Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/eFGQ6kbBV_hrT8LO7Hegwhdtmp4.roa
File: eFGQ6kbBV_hrT8LO7Hegwhdtmp4.roa (raw, json)
Hash identifier: jES5P/dghWs+K0qtSFSL1yyagafjHPgd6GGcK36aa40=
Subject key identifier: 78:51:90:EA:46:C1:57:F8:6B:4F:C2:CE:EC:77:A0:C2:17:6D:9A:9E
Certificate issuer: /CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Certificate serial: 0199CF9515CFB6BE96E9E663E993113AD970
Authority key identifier: 08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/eFGQ6kbBV_hrT8LO7Hegwhdtmp4.roa
Signing time: Fri 10 Oct 2025 19:24:38 +0000
ROA not before: Fri 10 Oct 2025 19:24:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44285
IP address blocks: 5.1.43.0/24 maxlen: 24
37.32.32.0/21 maxlen: 21
37.32.32.0/22 maxlen: 22
37.32.32.0/24 maxlen: 24
37.32.33.0/24 maxlen: 24
37.32.34.0/24 maxlen: 24
37.32.35.0/24 maxlen: 24
37.32.37.0/24 maxlen: 24
37.32.38.0/24 maxlen: 24
37.32.39.0/24 maxlen: 24
37.75.243.0/24 maxlen: 24
37.75.244.0/22 maxlen: 22
37.75.244.0/24 maxlen: 24
37.75.245.0/24 maxlen: 24
37.75.246.0/24 maxlen: 24
37.75.247.0/24 maxlen: 24
45.9.252.0/22 maxlen: 24
45.9.252.0/24 maxlen: 24
45.9.253.0/24 maxlen: 24
45.9.254.0/24 maxlen: 24
45.87.4.0/22 maxlen: 22
45.140.224.0/22 maxlen: 22
46.28.72.0/21 maxlen: 24
46.28.72.0/24 maxlen: 24
46.28.73.0/24 maxlen: 24
46.28.74.0/24 maxlen: 24
78.110.120.0/22 maxlen: 24
84.47.224.0/21 maxlen: 21
84.47.224.0/22 maxlen: 22
84.47.224.0/24 maxlen: 24
84.47.225.0/24 maxlen: 24
84.47.226.0/24 maxlen: 24
84.47.227.0/24 maxlen: 24
84.47.228.0/22 maxlen: 22
84.47.228.0/24 maxlen: 24
84.47.229.0/24 maxlen: 24
84.47.230.0/24 maxlen: 24
84.47.231.0/24 maxlen: 24
85.198.24.0/22 maxlen: 24
88.135.37.0/24 maxlen: 24
88.135.38.0/24 maxlen: 24
88.135.39.0/24 maxlen: 24
91.236.168.0/23 maxlen: 23
91.236.168.0/24 maxlen: 24
91.236.169.0/24 maxlen: 24
185.18.212.0/22 maxlen: 22
185.18.212.0/24 maxlen: 24
185.18.213.0/24 maxlen: 24
185.18.214.0/24 maxlen: 24
185.18.215.0/24 maxlen: 24
185.51.200.0/24 maxlen: 24
185.51.201.0/24 maxlen: 24
185.51.202.0/24 maxlen: 24
185.51.203.0/24 maxlen: 24
185.121.128.0/22 maxlen: 24
185.121.128.0/24 maxlen: 24
185.121.129.0/24 maxlen: 24
185.121.130.0/24 maxlen: 24
185.121.131.0/24 maxlen: 24
185.128.136.0/24 maxlen: 24
185.128.137.0/24 maxlen: 24
185.128.138.0/24 maxlen: 24
185.128.139.0/24 maxlen: 24
185.141.132.0/24 maxlen: 24
185.141.133.0/24 maxlen: 24
185.141.134.0/24 maxlen: 24
185.141.135.0/24 maxlen: 24
185.182.248.0/22 maxlen: 22
185.182.248.0/23 maxlen: 23
185.182.250.0/23 maxlen: 23
185.182.250.0/24 maxlen: 24
185.182.251.0/24 maxlen: 24
188.209.152.0/23 maxlen: 23
195.110.38.0/23 maxlen: 23
195.110.38.0/24 maxlen: 24
195.110.39.0/24 maxlen: 24
217.172.120.0/21 maxlen: 24
217.172.124.0/23 maxlen: 23
217.172.126.0/23 maxlen: 23
217.172.127.0/24 maxlen: 24
2a02:828::/29 maxlen: 29
2a02:828::/32 maxlen: 32
2a02:828::/48 maxlen: 48
2a02:828::/64 maxlen: 64
2a02:828:1::/48 maxlen: 48
2a02:829::/32 maxlen: 32
2a02:82a::/32 maxlen: 32
2a02:82b::/32 maxlen: 32
2a02:82c::/32 maxlen: 32
2a02:82d::/32 maxlen: 32
2a02:82e::/32 maxlen: 32
2a02:82f::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:cf:95:15:cf:b6:be:96:e9:e6:63:e9:93:11:3a:d9:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=081b7a22e51cfb9cf84205e4449998ad55d8f065
Validity
Not Before: Oct 10 19:24:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=785190ea46c157f86b4fc2ceec77a0c2176d9a9e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:44:c7:a4:c4:ff:e1:c8:4b:0e:e3:b7:83:77:
91:79:ff:05:2d:da:73:33:9b:30:b9:20:9a:0e:ae:
a2:bf:c9:bf:e0:a3:6d:d8:cf:ea:15:7d:08:df:ba:
ae:5c:f3:9b:71:41:fb:b6:7a:f8:64:a2:0f:2c:45:
ad:42:c1:e7:44:d2:b0:c1:7d:4c:18:e7:5a:e2:9e:
7c:af:2e:0b:66:8d:f9:f6:0b:d0:17:d4:fd:35:3c:
3f:8c:3a:33:3b:35:4d:87:f9:75:d4:1d:eb:5c:f6:
3f:15:fa:91:cb:d5:1a:26:f2:84:44:22:c0:b0:99:
72:60:cf:1a:e6:55:48:63:0d:45:37:22:f9:5d:32:
47:bd:d3:a7:d0:37:41:74:ff:3f:b1:42:79:ca:25:
b6:10:f0:8a:06:b8:32:a4:b1:d3:1f:9f:4a:96:2c:
a8:76:9c:7d:18:17:b7:71:62:a4:f9:00:b6:1b:15:
06:4b:14:57:93:49:8f:f4:c7:29:62:54:88:c1:b5:
fb:0d:8e:78:2f:b7:f6:04:71:78:5d:25:48:a3:9f:
fd:7d:a4:47:54:11:3d:61:0c:ac:04:06:14:e7:d1:
7e:20:0c:b4:29:81:c1:f8:91:40:89:b7:65:ce:23:
cc:77:be:88:31:b7:5d:9a:5e:89:92:94:e5:21:e9:
2a:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:51:90:EA:46:C1:57:F8:6B:4F:C2:CE:EC:77:A0:C2:17:6D:9A:9E
X509v3 Authority Key Identifier:
keyid:08:1B:7A:22:E5:1C:FB:9C:F8:42:05:E4:44:99:98:AD:55:D8:F0:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CBt6IuUc-5z4QgXkRJmYrVXY8GU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/eFGQ6kbBV_hrT8LO7Hegwhdtmp4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dc/c515c9-df08-426c-80e6-0367268ff871/1/CBt6IuUc-5z4QgXkRJmYrVXY8GU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.1.43.0/24
37.32.32.0/21
37.75.243.0-37.75.247.255
45.9.252.0/22
45.87.4.0/22
45.140.224.0/22
46.28.72.0/21
78.110.120.0/22
84.47.224.0/21
85.198.24.0/22
88.135.37.0-88.135.39.255
91.236.168.0/23
185.18.212.0/22
185.51.200.0/22
185.121.128.0/22
185.128.136.0/22
185.141.132.0/22
185.182.248.0/22
188.209.152.0/23
195.110.38.0/23
217.172.120.0/21
IPv6:
2a02:828::/29
Signature Algorithm: sha256WithRSAEncryption
92:0c:32:46:3d:5d:7a:e5:08:7f:f2:bb:01:d9:ba:42:79:71:
ff:89:fb:81:b1:5c:3d:33:c9:b1:c5:94:14:e8:31:18:71:2f:
ba:4e:15:46:27:a4:dc:25:a8:35:b2:5b:80:c5:78:93:21:02:
b3:4f:46:9c:29:8f:1c:38:12:15:f2:02:01:32:fe:ac:8e:93:
30:31:35:f4:1f:fc:4e:77:09:5e:0d:a8:d3:cc:77:c4:5b:ab:
b7:e9:71:33:2e:d1:f6:92:29:a9:81:ab:ea:17:10:67:c3:e4:
94:8f:32:15:de:fd:37:62:28:d5:54:93:9f:98:c3:08:27:a7:
f3:cd:ae:04:ea:b8:89:ce:1d:23:e4:70:bd:58:48:89:71:dc:
c4:fe:0f:08:24:45:d9:e8:b4:25:1e:1e:4b:c4:39:d9:a6:ce:
4f:f2:8f:4a:32:9e:0e:31:12:75:96:1b:09:1e:2a:d5:57:d7:
2e:36:18:ce:9e:b4:f0:fc:68:6d:97:42:47:48:b9:e9:f7:e8:
7b:7f:aa:37:d5:44:72:11:5a:47:48:22:93:23:82:57:57:38:
10:0d:4c:47:d4:89:c1:45:bc:88:f7:3c:9a:76:11:a3:f8:f9:
9b:64:75:0b:fe:5a:b2:a5:63:b2:cb:11:f1:84:13:da:a9:0d:
c5:7d:dc:68
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZnPlRXPtr6W6eZj6ZMROtlwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MWI3YTIyZTUxY2ZiOWNmODQyMDVlNDQ0OTk5OGFkNTVk
OGYwNjUwHhcNMjUxMDEwMTkyNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ODUxOTBlYTQ2YzE1N2Y4NmI0ZmMyY2VlYzc3YTBjMjE3NmQ5YTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApUTHpMT/4chLDuO3g3eRef8FLdpz
M5swuSCaDq6iv8m/4KNt2M/qFX0I37quXPObcUH7tnr4ZKIPLEWtQsHnRNKwwX1M
GOda4p58ry4LZo359gvQF9T9NTw/jDozOzVNh/l11B3rXPY/FfqRy9UaJvKERCLA
sJlyYM8a5lVIYw1FNyL5XTJHvdOn0DdBdP8/sUJ5yiW2EPCKBrgypLHTH59Kliyo
dpx9GBe3cWKk+QC2GxUGSxRXk0mP9McpYlSIwbX7DY54L7f2BHF4XSVIo5/9faRH
VBE9YQysBAYU59F+IAy0KYHB+JFAibdlziPMd76IMbddml6JkpTlIekqBwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFHhRkOpGwVf4a0/Czux3oMIXbZqeMB8GA1UdIwQY
MBaAFAgbeiLlHPuc+EIF5ESZmK1V2PBlMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYt
MDM2NzI2OGZmODcxLzEvZUZHUTZrYkJWX2hyVDhMTzdIZWd3aGR0bXA0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYy9jNTE1YzktZGYwOC00MjZjLTgwZTYtMDM2NzI2OGZmODcx
LzEvQ0J0Nkl1VWMtNXo0UWdYa1JKbVlyVlhZOEdVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBlQQCAAEwgY4DBAAF
ASsDBAMlICAwDAMEACVL8wMEAyVL8AMEAi0J/AMEAi1XBAMEAi2M4AMEAy4cSAME
Ak5ueAMEA1Qv4AMEAlXGGDAMAwQAWIclAwQDWIcgAwQBW+yoAwQCuRLUAwQCuTPI
AwQCuXmAAwQCuYCIAwQCuY2EAwQCubb4AwQBvNGYAwQBw24mAwQD2ax4MA0EAgAC
MAcDBQMqAggoMA0GCSqGSIb3DQEBCwUAA4IBAQCSDDJGPV165Qh/8rsB2bpCeXH/
ifuBsVw9M8mxxZQU6DEYcS+6ThVGJ6TcJag1sluAxXiTIQKzT0acKY8cOBIV8gIB
Mv6sjpMwMTX0H/xOdwleDajTzHfEW6u36XEzLtH2kimpgavqFxBnw+SUjzIV3v03
YijVVJOfmMMIJ6fzza4E6riJzh0j5HC9WEiJcdzE/g8IJEXZ6LQlHh5LxDnZps5P
8o9KMp4OMRJ1lhsJHirVV9cuNhjOnrTw/Ghtl0JHSLnp9+h7f6o31URyEVpHSCKT
I4JXVzgQDUxH1InBRbyI9zyadhGj+PmbZHUL/lqypWOyyxHxhBPaqQ3Ffdxo
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:25 2025 by rpki-client