Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/aWqk2Eqq3IuFrdTCWqDT1ipjFfc.roa
File: aWqk2Eqq3IuFrdTCWqDT1ipjFfc.roa (raw, json)
Hash identifier: gCGkdVAQfPxZEOhksPMaLIdO7tZKi7jbSZk+qSfa8hA=
Subject key identifier: 69:6A:A4:D8:4A:AA:DC:8B:85:AD:D4:C2:5A:A0:D3:D6:2A:63:15:F7
Certificate issuer: /CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Certificate serial: 0199C2ED08526D95C1839958F1A8051481AE
Authority key identifier: F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/aWqk2Eqq3IuFrdTCWqDT1ipjFfc.roa
Signing time: Wed 08 Oct 2025 08:25:37 +0000
ROA not before: Wed 08 Oct 2025 08:25:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201341
IP address blocks: 37.153.134.0/24 maxlen: 24
37.156.6.0/24 maxlen: 24
46.102.251.0/24 maxlen: 24
85.204.245.0/24 maxlen: 24
85.204.251.0/24 maxlen: 24
86.105.7.0/24 maxlen: 24
86.105.13.0/24 maxlen: 24
86.107.102.0/24 maxlen: 24
89.33.117.0/24 maxlen: 24
89.33.118.0/24 maxlen: 24
89.34.172.0/24 maxlen: 24
89.35.126.0/24 maxlen: 24
89.36.142.0/24 maxlen: 24
89.36.225.0/24 maxlen: 24
89.37.234.0/24 maxlen: 24
89.39.122.0/24 maxlen: 24
94.177.22.0/24 maxlen: 24
176.223.67.0/24 maxlen: 24
185.77.164.0/22 maxlen: 22
185.77.164.0/24 maxlen: 24
185.77.165.0/24 maxlen: 24
185.77.166.0/24 maxlen: 24
185.77.167.0/24 maxlen: 24
188.208.102.0/24 maxlen: 24
188.211.26.0/24 maxlen: 24
188.213.218.0/24 maxlen: 24
188.215.34.0/24 maxlen: 24
188.240.69.0/24 maxlen: 24
188.240.211.0/24 maxlen: 24
2a05:6300::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.mft
rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:ed:08:52:6d:95:c1:83:99:58:f1:a8:05:14:81:ae
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f5fb32d2266b1f9bce57cac98bc0247f2c9197f2
Validity
Not Before: Oct 8 08:25:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=696aa4d84aaadc8b85add4c25aa0d3d62a6315f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:d8:49:41:fb:35:1e:ca:94:38:9a:6b:74:40:
e1:30:ca:09:fa:bf:28:c1:54:99:9c:3f:41:32:5d:
28:88:fc:0d:04:eb:07:41:33:6a:73:2d:6f:3a:11:
69:e0:04:b8:4c:00:bc:6e:d8:af:30:50:1e:46:dd:
70:c8:d0:dc:4b:ff:e8:8c:35:f4:0e:67:20:8d:17:
86:17:b5:33:56:94:d2:0b:38:9a:83:7e:ca:18:76:
d4:fd:e9:bb:2a:f2:2b:6e:26:ac:d2:86:0c:dc:a5:
bf:23:1d:c3:58:70:89:c5:14:91:78:74:2e:db:07:
c9:9c:e4:0d:fb:c2:f4:53:56:2e:dd:72:92:62:5e:
a0:02:5c:82:70:1c:21:ed:1b:36:fb:5e:32:4d:92:
54:a6:30:b8:e2:8d:0c:a4:c0:55:76:51:b6:e9:15:
47:f7:33:ad:65:fb:5f:b0:43:4f:d5:0f:a7:06:64:
01:d7:54:f7:c7:3f:37:21:81:33:4d:90:71:0d:05:
3e:88:44:4e:ab:e2:25:e9:c2:23:4e:ea:bd:d9:8b:
27:71:0e:be:7a:f8:a0:58:68:9b:9e:13:02:b7:1e:
1c:7c:69:9e:03:de:cb:33:95:c6:e0:be:97:80:e5:
3e:c1:43:f1:1d:28:2f:4a:55:20:3e:dc:7e:f3:5d:
51:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:6A:A4:D8:4A:AA:DC:8B:85:AD:D4:C2:5A:A0:D3:D6:2A:63:15:F7
X509v3 Authority Key Identifier:
keyid:F5:FB:32:D2:26:6B:1F:9B:CE:57:CA:C9:8B:C0:24:7F:2C:91:97:F2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9fsy0iZrH5vOV8rJi8AkfyyRl_I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/aWqk2Eqq3IuFrdTCWqDT1ipjFfc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/fb42ec-10b4-4dcf-bef0-2d143d7b853c/1/9fsy0iZrH5vOV8rJi8AkfyyRl_I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.153.134.0/24
37.156.6.0/24
46.102.251.0/24
85.204.245.0/24
85.204.251.0/24
86.105.7.0/24
86.105.13.0/24
86.107.102.0/24
89.33.117.0-89.33.118.255
89.34.172.0/24
89.35.126.0/24
89.36.142.0/24
89.36.225.0/24
89.37.234.0/24
89.39.122.0/24
94.177.22.0/24
176.223.67.0/24
185.77.164.0/22
188.208.102.0/24
188.211.26.0/24
188.213.218.0/24
188.215.34.0/24
188.240.69.0/24
188.240.211.0/24
IPv6:
2a05:6300::/29
Signature Algorithm: sha256WithRSAEncryption
b5:c0:05:18:2c:e3:c1:66:9e:be:ce:2a:ba:d6:62:3d:39:1a:
7d:4a:81:f3:93:29:57:1f:18:36:d2:65:87:43:65:2c:fd:f0:
53:d8:c8:a8:95:c2:4a:46:1c:5a:47:f2:29:cb:b5:c4:17:3e:
b6:9b:80:f0:55:ca:e9:64:c4:d0:ca:dd:b9:43:9a:e0:f2:9f:
0c:82:37:bb:c3:9b:80:16:63:11:88:83:35:73:03:65:80:11:
cd:40:f2:b8:ba:8e:af:51:de:f1:ac:5e:f6:7b:63:df:ac:09:
a1:95:0f:8d:29:6d:1a:a3:0a:d7:34:79:07:81:d4:ee:4c:4f:
a5:26:54:d3:dd:04:9e:63:92:c9:4c:80:15:e2:43:c2:b3:b8:
63:bc:2b:19:e0:5c:7b:c5:77:e4:17:9e:a7:e1:ed:ee:4a:33:
27:25:fa:0b:31:1e:2c:8f:a7:68:91:b5:86:66:06:d4:a8:96:
ca:1b:b7:e1:18:0f:af:0c:30:07:18:4f:bb:8a:78:9c:d6:7a:
fa:4a:fa:57:7d:01:4c:c7:0e:28:69:6e:9a:f6:2d:96:96:7d:
6e:2c:58:de:a7:7c:b5:27:a4:b2:71:68:e7:02:c2:34:ba:39:
ba:e7:6c:25:b6:20:c1:9c:0c:f4:ec:8c:cf:94:b7:bb:5c:8d:
f7:e0:8c:39
-----BEGIN CERTIFICATE-----
MIIFozCCBIugAwIBAgISAZnC7QhSbZXBg5lY8agFFIGuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1ZmIzMmQyMjY2YjFmOWJjZTU3Y2FjOThiYzAyNDdmMmM5
MTk3ZjIwHhcNMjUxMDA4MDgyNTM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OTZhYTRkODRhYWFkYzhiODVhZGQ0YzI1YWEwZDNkNjJhNjMxNWY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqdhJQfs1HsqUOJprdEDhMMoJ+r8o
wVSZnD9BMl0oiPwNBOsHQTNqcy1vOhFp4AS4TAC8btivMFAeRt1wyNDcS//ojDX0
DmcgjReGF7UzVpTSCziag37KGHbU/em7KvIrbias0oYM3KW/Ix3DWHCJxRSReHQu
2wfJnOQN+8L0U1Yu3XKSYl6gAlyCcBwh7Rs2+14yTZJUpjC44o0MpMBVdlG26RVH
9zOtZftfsENP1Q+nBmQB11T3xz83IYEzTZBxDQU+iEROq+Il6cIjTuq92YsncQ6+
evigWGibnhMCtx4cfGmeA97LM5XG4L6XgOU+wUPxHSgvSlUgPtx+811RyQIDAQAB
o4ICrzCCAqswHQYDVR0OBBYEFGlqpNhKqtyLha3Uwlqg09YqYxX3MB8GA1UdIwQY
MBaAFPX7MtImax+bzlfKyYvAJH8skZfyMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAt
MmQxNDNkN2I4NTNjLzEvYVdxazJFcXEzSXVGcmRUQ1dxRFQxaXBqRmZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC9mYjQyZWMtMTBiNC00ZGNmLWJlZjAtMmQxNDNkN2I4NTNj
LzEvOWZzeTBpWnJINXZPVjhySmk4QWtmeXlSbF9JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHEBggrBgEFBQcBBwEB/wSBtDCBsTCBnwQCAAEwgZgDBAAl
mYYDBAAlnAYDBAAuZvsDBABVzPUDBABVzPsDBABWaQcDBABWaQ0DBABWa2YwDAME
AFkhdQMEAFkhdgMEAFkirAMEAFkjfgMEAFkkjgMEAFkk4QMEAFkl6gMEAFknegME
AF6xFgMEALDfQwMEArlNpAMEALzQZgMEALzTGgMEALzV2gMEALzXIgMEALzwRQME
ALzw0zANBAIAAjAHAwUDKgVjADANBgkqhkiG9w0BAQsFAAOCAQEAtcAFGCzjwWae
vs4qutZiPTkafUqB85MpVx8YNtJlh0NlLP3wU9jIqJXCSkYcWkfyKcu1xBc+tpuA
8FXK6WTE0MrduUOa4PKfDII3u8ObgBZjEYiDNXMDZYARzUDyuLqOr1He8axe9ntj
36wJoZUPjSltGqMK1zR5B4HU7kxPpSZU090EnmOSyUyAFeJDwrO4Y7wrGeBce8V3
5Beep+Ht7kozJyX6CzEeLI+naJG1hmYG1KiWyhu34RgPrwwwBxhPu4p4nNZ6+kr6
V30BTMcOKGlumvYtlpZ9bixY3qd8tSeksnFo5wLCNLo5uudsJbYgwZwM9OyMz5S3
u1yN9+CMOQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:08 2025 by rpki-client