
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/BiNIPlrjeE3rdm2XK22vRf-wuzQ.roa
File: BiNIPlrjeE3rdm2XK22vRf-wuzQ.roa (raw, json)
Hash identifier: ezcE9QgtvtC5wwnkaiaobICKGA7cBVTWIAYbMzMm22U=
Subject key identifier: 06:23:48:3E:5A:E3:78:4D:EB:76:6D:97:2B:6D:AF:45:FF:B0:BB:34
Certificate issuer: /CN=e0a0106cd2857ef13234867cb7f16a23a93faa93
Certificate serial: 0199F25A286830E45E474B018A2405253C63
Authority key identifier: E0:A0:10:6C:D2:85:7E:F1:32:34:86:7C:B7:F1:6A:23:A9:3F:AA:93
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/BiNIPlrjeE3rdm2XK22vRf-wuzQ.roa
Signing time: Fri 17 Oct 2025 13:26:58 +0000
ROA not before: Fri 17 Oct 2025 13:26:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48885
IP address blocks: 37.252.128.0/19 maxlen: 19
37.252.128.0/24 maxlen: 24
217.146.48.0/20 maxlen: 24
217.146.48.0/24 maxlen: 24
217.146.49.0/24 maxlen: 24
217.146.50.0/24 maxlen: 24
217.146.51.0/24 maxlen: 24
217.146.52.0/24 maxlen: 24
217.146.53.0/24 maxlen: 24
217.146.55.0/24 maxlen: 24
217.146.63.0/24 maxlen: 24
2a00:dbc0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.crl
rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.mft
rsync://rpki.ripe.net/repository/DEFAULT/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:01:55 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f2:5a:28:68:30:e4:5e:47:4b:01:8a:24:05:25:3c:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0a0106cd2857ef13234867cb7f16a23a93faa93
Validity
Not Before: Oct 17 13:26:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0623483e5ae3784deb766d972b6daf45ffb0bb34
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:30:2d:75:70:23:98:03:7f:35:42:75:ff:59:
ff:cc:26:fb:0e:ac:be:4b:2e:7a:39:6b:ce:fd:2f:
05:0b:73:cd:eb:d0:9f:d0:45:ef:34:9b:28:c4:b9:
53:e2:de:7a:54:6f:a6:40:93:90:f5:3e:e1:6a:be:
2f:5e:5c:c5:5e:43:a6:a5:5f:69:e7:bf:7c:5e:51:
a3:4f:41:9d:b2:68:0b:7e:d1:84:74:85:35:52:3f:
a6:6a:22:ba:37:d4:45:1c:a9:26:d3:c9:dd:9f:9f:
fb:9e:a0:4e:f4:00:44:41:15:ae:a6:22:23:ca:df:
20:da:c1:09:e8:1a:fe:f2:a5:2e:4d:44:31:1c:82:
d5:16:1f:c8:c4:b9:dd:7c:ca:98:a4:6b:b2:48:96:
56:46:ed:65:77:39:92:6e:f3:e5:d6:b2:b0:be:9f:
d0:17:21:27:af:ec:2b:39:a8:14:f1:82:6c:44:07:
c6:fc:01:49:70:cc:20:32:d3:5a:6b:f4:00:d3:47:
a0:09:7b:a9:a9:d7:b2:44:85:a6:df:12:50:f1:fb:
5c:4c:a3:ee:51:89:d3:7b:fa:b8:40:0b:1e:94:ee:
20:7c:45:02:7a:3c:7a:ec:19:7a:a2:dc:8a:71:f9:
26:6c:37:c2:d2:71:e3:a4:76:de:ff:e6:04:bd:fa:
05:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
06:23:48:3E:5A:E3:78:4D:EB:76:6D:97:2B:6D:AF:45:FF:B0:BB:34
X509v3 Authority Key Identifier:
keyid:E0:A0:10:6C:D2:85:7E:F1:32:34:86:7C:B7:F1:6A:23:A9:3F:AA:93
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/BiNIPlrjeE3rdm2XK22vRf-wuzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c6/46f147-173f-4260-aa7b-3a6bf890a01d/1/4KAQbNKFfvEyNIZ8t_FqI6k_qpM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.128.0/19
217.146.48.0/20
IPv6:
2a00:dbc0::/32
Signature Algorithm: sha256WithRSAEncryption
74:a5:d2:aa:a5:d9:19:fb:34:0d:4a:c1:7b:1f:bb:52:96:66:
24:9e:c5:1f:e5:83:db:54:1c:7a:9d:08:63:8d:b2:ed:ad:19:
c1:ee:1f:38:78:8e:73:e5:00:ce:63:13:e1:08:9a:66:d0:e7:
1e:5a:a8:96:76:65:8c:c6:bd:36:3a:27:19:30:17:1b:bc:fc:
c7:1e:8f:ee:9a:7b:46:f4:ec:21:d5:22:30:ed:06:0b:49:90:
3e:4b:b1:dd:b6:63:d4:fc:c2:12:61:ed:17:f1:80:e2:80:2d:
87:2c:9b:5c:31:3c:b4:81:3a:b2:64:59:43:8e:fd:8f:29:9b:
37:1b:21:ba:9b:4d:82:d2:45:87:08:e5:5f:cc:3e:6b:5d:97:
ef:5f:be:35:ef:48:aa:e0:f4:32:38:5a:bb:25:b1:b9:d1:e4:
52:4e:29:20:84:6d:79:13:16:1c:9b:e6:2c:1b:cf:f9:1e:b9:
4d:4d:f5:d4:09:a8:ea:36:b8:cc:3e:7d:01:4b:e8:d5:30:a7:
dc:32:b3:1b:a3:16:9e:1d:80:2e:8c:88:47:20:23:36:b4:93:
e0:39:63:06:2d:90:0a:00:35:95:56:02:a8:46:fd:5a:6f:5f:
4d:a2:59:63:d3:a8:28:0d:ae:1c:ce:76:73:d2:7e:d3:20:bb:
08:b9:db:77
-----BEGIN CERTIFICATE-----
MIIFEjCCA/qgAwIBAgISAZnyWihoMOReR0sBiiQFJTxjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwYTAxMDZjZDI4NTdlZjEzMjM0ODY3Y2I3ZjE2YTIzYTkz
ZmFhOTMwHhcNMjUxMDE3MTMyNjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNjIzNDgzZTVhZTM3ODRkZWI3NjZkOTcyYjZkYWY0NWZmYjBiYjM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5TAtdXAjmAN/NUJ1/1n/zCb7Dqy+
Sy56OWvO/S8FC3PN69Cf0EXvNJsoxLlT4t56VG+mQJOQ9T7har4vXlzFXkOmpV9p
5798XlGjT0GdsmgLftGEdIU1Uj+maiK6N9RFHKkm08ndn5/7nqBO9ABEQRWupiIj
yt8g2sEJ6Br+8qUuTUQxHILVFh/IxLndfMqYpGuySJZWRu1ldzmSbvPl1rKwvp/Q
FyEnr+wrOagU8YJsRAfG/AFJcMwgMtNaa/QA00egCXupqdeyRIWm3xJQ8ftcTKPu
UYnTe/q4QAselO4gfEUCejx67Bl6otyKcfkmbDfC0nHjpHbe/+YEvfoFSwIDAQAB
o4ICHjCCAhowHQYDVR0OBBYEFAYjSD5a43hN63Ztlyttr0X/sLs0MB8GA1UdIwQY
MBaAFOCgEGzShX7xMjSGfLfxaiOpP6qTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNEtBUWJOS0ZmdkV5TklaOHRfRnFJNmtfcXBNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNi80NmYxNDctMTczZi00MjYwLWFhN2It
M2E2YmY4OTBhMDFkLzEvQmlOSVBscmplRTNyZG0yWEsyMnZSZi13dXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNi80NmYxNDctMTczZi00MjYwLWFhN2ItM2E2YmY4OTBhMDFk
LzEvNEtBUWJOS0ZmdkV5TklaOHRfRnFJNmtfcXBNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDQGCCsGAQUFBwEHAQH/BCUwIzASBAIAATAMAwQFJfyAAwQE
2ZIwMA0EAgACMAcDBQAqANvAMA0GCSqGSIb3DQEBCwUAA4IBAQB0pdKqpdkZ+zQN
SsF7H7tSlmYknsUf5YPbVBx6nQhjjbLtrRnB7h84eI5z5QDOYxPhCJpm0OceWqiW
dmWMxr02OicZMBcbvPzHHo/umntG9Owh1SIw7QYLSZA+S7HdtmPU/MISYe0X8YDi
gC2HLJtcMTy0gTqyZFlDjv2PKZs3GyG6m02C0kWHCOVfzD5rXZfvX74170iq4PQy
OFq7JbG50eRSTikghG15ExYcm+YsG8/5HrlNTfXUCajqNrjMPn0BS+jVMKfcMrMb
oxaeHYAujIhHICM2tJPgOWMGLZAKADWVVgKoRv1ab19Nollj06goDa4cznZz0n7T
ILsIudt3
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:29:31 2025 by rpki-client