Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ODhoTdGVYZBbz3u6dpzy1ra8jRg.roa
File: ODhoTdGVYZBbz3u6dpzy1ra8jRg.roa (raw, json)
Hash identifier: hERu0Bd8tRMqkoYTnlOa9ATH4GnhhIjsCQWhMTyCEkA=
Subject key identifier: 38:38:68:4D:D1:95:61:90:5B:CF:7B:BA:76:9C:F2:D6:B6:BC:8D:18
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0199DCD9B1B4E537BED56E01B683B68AEF87
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ODhoTdGVYZBbz3u6dpzy1ra8jRg.roa
Signing time: Mon 13 Oct 2025 09:14:38 +0000
ROA not before: Mon 13 Oct 2025 09:14:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 5.182.36.0/24 maxlen: 24
45.8.144.0/24 maxlen: 24
45.8.145.0/24 maxlen: 24
45.8.146.0/24 maxlen: 24
45.8.147.0/24 maxlen: 24
45.67.35.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.87.152.0/24 maxlen: 24
45.87.153.0/24 maxlen: 24
45.87.154.0/24 maxlen: 24
45.87.155.0/24 maxlen: 24
45.89.52.0/22 maxlen: 24
45.89.52.0/24 maxlen: 24
45.89.54.0/24 maxlen: 24
45.93.10.0/24 maxlen: 24
45.159.248.0/24 maxlen: 24
45.159.250.0/24 maxlen: 24
92.118.88.0/22 maxlen: 24
92.119.200.0/22 maxlen: 24
93.185.166.0/24 maxlen: 24
141.98.168.0/24 maxlen: 24
141.98.170.0/24 maxlen: 24
176.125.240.0/22 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.205.0/24 maxlen: 24
185.231.207.0/24 maxlen: 24
188.119.121.0/24 maxlen: 24
188.119.123.0/24 maxlen: 24
188.119.124.0/24 maxlen: 24
188.119.125.0/24 maxlen: 24
193.46.56.0/24 maxlen: 24
193.46.57.0/24 maxlen: 24
193.57.136.0/24 maxlen: 24
193.57.138.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.4.49.0/24 maxlen: 24
194.4.51.0/24 maxlen: 24
194.116.173.0/24 maxlen: 24
194.116.190.0/24 maxlen: 24
194.116.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:09 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dc:d9:b1:b4:e5:37:be:d5:6e:01:b6:83:b6:8a:ef:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Oct 13 09:14:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3838684dd19561905bcf7bba769cf2d6b6bc8d18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:1e:fb:d4:63:6c:1d:e6:a7:21:44:6b:8e:e3:
2e:a0:1d:54:5d:1a:93:51:54:77:7e:86:dc:e4:07:
f1:03:c5:dd:de:93:0b:b3:a9:2d:57:fe:a5:71:5e:
95:2d:bf:26:87:82:5c:8f:19:3b:e1:43:be:dd:c0:
24:c5:98:4f:dd:9c:2c:ae:28:17:f2:8f:f1:14:18:
94:01:e5:40:72:97:97:01:f8:f4:c9:96:1b:49:73:
06:2b:65:f0:d8:0b:86:b2:15:d9:0a:ed:80:06:0a:
85:4c:cd:1a:6c:84:c1:5b:2a:a0:92:e2:55:9c:f4:
84:85:8b:50:5f:a7:93:18:00:ae:46:f1:a6:37:b6:
13:ba:42:e6:7a:15:a1:ec:fd:a3:0c:9c:87:ae:ef:
57:d7:ae:43:5e:0a:26:85:71:e0:4d:63:6e:4d:bc:
d2:82:e3:ca:93:e4:96:91:cc:04:23:2f:b4:7f:76:
88:a6:e4:a8:0e:13:65:41:03:57:67:74:93:9e:ec:
19:77:da:b8:89:a5:16:ef:7d:3e:ed:fc:1c:c6:83:
eb:40:de:25:77:00:9b:67:0b:23:93:7b:e7:49:29:
75:f9:33:95:4b:7a:17:2f:21:82:50:16:1a:c1:15:
ac:b3:50:74:6a:1c:c6:a3:e2:13:2d:cc:40:95:d5:
80:41
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:38:68:4D:D1:95:61:90:5B:CF:7B:BA:76:9C:F2:D6:B6:BC:8D:18
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/ODhoTdGVYZBbz3u6dpzy1ra8jRg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.36.0/24
45.8.144.0/22
45.67.35.0/24
45.84.0.0/24
45.87.152.0/22
45.89.52.0/22
45.93.10.0/24
45.159.248.0/24
45.159.250.0/24
92.118.88.0/22
92.119.200.0/22
93.185.166.0/24
141.98.168.0/24
141.98.170.0/24
176.125.240.0/22
185.231.204.0/23
185.231.207.0/24
188.119.121.0/24
188.119.123.0-188.119.125.255
193.46.56.0/23
193.57.136.0/24
193.57.138.0/24
194.4.48.0/23
194.4.51.0/24
194.116.173.0/24
194.116.190.0/23
Signature Algorithm: sha256WithRSAEncryption
19:38:d5:2f:5e:7c:2c:0c:03:70:d4:89:1c:64:af:2f:03:30:
ed:d9:e2:9b:65:bf:61:f1:8a:bf:a7:2a:79:44:1e:95:d7:8a:
65:92:f9:4e:30:9d:53:8a:4b:78:c2:39:a0:04:00:86:20:e0:
4e:30:25:7b:a2:ba:0f:00:47:08:de:5f:93:0b:c0:f0:e9:2b:
36:7e:66:a8:67:43:c2:67:97:91:11:55:42:20:48:d1:01:dc:
03:0c:5a:7d:ab:42:80:4e:e5:b6:65:aa:7c:70:86:ba:7b:51:
46:88:b0:f0:5c:04:18:e3:c3:d9:e4:3e:6d:8c:71:04:03:5d:
fe:66:dc:fe:4f:e0:83:c7:ae:1c:34:e5:83:76:e3:25:e7:94:
a6:b2:e1:66:78:1b:2b:91:f3:17:fa:34:c3:d1:ad:0a:dc:9e:
9d:86:92:07:e6:64:f7:0f:07:32:79:04:76:81:fa:a5:cc:fc:
fc:30:91:5c:e7:aa:38:f1:a3:f5:f8:f3:d9:9d:55:9b:b8:67:
73:9b:83:8a:5b:a7:a4:5b:4f:f8:bd:9f:9b:04:8f:17:3d:99:
b0:d0:ea:10:b2:69:4f:8a:37:74:af:4a:c5:a8:2a:5d:3d:2b:
93:eb:ba:60:f3:50:bd:af:d7:69:31:8a:b2:30:39:10:42:8c:
6c:4a:b3:6e
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZnc2bG05Te+1W4BtoO2iu+HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUxMDEzMDkxNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODM4Njg0ZGQxOTU2MTkwNWJjZjdiYmE3NjljZjJkNmI2YmM4ZDE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAox771GNsHeanIURrjuMuoB1UXRqT
UVR3fobc5AfxA8Xd3pMLs6ktV/6lcV6VLb8mh4Jcjxk74UO+3cAkxZhP3ZwsrigX
8o/xFBiUAeVAcpeXAfj0yZYbSXMGK2Xw2AuGshXZCu2ABgqFTM0abITBWyqgkuJV
nPSEhYtQX6eTGACuRvGmN7YTukLmehWh7P2jDJyHru9X165DXgomhXHgTWNuTbzS
guPKk+SWkcwEIy+0f3aIpuSoDhNlQQNXZ3STnuwZd9q4iaUW730+7fwcxoPrQN4l
dwCbZwsjk3vnSSl1+TOVS3oXLyGCUBYawRWss1B0ahzGo+ITLcxAldWAQQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFDg4aE3RlWGQW897unac8ta2vI0YMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvT0Rob1RkR1ZZWkJiejN1NmRwenkxcmE4alJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAF
tiQDBAItCJADBAAtQyMDBAAtVAADBAItV5gDBAItWTQDBAAtXQoDBAAtn/gDBAAt
n/oDBAJcdlgDBAJcd8gDBABduaYDBACNYqgDBACNYqoDBAKwffADBAG558wDBAC5
588DBAC8d3kwDAMEALx3ewMEAbx3fAMEAcEuOAMEAME5iAMEAME5igMEAcIEMAME
AMIEMwMEAMJ0rQMEAcJ0vjANBgkqhkiG9w0BAQsFAAOCAQEAGTjVL158LAwDcNSJ
HGSvLwMw7dnim2W/YfGKv6cqeUQeldeKZZL5TjCdU4pLeMI5oAQAhiDgTjAle6K6
DwBHCN5fkwvA8OkrNn5mqGdDwmeXkRFVQiBI0QHcAwxafatCgE7ltmWqfHCGuntR
Roiw8FwEGOPD2eQ+bYxxBANd/mbc/k/gg8euHDTlg3bjJeeUprLhZngbK5HzF/o0
w9GtCtyenYaSB+Zk9w8HMnkEdoH6pcz8/DCRXOeqOPGj9fjz2Z1Vm7hnc5uDilun
pFtP+L2fmwSPFz2ZsNDqELJpT4o3dK9KxagqXT0rk+u6YPNQva/XaTGKsjA5EEKM
bEqzbg==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:56:56 2025 by rpki-client