Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8rD7V4pyB73GZ0EPE1htfJFwvzU.roa
File: 8rD7V4pyB73GZ0EPE1htfJFwvzU.roa (raw, json)
Hash identifier: UK8nj1KBEZ5AfGGElqxIQVJCb8sLZ5QUhGNPy7HfG6M=
Subject key identifier: F2:B0:FB:57:8A:72:07:BD:C6:67:41:0F:13:58:6D:7C:91:70:BF:35
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 0199C071405BBF63694124F6F3CF889C06F8
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8rD7V4pyB73GZ0EPE1htfJFwvzU.roa
Signing time: Tue 07 Oct 2025 20:51:11 +0000
ROA not before: Tue 07 Oct 2025 20:51:11 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48031
IP address blocks: 5.42.192.0/24 maxlen: 24
5.42.195.0/24 maxlen: 24
5.42.209.0/24 maxlen: 24
5.42.210.0/24 maxlen: 24
46.149.173.0/24 maxlen: 24
91.209.73.0/24 maxlen: 24
91.213.230.0/24 maxlen: 24
91.236.155.0/24 maxlen: 24
91.246.56.0/24 maxlen: 24
91.246.62.0/24 maxlen: 24
91.247.169.0/24 maxlen: 24
91.247.170.0/24 maxlen: 24
185.225.190.0/24 maxlen: 24
193.9.20.0/24 maxlen: 24
193.200.199.0/24 maxlen: 24
194.26.204.0/24 maxlen: 24
194.55.170.0/24 maxlen: 24
194.59.246.0/24 maxlen: 24
212.18.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 16:01:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c0:71:40:5b:bf:63:69:41:24:f6:f3:cf:88:9c:06:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Oct 7 20:51:11 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f2b0fb578a7207bdc667410f13586d7c9170bf35
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:5f:55:bc:97:47:18:cb:ac:63:17:b4:bf:b3:
b8:0a:5e:34:6f:c9:eb:4c:da:12:ed:e4:07:90:39:
71:31:f6:48:d2:e6:a6:cb:d9:93:be:30:3e:93:1c:
a5:fd:ae:e2:27:f9:cb:d8:32:f6:7d:18:c0:4b:0b:
5d:69:87:f8:91:c0:a2:6a:31:37:2a:41:1e:4a:86:
68:06:9d:e7:04:13:40:b9:84:c4:11:b9:e3:6b:70:
26:56:65:33:e6:94:c6:30:bc:8c:a5:61:a6:63:5b:
dd:7a:c7:30:de:d6:cb:3c:8f:20:6f:a8:aa:b3:0c:
2d:06:ef:da:02:a6:7a:87:61:46:f2:1b:b9:fc:e2:
78:c7:f3:30:d9:71:7f:c2:ed:eb:9c:e9:93:45:62:
e7:6d:32:fd:22:b1:e2:f9:ff:6d:7b:21:c8:6c:50:
91:c6:36:3b:0b:5c:d0:e3:b1:43:a9:5e:bb:59:77:
46:e5:c1:04:7e:7d:03:78:93:ab:6d:c8:95:ef:5a:
fb:65:c4:86:5e:27:36:03:ff:f0:70:b2:a4:1a:83:
88:4e:42:06:ef:f8:96:b0:0a:32:29:55:51:8f:1c:
c2:44:ba:46:ca:3e:42:51:68:d7:d3:6c:bf:9e:d5:
34:92:1d:e7:b0:48:e2:2d:73:7d:60:78:96:df:f5:
b3:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F2:B0:FB:57:8A:72:07:BD:C6:67:41:0F:13:58:6D:7C:91:70:BF:35
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/8rD7V4pyB73GZ0EPE1htfJFwvzU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.192.0/24
5.42.195.0/24
5.42.209.0-5.42.210.255
46.149.173.0/24
91.209.73.0/24
91.213.230.0/24
91.236.155.0/24
91.246.56.0/24
91.246.62.0/24
91.247.169.0-91.247.170.255
185.225.190.0/24
193.9.20.0/24
193.200.199.0/24
194.26.204.0/24
194.55.170.0/24
194.59.246.0/24
212.18.120.0/24
Signature Algorithm: sha256WithRSAEncryption
17:a8:dd:4a:50:7c:cc:b1:bf:c6:d2:17:31:83:90:c2:81:13:
dc:a1:45:9d:ad:c9:99:cd:31:33:26:e8:4e:6b:57:46:b0:8d:
c7:57:71:ec:68:8c:c1:25:6a:25:bb:56:5c:50:cc:52:fa:73:
e4:9a:aa:01:34:37:85:3d:07:13:35:4d:90:6d:42:81:b0:59:
90:5c:99:3c:4f:af:7d:00:41:db:95:b9:6b:a2:c6:c7:61:0e:
f4:98:11:93:d3:21:7d:c7:51:5d:aa:25:83:45:33:d9:82:78:
3f:ad:40:63:e3:44:de:47:9b:5e:ad:f9:36:d4:fa:30:96:2c:
78:80:30:77:db:b9:97:27:94:75:71:50:3f:47:20:90:45:13:
3b:92:1d:ca:cc:91:34:a7:17:93:40:5a:7f:f1:9f:94:df:a3:
b2:fb:69:9e:be:98:b0:e5:87:37:d4:2b:ac:0f:14:cc:b3:75:
8d:c7:0d:b7:55:28:d0:5e:6c:30:d8:25:22:0f:dc:a6:7c:6e:
36:29:95:ad:15:78:58:6e:75:81:30:c2:e9:e4:83:ca:0f:57:
b9:67:e3:ee:62:5b:3d:69:9f:9e:98:7e:7b:31:82:aa:45:df:
ac:3f:14:d0:4b:5b:80:f0:0d:b5:8b:f4:6c:cd:d6:03:0a:74:
bc:19:c5:96
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZnAcUBbv2NpQST288+InAb4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUxMDA3MjA1MTExWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMmIwZmI1NzhhNzIwN2JkYzY2NzQxMGYxMzU4NmQ3YzkxNzBiZjM1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApl9VvJdHGMusYxe0v7O4Cl40b8nr
TNoS7eQHkDlxMfZI0uamy9mTvjA+kxyl/a7iJ/nL2DL2fRjASwtdaYf4kcCiajE3
KkEeSoZoBp3nBBNAuYTEEbnja3AmVmUz5pTGMLyMpWGmY1vdescw3tbLPI8gb6iq
swwtBu/aAqZ6h2FG8hu5/OJ4x/Mw2XF/wu3rnOmTRWLnbTL9IrHi+f9teyHIbFCR
xjY7C1zQ47FDqV67WXdG5cEEfn0DeJOrbciV71r7ZcSGXic2A//wcLKkGoOITkIG
7/iWsAoyKVVRjxzCRLpGyj5CUWjX02y/ntU0kh3nsEjiLXN9YHiW3/WzLQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFPKw+1eKcge9xmdBDxNYbXyRcL81MB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvOHJEN1Y0cHlCNzNHWjBFUEUxaHRmSkZ3dnpVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MHwEAgABMHYDBAAFKsAD
BAAFKsMwDAMEAAUq0QMEAAUq0gMEAC6VrQMEAFvRSQMEAFvV5gMEAFvsmwMEAFv2
OAMEAFv2PjAMAwQAW/epAwQAW/eqAwQAueG+AwQAwQkUAwQAwcjHAwQAwhrMAwQA
wjeqAwQAwjv2AwQA1BJ4MA0GCSqGSIb3DQEBCwUAA4IBAQAXqN1KUHzMsb/G0hcx
g5DCgRPcoUWdrcmZzTEzJuhOa1dGsI3HV3HsaIzBJWolu1ZcUMxS+nPkmqoBNDeF
PQcTNU2QbUKBsFmQXJk8T699AEHblblrosbHYQ70mBGT0yF9x1FdqiWDRTPZgng/
rUBj40TeR5terfk21Powlix4gDB327mXJ5R1cVA/RyCQRRM7kh3KzJE0pxeTQFp/
8Z+U36Oy+2mevpiw5Yc31CusDxTMs3WNxw23VSjQXmww2CUiD9ymfG42KZWtFXhY
bnWBMMLp5IPKD1e5Z+PuYls9aZ+emH57MYKqRd+sPxTQS1uA8A21i/RszdYDCnS8
GcWW
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:12 2025 by rpki-client