Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/dYnDOKCdXu5149JQvacDbq7mVRc.roa
File: dYnDOKCdXu5149JQvacDbq7mVRc.roa (raw, json)
Hash identifier: cR2UPr8Ou2DR9OZZVMQrv2BPoOpAKYqw8Ud7NLgZ+3w=
Subject key identifier: 75:89:C3:38:A0:9D:5E:EE:75:E3:D2:50:BD:A7:03:6E:AE:E6:55:17
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01999715F6DC454048685229B291AA69D592
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/dYnDOKCdXu5149JQvacDbq7mVRc.roa
Signing time: Mon 29 Sep 2025 20:07:03 +0000
ROA not before: Mon 29 Sep 2025 20:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35830
IP address blocks: 5.181.171.0/24 maxlen: 24
5.183.254.0/24 maxlen: 24
45.66.210.0/24 maxlen: 24
45.66.211.0/24 maxlen: 24
45.132.186.0/24 maxlen: 24
45.132.187.0/24 maxlen: 24
45.148.126.0/24 maxlen: 24
185.61.216.0/24 maxlen: 24
185.61.220.0/24 maxlen: 24
185.81.144.0/24 maxlen: 24
185.81.145.0/24 maxlen: 24
185.88.102.0/24 maxlen: 24
185.88.103.0/24 maxlen: 24
185.96.37.0/24 maxlen: 24
185.102.112.0/24 maxlen: 24
185.102.113.0/24 maxlen: 24
213.232.121.0/24 maxlen: 24
213.232.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:97:15:f6:dc:45:40:48:68:52:29:b2:91:aa:69:d5:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Sep 29 20:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7589c338a09d5eee75e3d250bda7036eaee65517
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:e0:91:00:45:2d:15:38:25:58:c2:13:56:53:
53:62:07:c0:0b:00:75:11:d8:30:eb:1e:0b:44:97:
79:d1:b7:1b:1e:7d:9b:37:15:fc:c4:40:c5:de:ac:
55:8c:d5:83:7b:c2:ba:e4:14:21:43:e6:bf:a2:1b:
78:92:e3:a9:b2:92:4f:69:2e:8a:d4:77:80:0d:c5:
71:3c:a7:27:9e:7e:5d:27:d9:40:ad:6b:15:18:fe:
e9:c8:f2:12:c6:42:53:48:e6:16:27:71:20:8e:11:
65:18:8e:82:f0:f2:43:13:5e:b5:66:19:83:80:16:
7a:46:b4:4c:35:26:7f:11:46:97:25:f3:90:87:89:
7a:0d:4b:85:e0:64:36:29:e9:b3:d2:f8:54:83:98:
f8:0c:e3:ac:0e:bb:ef:91:ea:b8:d2:65:2f:ac:da:
3b:22:1a:2b:8b:90:0d:af:03:a9:2f:cf:73:02:d7:
a7:12:e2:90:5f:a4:32:57:aa:f7:ce:aa:d2:0b:2d:
be:4d:0b:aa:cb:a8:b1:5a:fd:e7:a6:44:09:31:95:
75:ff:f0:df:9e:9a:36:72:5f:e2:bf:ee:3f:78:b5:
c2:21:e4:40:ea:ce:d0:fa:ab:f5:f4:05:95:fd:51:
a9:23:65:4f:95:24:e2:c6:3a:c6:54:90:ac:fc:00:
ab:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:89:C3:38:A0:9D:5E:EE:75:E3:D2:50:BD:A7:03:6E:AE:E6:55:17
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/dYnDOKCdXu5149JQvacDbq7mVRc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.171.0/24
5.183.254.0/24
45.66.210.0/23
45.132.186.0/23
45.148.126.0/24
185.61.216.0/24
185.61.220.0/24
185.81.144.0/23
185.88.102.0/23
185.96.37.0/24
185.102.112.0/23
213.232.121.0/24
213.232.123.0/24
Signature Algorithm: sha256WithRSAEncryption
a7:51:bc:ac:cf:07:ba:5a:7f:77:37:ed:9d:83:a6:fb:c4:85:
8a:06:50:bc:1f:f6:ec:86:f7:ad:06:00:c1:09:cc:a9:59:04:
6f:ef:99:ad:0d:47:9d:ab:51:81:8e:d4:50:ff:b2:12:90:3d:
19:2b:0b:23:cf:44:99:1f:31:d7:b5:8c:f3:55:e1:ae:26:e8:
9c:53:b1:32:a8:25:cb:26:ad:cd:e6:05:05:21:63:b4:d7:d6:
5f:3d:03:f8:62:36:21:23:d6:cd:88:5a:9d:b5:1a:79:1f:b3:
67:72:bf:14:1e:05:f7:77:c8:e8:cf:14:14:eb:41:8e:6a:a1:
c5:dd:b3:85:b3:a3:88:dd:98:a5:b7:d5:f3:c9:5d:7c:4e:d1:
e5:e2:0a:71:0a:cf:3d:6b:fd:a7:41:78:54:92:a6:fa:96:67:
78:ba:2c:97:aa:ce:f8:32:a4:e3:0d:3d:28:ae:e3:9c:ad:67:
3d:f5:04:3b:a8:97:34:d9:3d:16:f8:21:b4:0b:f4:b7:8d:bd:
b0:ac:ea:5e:e1:95:43:cc:01:af:29:a8:41:42:3c:0f:05:22:
d8:d2:a7:63:ad:b3:10:21:00:6e:a2:17:da:6b:ff:6f:7e:48:
e7:10:e3:00:40:b3:a2:ac:5d:b8:bc:ad:8a:09:b6:94:a9:06:
3b:d7:db:31
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZmXFfbcRUBIaFIpspGqadWSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwOTI5MjAwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NTg5YzMzOGEwOWQ1ZWVlNzVlM2QyNTBiZGE3MDM2ZWFlZTY1NTE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsuCRAEUtFTglWMITVlNTYgfACwB1
Edgw6x4LRJd50bcbHn2bNxX8xEDF3qxVjNWDe8K65BQhQ+a/oht4kuOpspJPaS6K
1HeADcVxPKcnnn5dJ9lArWsVGP7pyPISxkJTSOYWJ3EgjhFlGI6C8PJDE161ZhmD
gBZ6RrRMNSZ/EUaXJfOQh4l6DUuF4GQ2Kemz0vhUg5j4DOOsDrvvkeq40mUvrNo7
Ihori5ANrwOpL89zAtenEuKQX6QyV6r3zqrSCy2+TQuqy6ixWv3npkQJMZV1//Df
npo2cl/iv+4/eLXCIeRA6s7Q+qv19AWV/VGpI2VPlSTixjrGVJCs/ACrIwIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFHWJwzignV7udePSUL2nA26u5lUXMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvZFluRE9LQ2RYdTUxNDlKUXZhY0RicTdtVlJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABbWrAwQA
Bbf+AwQBLULSAwQBLYS6AwQALZR+AwQAuT3YAwQAuT3cAwQBuVGQAwQBuVhmAwQA
uWAlAwQBuWZwAwQA1eh5AwQA1eh7MA0GCSqGSIb3DQEBCwUAA4IBAQCnUbyszwe6
Wn93N+2dg6b7xIWKBlC8H/bshvetBgDBCcypWQRv75mtDUedq1GBjtRQ/7ISkD0Z
Kwsjz0SZHzHXtYzzVeGuJuicU7EyqCXLJq3N5gUFIWO019ZfPQP4YjYhI9bNiFqd
tRp5H7Nncr8UHgX3d8jozxQU60GOaqHF3bOFs6OI3Zilt9XzyV18TtHl4gpxCs89
a/2nQXhUkqb6lmd4uiyXqs74MqTjDT0oruOcrWc99QQ7qJc02T0W+CG0C/S3jb2w
rOpe4ZVDzAGvKahBQjwPBSLY0qdjrbMQIQBuohfaa/9vfkjnEOMAQLOirF24vK2K
CbaUqQY719sx
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:19 2025 by rpki-client