Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/IldnESVb5YAXRybajnGx4ZHkjvs.roa
File: IldnESVb5YAXRybajnGx4ZHkjvs.roa (raw, json)
Hash identifier: Z7vt2Bz5Xlx6ZNjSBTF37CVzL/JzsawDeZyWyaF9i1k=
Subject key identifier: 22:57:67:11:25:5B:E5:80:17:47:26:DA:8E:71:B1:E1:91:E4:8E:FB
Certificate issuer: /CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Certificate serial: 01997BC5688836CFE2FD4426D901D909A33F
Authority key identifier: 2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/IldnESVb5YAXRybajnGx4ZHkjvs.roa
Signing time: Wed 24 Sep 2025 12:49:18 +0000
ROA not before: Wed 24 Sep 2025 12:49:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15796
IP address blocks: 51.154.0.0/16 maxlen: 16
51.154.248.0/22 maxlen: 22
51.154.252.0/22 maxlen: 22
213.55.128.0/17 maxlen: 24
213.55.128.0/24 maxlen: 24
213.55.131.0/24 maxlen: 24
213.55.132.0/24 maxlen: 24
213.55.141.0/24 maxlen: 24
213.55.147.0/24 maxlen: 24
213.55.150.0/24 maxlen: 24
213.55.179.0/24 maxlen: 24
213.55.180.0/22 maxlen: 22
213.55.184.0/22 maxlen: 22
213.55.188.0/24 maxlen: 24
213.55.189.0/24 maxlen: 24
213.55.190.0/24 maxlen: 24
213.55.191.0/24 maxlen: 24
213.55.192.0/24 maxlen: 24
213.55.193.0/24 maxlen: 24
213.55.194.0/24 maxlen: 24
213.55.195.0/24 maxlen: 24
213.55.196.0/22 maxlen: 22
213.55.206.0/24 maxlen: 24
213.55.220.0/22 maxlen: 22
213.55.224.0/22 maxlen: 22
213.55.233.0/24 maxlen: 24
213.55.234.0/24 maxlen: 24
213.55.235.0/24 maxlen: 24
213.55.236.0/24 maxlen: 24
213.55.237.0/24 maxlen: 24
213.55.238.0/24 maxlen: 24
213.55.240.0/22 maxlen: 22
213.55.244.0/22 maxlen: 22
2a04:ee40::/29 maxlen: 29
2a04:ee40:2000::/35 maxlen: 35
2a04:ee41::/41 maxlen: 41
2a04:ee41:80::/41 maxlen: 41
2a04:ee42:1::/64 maxlen: 64
2a04:ee42:1:7::/64 maxlen: 64
2a04:ee42:2::/64 maxlen: 64
2a04:ee42:2:7::/64 maxlen: 64
2a04:ee42:53::/64 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.crl
rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.mft
rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7b:c5:68:88:36:cf:e2:fd:44:26:d9:01:d9:09:a3:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2c571d688aa503a2e566bbc876df0ba455c577ed
Validity
Not Before: Sep 24 12:49:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=22576711255be580174726da8e71b1e191e48efb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:29:b6:9e:c6:1e:e4:ba:f1:8a:ed:c2:4b:17:
4b:93:18:98:30:14:89:11:99:5a:a5:e1:3b:2d:d6:
9d:72:ed:18:ae:0f:28:b2:9d:b4:09:7b:72:72:7f:
b2:e1:df:6b:e5:f5:0e:7f:c2:1f:e2:36:a9:2b:1f:
d9:7d:11:e5:16:5d:01:d1:bb:f3:6b:cb:c0:a6:be:
8a:a1:c4:d3:b8:0d:f5:cf:47:2d:1a:6b:2d:e9:85:
38:15:fc:e0:ba:4c:5b:62:c0:8d:9b:e1:21:38:7c:
c2:c8:2d:2c:c5:a8:88:50:7d:16:1f:40:d3:5b:f3:
5d:76:1e:0f:10:7a:0a:67:52:6d:b0:01:6e:c0:55:
fc:98:00:86:81:96:b8:5d:10:1c:df:0d:a7:7f:b5:
b6:3a:78:19:a4:72:ca:b2:33:e1:56:96:1b:5b:2e:
d1:2b:43:10:cc:bf:b2:1e:c8:da:36:4d:b2:3e:7e:
e9:92:a3:0b:94:97:0e:4f:2c:05:d1:c8:ea:56:96:
ce:3a:db:c4:26:d0:03:64:95:6d:be:c0:73:b6:c5:
40:bd:86:6e:e8:19:43:a3:42:5f:7d:bb:77:7e:6a:
6a:8a:87:70:9b:44:d5:e8:f2:5b:54:5d:07:51:54:
25:ca:5f:27:55:9d:ee:cb:e5:48:11:ac:f3:5f:0a:
e6:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
22:57:67:11:25:5B:E5:80:17:47:26:DA:8E:71:B1:E1:91:E4:8E:FB
X509v3 Authority Key Identifier:
keyid:2C:57:1D:68:8A:A5:03:A2:E5:66:BB:C8:76:DF:0B:A4:55:C5:77:ED
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LFcdaIqlA6LlZrvIdt8LpFXFd-0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/IldnESVb5YAXRybajnGx4ZHkjvs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9c/63eb42-a0e1-4f1c-bcc9-87524014dbfb/1/LFcdaIqlA6LlZrvIdt8LpFXFd-0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.154.0.0/16
213.55.128.0/17
IPv6:
2a04:ee40::/29
Signature Algorithm: sha256WithRSAEncryption
19:5c:60:b7:19:03:7e:ef:a8:65:b7:0e:13:dc:bc:3e:ca:2e:
04:ae:51:48:db:b4:0f:d2:46:e9:3c:ef:a0:83:42:85:a3:0a:
f0:17:c3:0e:2e:f8:fe:7c:a7:65:e6:51:9f:db:d8:11:ae:71:
8b:2e:ad:0b:1f:94:43:73:13:16:a8:de:84:97:71:ad:91:9e:
23:0f:d9:7d:03:fc:f0:56:cd:b6:20:66:28:2d:64:f6:d5:c6:
c6:06:bd:c6:28:d1:fd:20:d8:2c:45:b0:80:5d:a3:01:30:89:
e8:2e:aa:67:1a:b0:64:32:67:46:5c:ae:22:26:87:a8:bb:3b:
10:9d:37:32:10:4b:3d:4b:35:7c:8c:dc:34:ab:54:c8:d9:b7:
e2:3d:d0:41:96:1b:99:75:cb:fc:bc:55:c4:bf:79:d3:77:61:
a3:da:6b:0b:bc:9f:7d:15:c4:d9:08:6c:26:63:f7:7c:2f:f4:
59:66:a3:a9:8e:d0:03:54:7b:8a:4f:d4:03:c5:be:95:ca:35:
f8:70:83:86:ea:00:e6:56:c2:45:fb:da:f5:11:e8:b2:7c:05:
e2:0b:6d:fb:2a:fb:16:83:e3:96:65:c6:5f:65:b2:90:43:45:
49:e7:fe:55:08:af:62:23:e1:aa:4b:09:95:ba:93:91:af:7c:
2a:54:da:34
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZl7xWiINs/i/UQm2QHZCaM/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJjNTcxZDY4OGFhNTAzYTJlNTY2YmJjODc2ZGYwYmE0NTVj
NTc3ZWQwHhcNMjUwOTI0MTI0OTE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMjU3NjcxMTI1NWJlNTgwMTc0NzI2ZGE4ZTcxYjFlMTkxZTQ4ZWZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCm2nsYe5Lrxiu3CSxdLkxiYMBSJ
EZlapeE7Ldadcu0Yrg8osp20CXtycn+y4d9r5fUOf8If4japKx/ZfRHlFl0B0bvz
a8vApr6KocTTuA31z0ctGmst6YU4FfzgukxbYsCNm+EhOHzCyC0sxaiIUH0WH0DT
W/Nddh4PEHoKZ1JtsAFuwFX8mACGgZa4XRAc3w2nf7W2OngZpHLKsjPhVpYbWy7R
K0MQzL+yHsjaNk2yPn7pkqMLlJcOTywF0cjqVpbOOtvEJtADZJVtvsBztsVAvYZu
6BlDo0Jffbt3fmpqiodwm0TV6PJbVF0HUVQlyl8nVZ3uy+VIEazzXwrmjwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFCJXZxElW+WAF0cm2o5xseGR5I77MB8GA1UdIwQY
MBaAFCxXHWiKpQOi5Wa7yHbfC6RVxXftMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTEZjZGFJcWxBNkxsWnJ2SWR0OExwRlhGZC0wLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yy82M2ViNDItYTBlMS00ZjFjLWJjYzkt
ODc1MjQwMTRkYmZiLzEvSWxkbkVTVmI1WUFYUnliYWpuR3g0WkhranZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yy82M2ViNDItYTBlMS00ZjFjLWJjYzktODc1MjQwMTRkYmZi
LzEvTEZjZGFJcWxBNkxsWnJ2SWR0OExwRlhGZC0wLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjARBAIAATALAwMAM5oDBAfV
N4AwDQQCAAIwBwMFAyoE7kAwDQYJKoZIhvcNAQELBQADggEBABlcYLcZA37vqGW3
DhPcvD7KLgSuUUjbtA/SRuk876CDQoWjCvAXww4u+P58p2XmUZ/b2BGucYsurQsf
lENzExao3oSXca2RniMP2X0D/PBWzbYgZigtZPbVxsYGvcYo0f0g2CxFsIBdowEw
ieguqmcasGQyZ0ZcriImh6i7OxCdNzIQSz1LNXyM3DSrVMjZt+I90EGWG5l1y/y8
VcS/edN3YaPaawu8n30VxNkIbCZj93wv9Flmo6mO0ANUe4pP1APFvpXKNfhwg4bq
AOZWwkX72vUR6LJ8BeILbfsq+xaD45Zlxl9lspBDRUnn/lUIr2Ij4apLCZW6k5Gv
fCpU2jQ=
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:30:51 2025 by rpki-client