Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/ysKW9iPqP7BvNsB7FA59mXuSahk.roa
File: ysKW9iPqP7BvNsB7FA59mXuSahk.roa (raw, json)
Hash identifier: bkEQzZd4KlOqELs+imtw57Jt0Tzskw1ktBQ5sQd83UA=
Subject key identifier: CA:C2:96:F6:23:EA:3F:B0:6F:36:C0:7B:14:0E:7D:99:7B:92:6A:19
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0199C3B1FCF02C26979969C97BD3B2F2C979
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/ysKW9iPqP7BvNsB7FA59mXuSahk.roa
Signing time: Wed 08 Oct 2025 12:00:45 +0000
ROA not before: Wed 08 Oct 2025 12:00:45 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c3:b1:fc:f0:2c:26:97:99:69:c9:7b:d3:b2:f2:c9:79
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Oct 8 12:00:45 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cac296f623ea3fb06f36c07b140e7d997b926a19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:6e:87:96:a3:8a:7d:67:4e:b0:66:29:58:9b:
74:6c:5c:72:a5:7d:07:81:b4:03:25:08:9a:4a:9a:
ec:e9:66:e0:f4:8a:5c:f8:3e:f4:d3:1d:a9:ae:bf:
bb:98:a6:0b:20:d7:57:b0:4c:99:7a:8d:57:cd:a6:
54:31:15:fb:a3:9f:f3:56:4c:fa:82:df:97:d1:e8:
09:f0:20:7a:41:50:ef:5f:1d:85:3b:95:9a:ad:aa:
f6:d8:91:93:b7:22:63:a7:7c:2f:8b:e5:68:c9:d9:
5e:b0:92:c0:b9:b2:ea:38:5f:43:ea:2a:88:44:49:
b5:86:0f:54:96:50:89:a3:08:08:e2:4a:c5:08:fe:
fd:40:a0:ad:72:df:c6:89:c8:2d:df:2f:ed:bf:58:
e3:ee:c9:ce:19:96:ec:e6:ae:5f:b0:c3:42:a6:47:
dc:7f:e0:ba:3d:98:a4:41:e5:e6:68:70:71:9e:12:
b8:60:af:29:ed:bf:9e:a6:41:9a:fc:96:50:3f:fe:
6b:5b:4e:2f:ff:2b:77:fd:6c:80:69:14:05:75:c8:
c1:11:49:e1:ec:8c:4f:76:85:f7:02:ec:c8:62:92:
4a:af:c1:c1:29:2b:cb:47:8a:79:b6:a7:5f:4d:65:
f1:b1:2f:e1:4d:ec:ad:b4:d3:fa:d4:c2:49:f9:a0:
78:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:C2:96:F6:23:EA:3F:B0:6F:36:C0:7B:14:0E:7D:99:7B:92:6A:19
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/ysKW9iPqP7BvNsB7FA59mXuSahk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.131.0.0/24
45.131.2.0/23
45.136.4.0/24
45.141.148.0/23
45.147.44.0/24
77.83.200.0-77.83.202.255
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::/32
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
3b:4c:c0:5c:e2:73:84:ce:65:00:87:9d:6b:7b:a8:f6:4c:56:
d6:27:3d:90:ba:5e:b4:cb:c8:b8:d2:3f:14:08:78:af:a2:da:
05:c3:39:7e:08:87:e7:06:52:72:5f:8f:02:e4:10:66:05:50:
b1:ea:af:af:2e:0b:58:33:b3:7f:1b:47:6c:16:80:a4:2a:c9:
6f:63:86:3c:26:4e:94:5f:90:65:02:60:d4:8f:cf:f3:93:a2:
15:86:1c:78:50:45:5d:ce:18:9d:5e:df:a9:0a:66:a4:5e:13:
c5:b4:e6:33:35:96:80:77:0e:da:c7:fb:70:97:5c:46:30:1b:
a1:ed:09:f2:1a:f5:bc:b3:16:75:4f:b7:e5:c7:89:7a:50:b1:
83:04:7c:b2:8d:21:08:b0:1d:6c:a2:7e:0b:9f:ad:3b:66:08:
8f:a8:d8:07:17:7d:00:74:58:7c:88:ca:c8:51:44:55:81:05:
ab:c1:2e:96:4f:63:d5:d3:92:cc:cc:ac:87:cd:00:05:70:63:
c9:d8:26:9d:f1:2f:3e:ea:ae:0a:73:9b:b4:ad:f4:64:6c:f0:
15:ab:c2:8e:2e:15:88:49:7d:5c:d7:d8:80:cb:74:e1:de:8f:
55:a6:58:8d:81:02:84:af:97:17:d0:1c:1e:d6:b3:6b:f5:79:
a4:6d:c9:b5
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZnDsfzwLCaXmWnJe9Oy8sl5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUxMDA4MTIwMDQ1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYWMyOTZmNjIzZWEzZmIwNmYzNmMwN2IxNDBlN2Q5OTdiOTI2YTE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt26HlqOKfWdOsGYpWJt0bFxypX0H
gbQDJQiaSprs6Wbg9Ipc+D700x2prr+7mKYLINdXsEyZeo1XzaZUMRX7o5/zVkz6
gt+X0egJ8CB6QVDvXx2FO5Warar22JGTtyJjp3wvi+VoydlesJLAubLqOF9D6iqI
REm1hg9UllCJowgI4krFCP79QKCtct/Gicgt3y/tv1jj7snOGZbs5q5fsMNCpkfc
f+C6PZikQeXmaHBxnhK4YK8p7b+epkGa/JZQP/5rW04v/yt3/WyAaRQFdcjBEUnh
7IxPdoX3AuzIYpJKr8HBKSvLR4p5tqdfTWXxsS/hTeyttNP61MJJ+aB4ZwIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFMrClvYj6j+wbzbAexQOfZl7kmoZMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEveXNLVzlpUHFQN0J2TnNCN0ZBNTltWHVTYWhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDBSBAIAATBMMAwDBAAF
tGkDBAIFtGgDBAAtgwADBAEtgwIDBAAtiAQDBAEtjZQDBAAtkywwDAMEA01TyAME
AE1TygMEAcJ07AMEAMKSJAMEAMKSLzBOBAIAAjBIAwUDKgmHgAMFAyoPtwADBQMq
D+kAAwUDKg/rAAMFAyoP7QADBQMqD/kAAwcAKhOkQAAHAwUAKhOkQQMFACoTpEUD
BQAqE6RHMA0GCSqGSIb3DQEBCwUAA4IBAQA7TMBc4nOEzmUAh51re6j2TFbWJz2Q
ul60y8i40j8UCHivotoFwzl+CIfnBlJyX48C5BBmBVCx6q+vLgtYM7N/G0dsFoCk
KslvY4Y8Jk6UX5BlAmDUj8/zk6IVhhx4UEVdzhidXt+pCmakXhPFtOYzNZaAdw7a
x/twl1xGMBuh7QnyGvW8sxZ1T7flx4l6ULGDBHyyjSEIsB1son4Ln607ZgiPqNgH
F30AdFh8iMrIUURVgQWrwS6WT2PV05LMzKyHzQAFcGPJ2Cad8S8+6q4Kc5u0rfRk
bPAVq8KOLhWISX1c19iAy3Th3o9VpliNgQKEr5cX0Bwe1rNr9Xmkbcm1
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:02:20 2025 by rpki-client