Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/Om5FJ2saBdYhhGOS3f3FISumZqg.roa
File: Om5FJ2saBdYhhGOS3f3FISumZqg.roa (raw, json)
Hash identifier: Fu3JRt/JCmRX1P55XNbPmEdky96U0142N0aVN3A+m0w=
Subject key identifier: 3A:6E:45:27:6B:1A:05:D6:21:84:63:92:DD:FD:C5:21:2B:A6:66:A8
Certificate issuer: /CN=eb1dc00fd2c1e3eaafceccc1b4ba1f8fd0a4a98c
Certificate serial: 019971A4B5AE3D332336DE36930FAFB548C6
Authority key identifier: EB:1D:C0:0F:D2:C1:E3:EA:AF:CE:CC:C1:B4:BA:1F:8F:D0:A4:A9:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6x3AD9LB4-qvzszBtLofj9CkqYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/Om5FJ2saBdYhhGOS3f3FISumZqg.roa
Signing time: Mon 22 Sep 2025 13:37:23 +0000
ROA not before: Mon 22 Sep 2025 13:37:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62167
IP address blocks: 89.107.28.0/22 maxlen: 22
89.107.28.0/24 maxlen: 24
89.107.29.0/24 maxlen: 24
89.107.30.0/24 maxlen: 24
185.44.160.0/22 maxlen: 22
185.44.160.0/24 maxlen: 24
185.44.161.0/24 maxlen: 24
185.44.162.0/24 maxlen: 24
185.44.163.0/24 maxlen: 24
185.163.80.0/22 maxlen: 22
185.163.80.0/24 maxlen: 24
185.163.81.0/24 maxlen: 24
185.163.82.0/23 maxlen: 23
185.163.83.0/24 maxlen: 24
2a01:7520::/32 maxlen: 32
2a01:7520::/48 maxlen: 48
2a01:7520:1::/48 maxlen: 48
2a01:7520:2::/48 maxlen: 48
2a01:7520:3::/48 maxlen: 48
2a01:7520:4::/48 maxlen: 48
2a01:7520:5::/48 maxlen: 48
2a01:7520:6::/48 maxlen: 48
2a01:7520:7::/48 maxlen: 48
2a01:7520:8::/48 maxlen: 48
2a0b:5800::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/6x3AD9LB4-qvzszBtLofj9CkqYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/6x3AD9LB4-qvzszBtLofj9CkqYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/6x3AD9LB4-qvzszBtLofj9CkqYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:71:a4:b5:ae:3d:33:23:36:de:36:93:0f:af:b5:48:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eb1dc00fd2c1e3eaafceccc1b4ba1f8fd0a4a98c
Validity
Not Before: Sep 22 13:37:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a6e45276b1a05d621846392ddfdc5212ba666a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:1a:2f:d9:ab:ba:dc:20:47:e5:41:d9:3f:37:
0f:f7:9d:b6:c8:f3:28:ce:4e:45:ac:9c:01:23:09:
35:fd:b8:a6:47:d3:c2:2c:75:64:69:32:23:d6:dc:
e1:77:8e:06:12:38:90:c7:44:ce:58:1d:28:4b:5c:
7c:8d:f9:24:89:05:4b:07:eb:2d:83:83:3d:23:89:
9e:3b:c0:1e:4b:01:99:23:5b:ea:21:2c:a4:8e:cc:
e4:a4:d2:9a:e3:8b:2c:d0:17:04:e3:66:74:70:75:
aa:ce:d0:9e:51:c0:bc:52:12:3d:05:71:c5:d6:3f:
f9:1f:a1:33:54:27:59:af:c3:1d:67:de:bb:d5:b1:
ba:a3:4c:8a:c5:9e:fd:21:ec:09:bf:bb:49:dd:5b:
d2:59:f3:78:99:2a:4a:d1:0f:0f:a2:d1:5c:70:58:
7f:d2:83:30:7d:1d:2c:9e:d9:ec:94:08:bb:c5:b7:
05:ad:e5:ef:cc:2d:dc:1c:cf:05:a0:27:37:a9:8b:
92:d4:f6:13:86:ce:7b:62:57:15:bc:cc:04:d6:7d:
28:9f:c2:f9:2d:82:8d:12:51:30:ea:f0:cc:4b:f0:
61:91:8a:aa:51:96:16:49:f3:ce:59:b9:30:b5:8e:
52:22:0d:82:43:51:af:54:2e:0d:eb:43:0e:e4:af:
17:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:6E:45:27:6B:1A:05:D6:21:84:63:92:DD:FD:C5:21:2B:A6:66:A8
X509v3 Authority Key Identifier:
keyid:EB:1D:C0:0F:D2:C1:E3:EA:AF:CE:CC:C1:B4:BA:1F:8F:D0:A4:A9:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6x3AD9LB4-qvzszBtLofj9CkqYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/Om5FJ2saBdYhhGOS3f3FISumZqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/5ab585-b29b-4e71-8038-90e21df01e91/1/6x3AD9LB4-qvzszBtLofj9CkqYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.107.28.0/22
185.44.160.0/22
185.163.80.0/22
IPv6:
2a01:7520::/32
2a0b:5800::/32
Signature Algorithm: sha256WithRSAEncryption
8b:f2:75:fc:2c:ef:cf:a5:c7:0c:13:1f:c4:6c:ba:c4:6c:44:
a7:f5:0b:6b:e6:c1:09:8e:88:bb:39:6a:3f:99:60:94:2d:42:
3d:87:21:d4:b6:b0:89:23:e0:c7:c6:b4:23:10:68:31:9d:3f:
e4:8d:f1:8c:2b:d8:f1:ee:e8:99:8b:27:54:e8:a0:c8:d4:d1:
d2:55:21:b7:20:41:62:9f:4b:84:52:ba:b4:46:0c:02:08:39:
ba:26:93:92:07:a0:c1:a2:41:7d:e5:38:7d:64:b8:6e:b1:a4:
28:e9:2e:4c:1f:4e:c3:d5:4f:72:cd:a5:29:03:71:51:d1:b4:
01:7f:4c:d0:cc:eb:33:33:c5:b6:4b:cd:ca:5e:e6:40:c7:75:
d1:ea:e6:81:be:d9:20:97:6d:42:48:cf:3f:92:37:f2:ed:57:
f7:e6:28:0f:6d:bf:32:0f:f9:75:00:00:fb:a0:82:42:b4:0a:
39:8b:dd:49:a3:f1:ab:39:a2:9b:7d:f5:03:31:5f:e6:88:88:
22:48:18:77:a2:1b:40:13:15:4b:a2:1f:38:56:38:94:64:14:
0e:94:cf:6f:1b:78:87:a5:30:c8:8d:4e:b4:d0:72:45:4e:ac:
76:b4:70:35:c3:a4:e6:08:2b:cc:47:dc:97:f6:eb:ec:b1:b5:
80:ab:29:e0
-----BEGIN CERTIFICATE-----
MIIFHzCCBAegAwIBAgISAZlxpLWuPTMjNt42kw+vtUjGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGViMWRjMDBmZDJjMWUzZWFhZmNlY2NjMWI0YmExZjhmZDBh
NGE5OGMwHhcNMjUwOTIyMTMzNzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTZlNDUyNzZiMWEwNWQ2MjE4NDYzOTJkZGZkYzUyMTJiYTY2NmE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxBov2au63CBH5UHZPzcP9522yPMo
zk5FrJwBIwk1/bimR9PCLHVkaTIj1tzhd44GEjiQx0TOWB0oS1x8jfkkiQVLB+st
g4M9I4meO8AeSwGZI1vqISykjszkpNKa44ss0BcE42Z0cHWqztCeUcC8UhI9BXHF
1j/5H6EzVCdZr8MdZ9671bG6o0yKxZ79IewJv7tJ3VvSWfN4mSpK0Q8PotFccFh/
0oMwfR0sntnslAi7xbcFreXvzC3cHM8FoCc3qYuS1PYThs57YlcVvMwE1n0on8L5
LYKNElEw6vDMS/BhkYqqUZYWSfPOWbkwtY5SIg2CQ1GvVC4N60MO5K8XCwIDAQAB
o4ICKzCCAicwHQYDVR0OBBYEFDpuRSdrGgXWIYRjkt39xSErpmaoMB8GA1UdIwQY
MBaAFOsdwA/SwePqr87MwbS6H4/QpKmMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNngzQUQ5TEI0LXF2enN6QnRMb2ZqOUNrcVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS81YWI1ODUtYjI5Yi00ZTcxLTgwMzgt
OTBlMjFkZjAxZTkxLzEvT201Rkoyc2FCZFloaEdPUzNmM0ZJU3VtWnFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS81YWI1ODUtYjI5Yi00ZTcxLTgwMzgtOTBlMjFkZjAxZTkx
LzEvNngzQUQ5TEI0LXF2enN6QnRMb2ZqOUNrcVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEEGCCsGAQUFBwEHAQH/BDIwMDAYBAIAATASAwQCWWscAwQC
uSygAwQCuaNQMBQEAgACMA4DBQAqAXUgAwUAKgtYADANBgkqhkiG9w0BAQsFAAOC
AQEAi/J1/Czvz6XHDBMfxGy6xGxEp/ULa+bBCY6IuzlqP5lglC1CPYch1LawiSPg
x8a0IxBoMZ0/5I3xjCvY8e7omYsnVOigyNTR0lUhtyBBYp9LhFK6tEYMAgg5uiaT
kgegwaJBfeU4fWS4brGkKOkuTB9Ow9VPcs2lKQNxUdG0AX9M0MzrMzPFtkvNyl7m
QMd10ermgb7ZIJdtQkjPP5I38u1X9+YoD22/Mg/5dQAA+6CCQrQKOYvdSaPxqzmi
m331AzFf5oiIIkgYd6IbQBMVS6IfOFY4lGQUDpTPbxt4h6UwyI1OtNByRU6sdrRw
NcOk5ggrzEfcl/br7LG1gKsp4A==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:09:19 2025 by rpki-client