Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/DKeRVwoenDXIzrWNyLGIpQggDrs.roa
File: DKeRVwoenDXIzrWNyLGIpQggDrs.roa (raw, json)
Hash identifier: 5p/rY96e/v7nlh4ZVNWfswSCV1H2nosoTkJoyOAXVkI=
Subject key identifier: 0C:A7:91:57:0A:1E:9C:35:C8:CE:B5:8D:C8:B1:88:A5:08:20:0E:BB
Certificate issuer: /CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Certificate serial: 0199FB61DEFD203511800D7ECEB93855209D
Authority key identifier: 2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/DKeRVwoenDXIzrWNyLGIpQggDrs.roa
Signing time: Sun 19 Oct 2025 07:31:59 +0000
ROA not before: Sun 19 Oct 2025 07:31:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202090
IP address blocks: 81.91.190.0/24 maxlen: 24
81.91.191.0/24 maxlen: 24
178.159.44.0/22 maxlen: 22
178.159.44.0/24 maxlen: 24
178.159.45.0/24 maxlen: 24
178.159.46.0/24 maxlen: 24
178.159.47.0/24 maxlen: 24
185.47.152.0/23 maxlen: 24
185.65.136.0/24 maxlen: 24
185.65.137.0/24 maxlen: 24
185.99.142.0/23 maxlen: 24
185.99.142.0/24 maxlen: 24
185.99.143.0/24 maxlen: 24
193.176.180.0/22 maxlen: 22
193.176.180.0/24 maxlen: 24
193.176.181.0/24 maxlen: 24
193.176.182.0/24 maxlen: 24
193.176.183.0/24 maxlen: 24
2a0c:b1c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.mft
rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fb:61:de:fd:20:35:11:80:0d:7e:ce:b9:38:55:20:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2b9efb5878d3b3634dc1ccb90ac48e0b89d1c879
Validity
Not Before: Oct 19 07:31:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ca791570a1e9c35c8ceb58dc8b188a508200ebb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:75:38:ad:ff:44:f4:6b:32:b3:1a:92:69:e9:
e3:10:86:f7:07:70:df:ac:10:30:7a:ad:5c:ca:61:
17:ba:7b:ea:bb:d0:bb:4d:e5:e1:cb:7e:b3:bd:5d:
7d:fe:3a:9d:67:de:cc:e0:cf:5f:aa:1a:45:7d:e2:
f7:64:e1:42:e3:99:24:3c:a6:2e:85:0a:6b:0a:23:
40:f0:08:ab:42:6a:ab:a8:68:0d:28:c3:d1:e6:9b:
3d:e5:f5:9e:f2:20:35:bb:db:2a:4b:78:84:31:84:
9d:a9:f4:4a:79:52:7c:94:45:65:cd:76:47:6a:0c:
cc:38:5c:4f:ed:3e:75:b7:97:ec:73:b2:b4:00:00:
78:ae:a0:05:b9:e2:41:fc:95:be:0e:01:6a:d5:64:
db:34:82:15:81:0f:20:23:68:90:67:39:07:b3:24:
9b:7b:48:70:42:1f:58:7a:a5:f9:7f:c8:0f:48:61:
29:a1:f2:63:ba:1a:22:9a:05:b0:a3:22:cf:f2:15:
fb:3f:16:c9:88:d9:d2:26:c9:95:8a:81:f8:20:28:
5e:64:3e:aa:a9:00:73:27:1e:04:63:f9:1e:59:bd:
74:68:5e:c7:1b:31:09:34:0f:cb:1a:48:83:d2:65:
bf:f9:fb:1a:48:a2:e2:b3:6c:90:a6:b8:da:a3:5e:
76:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:A7:91:57:0A:1E:9C:35:C8:CE:B5:8D:C8:B1:88:A5:08:20:0E:BB
X509v3 Authority Key Identifier:
keyid:2B:9E:FB:58:78:D3:B3:63:4D:C1:CC:B9:0A:C4:8E:0B:89:D1:C8:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/K577WHjTs2NNwcy5CsSOC4nRyHk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/DKeRVwoenDXIzrWNyLGIpQggDrs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/d03608-3c67-423d-b18d-4bcd3d58463a/1/K577WHjTs2NNwcy5CsSOC4nRyHk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.91.190.0/23
178.159.44.0/22
185.47.152.0/23
185.65.136.0/23
185.99.142.0/23
193.176.180.0/22
IPv6:
2a0c:b1c0::/32
Signature Algorithm: sha256WithRSAEncryption
c1:65:d4:7b:ce:0e:d6:20:6a:fb:3e:e2:9a:2a:c3:6d:27:e3:
41:81:91:76:ae:dc:9c:14:16:7a:26:d0:ef:9e:03:fc:06:ba:
f6:19:e9:cb:6f:5e:7e:c3:e2:23:17:e7:3f:56:4b:72:bb:80:
03:95:b7:9c:e0:6b:3c:b4:ec:99:b6:dc:5c:41:a9:ba:d9:da:
95:c1:26:d4:f2:08:79:2f:93:62:37:98:f6:94:2c:d5:29:e3:
b2:df:6f:79:64:49:84:ed:7c:7b:67:d7:ba:ad:2c:ea:dc:c2:
d0:a4:8e:a1:54:ad:3e:1c:58:45:5c:a0:5c:a9:2e:40:97:42:
ac:b2:77:b4:5e:cc:eb:7e:99:30:9c:25:17:a9:94:bc:ba:ec:
c0:54:1f:17:0f:95:71:cc:6f:05:03:e1:50:00:4a:11:59:1d:
bd:63:32:4a:15:9d:0e:c5:bf:ce:2d:c4:54:11:c8:97:71:b9:
22:9c:2e:dc:a7:bc:d2:b3:f2:b6:e2:4e:d3:75:75:68:9f:d6:
3c:3b:71:58:0d:64:7b:66:46:81:8e:5b:4f:3d:86:0f:2d:27:
21:c3:0c:89:e1:ab:c0:8b:9c:6a:bc:95:4e:e1:33:2b:57:53:
7e:e4:97:7c:24:a4:71:30:b5:ac:de:3f:bf:6a:79:38:f0:79:
92:b5:84:ee
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZn7Yd79IDURgA1+zrk4VSCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJiOWVmYjU4NzhkM2IzNjM0ZGMxY2NiOTBhYzQ4ZTBiODlk
MWM4NzkwHhcNMjUxMDE5MDczMTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2E3OTE1NzBhMWU5YzM1YzhjZWI1OGRjOGIxODhhNTA4MjAwZWJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXU4rf9E9GsysxqSaenjEIb3B3Df
rBAweq1cymEXunvqu9C7TeXhy36zvV19/jqdZ97M4M9fqhpFfeL3ZOFC45kkPKYu
hQprCiNA8AirQmqrqGgNKMPR5ps95fWe8iA1u9sqS3iEMYSdqfRKeVJ8lEVlzXZH
agzMOFxP7T51t5fsc7K0AAB4rqAFueJB/JW+DgFq1WTbNIIVgQ8gI2iQZzkHsySb
e0hwQh9YeqX5f8gPSGEpofJjuhoimgWwoyLP8hX7PxbJiNnSJsmVioH4ICheZD6q
qQBzJx4EY/keWb10aF7HGzEJNA/LGkiD0mW/+fsaSKLis2yQprjao152ZwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFAynkVcKHpw1yM61jcixiKUIIA67MB8GA1UdIwQY
MBaAFCue+1h407NjTcHMuQrEjguJ0ch5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQt
NGJjZDNkNTg0NjNhLzEvREtlUlZ3b2VuRFhJenJXTnlMR0lwUWdnRHJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9kMDM2MDgtM2M2Ny00MjNkLWIxOGQtNGJjZDNkNTg0NjNh
LzEvSzU3N1dIalRzMk5Od2N5NUNzU09DNG5SeUhrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQBUVu+AwQC
sp8sAwQBuS+YAwQBuUGIAwQBuWOOAwQCwbC0MA0EAgACMAcDBQAqDLHAMA0GCSqG
SIb3DQEBCwUAA4IBAQDBZdR7zg7WIGr7PuKaKsNtJ+NBgZF2rtycFBZ6JtDvngP8
Brr2GenLb15+w+IjF+c/Vktyu4ADlbec4Gs8tOyZttxcQam62dqVwSbU8gh5L5Ni
N5j2lCzVKeOy3295ZEmE7Xx7Z9e6rSzq3MLQpI6hVK0+HFhFXKBcqS5Al0Kssne0
XszrfpkwnCUXqZS8uuzAVB8XD5VxzG8FA+FQAEoRWR29YzJKFZ0Oxb/OLcRUEciX
cbkinC7cp7zSs/K24k7TdXVon9Y8O3FYDWR7ZkaBjltPPYYPLSchwwyJ4avAi5xq
vJVO4TMrV1N+5Jd8JKRxMLWs3j+/ank48HmStYTu
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:12 2025 by rpki-client