Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/u9So4nOjetfAA9W1OFixoyvY5tU.roa
File: u9So4nOjetfAA9W1OFixoyvY5tU.roa (raw, json)
Hash identifier: cvRW0bCt24xTGsHS9amEg/tzquXgyYz0ckBw0mMHbQ8=
Subject key identifier: BB:D4:A8:E2:73:A3:7A:D7:C0:03:D5:B5:38:58:B1:A3:2B:D8:E6:D5
Certificate issuer: /CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Certificate serial: 0199CDDF77760D6DA2FC3B671706C12715C3
Authority key identifier: D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/u9So4nOjetfAA9W1OFixoyvY5tU.roa
Signing time: Fri 10 Oct 2025 11:26:38 +0000
ROA not before: Fri 10 Oct 2025 11:26:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 152.53.0.0/16 maxlen: 24
152.53.5.0/24 maxlen: 24
152.53.7.0/24 maxlen: 24
152.53.12.0/22 maxlen: 24
152.53.16.0/22 maxlen: 24
152.53.20.0/22 maxlen: 24
152.53.32.0/22 maxlen: 24
152.53.42.0/24 maxlen: 24
152.53.42.0/27 maxlen: 27
152.53.42.64/28 maxlen: 28
152.53.43.0/24 maxlen: 24
152.53.43.64/27 maxlen: 27
152.53.44.0/22 maxlen: 24
152.53.48.0/22 maxlen: 22
152.53.60.0/24 maxlen: 24
152.53.61.0/24 maxlen: 24
152.53.64.0/22 maxlen: 24
152.53.84.0/22 maxlen: 22
152.53.92.0/22 maxlen: 22
152.53.100.0/22 maxlen: 22
152.53.104.0/22 maxlen: 22
152.53.108.0/22 maxlen: 22
152.53.112.0/22 maxlen: 22
152.53.116.0/22 maxlen: 22
152.53.124.0/22 maxlen: 22
152.53.128.0/20 maxlen: 22
152.53.144.0/22 maxlen: 22
152.53.148.0/22 maxlen: 22
152.53.152.0/22 maxlen: 22
152.53.160.0/22 maxlen: 22
152.53.172.0/22 maxlen: 22
152.53.176.0/22 maxlen: 22
152.53.180.0/22 maxlen: 22
152.53.188.0/22 maxlen: 22
152.53.196.0/22 maxlen: 22
152.53.200.0/24 maxlen: 24
152.53.202.0/24 maxlen: 24
152.53.204.0/22 maxlen: 22
152.53.224.0/22 maxlen: 22
152.53.228.0/22 maxlen: 22
152.53.236.0/22 maxlen: 22
152.53.244.0/22 maxlen: 22
152.53.248.0/22 maxlen: 22
152.53.252.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.mft
rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cd:df:77:76:0d:6d:a2:fc:3b:67:17:06:c1:27:15:c3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d00b37b6f4b445645e6993a9c5ec608492425f0e
Validity
Not Before: Oct 10 11:26:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bbd4a8e273a37ad7c003d5b53858b1a32bd8e6d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:40:8d:91:22:1e:88:37:7f:f4:5d:47:86:cd:
ac:9d:01:43:57:34:3a:7f:8b:31:51:0d:a4:63:38:
83:5f:b2:93:9f:1c:fa:98:ee:16:c0:01:b6:87:0e:
8a:56:1e:1e:4f:ad:73:b9:df:86:98:06:68:e1:4c:
5b:7a:32:8a:3e:0b:c5:5d:1c:7c:e7:aa:81:f6:eb:
d2:16:55:68:40:0f:e2:70:44:83:54:04:d0:c0:e2:
13:14:45:1c:f8:dc:b1:ab:aa:85:4d:f8:fb:55:ec:
7a:e9:d5:7d:4e:62:31:40:0f:e3:80:b1:e0:0c:ab:
22:42:ab:96:24:42:08:06:29:45:0a:e8:96:a4:2c:
fd:a5:06:42:1c:fd:46:20:01:2b:ad:95:dc:77:9b:
c0:95:25:65:40:0f:ce:c7:96:30:b4:1f:6c:6c:4e:
18:5c:56:81:69:9a:89:66:26:6e:72:02:e1:4c:61:
7a:7f:8b:05:fb:7b:5a:5e:c6:d8:b1:1f:07:18:d5:
26:78:d9:9a:39:f9:52:00:7d:5f:0a:bc:4b:d4:d6:
99:91:29:b9:bf:51:4c:37:fc:47:76:ca:6d:5c:48:
f7:1f:37:20:d0:5e:2a:89:7f:f0:d4:a6:9d:d6:f4:
dd:c3:13:cc:99:5f:20:a5:fc:c5:2c:91:18:9a:6f:
f4:6f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:D4:A8:E2:73:A3:7A:D7:C0:03:D5:B5:38:58:B1:A3:2B:D8:E6:D5
X509v3 Authority Key Identifier:
keyid:D0:0B:37:B6:F4:B4:45:64:5E:69:93:A9:C5:EC:60:84:92:42:5F:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0As3tvS0RWReaZOpxexghJJCXw4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/u9So4nOjetfAA9W1OFixoyvY5tU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/730fc5-7301-4a60-86d1-7db6868d8474/1/0As3tvS0RWReaZOpxexghJJCXw4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
152.53.0.0/16
Signature Algorithm: sha256WithRSAEncryption
90:0e:82:80:b6:7f:0d:76:c0:4b:42:99:86:80:cf:22:6f:db:
30:f1:95:e7:e1:b3:4b:5f:f4:70:86:4b:c0:b7:25:84:be:7d:
5f:8a:a5:e1:11:90:df:dc:60:9d:bc:72:94:6b:00:94:ee:c6:
da:78:24:df:ad:ca:20:4b:a3:5b:c4:fa:05:ba:86:a3:06:f9:
89:28:48:0c:64:80:35:b4:cb:c9:67:4e:95:b4:cb:56:ed:56:
3c:64:fa:4b:2f:6d:c9:74:f6:48:c2:df:59:4c:46:c5:ec:97:
c1:d6:00:87:58:6e:44:97:ee:92:50:f2:e9:76:af:f2:72:2b:
aa:92:a2:85:24:2d:d7:8e:7f:69:d3:8a:a2:5a:aa:e3:b2:f5:
ea:bd:56:86:c2:6c:4e:94:5b:f8:07:f2:a7:45:64:3f:6e:be:
b8:df:8c:46:9b:34:62:eb:11:26:e5:f6:a3:00:9a:b3:9f:f6:
a9:d1:37:5f:b9:55:3e:46:02:41:cd:bd:55:97:3b:15:29:aa:
2a:09:2f:cf:3e:21:b9:ef:27:c1:fe:8e:6f:c2:41:9b:5b:ee:
40:74:99:1f:d4:d2:02:cb:a0:9e:f0:c8:be:f7:45:6b:bc:e6:
29:78:ca:6c:da:14:49:5c:2f:8b:ce:79:69:26:08:11:54:7e:
1d:2e:99:de
-----BEGIN CERTIFICATE-----
MIIE/DCCA+SgAwIBAgISAZnN33d2DW2i/DtnFwbBJxXDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQwMGIzN2I2ZjRiNDQ1NjQ1ZTY5OTNhOWM1ZWM2MDg0OTI0
MjVmMGUwHhcNMjUxMDEwMTEyNjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYmQ0YThlMjczYTM3YWQ3YzAwM2Q1YjUzODU4YjFhMzJiZDhlNmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm0CNkSIeiDd/9F1Hhs2snQFDVzQ6
f4sxUQ2kYziDX7KTnxz6mO4WwAG2hw6KVh4eT61zud+GmAZo4UxbejKKPgvFXRx8
56qB9uvSFlVoQA/icESDVATQwOITFEUc+Nyxq6qFTfj7Vex66dV9TmIxQA/jgLHg
DKsiQquWJEIIBilFCuiWpCz9pQZCHP1GIAErrZXcd5vAlSVlQA/Ox5YwtB9sbE4Y
XFaBaZqJZiZucgLhTGF6f4sF+3taXsbYsR8HGNUmeNmaOflSAH1fCrxL1NaZkSm5
v1FMN/xHdsptXEj3Hzcg0F4qiX/w1Kad1vTdwxPMmV8gpfzFLJEYmm/0bwIDAQAB
o4ICCDCCAgQwHQYDVR0OBBYEFLvUqOJzo3rXwAPVtThYsaMr2ObVMB8GA1UdIwQY
MBaAFNALN7b0tEVkXmmTqcXsYISSQl8OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEt
N2RiNjg2OGQ4NDc0LzEvdTlTbzRuT2pldGZBQTlXMU9GaXhveXZZNXRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC83MzBmYzUtNzMwMS00YTYwLTg2ZDEtN2RiNjg2OGQ4NDc0
LzEvMEFzM3R2UzBSV1JlYVpPcHhleGdoSkpDWHc0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB4GCCsGAQUFBwEHAQH/BA8wDTALBAIAATAFAwMAmDUwDQYJ
KoZIhvcNAQELBQADggEBAJAOgoC2fw12wEtCmYaAzyJv2zDxlefhs0tf9HCGS8C3
JYS+fV+KpeERkN/cYJ28cpRrAJTuxtp4JN+tyiBLo1vE+gW6hqMG+YkoSAxkgDW0
y8lnTpW0y1btVjxk+ksvbcl09kjC31lMRsXsl8HWAIdYbkSX7pJQ8ul2r/JyK6qS
ooUkLdeOf2nTiqJaquOy9eq9VobCbE6UW/gH8qdFZD9uvrjfjEabNGLrESbl9qMA
mrOf9qnRN1+5VT5GAkHNvVWXOxUpqioJL88+IbnvJ8H+jm/CQZtb7kB0mR/U0gLL
oJ7wyL73RWu85il4ymzaFElcL4vOeWkmCBFUfh0umd4=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:16:09 2025 by rpki-client