Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/CuwcHm1e_6zMmki65ZV5exmknaA.roa
File: CuwcHm1e_6zMmki65ZV5exmknaA.roa (raw, json)
Hash identifier: jJ5fxoqTw/NCBqlWGAexnva3iabGYGnCngmLOZc+7qg=
Subject key identifier: 0A:EC:1C:1E:6D:5E:FF:AC:CC:9A:48:BA:E5:95:79:7B:19:A4:9D:A0
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 019994F70D28BF01E42EB95FB75A58FB1539
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/CuwcHm1e_6zMmki65ZV5exmknaA.roa
Signing time: Mon 29 Sep 2025 10:14:02 +0000
ROA not before: Mon 29 Sep 2025 10:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 145.0.0.0/16 maxlen: 24
145.2.0.0/15 maxlen: 24
145.9.0.0/16 maxlen: 24
145.19.0.0/16 maxlen: 24
145.19.0.0/24 maxlen: 24
145.20.0.0/16 maxlen: 24
145.23.0.0/16 maxlen: 24
145.23.0.0/19 maxlen: 24
145.24.0.0/16 maxlen: 24
145.28.0.0/15 maxlen: 24
145.33.0.0/16 maxlen: 24
145.37.0.0/16 maxlen: 24
145.38.0.0/15 maxlen: 24
145.41.0.0/16 maxlen: 24
145.44.0.0/16 maxlen: 24
145.48.0.0/15 maxlen: 24
145.51.0.0/16 maxlen: 24
145.52.0.0/16 maxlen: 24
145.74.0.0/15 maxlen: 24
145.76.0.0/16 maxlen: 24
145.81.0.0/16 maxlen: 24
145.85.0.0/16 maxlen: 24
145.85.0.0/24 maxlen: 24
145.88.0.0/15 maxlen: 24
145.90.0.0/16 maxlen: 24
145.90.10.0/23 maxlen: 24
145.91.0.0/16 maxlen: 24
145.91.0.0/24 maxlen: 24
145.92.0.0/15 maxlen: 24
145.95.0.0/16 maxlen: 24
145.96.0.0/16 maxlen: 24
145.97.16.0/22 maxlen: 24
145.97.20.0/22 maxlen: 24
145.97.24.0/21 maxlen: 24
145.97.48.0/20 maxlen: 24
145.97.64.0/18 maxlen: 24
145.97.128.0/18 maxlen: 24
145.97.128.0/24 maxlen: 24
145.97.192.0/18 maxlen: 24
145.98.0.0/16 maxlen: 24
145.98.16.0/24 maxlen: 24
145.100.0.0/15 maxlen: 24
145.102.0.0/16 maxlen: 24
145.103.0.0/16 maxlen: 24
145.107.0.0/16 maxlen: 24
145.108.0.0/16 maxlen: 24
145.109.128.0/17 maxlen: 24
145.116.0.0/20 maxlen: 24
145.116.16.0/21 maxlen: 24
145.116.24.0/21 maxlen: 24
145.116.64.0/18 maxlen: 24
145.116.128.0/18 maxlen: 24
145.116.192.0/20 maxlen: 24
145.116.224.0/19 maxlen: 24
145.117.0.0/16 maxlen: 24
145.118.0.0/16 maxlen: 24
145.120.0.0/14 maxlen: 24
145.124.0.0/15 maxlen: 24
145.126.0.0/16 maxlen: 24
145.127.0.0/17 maxlen: 24
145.136.0.0/15 maxlen: 24
145.137.128.0/18 maxlen: 24
145.138.0.0/16 maxlen: 24
145.140.0.0/14 maxlen: 24
145.144.0.0/12 maxlen: 24
145.146.0.0/16 maxlen: 24
192.87.0.0/16 maxlen: 24
194.171.0.0/16 maxlen: 24
195.169.0.0/16 maxlen: 24
2001:610::/29 maxlen: 29
2001:610::/32 maxlen: 48
2001:610:130::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:f7:0d:28:bf:01:e4:2e:b9:5f:b7:5a:58:fb:15:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Sep 29 10:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0aec1c1e6d5effaccc9a48bae595797b19a49da0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:9b:c2:ea:af:dc:f4:ad:c4:96:8c:5a:a4:1d:
6f:89:cf:b2:c6:b2:cc:5d:95:8b:25:1a:38:08:56:
27:65:69:8c:80:87:ba:85:c0:e0:e3:02:12:2a:40:
fb:bf:5f:0a:22:93:6e:51:2e:5f:d4:19:84:0b:45:
00:9b:36:7d:f5:50:e6:79:0d:c2:01:d8:e1:d4:7f:
e2:22:a5:b9:cf:61:c9:97:18:e3:aa:dd:64:c1:81:
00:0f:cc:bf:7c:9f:7a:e7:b1:98:d1:db:a3:b5:b1:
73:76:94:c1:8c:69:dd:ec:34:07:1e:27:bf:f5:74:
bc:c7:71:44:1a:90:ec:18:eb:da:f6:11:8b:1b:5c:
85:5b:d4:3f:d9:a7:14:67:fb:4b:32:e4:b4:cb:27:
96:6a:c9:18:42:98:6a:f3:37:41:68:ae:45:b3:f8:
a0:2e:4d:74:2d:4a:ee:a3:e5:1a:d9:22:ba:3d:e0:
87:21:a5:0e:13:34:38:86:54:b8:d3:6f:be:a5:a6:
d5:48:8c:cf:fc:ae:77:4e:d4:d7:a0:7d:d9:a5:2c:
95:29:8b:87:52:af:2f:85:3a:55:45:3d:a9:fd:a0:
8c:3e:53:ed:03:09:b5:bb:38:e4:4f:a4:ed:cb:3d:
ae:8a:e7:a8:dd:7a:a8:a3:73:3c:e8:d9:9f:f4:e0:
f4:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:EC:1C:1E:6D:5E:FF:AC:CC:9A:48:BA:E5:95:79:7B:19:A4:9D:A0
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/CuwcHm1e_6zMmki65ZV5exmknaA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.0.0.0/16
145.2.0.0/15
145.9.0.0/16
145.19.0.0-145.20.255.255
145.23.0.0-145.24.255.255
145.28.0.0/15
145.33.0.0/16
145.37.0.0-145.39.255.255
145.41.0.0/16
145.44.0.0/16
145.48.0.0/15
145.51.0.0-145.52.255.255
145.74.0.0-145.76.255.255
145.81.0.0/16
145.85.0.0/16
145.88.0.0-145.93.255.255
145.95.0.0-145.96.255.255
145.97.16.0/20
145.97.48.0-145.98.255.255
145.100.0.0/14
145.107.0.0-145.108.255.255
145.109.128.0/17
145.116.0.0/19
145.116.64.0-145.116.207.255
145.116.224.0-145.118.255.255
145.120.0.0-145.127.127.255
145.136.0.0-145.138.255.255
145.140.0.0-145.159.255.255
192.87.0.0/16
194.171.0.0/16
195.169.0.0/16
IPv6:
2001:610::/29
Signature Algorithm: sha256WithRSAEncryption
79:b3:4c:fe:7c:73:c3:2c:d9:5a:d2:a9:45:01:86:4d:98:ef:
1e:cd:1a:fc:ed:2b:c2:91:49:c9:96:5b:3f:fc:86:28:1c:b0:
b2:c3:4f:a9:c6:3f:3d:61:6d:c3:ad:08:3d:cf:17:df:f4:9b:
63:96:34:bb:88:e9:8f:81:3a:3f:63:53:de:4a:cf:86:7e:2c:
2c:40:37:7c:1f:01:f0:58:8a:83:30:7b:7f:6d:fe:17:a8:8d:
8f:48:de:ff:b4:3f:06:ff:d9:11:8f:4b:d9:bb:24:10:8b:7c:
74:97:2b:f8:aa:fd:c5:2a:9f:33:e7:1a:57:7f:36:cb:a8:79:
54:56:17:b2:3c:77:00:c4:d2:d5:c1:3d:2a:78:34:67:95:94:
16:f6:69:0a:c5:54:d4:8c:28:ec:27:1d:a9:73:76:f0:f9:99:
42:1f:71:f5:be:f1:e3:6d:6d:35:3c:cf:9e:bf:45:c8:a5:8d:
c7:ae:5b:60:41:02:c6:c2:ac:6a:96:9d:fe:6d:06:fe:75:a7:
12:b2:5e:76:1e:4e:72:b6:f3:4b:bc:25:c4:68:e0:d8:9c:d6:
26:ad:a3:61:24:68:23:a6:8e:0b:bc:93:9f:72:d0:43:3b:93:
81:fa:bb:47:9f:e3:2d:1b:f7:2c:73:d6:7b:a2:13:cb:cf:30:
b9:ad:cf:2c
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZmU9w0ovwHkLrlft1pY+xU5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwOTI5MTAxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYWVjMWMxZTZkNWVmZmFjY2M5YTQ4YmFlNTk1Nzk3YjE5YTQ5ZGEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp5vC6q/c9K3EloxapB1vic+yxrLM
XZWLJRo4CFYnZWmMgIe6hcDg4wISKkD7v18KIpNuUS5f1BmEC0UAmzZ99VDmeQ3C
Adjh1H/iIqW5z2HJlxjjqt1kwYEAD8y/fJ9657GY0dujtbFzdpTBjGnd7DQHHie/
9XS8x3FEGpDsGOva9hGLG1yFW9Q/2acUZ/tLMuS0yyeWaskYQphq8zdBaK5Fs/ig
Lk10LUruo+Ua2SK6PeCHIaUOEzQ4hlS402++pabVSIzP/K53TtTXoH3ZpSyVKYuH
Uq8vhTpVRT2p/aCMPlPtAwm1uzjkT6Ttyz2uiueo3Xqoo3M86Nmf9OD0LwIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFArsHB5tXv+szJpIuuWVeXsZpJ2gMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvQ3V3Y0htMWVfNnpNbWtpNjVaVjVleG1rbmFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCAQ0EAgABMIIB
BQMDAJEAAwMBkQIDAwCRCTAKAwMAkRMDAwCRFDAKAwMAkRcDAwCRGAMDAZEcAwMA
kSEwCgMDAJElAwMDkSADAwCRKQMDAJEsAwMBkTAwCgMDAJEzAwMAkTQwCgMDAZFK
AwMAkUwDAwCRUQMDAJFVMAoDAwORWAMDAZFcMAoDAwCRXwMDAJFgAwQEkWEQMAsD
BASRYTADAwCRYgMDApFkMAoDAwCRawMDAJFsAwQHkW2AAwQFkXQAMAwDBAaRdEAD
BASRdMAwCwMEBZF04AMDAJF2MAsDAwOReAMEB5F/ADAKAwMDkYgDAwCRijAKAwMC
kYwDAwWRgAMDAMBXAwMAwqsDAwDDqTANBAIAAjAHAwUDIAEGEDANBgkqhkiG9w0B
AQsFAAOCAQEAebNM/nxzwyzZWtKpRQGGTZjvHs0a/O0rwpFJyZZbP/yGKBywssNP
qcY/PWFtw60IPc8X3/SbY5Y0u4jpj4E6P2NT3krPhn4sLEA3fB8B8FiKgzB7f23+
F6iNj0je/7Q/Bv/ZEY9L2bskEIt8dJcr+Kr9xSqfM+caV382y6h5VFYXsjx3AMTS
1cE9Kng0Z5WUFvZpCsVU1Iwo7CcdqXN28PmZQh9x9b7x421tNTzPnr9FyKWNx65b
YEECxsKsapad/m0G/nWnErJedh5OcrbzS7wlxGjg2JzWJq2jYSRoI6aOC7yTn3LQ
QzuTgfq7R5/jLRv3LHPWe6ITy88wua3PLA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:10:10 2025 by rpki-client