Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h185bVKWp3aGPa00IJmwdLqQYA4.roa
File: h185bVKWp3aGPa00IJmwdLqQYA4.roa (raw, json)
Hash identifier: laEGq6bxNtByHi8jdF6HbyeP1lZZdu73ZiL9JihRH8w=
Subject key identifier: 87:5F:39:6D:52:96:A7:76:86:3D:AD:34:20:99:B0:74:BA:90:60:0E
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 0199B33FB530C6B5D3B0A880E9537D9EB582
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h185bVKWp3aGPa00IJmwdLqQYA4.roa
Signing time: Sun 05 Oct 2025 07:22:00 +0000
ROA not before: Sun 05 Oct 2025 07:22:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30456
IP address blocks: 45.141.24.0/24 maxlen: 24
45.144.225.0/24 maxlen: 24
89.31.216.0/24 maxlen: 24
178.239.199.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b3:3f:b5:30:c6:b5:d3:b0:a8:80:e9:53:7d:9e:b5:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Oct 5 07:22:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=875f396d5296a776863dad342099b074ba90600e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f9:d3:55:f8:83:04:78:09:57:58:bc:bd:a9:9a:
75:68:1a:4f:e8:ce:18:ba:b1:16:bb:5e:36:5c:87:
e1:32:45:d8:4e:1c:98:c6:4e:80:fd:68:39:fc:3c:
32:bd:43:75:0e:c4:7d:10:0f:d6:c5:bc:78:3c:81:
ef:0e:5c:8b:b5:b6:7b:06:d2:81:ca:dd:27:96:75:
79:f6:23:d9:88:ac:89:65:a5:5a:2e:15:b5:2c:4b:
b3:08:0e:2f:5b:f4:d5:d9:53:05:f9:a5:c3:2f:38:
bb:42:48:31:7b:38:93:33:24:6f:4b:c4:15:1c:84:
55:f9:bd:f7:d7:05:c5:93:91:ed:20:0a:88:6e:e3:
86:84:99:bd:eb:f5:c3:8d:c1:72:e0:c0:da:04:ec:
3f:f5:23:71:bd:38:09:3b:66:fc:c0:eb:f1:ff:4c:
59:5d:fe:fd:fd:7c:59:4d:fc:2d:d4:80:4a:cc:c8:
27:21:eb:8b:dd:2b:3f:9e:ee:da:90:88:5b:ea:2a:
64:3c:d4:79:ec:b8:b3:6f:a8:31:ff:d6:d8:8d:35:
91:68:fc:95:72:67:8f:20:e0:92:2a:2b:79:5a:a8:
f2:a1:0d:12:f8:ce:c5:e7:72:44:cd:7e:66:85:83:
02:2b:70:9e:94:1c:fc:89:85:68:20:3d:cb:5b:a0:
4f:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:5F:39:6D:52:96:A7:76:86:3D:AD:34:20:99:B0:74:BA:90:60:0E
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/h185bVKWp3aGPa00IJmwdLqQYA4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.24.0/24
45.144.225.0/24
89.31.216.0/24
178.239.199.0/24
Signature Algorithm: sha256WithRSAEncryption
66:ba:1e:e3:6a:71:c5:e9:78:1c:9a:03:53:c2:d4:4a:72:3b:
47:f9:fb:c9:8a:06:b4:ff:be:03:03:f1:a4:cf:dc:16:cb:38:
ae:b7:68:ff:3f:47:a6:15:13:23:ba:56:ae:fa:2f:b7:b3:b0:
fb:6d:fd:cd:7d:d5:d2:2f:2c:80:ed:13:1d:ac:53:84:8f:27:
26:38:72:4a:ee:78:6a:60:16:f8:84:b8:0c:e3:4e:c1:16:4f:
aa:84:f0:8b:34:c9:13:1e:c2:b8:cb:ea:93:2f:9e:c2:9d:41:
eb:4b:34:e4:04:a7:b1:07:d7:74:52:4f:12:57:3f:8e:55:8e:
82:ea:c9:ce:78:73:41:b1:ec:ef:7f:b2:2f:8a:42:8e:17:7f:
ce:77:98:8e:91:3d:78:f3:74:8b:0a:ee:20:6a:44:e2:af:48:
2d:8b:6f:d0:c8:4d:97:c5:4d:67:9a:72:1d:9d:54:f2:dd:3f:
d7:95:70:4a:b6:b9:25:d5:c3:68:73:35:ab:2e:98:32:2f:53:
60:54:7a:4f:ad:f4:5a:72:d3:1b:e5:58:c3:6a:f4:37:26:f5:
30:b5:97:f9:d9:1c:74:b4:d4:34:52:df:19:3a:9f:b2:fd:cd:
fe:22:ae:7e:c7:95:67:e1:2a:c1:75:54:59:62:e8:14:39:f9:
98:78:48:46
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZmzP7UwxrXTsKiA6VN9nrWCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUxMDA1MDcyMjAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzVmMzk2ZDUyOTZhNzc2ODYzZGFkMzQyMDk5YjA3NGJhOTA2MDBlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+dNV+IMEeAlXWLy9qZp1aBpP6M4Y
urEWu142XIfhMkXYThyYxk6A/Wg5/DwyvUN1DsR9EA/Wxbx4PIHvDlyLtbZ7BtKB
yt0nlnV59iPZiKyJZaVaLhW1LEuzCA4vW/TV2VMF+aXDLzi7QkgxeziTMyRvS8QV
HIRV+b331wXFk5HtIAqIbuOGhJm96/XDjcFy4MDaBOw/9SNxvTgJO2b8wOvx/0xZ
Xf79/XxZTfwt1IBKzMgnIeuL3Ss/nu7akIhb6ipkPNR57Lizb6gx/9bYjTWRaPyV
cmePIOCSKit5WqjyoQ0S+M7F53JEzX5mhYMCK3CelBz8iYVoID3LW6BPswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFIdfOW1Slqd2hj2tNCCZsHS6kGAOMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvaDE4NWJWS1dwM2FHUGEwMElKbXdkTHFRWUE0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALY0YAwQA
LZDhAwQAWR/YAwQAsu/HMA0GCSqGSIb3DQEBCwUAA4IBAQBmuh7janHF6XgcmgNT
wtRKcjtH+fvJiga0/74DA/Gkz9wWyziut2j/P0emFRMjulau+i+3s7D7bf3NfdXS
LyyA7RMdrFOEjycmOHJK7nhqYBb4hLgM407BFk+qhPCLNMkTHsK4y+qTL57CnUHr
SzTkBKexB9d0Uk8SVz+OVY6C6snOeHNBsezvf7IvikKOF3/Od5iOkT1483SLCu4g
akTir0gti2/QyE2XxU1nmnIdnVTy3T/XlXBKtrkl1cNoczWrLpgyL1NgVHpPrfRa
ctMb5VjDavQ3JvUwtZf52Rx0tNQ0Ut8ZOp+y/c3+Iq5+x5Vn4SrBdVRZYugUOfmY
eEhG
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:15:00 2025 by rpki-client