2aUXUatQyKVPIEe-1d92MQ.roa
File: kLOHs2aUXUatQyKVPIEe-1d92MQ.roa (raw, json)
Hash identifier: B5tdEXGniW22KjPp3AjVEy2zyRZTbkwM1WWA2qg8bSc=
Subject key identifier: 90:B3:87:B3:66:94:5D:46:AD:43:22:95:3C:81:1E:FB:57:7D:D8:C4
Certificate issuer: /CN=b96e8b6d73f2f38548996f66621330a8d7108529
Certificate serial: 0199E1B98DAE1607D8005D8248C21AE9C648
Authority key identifier: B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/kLOHs2aUXUatQyKVPIEe-1d92MQ.roa
Signing time: Tue 14 Oct 2025 07:57:37 +0000
ROA not before: Tue 14 Oct 2025 07:57:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43366
IP address blocks: 5.133.84.0/22 maxlen: 24
185.197.188.0/22 maxlen: 24
185.205.240.0/22 maxlen: 24
192.145.24.0/22 maxlen: 24
194.164.116.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:b9:8d:ae:16:07:d8:00:5d:82:48:c2:1a:e9:c6:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b96e8b6d73f2f38548996f66621330a8d7108529
Validity
Not Before: Oct 14 07:57:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90b387b366945d46ad4322953c811efb577dd8c4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:33:65:c9:92:9a:b5:8d:b5:27:ef:92:95:95:
53:98:07:8f:b4:2d:6f:0e:5f:4c:a4:fd:06:f4:a0:
7b:22:7f:74:b9:e3:cb:f3:30:c3:44:71:53:97:8d:
71:cc:b8:93:45:68:ef:c4:34:b4:04:f7:37:6c:ac:
77:d1:12:bd:be:d2:bc:2b:f8:79:2b:c8:65:0e:54:
36:6e:34:98:e2:bc:79:1d:f6:97:80:de:04:89:39:
e7:0f:f0:66:1b:2e:3c:75:ce:9b:de:d7:fe:3a:46:
95:58:ae:3e:f3:0f:b0:68:8d:a2:02:cf:8b:cb:a9:
28:4f:32:d9:77:95:ac:91:4d:f9:d2:d5:1c:a4:be:
e2:8b:a7:2d:f1:80:1b:6c:68:7c:b6:20:3a:9b:a3:
82:ff:e1:a0:2d:00:77:bc:a0:ba:8d:56:6c:5d:6d:
32:17:cc:d5:0a:5b:9e:56:40:1d:bd:a6:a4:7f:80:
69:fc:29:ac:c6:72:9f:e2:47:69:23:39:0b:ee:67:
52:8a:ce:39:7f:42:6d:6a:00:7f:d0:07:bc:4d:3e:
e6:84:fc:65:6d:c3:7c:27:9b:37:e6:52:0d:b2:3a:
00:f1:df:b6:70:ff:4c:bc:6c:83:7a:f5:17:b9:93:
2c:6e:ed:12:f6:c5:a8:ba:04:f1:07:87:77:1f:df:
46:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:B3:87:B3:66:94:5D:46:AD:43:22:95:3C:81:1E:FB:57:7D:D8:C4
X509v3 Authority Key Identifier:
keyid:B9:6E:8B:6D:73:F2:F3:85:48:99:6F:66:62:13:30:A8:D7:10:85:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uW6LbXPy84VImW9mYhMwqNcQhSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/kLOHs2aUXUatQyKVPIEe-1d92MQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c14a62-aa6a-486d-b9e6-bc004649ee99/1/uW6LbXPy84VImW9mYhMwqNcQhSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.84.0/22
185.197.188.0/22
185.205.240.0/22
192.145.24.0/22
194.164.116.0/23
Signature Algorithm: sha256WithRSAEncryption
3c:c1:ba:9d:c6:1f:15:35:5e:a7:4c:b5:b9:3c:75:49:69:14:
1e:7d:70:f4:dc:f2:34:9a:b2:df:91:66:da:10:20:13:58:96:
31:d5:d5:09:f4:7d:aa:eb:96:b9:fa:29:cc:8d:59:f3:62:9d:
4a:03:f6:c1:a4:5f:df:45:99:e5:d7:83:5e:46:15:3f:ea:bd:
10:65:07:8d:a3:58:6c:e1:12:08:f0:1c:31:84:ce:8d:02:eb:
c5:59:80:24:f3:38:a5:c3:d3:b4:37:6c:e3:96:1e:11:27:8e:
8d:49:80:69:fc:fc:b3:c9:06:62:f0:dd:2a:ef:d2:53:96:4b:
f8:3b:27:10:17:bc:04:10:db:20:f8:66:9a:2e:07:0b:e5:7a:
4f:ec:c8:8e:71:34:b6:c9:77:ce:b0:4a:c3:7d:d9:e6:b6:1a:
36:66:81:93:17:b1:8f:64:7c:32:23:4f:68:75:9e:a2:33:09:
1c:e3:04:4c:cb:6e:2d:3a:2e:19:ee:74:67:7f:bc:25:4f:19:
bb:cd:b0:67:a8:a5:09:60:07:ca:47:2d:be:27:63:50:b5:e5:
ff:16:b3:65:c9:9a:0c:8b:ad:cc:88:59:cd:90:7c:f9:7d:f1:
d6:4c:e1:93:94:30:04:e7:19:1e:2f:a0:1e:e3:f3:ba:e6:a2:
52:38:bb:a6
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZnhuY2uFgfYAF2CSMIa6cZIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI5NmU4YjZkNzNmMmYzODU0ODk5NmY2NjYyMTMzMGE4ZDcx
MDg1MjkwHhcNMjUxMDE0MDc1NzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGIzODdiMzY2OTQ1ZDQ2YWQ0MzIyOTUzYzgxMWVmYjU3N2RkOGM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArTNlyZKatY21J++SlZVTmAePtC1v
Dl9MpP0G9KB7In90uePL8zDDRHFTl41xzLiTRWjvxDS0BPc3bKx30RK9vtK8K/h5
K8hlDlQ2bjSY4rx5HfaXgN4EiTnnD/BmGy48dc6b3tf+OkaVWK4+8w+waI2iAs+L
y6koTzLZd5WskU350tUcpL7ii6ct8YAbbGh8tiA6m6OC/+GgLQB3vKC6jVZsXW0y
F8zVClueVkAdvaakf4Bp/CmsxnKf4kdpIzkL7mdSis45f0JtagB/0Ae8TT7mhPxl
bcN8J5s35lINsjoA8d+2cP9MvGyDevUXuZMsbu0S9sWougTxB4d3H99GaQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJCzh7NmlF1GrUMilTyBHvtXfdjEMB8GA1UdIwQY
MBaAFLlui21z8vOFSJlvZmITMKjXEIUpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYt
YmMwMDQ2NDllZTk5LzEva0xPSHMyYVVYVWF0UXlLVlBJRWUtMWQ5Mk1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jMTRhNjItYWE2YS00ODZkLWI5ZTYtYmMwMDQ2NDllZTk5
LzEvdVc2TGJYUHk4NFZJbVc5bVloTXdxTmNRaFNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBYVUAwQC
ucW8AwQCuc3wAwQCwJEYAwQBwqR0MA0GCSqGSIb3DQEBCwUAA4IBAQA8wbqdxh8V
NV6nTLW5PHVJaRQefXD03PI0mrLfkWbaECATWJYx1dUJ9H2q65a5+inMjVnzYp1K
A/bBpF/fRZnl14NeRhU/6r0QZQeNo1hs4RII8BwxhM6NAuvFWYAk8zilw9O0N2zj
lh4RJ46NSYBp/PyzyQZi8N0q79JTlkv4OycQF7wEENsg+GaaLgcL5XpP7MiOcTS2
yXfOsErDfdnmtho2ZoGTF7GPZHwyI09odZ6iMwkc4wRMy24tOi4Z7nRnf7wlTxm7
zbBnqKUJYAfKRy2+J2NQteX/FrNlyZoMi63MiFnNkHz5ffHWTOGTlDAE5xkeL6Ae
4/O65qJSOLum
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:07:25 2025 by rpki-client