Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Sl1txCYU9DdbNCbQ2vVXAA_9LNU.roa
File: Sl1txCYU9DdbNCbQ2vVXAA_9LNU.roa (raw, json)
Hash identifier: NNNtBKmCmkesRj5ZlziPlaehQT+qG9xRPKoV7sVJzhk=
Subject key identifier: 4A:5D:6D:C4:26:14:F4:37:5B:34:26:D0:DA:F5:57:00:0F:FD:2C:D5
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0199F82BBA9B505BE39476841E0CD9752C3F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Sl1txCYU9DdbNCbQ2vVXAA_9LNU.roa
Signing time: Sat 18 Oct 2025 16:33:59 +0000
ROA not before: Sat 18 Oct 2025 16:33:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 45.67.146.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f8:2b:ba:9b:50:5b:e3:94:76:84:1e:0c:d9:75:2c:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Oct 18 16:33:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a5d6dc42614f4375b3426d0daf557000ffd2cd5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e0:29:c9:b3:f1:38:8e:8c:f4:a5:46:4b:f9:68:
54:96:29:e5:2e:32:6e:1f:94:c0:99:63:d0:b4:55:
ab:73:0f:2d:2f:7e:50:4f:78:a2:03:a8:a0:48:3f:
f4:d7:dc:38:25:73:aa:5d:3d:8c:56:5f:95:49:b9:
ce:0b:43:eb:6b:74:d6:5e:e7:4a:6d:3e:34:2a:f2:
48:8c:27:6e:e0:31:67:43:42:7c:d5:37:1f:0d:73:
07:b1:cd:e0:2e:23:b2:df:b3:eb:77:6b:cb:92:0b:
43:d8:1a:64:28:ac:88:f2:16:51:8c:9a:8e:70:66:
65:dc:e1:a6:23:13:b9:af:ac:5b:06:0f:61:7e:73:
6b:ec:a8:f0:6b:78:2c:1b:77:64:a0:6b:60:30:73:
40:8c:f7:2d:c1:7c:5f:bd:7b:9c:cc:d1:c0:fe:92:
cb:46:48:9e:ed:19:40:aa:9a:2c:0b:88:f0:a0:b2:
a0:dd:4c:a3:16:1e:cd:71:3d:0d:2f:11:89:b3:2f:
79:c2:53:46:e1:d9:f8:70:c3:dc:5e:9b:dd:33:bb:
36:17:a9:c4:0f:3b:02:37:86:0c:a1:cc:f2:0d:1b:
f9:6d:51:a8:be:73:36:65:da:3a:24:2c:a4:7f:c8:
3a:bb:92:71:2b:fb:78:14:42:33:2a:37:dd:34:31:
d8:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:5D:6D:C4:26:14:F4:37:5B:34:26:D0:DA:F5:57:00:0F:FD:2C:D5
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Sl1txCYU9DdbNCbQ2vVXAA_9LNU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.146.0/24
185.52.136.0/24
185.161.191.0/24
185.187.215.0/24
185.205.206.0/24
185.208.152.0/24
Signature Algorithm: sha256WithRSAEncryption
02:3c:cc:2a:04:3e:d2:9f:01:01:71:3a:51:fa:09:ed:da:96:
3d:12:4d:18:d7:2c:5f:6c:aa:f2:ad:24:18:79:4f:de:77:5e:
66:62:8a:8f:e3:d5:7b:1f:3b:ba:e4:86:cc:7b:f5:20:74:85:
f2:59:bb:69:bc:05:56:ed:3f:11:8f:fe:b5:cb:38:18:ec:4b:
3d:e7:38:6d:5f:76:37:00:8d:a2:39:32:56:56:77:e9:b4:f2:
3a:f9:8d:d9:41:ab:28:ad:ff:8a:46:2c:4d:d3:b8:08:f9:8c:
f8:33:16:eb:98:59:8f:ab:db:0c:fc:88:93:4d:fa:46:a7:52:
77:ac:ab:2e:cb:03:a3:7d:e8:84:e3:0b:56:12:3e:92:90:e4:
8f:18:67:50:47:a7:e3:d7:0e:68:f2:3b:64:bf:e3:52:8d:11:
5c:55:ea:59:d5:84:65:15:6b:40:73:77:96:9b:21:c1:61:96:
73:63:34:95:eb:f3:46:f7:c6:87:ce:01:ee:c0:99:3e:67:51:
32:89:42:41:5d:6e:d3:29:64:d9:08:1f:bd:c1:57:46:ee:1b:
c7:a0:d9:d8:e4:87:83:c2:b5:44:b8:46:c2:6c:91:fd:9e:40:
31:99:62:9c:ae:8a:02:b0:06:f1:7a:a1:e6:6b:15:da:9e:c4:
9d:e3:75:a2
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZn4K7qbUFvjlHaEHgzZdSw/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUxMDE4MTYzMzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTVkNmRjNDI2MTRmNDM3NWIzNDI2ZDBkYWY1NTcwMDBmZmQyY2Q1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4CnJs/E4joz0pUZL+WhUlinlLjJu
H5TAmWPQtFWrcw8tL35QT3iiA6igSD/019w4JXOqXT2MVl+VSbnOC0Pra3TWXudK
bT40KvJIjCdu4DFnQ0J81TcfDXMHsc3gLiOy37Prd2vLkgtD2BpkKKyI8hZRjJqO
cGZl3OGmIxO5r6xbBg9hfnNr7Kjwa3gsG3dkoGtgMHNAjPctwXxfvXuczNHA/pLL
Rkie7RlAqposC4jwoLKg3UyjFh7NcT0NLxGJsy95wlNG4dn4cMPcXpvdM7s2F6nE
DzsCN4YMoczyDRv5bVGovnM2Zdo6JCykf8g6u5JxK/t4FEIzKjfdNDHYKQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFEpdbcQmFPQ3WzQm0Nr1VwAP/SzVMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvU2wxdHhDWVU5RGRiTkNiUTJ2VlhBQV85TE5VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQALUOSAwQA
uTSIAwQAuaG/AwQAubvXAwQAuc3OAwQAudCYMA0GCSqGSIb3DQEBCwUAA4IBAQAC
PMwqBD7SnwEBcTpR+gnt2pY9Ek0Y1yxfbKryrSQYeU/ed15mYoqP49V7Hzu65IbM
e/UgdIXyWbtpvAVW7T8Rj/61yzgY7Es95zhtX3Y3AI2iOTJWVnfptPI6+Y3ZQaso
rf+KRixN07gI+Yz4MxbrmFmPq9sM/IiTTfpGp1J3rKsuywOjfeiE4wtWEj6SkOSP
GGdQR6fj1w5o8jtkv+NSjRFcVepZ1YRlFWtAc3eWmyHBYZZzYzSV6/NG98aHzgHu
wJk+Z1EyiUJBXW7TKWTZCB+9wVdG7hvHoNnY5IeDwrVEuEbCbJH9nkAxmWKcrooC
sAbxeqHmaxXansSd43Wi
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:04 2025 by rpki-client