Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PQm5UvLe4kJWCENrghmmxXc80RI.roa
File: PQm5UvLe4kJWCENrghmmxXc80RI.roa (raw, json)
Hash identifier: cIL2dgAHx8M89qkr3qfgFOqQLmeMkDpDnGeyckS88ig=
Subject key identifier: 3D:09:B9:52:F2:DE:E2:42:56:08:43:6B:82:19:A6:C5:77:3C:D1:12
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 0199862D58FF8929223F89257C09D2076645
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PQm5UvLe4kJWCENrghmmxXc80RI.roa
Signing time: Fri 26 Sep 2025 13:19:02 +0000
ROA not before: Fri 26 Sep 2025 13:19:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50053
IP address blocks: 45.90.236.0/24 maxlen: 24
185.121.13.0/24 maxlen: 24
185.121.14.0/24 maxlen: 24
185.202.207.0/24 maxlen: 24
185.232.204.0/24 maxlen: 24
185.236.24.0/24 maxlen: 24
185.239.141.0/24 maxlen: 24
185.239.142.0/24 maxlen: 24
185.250.181.0/24 maxlen: 24
185.254.158.0/24 maxlen: 24
194.48.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:86:2d:58:ff:89:29:22:3f:89:25:7c:09:d2:07:66:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Sep 26 13:19:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3d09b952f2dee2425608436b8219a6c5773cd112
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b5:55:59:fa:cd:38:7e:f4:ff:3b:90:53:27:
15:0e:92:98:b9:6e:8b:32:14:4f:dc:89:be:ed:5e:
87:ef:71:7d:2a:c6:80:e5:0c:4b:9d:8d:3d:10:a2:
89:84:b1:5a:10:aa:49:2b:c4:ba:06:1e:58:32:2b:
71:d2:4e:ac:73:54:68:39:45:92:77:5f:58:46:5f:
9f:f7:24:2e:fc:d7:bf:6d:76:e6:6f:d0:0c:02:fc:
21:1c:f9:85:ba:35:48:5e:87:99:24:ad:0d:be:df:
cb:e4:13:14:f2:07:50:12:d7:b0:1d:c7:4d:9d:2f:
b7:aa:95:cd:74:50:8d:02:99:bc:9a:96:c1:8f:31:
71:15:10:19:61:79:9d:30:43:22:f6:f4:a6:c2:6a:
c5:89:6f:44:d2:26:a6:56:66:65:38:2f:be:13:6a:
ef:d8:99:88:0a:1b:c1:0e:57:00:61:6d:8d:17:de:
22:98:09:19:ad:65:cc:9c:02:e9:c3:58:8f:29:f9:
cb:45:81:81:27:62:e3:c8:24:e4:1d:f6:bd:21:3c:
83:e2:63:d5:0b:e6:f8:6a:5d:cb:25:be:06:4b:2a:
31:1f:57:9b:0c:36:16:14:be:27:8c:31:11:f4:88:
95:44:ad:b2:00:9c:7d:0f:2c:b5:62:27:b6:8e:3e:
b1:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3D:09:B9:52:F2:DE:E2:42:56:08:43:6B:82:19:A6:C5:77:3C:D1:12
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/PQm5UvLe4kJWCENrghmmxXc80RI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.236.0/24
185.121.13.0-185.121.14.255
185.202.207.0/24
185.232.204.0/24
185.236.24.0/24
185.239.141.0-185.239.142.255
185.250.181.0/24
185.254.158.0/24
194.48.140.0/23
Signature Algorithm: sha256WithRSAEncryption
48:a0:4d:60:34:59:4d:f3:95:77:12:9c:23:82:2e:2c:dc:53:
35:30:04:04:63:25:57:bc:5b:18:c5:8b:3c:4c:49:20:a6:95:
fe:85:9f:21:35:97:bc:53:e1:06:c2:2e:8a:f2:ad:48:27:63:
33:be:f7:ae:e9:b7:68:4e:95:0b:f3:4b:f7:be:58:65:8c:97:
45:ee:1e:74:55:59:e5:ad:06:b5:0c:41:6f:92:c1:ab:23:10:
e4:99:b9:ee:88:4c:5c:31:ed:2a:f3:7f:18:92:60:18:2b:23:
a1:c8:05:75:70:45:b9:5f:17:dc:d7:3a:85:de:8f:db:1d:58:
b7:4f:25:92:8a:a5:1b:db:a9:0c:c1:84:7c:ba:e0:d0:d7:ea:
e3:93:0f:2a:b5:9e:47:47:bf:1b:0e:df:b9:b7:07:78:4b:21:
24:4e:e6:e5:3a:2a:c0:79:33:69:f6:dc:5e:be:94:c0:2b:65:
53:f5:27:89:58:e0:59:5a:2d:42:97:30:d2:b6:44:cd:7a:33:
68:fb:07:61:ca:b3:0a:0b:ab:1c:2d:8c:57:30:10:05:59:38:
50:14:b8:34:16:20:73:b9:c4:78:d2:a6:32:d4:fb:28:60:d7:
34:c6:c9:63:da:17:9a:53:b2:98:f0:9d:e5:10:c0:70:93:07:
04:0f:e3:4d
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZmGLVj/iSkiP4klfAnSB2ZFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUwOTI2MTMxOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZDA5Yjk1MmYyZGVlMjQyNTYwODQzNmI4MjE5YTZjNTc3M2NkMTEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bVVWfrNOH70/zuQUycVDpKYuW6L
MhRP3Im+7V6H73F9KsaA5QxLnY09EKKJhLFaEKpJK8S6Bh5YMitx0k6sc1RoOUWS
d19YRl+f9yQu/Ne/bXbmb9AMAvwhHPmFujVIXoeZJK0Nvt/L5BMU8gdQEtewHcdN
nS+3qpXNdFCNApm8mpbBjzFxFRAZYXmdMEMi9vSmwmrFiW9E0iamVmZlOC++E2rv
2JmIChvBDlcAYW2NF94imAkZrWXMnALpw1iPKfnLRYGBJ2LjyCTkHfa9ITyD4mPV
C+b4al3LJb4GSyoxH1ebDDYWFL4njDER9IiVRK2yAJx9Dyy1Yie2jj6xaQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFD0JuVLy3uJCVghDa4IZpsV3PNESMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvUFFtNVV2TGU0a0pXQ0VOcmdobW14WGM4MFJJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjBMBAIAATBGAwQALVrsMAwD
BAC5eQ0DBAC5eQ4DBAC5ys8DBAC56MwDBAC57BgwDAMEALnvjQMEALnvjgMEALn6
tQMEALn+ngMEAcIwjDANBgkqhkiG9w0BAQsFAAOCAQEASKBNYDRZTfOVdxKcI4Iu
LNxTNTAEBGMlV7xbGMWLPExJIKaV/oWfITWXvFPhBsIuivKtSCdjM773rum3aE6V
C/NL975YZYyXRe4edFVZ5a0GtQxBb5LBqyMQ5Jm57ohMXDHtKvN/GJJgGCsjocgF
dXBFuV8X3Nc6hd6P2x1Yt08lkoqlG9upDMGEfLrg0Nfq45MPKrWeR0e/Gw7fubcH
eEshJE7m5ToqwHkzafbcXr6UwCtlU/UniVjgWVotQpcw0rZEzXozaPsHYcqzCgur
HC2MVzAQBVk4UBS4NBYgc7nEeNKmMtT7KGDXNMbJY9oXmlOymPCd5RDAcJMHBA/j
TQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:49:24 2025 by rpki-client