Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/rfpCILzfQKw_nRNPxbB6kP3kyuQ.roa
File: rfpCILzfQKw_nRNPxbB6kP3kyuQ.roa (raw, json)
Hash identifier: Xf1NzZ85TVSWYW6n7rj2FPn4lzvpUCbWjJPT8GxpLf0=
Subject key identifier: AD:FA:42:20:BC:DF:40:AC:3F:9D:13:4F:C5:B0:7A:90:FD:E4:CA:E4
Certificate issuer: /CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Certificate serial: 0199F1CA6CE442515BFD615DBDDAE1ABC474
Authority key identifier: 5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/rfpCILzfQKw_nRNPxbB6kP3kyuQ.roa
Signing time: Fri 17 Oct 2025 10:49:58 +0000
ROA not before: Fri 17 Oct 2025 10:49:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41368
IP address blocks: 5.183.184.0/22 maxlen: 24
89.29.128.0/20 maxlen: 20
89.29.129.0/24 maxlen: 24
89.29.132.0/24 maxlen: 24
89.29.133.0/24 maxlen: 24
89.29.135.0/24 maxlen: 24
89.29.144.0/21 maxlen: 21
89.29.149.0/24 maxlen: 24
89.29.150.0/24 maxlen: 24
89.29.151.0/24 maxlen: 24
89.29.152.0/22 maxlen: 22
89.29.155.0/24 maxlen: 24
89.29.156.0/24 maxlen: 24
89.29.157.0/24 maxlen: 24
89.29.158.0/24 maxlen: 24
89.29.159.0/24 maxlen: 24
89.29.232.0/22 maxlen: 22
89.29.233.0/24 maxlen: 24
89.29.234.0/24 maxlen: 24
89.29.236.0/22 maxlen: 22
89.29.254.0/24 maxlen: 24
176.57.104.0/22 maxlen: 22
176.57.108.0/22 maxlen: 22
176.57.108.0/24 maxlen: 24
176.57.110.0/23 maxlen: 23
185.40.37.0/24 maxlen: 24
185.40.38.0/23 maxlen: 23
185.40.38.0/24 maxlen: 24
185.40.39.0/24 maxlen: 24
185.64.243.0/24 maxlen: 24
185.74.240.0/22 maxlen: 24
185.145.40.0/22 maxlen: 24
185.214.136.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.mft
rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f1:ca:6c:e4:42:51:5b:fd:61:5d:bd:da:e1:ab:c4:74
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a939b0ced38d75cc63ed50d6e5ce72bbb5b4b10
Validity
Not Before: Oct 17 10:49:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=adfa4220bcdf40ac3f9d134fc5b07a90fde4cae4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:cb:8f:ba:e2:20:74:32:76:55:4f:56:27:8b:
68:65:66:cd:4c:53:b1:92:dd:96:73:46:16:73:13:
74:44:11:d8:a8:7c:24:5d:36:03:d8:32:e4:d8:54:
44:cb:b3:cf:7c:67:64:e0:c2:58:02:56:57:26:09:
8b:a3:2a:be:a6:47:c0:dc:f1:fa:3b:2a:d3:2d:ab:
66:03:9c:4e:5d:e6:c9:9c:9c:4b:fb:50:da:ad:d8:
fa:b8:ee:9e:19:32:db:8d:6f:26:85:14:9a:a7:ca:
25:0d:58:c2:1b:79:b5:14:93:0d:45:f0:c9:8b:2a:
48:df:91:35:2e:07:6e:96:fa:b0:fb:b6:ab:32:52:
45:7b:78:aa:41:89:dd:b3:9e:99:b0:21:e5:2b:43:
b2:53:5e:d0:5b:55:f0:95:ab:57:ea:d5:9d:41:51:
82:82:71:6f:9c:12:6c:e8:62:58:28:4d:23:c7:27:
bc:22:a5:0b:ee:af:73:6d:0c:86:d8:84:b8:c0:11:
99:7d:ea:e3:3d:1d:01:2c:6e:73:8a:e4:3c:39:eb:
bf:14:15:0d:df:67:b2:de:fe:12:7e:73:9e:c3:bb:
db:1c:c9:69:81:84:74:59:d6:c2:b2:2d:84:2c:6e:
56:dc:54:13:38:33:51:40:88:d1:e7:39:c7:47:ed:
2d:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:FA:42:20:BC:DF:40:AC:3F:9D:13:4F:C5:B0:7A:90:FD:E4:CA:E4
X509v3 Authority Key Identifier:
keyid:5A:93:9B:0C:ED:38:D7:5C:C6:3E:D5:0D:6E:5C:E7:2B:BB:5B:4B:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WpObDO0411zGPtUNblznK7tbSxA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/rfpCILzfQKw_nRNPxbB6kP3kyuQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/bea14a-0d32-4aa7-b898-d60b3b6cca6e/1/WpObDO0411zGPtUNblznK7tbSxA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.184.0/22
89.29.128.0/19
89.29.232.0/21
89.29.254.0/24
176.57.104.0/21
185.40.37.0-185.40.39.255
185.64.243.0/24
185.74.240.0/22
185.145.40.0/22
185.214.136.0/22
Signature Algorithm: sha256WithRSAEncryption
8e:d0:b4:82:e6:20:1b:33:ff:cd:97:24:1f:09:89:b5:17:18:
29:18:7d:fa:6f:58:ee:65:07:dc:fc:b0:d8:09:43:92:e5:e9:
69:24:e5:17:f9:1e:14:31:b5:49:be:ea:7d:22:9d:b2:e1:4a:
80:c7:90:d9:63:3e:e3:16:3b:85:2f:5f:20:b7:25:e9:17:a4:
01:00:7a:47:7e:19:49:42:91:5a:08:20:bd:d9:cb:08:10:d3:
0c:79:17:c8:19:f5:89:fe:80:0b:53:4a:3d:fc:81:b8:c0:04:
92:5a:e4:2f:7a:26:a3:d7:8b:ea:a7:7a:fe:3c:ee:f7:3b:61:
5e:18:fe:c8:1e:93:cd:7a:f9:12:1d:0d:51:0a:e5:cb:af:72:
36:85:f5:3f:64:bb:52:df:2a:0e:7d:98:a7:1f:91:08:eb:88:
22:02:43:32:ff:9f:e4:8f:df:58:80:b4:22:23:cd:79:15:9a:
08:52:84:09:b2:d4:a4:eb:cf:a6:75:84:00:b7:38:23:80:dd:
31:ce:ff:2d:2c:20:4f:58:e9:b4:d8:09:1a:5e:13:ec:ec:9e:
ea:95:6e:25:74:f2:93:5b:2e:12:87:85:85:ff:78:54:a4:19:
84:a3:d5:aa:11:7e:dc:a8:d8:18:e8:cc:f2:43:a7:71:d6:fc:
32:3d:52:4e
-----BEGIN CERTIFICATE-----
MIIFOzCCBCOgAwIBAgISAZnxymzkQlFb/WFdvdrhq8R0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhOTM5YjBjZWQzOGQ3NWNjNjNlZDUwZDZlNWNlNzJiYmI1
YjRiMTAwHhcNMjUxMDE3MTA0OTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZGZhNDIyMGJjZGY0MGFjM2Y5ZDEzNGZjNWIwN2E5MGZkZTRjYWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsuPuuIgdDJ2VU9WJ4toZWbNTFOx
kt2Wc0YWcxN0RBHYqHwkXTYD2DLk2FREy7PPfGdk4MJYAlZXJgmLoyq+pkfA3PH6
OyrTLatmA5xOXebJnJxL+1Dardj6uO6eGTLbjW8mhRSap8olDVjCG3m1FJMNRfDJ
iypI35E1Lgdulvqw+7arMlJFe3iqQYnds56ZsCHlK0OyU17QW1XwlatX6tWdQVGC
gnFvnBJs6GJYKE0jxye8IqUL7q9zbQyG2IS4wBGZferjPR0BLG5ziuQ8Oeu/FBUN
32ey3v4SfnOew7vbHMlpgYR0WdbCsi2ELG5W3FQTODNRQIjR5znHR+0tPQIDAQAB
o4ICRzCCAkMwHQYDVR0OBBYEFK36QiC830CsP50TT8WwepD95MrkMB8GA1UdIwQY
MBaAFFqTmwztONdcxj7VDW5c5yu7W0sQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgt
ZDYwYjNiNmNjYTZlLzEvcmZwQ0lMemZRS3dfblJOUHhiQjZrUDNreXVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9iZWExNGEtMGQzMi00YWE3LWI4OTgtZDYwYjNiNmNjYTZl
LzEvV3BPYkRPMDQxMXpHUHRVTmJsem5LN3RiU3hBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF0GCCsGAQUFBwEHAQH/BE4wTDBKBAIAATBEAwQCBbe4AwQF
WR2AAwQDWR3oAwQAWR3+AwQDsDloMAwDBAC5KCUDBAO5KCADBAC5QPMDBAK5SvAD
BAK5kSgDBAK51ogwDQYJKoZIhvcNAQELBQADggEBAI7QtILmIBsz/82XJB8JibUX
GCkYffpvWO5lB9z8sNgJQ5Ll6Wkk5Rf5HhQxtUm+6n0inbLhSoDHkNljPuMWO4Uv
XyC3JekXpAEAekd+GUlCkVoIIL3ZywgQ0wx5F8gZ9Yn+gAtTSj38gbjABJJa5C96
JqPXi+qnev487vc7YV4Y/sgek816+RIdDVEK5cuvcjaF9T9ku1LfKg59mKcfkQjr
iCICQzL/n+SP31iAtCIjzXkVmghShAmy1KTrz6Z1hAC3OCOA3THO/y0sIE9Y6bTY
CRpeE+zsnuqVbiV08pNbLhKHhYX/eFSkGYSj1aoRftyo2BjozPJDp3HW/DI9Uk4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:27:29 2025 by rpki-client