Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DXIkVZYLPplLoaE_eni88G-cNbs.roa
File: DXIkVZYLPplLoaE_eni88G-cNbs.roa (raw, json)
Hash identifier: HoOra2AovgXbymdvYEYvS/MutR6DWmGnTbUxIu2/TTk=
Subject key identifier: 0D:72:24:55:96:0B:3E:99:4B:A1:A1:3F:7A:78:BC:F0:6F:9C:35:BB
Certificate issuer: /CN=60581e673d80f7474936b21337eafcc1bdc385e9
Certificate serial: 0199A5213C4F66C00F509C731C385A94CAA2
Authority key identifier: 60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DXIkVZYLPplLoaE_eni88G-cNbs.roa
Signing time: Thu 02 Oct 2025 13:34:02 +0000
ROA not before: Thu 02 Oct 2025 13:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47690
IP address blocks: 45.43.148.0/24 maxlen: 24
45.43.149.0/24 maxlen: 24
45.43.150.0/24 maxlen: 24
45.43.151.0/24 maxlen: 24
45.43.158.0/24 maxlen: 24
104.222.180.0/24 maxlen: 24
104.222.181.0/24 maxlen: 24
104.222.182.0/24 maxlen: 24
104.222.183.0/24 maxlen: 24
104.222.189.0/24 maxlen: 24
104.233.59.0/24 maxlen: 24
104.238.12.0/24 maxlen: 24
104.238.13.0/24 maxlen: 24
104.239.55.0/24 maxlen: 24
104.239.56.0/24 maxlen: 24
104.249.9.0/24 maxlen: 24
104.249.17.0/24 maxlen: 24
104.249.23.0/24 maxlen: 24
104.249.46.0/24 maxlen: 24
104.249.47.0/24 maxlen: 24
104.249.48.0/24 maxlen: 24
104.249.49.0/24 maxlen: 24
104.249.50.0/24 maxlen: 24
104.249.51.0/24 maxlen: 24
104.249.52.0/24 maxlen: 24
104.249.53.0/24 maxlen: 24
104.249.54.0/24 maxlen: 24
216.173.91.0/24 maxlen: 24
216.173.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.mft
rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a5:21:3c:4f:66:c0:0f:50:9c:73:1c:38:5a:94:ca:a2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=60581e673d80f7474936b21337eafcc1bdc385e9
Validity
Not Before: Oct 2 13:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0d722455960b3e994ba1a13f7a78bcf06f9c35bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:23:63:3d:79:48:22:2f:eb:0a:f4:67:a9:ab:
24:c3:69:e3:fc:be:dc:42:57:c4:52:aa:4b:40:90:
9f:43:17:3a:a8:a7:7f:1b:4c:8b:2b:67:a0:ba:b4:
2d:a5:16:57:d3:d8:66:31:f2:62:36:70:5e:19:41:
c6:c7:47:8d:0f:dd:68:66:a5:44:48:81:70:9e:7b:
d2:4c:b3:30:61:d7:4e:a3:5a:82:30:fa:60:f6:63:
97:9c:63:65:c6:31:a5:f1:fb:de:0a:9b:b9:5f:3d:
58:fc:92:e6:b0:d7:95:09:c3:c1:ca:a5:72:c9:9d:
d9:62:c9:ec:55:fc:a0:ae:fa:2f:07:78:f1:e4:02:
2e:df:72:c6:dc:01:aa:97:56:cc:b7:9b:a5:54:ed:
af:2a:37:d4:d7:f5:01:18:b5:44:46:74:00:b5:a7:
8e:91:8e:49:c7:09:48:c3:08:53:d9:19:22:73:a5:
e0:79:73:80:dd:df:58:16:8c:9d:ea:0f:15:db:58:
3a:d6:ed:7b:db:31:2c:44:6a:35:66:2c:7d:1d:2c:
62:2c:27:ee:87:c5:ba:4e:dd:9a:46:9e:e2:d8:2b:
9e:bc:cd:8d:f6:cb:46:73:cb:1f:52:8d:d9:9c:98:
a7:f7:4b:15:00:bd:83:76:8a:99:91:47:e7:6d:54:
9a:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:72:24:55:96:0B:3E:99:4B:A1:A1:3F:7A:78:BC:F0:6F:9C:35:BB
X509v3 Authority Key Identifier:
keyid:60:58:1E:67:3D:80:F7:47:49:36:B2:13:37:EA:FC:C1:BD:C3:85:E9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YFgeZz2A90dJNrITN-r8wb3Dhek.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/DXIkVZYLPplLoaE_eni88G-cNbs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/fdd633-c658-49c5-9e8f-fb07955f3aaa/1/YFgeZz2A90dJNrITN-r8wb3Dhek.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.43.148.0/22
45.43.158.0/24
104.222.180.0/22
104.222.189.0/24
104.233.59.0/24
104.238.12.0/23
104.239.55.0-104.239.56.255
104.249.9.0/24
104.249.17.0/24
104.249.23.0/24
104.249.46.0-104.249.54.255
216.173.91.0/24
216.173.93.0/24
Signature Algorithm: sha256WithRSAEncryption
11:c6:aa:bf:e7:38:9a:d8:89:6f:c1:16:89:ef:02:88:33:3c:
4a:fc:cf:11:e5:d2:d2:41:c2:6d:55:0b:02:e4:0c:ac:84:7a:
26:30:5e:f7:71:92:7f:b0:0b:03:4b:fc:f3:d2:76:ed:0c:b2:
90:df:c4:7e:3f:4d:1d:d3:aa:16:2d:21:c2:d6:c3:b4:ee:ee:
ea:f0:fb:7e:69:fc:35:b7:18:4d:26:6f:d3:2a:99:cc:e4:20:
9a:b0:01:bd:83:82:c4:5a:66:50:78:e5:f3:0d:3e:27:6c:31:
06:d1:71:61:bd:53:ff:ac:d3:54:9c:68:12:3e:26:ab:51:05:
03:82:82:d3:2f:92:6a:8a:3f:d2:78:72:43:dd:21:16:a0:2b:
82:77:5f:d1:57:ae:5f:f6:d8:2c:8c:71:7c:ff:5f:d1:70:84:
dc:75:0d:a4:5f:d2:8e:0c:1b:8b:0b:75:d0:9f:3b:e4:d3:85:
58:1e:a4:77:4e:35:3e:67:16:35:f4:d0:9f:88:2c:0b:ea:77:
ce:46:3d:7b:77:76:59:10:8a:aa:8d:45:af:7d:36:bf:72:17:
b7:b1:6f:0e:7f:65:bb:c8:7d:17:a1:d0:af:b1:35:dd:55:91:
52:a6:0e:86:0b:95:70:06:8a:33:8b:9c:c3:43:ee:87:17:c0:
85:6a:36:7b
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZmlITxPZsAPUJxzHDhalMqiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNTgxZTY3M2Q4MGY3NDc0OTM2YjIxMzM3ZWFmY2MxYmRj
Mzg1ZTkwHhcNMjUxMDAyMTMzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZDcyMjQ1NTk2MGIzZTk5NGJhMWExM2Y3YTc4YmNmMDZmOWMzNWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzCNjPXlIIi/rCvRnqaskw2nj/L7c
QlfEUqpLQJCfQxc6qKd/G0yLK2egurQtpRZX09hmMfJiNnBeGUHGx0eND91oZqVE
SIFwnnvSTLMwYddOo1qCMPpg9mOXnGNlxjGl8fveCpu5Xz1Y/JLmsNeVCcPByqVy
yZ3ZYsnsVfygrvovB3jx5AIu33LG3AGql1bMt5ulVO2vKjfU1/UBGLVERnQAtaeO
kY5JxwlIwwhT2Rkic6XgeXOA3d9YFoyd6g8V21g61u172zEsRGo1Zix9HSxiLCfu
h8W6Tt2aRp7i2CuevM2N9stGc8sfUo3ZnJin90sVAL2DdoqZkUfnbVSaOQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFA1yJFWWCz6ZS6GhP3p4vPBvnDW7MB8GA1UdIwQY
MBaAFGBYHmc9gPdHSTayEzfq/MG9w4XpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYt
ZmIwNzk1NWYzYWFhLzEvRFhJa1ZaWUxQcGxMb2FFX2VuaTg4Ry1jTmJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9mZGQ2MzMtYzY1OC00OWM1LTllOGYtZmIwNzk1NWYzYWFh
LzEvWUZnZVp6MkE5MGRKTnJJVE4tcjh3YjNEaGVrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQCLSuUAwQA
LSueAwQCaN60AwQAaN69AwQAaOk7AwQBaO4MMAwDBABo7zcDBABo7zgDBABo+QkD
BABo+REDBABo+RcwDAMEAWj5LgMEAGj5NgMEANitWwMEANitXTANBgkqhkiG9w0B
AQsFAAOCAQEAEcaqv+c4mtiJb8EWie8CiDM8SvzPEeXS0kHCbVULAuQMrIR6JjBe
93GSf7ALA0v889J27QyykN/Efj9NHdOqFi0hwtbDtO7u6vD7fmn8NbcYTSZv0yqZ
zOQgmrABvYOCxFpmUHjl8w0+J2wxBtFxYb1T/6zTVJxoEj4mq1EFA4KC0y+Saoo/
0nhyQ90hFqArgndf0VeuX/bYLIxxfP9f0XCE3HUNpF/Sjgwbiwt10J875NOFWB6k
d041PmcWNfTQn4gsC+p3zkY9e3d2WRCKqo1Fr302v3IXt7FvDn9lu8h9F6HQr7E1
3VWRUqYOhguVcAaKM4ucw0PuhxfAhWo2ew==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:06:05 2025 by rpki-client