Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/RntbFw86fXPeZrXmK3pHV0zJQEg.roa
File: RntbFw86fXPeZrXmK3pHV0zJQEg.roa (raw, json)
Hash identifier: 2k5iB1oS6C7exnQoJZ1PI5WrELrU2n19+jcz7Vk+ODg=
Subject key identifier: 46:7B:5B:17:0F:3A:7D:73:DE:66:B5:E6:2B:7A:47:57:4C:C9:40:48
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 0199144F47730EFF38015136CDB5872BEB64
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/RntbFw86fXPeZrXmK3pHV0zJQEg.roa
Signing time: Thu 04 Sep 2025 10:39:23 +0000
ROA not before: Thu 04 Sep 2025 10:39:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39603
IP address blocks: 5.173.0.0/17 maxlen: 17
5.173.128.0/18 maxlen: 18
5.173.192.0/19 maxlen: 19
31.174.0.0/15 maxlen: 15
46.112.0.0/16 maxlen: 16
46.113.0.0/16 maxlen: 16
89.108.192.0/18 maxlen: 18
89.108.200.0/21 maxlen: 21
89.108.208.0/21 maxlen: 21
94.254.128.0/17 maxlen: 17
94.254.128.0/20 maxlen: 20
94.254.144.0/20 maxlen: 20
94.254.160.0/19 maxlen: 19
94.254.192.0/19 maxlen: 19
94.254.224.0/20 maxlen: 20
109.243.0.0/16 maxlen: 16
109.243.128.0/17 maxlen: 17
109.243.192.0/18 maxlen: 18
164.126.0.0/15 maxlen: 15
2a00:1981::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:4f:47:73:0e:ff:38:01:51:36:cd:b5:87:2b:eb:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Sep 4 10:39:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=467b5b170f3a7d73de66b5e62b7a47574cc94048
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:c3:0f:39:ce:7f:17:3e:b8:bd:ad:72:ce:cd:
97:d4:2c:e1:78:4f:eb:4f:7b:26:9f:d9:28:d1:2b:
0e:8c:b4:91:01:f7:79:5c:6b:ad:5a:c3:1a:8e:9b:
54:e8:72:1d:2d:75:69:2c:41:6e:ee:cc:66:71:26:
4f:bf:29:43:41:2b:94:a9:5b:5c:cf:3a:da:4e:ec:
7b:1a:01:dc:e4:05:4b:a3:ee:0b:1c:cd:a2:bf:41:
d4:ee:bb:d0:75:59:8c:65:b5:c4:de:1b:d7:d5:07:
56:0d:87:50:90:8e:a9:80:6a:af:4e:35:9a:d9:af:
54:10:87:f3:9c:61:ea:47:f0:25:0d:07:59:2f:82:
94:27:11:c5:90:d4:a5:57:00:a8:3a:08:f2:00:f0:
c9:d1:49:04:01:62:0e:89:c9:86:be:4b:6b:10:52:
5a:3c:55:7d:af:7a:7a:ca:2e:a6:f3:f6:9e:7b:83:
64:3a:0c:72:4d:a2:2e:49:5d:65:0d:ec:2d:93:e8:
89:0a:fb:1a:48:c9:78:ec:b1:cf:ba:bb:2f:ad:3f:
fc:9a:6c:28:b9:a4:77:47:3a:f9:e0:6f:97:de:9d:
bf:a6:cc:71:bd:74:3e:5f:20:79:0d:d4:02:72:93:
4f:c9:03:a9:5b:2e:6d:6a:96:84:9c:20:0d:d9:ec:
44:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
46:7B:5B:17:0F:3A:7D:73:DE:66:B5:E6:2B:7A:47:57:4C:C9:40:48
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/RntbFw86fXPeZrXmK3pHV0zJQEg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.0.0-5.173.223.255
31.174.0.0/15
46.112.0.0/15
89.108.192.0/18
94.254.128.0/17
109.243.0.0/16
164.126.0.0/15
IPv6:
2a00:1981::/32
Signature Algorithm: sha256WithRSAEncryption
55:1c:65:04:80:eb:b3:63:43:a1:b0:56:b7:6c:dd:50:42:e2:
7a:26:d4:3b:b9:68:9d:95:42:d1:38:96:c9:2c:5e:55:80:ca:
9b:00:9a:0d:91:ce:ca:a7:19:5e:30:7b:78:12:d5:99:b1:e7:
a9:ad:f6:61:19:15:7d:08:04:f5:bf:b9:31:00:1e:72:8a:3a:
e5:40:0f:07:92:7a:6f:ed:82:54:9c:9f:3d:16:33:4e:d5:5b:
8b:57:20:1a:ea:aa:31:a6:a6:43:e7:5f:48:9d:9c:f6:dc:30:
c0:6d:a8:c4:f2:43:dd:3c:80:38:13:1d:65:72:41:98:66:73:
01:25:0c:c0:ff:61:92:e4:a7:91:1f:f9:0b:cc:3c:2c:2c:3b:
38:63:93:72:f7:be:24:71:1d:c7:0e:ef:1a:28:28:0e:10:b3:
91:71:ed:29:b3:69:fe:1f:03:e4:7e:b7:c8:a4:9f:2f:b2:3c:
76:63:eb:6a:65:9e:ef:8b:de:70:5a:57:b3:4e:cc:4d:26:73:
5d:c5:69:de:7f:28:26:f2:0e:8e:4f:c3:f7:36:ef:11:b9:1d:
bf:61:6a:f3:52:ad:50:d5:7f:d6:97:75:9e:6a:15:3e:10:b1:
89:89:bc:18:b5:13:16:20:55:67:79:ad:07:77:30:87:e1:6d:
08:b4:73:34
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZkUT0dzDv84AVE2zbWHK+tkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjUwOTA0MTAzOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NjdiNWIxNzBmM2E3ZDczZGU2NmI1ZTYyYjdhNDc1NzRjYzk0MDQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08MPOc5/Fz64va1yzs2X1CzheE/r
T3smn9ko0SsOjLSRAfd5XGutWsMajptU6HIdLXVpLEFu7sxmcSZPvylDQSuUqVtc
zzraTux7GgHc5AVLo+4LHM2iv0HU7rvQdVmMZbXE3hvX1QdWDYdQkI6pgGqvTjWa
2a9UEIfznGHqR/AlDQdZL4KUJxHFkNSlVwCoOgjyAPDJ0UkEAWIOicmGvktrEFJa
PFV9r3p6yi6m8/aee4NkOgxyTaIuSV1lDewtk+iJCvsaSMl47LHPursvrT/8mmwo
uaR3Rzr54G+X3p2/psxxvXQ+XyB5DdQCcpNPyQOpWy5tapaEnCAN2exE7wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFEZ7WxcPOn1z3ma15it6R1dMyUBIMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvUm50YkZ3ODZmWFBlWnJYbUszcEhWMHpKUUVnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAzBAIAATAtMAsDAwAFrQME
BQWtwAMDAR+uAwMBLnADBAZZbMADBAde/oADAwBt8wMDAaR+MA0EAgACMAcDBQAq
ABmBMA0GCSqGSIb3DQEBCwUAA4IBAQBVHGUEgOuzY0OhsFa3bN1QQuJ6JtQ7uWid
lULROJbJLF5VgMqbAJoNkc7KpxleMHt4EtWZseeprfZhGRV9CAT1v7kxAB5yijrl
QA8Hknpv7YJUnJ89FjNO1VuLVyAa6qoxpqZD519InZz23DDAbajE8kPdPIA4Ex1l
ckGYZnMBJQzA/2GS5KeRH/kLzDwsLDs4Y5Ny974kcR3HDu8aKCgOELORce0ps2n+
HwPkfrfIpJ8vsjx2Y+tqZZ7vi95wWlezTsxNJnNdxWnefygm8g6OT8P3Nu8RuR2/
YWrzUq1Q1X/Wl3WeahU+ELGJibwYtRMWIFVnea0HdzCH4W0ItHM0
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:50:17 2025 by rpki-client