Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/erwpAGaJgEIcoGfN9kqPxp00JSM.roa
File: erwpAGaJgEIcoGfN9kqPxp00JSM.roa (raw, json)
Hash identifier: 688a7GN+RowqFvI5012C4v/RCR72HuJ6K/Z1gtGhsB0=
Subject key identifier: 7A:BC:29:00:66:89:80:42:1C:A0:67:CD:F6:4A:8F:C6:9D:34:25:23
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0199337DE8A1A76B363689ACBA27693236D1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/erwpAGaJgEIcoGfN9kqPxp00JSM.roa
Signing time: Wed 10 Sep 2025 11:58:33 +0000
ROA not before: Wed 10 Sep 2025 11:58:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214238
IP address blocks: 2.56.122.0/24 maxlen: 24
45.15.125.0/24 maxlen: 24
45.15.128.0/24 maxlen: 24
45.15.129.0/24 maxlen: 24
45.15.130.0/24 maxlen: 24
45.15.131.0/24 maxlen: 24
45.15.147.0/24 maxlen: 24
45.15.152.0/24 maxlen: 24
45.15.153.0/24 maxlen: 24
45.83.148.0/24 maxlen: 24
45.83.150.0/24 maxlen: 24
45.83.151.0/24 maxlen: 24
45.128.55.0/24 maxlen: 24
45.128.56.0/24 maxlen: 24
45.128.73.0/24 maxlen: 24
45.128.74.0/24 maxlen: 24
45.128.75.0/24 maxlen: 24
139.28.235.0/24 maxlen: 24
141.98.160.0/24 maxlen: 24
185.166.154.0/24 maxlen: 24
185.166.155.0/24 maxlen: 24
185.203.4.0/24 maxlen: 24
185.203.5.0/24 maxlen: 24
185.203.6.0/24 maxlen: 24
185.203.7.0/24 maxlen: 24
194.76.136.0/24 maxlen: 24
194.76.138.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:33:7d:e8:a1:a7:6b:36:36:89:ac:ba:27:69:32:36:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Sep 10 11:58:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7abc2900668980421ca067cdf64a8fc69d342523
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:9e:be:d6:3e:73:d0:a8:09:9e:39:c1:eb:36:
3f:d1:11:8f:bd:cc:8c:5d:9b:41:33:75:d9:a5:0a:
11:ba:65:d1:c4:d2:09:6d:67:2e:a0:d4:a0:b6:7a:
34:b6:d0:bd:3e:bd:83:75:be:8c:0d:7d:40:5e:5f:
9f:bf:59:eb:9c:a1:a8:eb:d3:7c:40:30:45:90:00:
ad:bb:44:cc:2c:2d:67:be:b4:66:a2:10:bd:de:f2:
fb:e5:ff:20:f8:34:95:d9:02:a1:5b:80:4f:b1:fb:
e7:2f:6e:68:b8:7c:c7:ca:15:df:43:c0:87:5e:b2:
22:21:69:e0:10:3f:8b:e1:70:12:db:31:6f:89:2a:
93:97:b6:11:b6:02:bc:9b:45:2d:59:d0:40:9e:9e:
42:ee:90:17:63:db:71:7c:57:2e:00:39:50:b7:ca:
cb:40:a7:f9:9c:6f:d7:db:06:6f:b9:67:39:26:a9:
79:c7:bc:12:90:f9:36:83:20:d5:6e:31:f1:ad:c6:
c9:8c:6b:0a:f0:fb:73:92:33:56:8b:80:71:a1:8a:
28:03:dd:99:b1:ef:1c:8c:1a:7c:bd:c1:44:f9:0b:
de:ad:fc:f3:d5:21:ff:cc:6b:7e:be:b7:dd:39:5d:
c2:e6:ea:c6:56:d5:47:4c:5c:fb:16:21:8e:36:b3:
2b:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7A:BC:29:00:66:89:80:42:1C:A0:67:CD:F6:4A:8F:C6:9D:34:25:23
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/erwpAGaJgEIcoGfN9kqPxp00JSM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.122.0/24
45.15.125.0/24
45.15.128.0/22
45.15.147.0/24
45.15.152.0/23
45.83.148.0/24
45.83.150.0/23
45.128.55.0-45.128.56.255
45.128.73.0-45.128.75.255
139.28.235.0/24
141.98.160.0/24
185.166.154.0/23
185.203.4.0/22
194.76.136.0/24
194.76.138.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:b4:87:53:0b:83:9a:94:d4:3a:65:14:9b:fe:69:31:ec:d6:
47:9d:f9:b2:41:8a:6a:c4:e8:a8:ce:b9:56:9e:88:c2:7a:93:
23:1e:52:47:dd:a4:35:c0:41:1c:12:2d:01:84:7f:ef:95:ea:
01:1a:c7:de:7a:a9:45:13:63:d9:a8:2c:18:5a:2c:14:59:27:
fe:0e:5c:75:8d:3c:b3:aa:f4:10:a3:ec:e5:38:75:c1:fb:8a:
bd:e3:ea:b0:c4:72:38:5a:bb:c4:13:bc:98:6b:af:14:69:2f:
e0:13:8d:ae:ce:2e:dc:80:31:98:78:51:ee:c5:d1:2c:64:e6:
e3:75:a1:90:99:8e:7f:4f:84:8f:98:73:50:59:b2:31:7c:3f:
ae:02:87:69:c6:3c:31:35:71:db:ef:71:1c:90:4c:06:c7:56:
91:eb:38:4e:73:e6:d4:bb:45:76:33:19:3e:19:64:20:3e:d8:
ef:81:10:90:02:cc:15:6b:9f:e3:db:55:6f:7a:54:82:77:b2:
41:dd:e2:78:e8:2c:36:10:01:86:b6:2b:73:df:6a:a8:10:8d:
48:94:bd:75:bb:5a:29:f3:57:e1:08:3b:7a:6b:df:1a:81:75:
5b:2a:1d:80:5b:c2:a1:4a:d7:8d:ef:ba:80:8c:e2:ad:af:93:
92:6a:42:a3
-----BEGIN CERTIFICATE-----
MIIFYjCCBEqgAwIBAgISAZkzfeihp2s2NomsuidpMjbRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwOTEwMTE1ODMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YWJjMjkwMDY2ODk4MDQyMWNhMDY3Y2RmNjRhOGZjNjlkMzQyNTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxZ6+1j5z0KgJnjnB6zY/0RGPvcyM
XZtBM3XZpQoRumXRxNIJbWcuoNSgtno0ttC9Pr2Ddb6MDX1AXl+fv1nrnKGo69N8
QDBFkACtu0TMLC1nvrRmohC93vL75f8g+DSV2QKhW4BPsfvnL25ouHzHyhXfQ8CH
XrIiIWngED+L4XAS2zFviSqTl7YRtgK8m0UtWdBAnp5C7pAXY9txfFcuADlQt8rL
QKf5nG/X2wZvuWc5Jql5x7wSkPk2gyDVbjHxrcbJjGsK8PtzkjNWi4BxoYooA92Z
se8cjBp8vcFE+Qverfzz1SH/zGt+vrfdOV3C5urGVtVHTFz7FiGONrMr1wIDAQAB
o4ICbjCCAmowHQYDVR0OBBYEFHq8KQBmiYBCHKBnzfZKj8adNCUjMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvZXJ3cEFHYUpnRUljb0dmTjlrcVB4cDAwSlNNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGDBggrBgEFBQcBBwEB/wR0MHIwcAQCAAEwagMEAAI4egME
AC0PfQMEAi0PgAMEAC0PkwMEAS0PmAMEAC1TlAMEAS1TljAMAwQALYA3AwQALYA4
MAwDBAAtgEkDBAItgEgDBACLHOsDBACNYqADBAG5ppoDBAK5ywQDBADCTIgDBADC
TIowDQYJKoZIhvcNAQELBQADggEBAEq0h1MLg5qU1DplFJv+aTHs1ked+bJBimrE
6KjOuVaeiMJ6kyMeUkfdpDXAQRwSLQGEf++V6gEax956qUUTY9moLBhaLBRZJ/4O
XHWNPLOq9BCj7OU4dcH7ir3j6rDEcjhau8QTvJhrrxRpL+ATja7OLtyAMZh4Ue7F
0Sxk5uN1oZCZjn9PhI+Yc1BZsjF8P64Ch2nGPDE1cdvvcRyQTAbHVpHrOE5z5tS7
RXYzGT4ZZCA+2O+BEJACzBVrn+PbVW96VIJ3skHd4njoLDYQAYa2K3PfaqgQjUiU
vXW7WinzV+EIO3pr3xqBdVsqHYBbwqFK143vuoCM4q2vk5JqQqM=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:07 2025 by rpki-client