Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/lASgtg7eMsom5hLbNmYUKDqQ_6c.roa
File: lASgtg7eMsom5hLbNmYUKDqQ_6c.roa (raw, json)
Hash identifier: Cd3ipcsUfU/tgNrPNapcEFl1bj5aBR1E6rM1qPwaq4s=
Subject key identifier: 94:04:A0:B6:0E:DE:32:CA:26:E6:12:DB:36:66:14:28:3A:90:FF:A7
Certificate issuer: /CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Certificate serial: 0199A5C8C692DCB278C308B5C56A0EB3688D
Authority key identifier: 8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/lASgtg7eMsom5hLbNmYUKDqQ_6c.roa
Signing time: Thu 02 Oct 2025 16:37:02 +0000
ROA not before: Thu 02 Oct 2025 16:37:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35793
IP address blocks: 45.11.128.0/24 maxlen: 24
45.11.129.0/24 maxlen: 24
45.11.130.0/24 maxlen: 24
45.11.131.0/24 maxlen: 24
45.95.100.0/24 maxlen: 24
45.95.101.0/24 maxlen: 24
45.95.102.0/24 maxlen: 24
45.95.103.0/24 maxlen: 24
91.221.209.0/24 maxlen: 24
185.151.160.0/24 maxlen: 24
185.151.161.0/24 maxlen: 24
185.151.162.0/24 maxlen: 24
185.151.163.0/24 maxlen: 24
185.174.140.0/24 maxlen: 24
185.174.141.0/24 maxlen: 24
185.174.142.0/24 maxlen: 24
185.174.143.0/24 maxlen: 24
2a07:7940:12::/48 maxlen: 48
2a07:7940:14::/48 maxlen: 48
2a07:7940:16::/48 maxlen: 48
2a07:7940:18::/48 maxlen: 48
2a07:7940:41::/48 maxlen: 48
2a07:7940:45::/48 maxlen: 48
2a07:7940:46::/48 maxlen: 48
2a07:7940:47::/48 maxlen: 48
2a07:7940:48::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.mft
rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a5:c8:c6:92:dc:b2:78:c3:08:b5:c5:6a:0e:b3:68:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8aab4c0cf21c1a3d6ea41068cbe908be388e450a
Validity
Not Before: Oct 2 16:37:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9404a0b60ede32ca26e612db366614283a90ffa7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:5a:23:38:74:97:33:bf:71:1e:91:c4:65:60:
4d:69:05:1c:7e:84:c4:28:3f:0f:24:1f:35:37:82:
d2:95:4f:23:bc:20:ff:cd:46:3f:aa:30:d2:94:62:
6f:ac:fb:47:eb:6f:3a:d2:a0:d0:ee:db:23:ee:ac:
61:60:e0:68:16:bd:88:9a:cc:c2:d6:cd:04:61:f1:
ac:36:e3:15:3d:a0:d6:7d:34:41:51:c1:86:a2:e4:
5a:3a:fd:30:ec:40:00:d3:9c:c2:12:90:aa:78:22:
25:05:3d:bc:e7:c7:d8:f6:4c:0c:b0:2e:c5:1e:ba:
00:7f:50:df:bb:20:a0:68:53:ae:bc:2d:b3:b4:a0:
a8:10:12:db:d2:b9:0c:70:5a:01:e5:c6:70:00:4a:
5f:1f:4b:e0:9b:9b:f7:8d:ae:e1:98:5f:6b:aa:db:
01:fa:c6:93:74:63:b5:a0:79:f2:7e:05:ae:74:b4:
c3:9e:11:6d:86:99:98:54:44:d5:2e:ef:53:2e:46:
a7:4d:d8:bd:14:15:e4:63:51:0b:24:98:ba:84:dc:
c4:cd:ab:30:f6:29:e1:5c:b3:ff:57:d2:11:f8:1e:
dd:38:42:94:f6:eb:5a:5a:14:45:4e:97:cb:6a:d7:
fc:01:a9:a5:fd:69:96:91:8f:bd:88:a4:a6:c8:80:
64:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:04:A0:B6:0E:DE:32:CA:26:E6:12:DB:36:66:14:28:3A:90:FF:A7
X509v3 Authority Key Identifier:
keyid:8A:AB:4C:0C:F2:1C:1A:3D:6E:A4:10:68:CB:E9:08:BE:38:8E:45:0A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iqtMDPIcGj1upBBoy-kIvjiORQo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/lASgtg7eMsom5hLbNmYUKDqQ_6c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/740c1e-1a4c-4ca2-bd53-537b1b49dfe7/1/iqtMDPIcGj1upBBoy-kIvjiORQo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.11.128.0/22
45.95.100.0/22
91.221.209.0/24
185.151.160.0/22
185.174.140.0/22
IPv6:
2a07:7940:12::/48
2a07:7940:14::/48
2a07:7940:16::/48
2a07:7940:18::/48
2a07:7940:41::/48
2a07:7940:45::-2a07:7940:48:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
a4:43:d7:a3:95:c7:72:bb:20:6f:f0:a6:97:8c:d0:ea:85:7f:
6a:fe:5b:ae:4b:e2:d1:cf:78:e1:9c:59:0b:22:24:89:fc:49:
ef:07:2f:ff:79:5b:7c:f8:99:4c:1a:ed:81:63:57:51:67:2b:
6b:23:4c:21:cd:ef:15:3c:59:a7:98:6e:ed:95:37:f5:dd:fd:
c7:60:07:a3:9d:e6:81:02:f0:a0:e7:ca:18:cb:c4:da:45:be:
70:8a:20:94:f1:19:64:c3:12:2e:43:4f:1e:56:15:9c:7f:81:
03:ff:7d:a4:e0:b9:a3:7d:51:f1:d1:0b:34:be:17:5b:cd:f7:
a5:30:22:76:59:a6:14:a3:34:20:aa:00:32:6f:1b:15:ca:c7:
c4:3f:73:98:e1:83:1f:fb:ed:fa:c1:44:58:6d:f6:cb:c8:38:
4e:ad:52:49:71:54:c9:89:33:7e:68:79:29:9d:74:c5:eb:93:
66:5b:b4:d6:c1:f5:75:24:41:2d:bb:82:bd:59:83:6a:1d:54:
85:8b:10:57:36:ef:73:a4:7d:46:5f:ec:d9:2b:60:fe:b6:b2:
57:2f:a1:c3:1c:66:6e:f0:3f:2a:dd:46:94:13:81:63:25:1f:
39:95:20:53:83:63:1e:00:0f:18:2b:94:9e:10:06:f4:90:c7:
c5:0a:5c:4a
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZmlyMaS3LJ4wwi1xWoOs2iNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhhYWI0YzBjZjIxYzFhM2Q2ZWE0MTA2OGNiZTkwOGJlMzg4
ZTQ1MGEwHhcNMjUxMDAyMTYzNzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDA0YTBiNjBlZGUzMmNhMjZlNjEyZGIzNjY2MTQyODNhOTBmZmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8lojOHSXM79xHpHEZWBNaQUcfoTE
KD8PJB81N4LSlU8jvCD/zUY/qjDSlGJvrPtH62860qDQ7tsj7qxhYOBoFr2ImszC
1s0EYfGsNuMVPaDWfTRBUcGGouRaOv0w7EAA05zCEpCqeCIlBT2858fY9kwMsC7F
HroAf1DfuyCgaFOuvC2ztKCoEBLb0rkMcFoB5cZwAEpfH0vgm5v3ja7hmF9rqtsB
+saTdGO1oHnyfgWudLTDnhFthpmYVETVLu9TLkanTdi9FBXkY1ELJJi6hNzEzasw
9inhXLP/V9IR+B7dOEKU9utaWhRFTpfLatf8Aaml/WmWkY+9iKSmyIBk+wIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFJQEoLYO3jLKJuYS2zZmFCg6kP+nMB8GA1UdIwQY
MBaAFIqrTAzyHBo9bqQQaMvpCL44jkUKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMt
NTM3YjFiNDlkZmU3LzEvbEFTZ3RnN2VNc29tNWhMYk5tWVVLRHFRXzZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NDBjMWUtMWE0Yy00Y2EyLWJkNTMtNTM3YjFiNDlkZmU3
LzEvaXF0TURQSWNHajF1cEJCb3kta0l2amlPUlFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wJAQCAAEwHgMEAi0LgAME
Ai1fZAMEAFvd0QMEArmXoAMEArmujDBHBAIAAjBBAwcAKgd5QAASAwcAKgd5QAAU
AwcAKgd5QAAWAwcAKgd5QAAYAwcAKgd5QABBMBIDBwAqB3lAAEUDBwAqB3lAAEgw
DQYJKoZIhvcNAQELBQADggEBAKRD16OVx3K7IG/wppeM0OqFf2r+W65L4tHPeOGc
WQsiJIn8Se8HL/95W3z4mUwa7YFjV1FnK2sjTCHN7xU8WaeYbu2VN/Xd/cdgB6Od
5oEC8KDnyhjLxNpFvnCKIJTxGWTDEi5DTx5WFZx/gQP/faTguaN9UfHRCzS+F1vN
96UwInZZphSjNCCqADJvGxXKx8Q/c5jhgx/77frBRFht9svIOE6tUklxVMmJM35o
eSmddMXrk2ZbtNbB9XUkQS27gr1Zg2odVIWLEFc273OkfUZf7NkrYP62slcvocMc
Zm7wPyrdRpQTgWMlHzmVIFODYx4ADxgrlJ4QBvSQx8UKXEo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:22 2025 by rpki-client