
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/tTfX1pe5RTBDA8rpWDL9o3SrrsQ.roa
File: tTfX1pe5RTBDA8rpWDL9o3SrrsQ.roa (raw, json)
Hash identifier: 0Boop2PPC+Kquo+edf/AvMEIcfKlqZO/IjiPFQIbjyo=
Subject key identifier: B5:37:D7:D6:97:B9:45:30:43:03:CA:E9:58:32:FD:A3:74:AB:AE:C4
Certificate issuer: /CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Certificate serial: 0199E06FF7D2A1EAF02BF3CD23F9E2514A96
Authority key identifier: F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/tTfX1pe5RTBDA8rpWDL9o3SrrsQ.roa
Signing time: Tue 14 Oct 2025 01:57:38 +0000
ROA not before: Tue 14 Oct 2025 01:57:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42926
IP address blocks: 31.210.64.0/18 maxlen: 24
46.45.128.0/18 maxlen: 24
46.45.185.0/24 maxlen: 24
46.45.186.0/24 maxlen: 24
46.45.187.0/24 maxlen: 24
46.45.188.0/24 maxlen: 24
77.75.32.0/21 maxlen: 24
79.98.128.0/21 maxlen: 24
94.101.80.0/20 maxlen: 24
94.101.90.0/24 maxlen: 24
176.53.0.0/17 maxlen: 24
176.53.74.0/24 maxlen: 24
176.53.96.0/24 maxlen: 24
176.53.112.0/24 maxlen: 24
178.211.32.0/19 maxlen: 24
178.211.61.0/24 maxlen: 24
185.25.100.0/22 maxlen: 22
185.25.100.0/24 maxlen: 24
185.25.101.0/24 maxlen: 24
185.25.102.0/24 maxlen: 24
185.25.103.0/24 maxlen: 24
185.157.40.0/22 maxlen: 24
185.184.208.0/22 maxlen: 24
213.128.64.0/19 maxlen: 24
213.128.93.0/24 maxlen: 24
213.128.94.0/24 maxlen: 24
213.128.95.0/24 maxlen: 24
2a00:56a0::/32 maxlen: 48
2a01:790::/32 maxlen: 48
2a0b:5f40::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e0:6f:f7:d2:a1:ea:f0:2b:f3:cd:23:f9:e2:51:4a:96
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f571bbf1d3d3c0efe36de110392be0c7ac447a84
Validity
Not Before: Oct 14 01:57:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b537d7d697b945304303cae95832fda374abaec4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9b:6f:b7:62:9a:c5:e6:af:b5:16:d7:a8:66:6b:
a2:04:fc:77:98:3b:38:48:6a:a9:18:31:2c:d6:e2:
62:3a:bc:26:3d:24:47:b8:79:7a:22:ff:f1:30:4f:
3a:bb:66:91:e1:3d:94:51:36:67:08:7c:44:fd:fe:
7d:c2:5d:3d:2d:a0:28:d7:d7:60:e6:00:1d:d7:01:
d6:1b:7b:40:d3:1d:03:79:1a:7d:68:7b:33:24:8f:
89:e7:f1:10:a1:99:85:53:c9:01:a8:c6:b4:ca:db:
6c:fc:13:e0:7f:c0:70:23:ff:43:9c:c8:11:71:19:
ba:b9:b2:d9:ef:5f:10:c5:ee:3c:9e:e3:e9:99:38:
39:1f:63:f3:c4:0c:f3:f2:eb:9a:e2:78:05:29:bb:
96:a5:91:a6:28:ac:22:fc:66:67:1f:fa:2c:ee:ed:
d7:6f:3d:ff:73:78:3d:81:47:1b:7d:85:51:dd:62:
d7:ef:36:56:3a:71:40:42:bc:38:ce:a6:81:32:28:
ae:0f:d7:5d:9a:41:d9:93:e1:c7:d1:d7:52:92:66:
93:89:28:e2:f0:14:bc:8e:ce:4e:f9:42:23:17:2a:
83:7e:4c:c7:df:07:d9:26:3e:64:d5:36:58:86:a8:
21:54:96:93:d5:47:71:58:1d:d7:15:30:dd:06:5b:
6c:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:37:D7:D6:97:B9:45:30:43:03:CA:E9:58:32:FD:A3:74:AB:AE:C4
X509v3 Authority Key Identifier:
keyid:F5:71:BB:F1:D3:D3:C0:EF:E3:6D:E1:10:39:2B:E0:C7:AC:44:7A:84
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9XG78dPTwO_jbeEQOSvgx6xEeoQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/tTfX1pe5RTBDA8rpWDL9o3SrrsQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/68303f-e8b0-4fe0-96b6-a9657eb1f8d7/1/9XG78dPTwO_jbeEQOSvgx6xEeoQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.64.0/18
46.45.128.0/18
77.75.32.0/21
79.98.128.0/21
94.101.80.0/20
176.53.0.0/17
178.211.32.0/19
185.25.100.0/22
185.157.40.0/22
185.184.208.0/22
213.128.64.0/19
IPv6:
2a00:56a0::/32
2a01:790::/32
2a0b:5f40::/29
Signature Algorithm: sha256WithRSAEncryption
9a:a7:74:37:03:66:71:a1:af:a7:ff:e1:8c:5d:8f:d8:42:10:
c1:f7:6b:85:c1:1f:62:a1:cb:45:25:0b:91:17:b3:2d:18:98:
cf:23:f8:2e:6f:02:88:9f:63:8f:ca:dd:46:5d:d8:d4:7b:4a:
4d:ee:3c:88:f6:ae:08:60:d4:88:75:6b:07:95:eb:9b:e7:73:
17:aa:d3:59:ac:a4:dd:f2:79:12:d0:cf:03:1f:56:00:88:60:
9e:19:eb:79:7e:3d:15:9d:f7:11:17:e9:86:e5:08:49:07:1d:
d8:08:77:f7:b0:34:1a:c0:17:50:52:ac:ec:4d:08:3b:57:84:
9a:c6:6a:ec:b0:e8:cd:97:11:c4:c5:0a:a2:11:90:97:66:f1:
6a:30:3d:7e:b1:43:89:f8:16:49:9d:00:86:17:93:04:88:0c:
18:94:df:e5:ce:18:a4:39:5e:ff:bb:9f:b9:68:a5:bd:5e:90:
19:35:29:a2:9d:30:00:36:7b:ee:c2:d8:28:ab:8b:c6:70:d6:
cb:1f:ce:08:13:2a:5b:7c:fe:03:67:a0:eb:78:32:d1:40:1b:
da:0f:f8:aa:6c:cd:04:51:83:dc:db:c8:c8:97:a4:10:4d:79:
9b:ab:fe:de:5e:cb:ed:17:48:fc:19:1e:a2:8d:72:cf:55:4b:
8b:d4:07:a8
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZngb/fSoerwK/PNI/niUUqWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY1NzFiYmYxZDNkM2MwZWZlMzZkZTExMDM5MmJlMGM3YWM0
NDdhODQwHhcNMjUxMDE0MDE1NzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM3ZDdkNjk3Yjk0NTMwNDMwM2NhZTk1ODMyZmRhMzc0YWJhZWM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAm2+3YprF5q+1FteoZmuiBPx3mDs4
SGqpGDEs1uJiOrwmPSRHuHl6Iv/xME86u2aR4T2UUTZnCHxE/f59wl09LaAo19dg
5gAd1wHWG3tA0x0DeRp9aHszJI+J5/EQoZmFU8kBqMa0ytts/BPgf8BwI/9DnMgR
cRm6ubLZ718Qxe48nuPpmTg5H2PzxAzz8uua4ngFKbuWpZGmKKwi/GZnH/os7u3X
bz3/c3g9gUcbfYVR3WLX7zZWOnFAQrw4zqaBMiiuD9ddmkHZk+HH0ddSkmaTiSji
8BS8js5O+UIjFyqDfkzH3wfZJj5k1TZYhqghVJaT1UdxWB3XFTDdBltsRQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFLU319aXuUUwQwPK6Vgy/aN0q67EMB8GA1UdIwQY
MBaAFPVxu/HT08Dv423hEDkr4MesRHqEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYt
YTk2NTdlYjFmOGQ3LzEvdFRmWDFwZTVSVEJEQThycFdETDlvM1NycnNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi82ODMwM2YtZThiMC00ZmUwLTk2YjYtYTk2NTdlYjFmOGQ3
LzEvOVhHNzhkUFR3T19qYmVFUU9Tdmd4NnhFZW9RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBIBAIAATBCAwQGH9JAAwQG
Li2AAwQDTUsgAwQDT2KAAwQEXmVQAwQHsDUAAwQFstMgAwQCuRlkAwQCuZ0oAwQC
ubjQAwQF1YBAMBsEAgACMBUDBQAqAFagAwUAKgEHkAMFAyoLX0AwDQYJKoZIhvcN
AQELBQADggEBAJqndDcDZnGhr6f/4Yxdj9hCEMH3a4XBH2Khy0UlC5EXsy0YmM8j
+C5vAoifY4/K3UZd2NR7Sk3uPIj2rghg1Ih1aweV65vncxeq01mspN3yeRLQzwMf
VgCIYJ4Z63l+PRWd9xEX6YblCEkHHdgId/ewNBrAF1BSrOxNCDtXhJrGauyw6M2X
EcTFCqIRkJdm8WowPX6xQ4n4FkmdAIYXkwSIDBiU3+XOGKQ5Xv+7n7lopb1ekBk1
KaKdMAA2e+7C2Ciri8Zw1ssfzggTKlt8/gNnoOt4MtFAG9oP+KpszQRRg9zbyMiX
pBBNeZur/t5ey+0XSPwZHqKNcs9VS4vUB6g=
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:03 2025 by rpki-client