Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/18O8czrje2LCAYkWMN-OJ8UP9l0.roa
File: 18O8czrje2LCAYkWMN-OJ8UP9l0.roa (raw, json)
Hash identifier: j5zRgFZWd41KqmllrH17xZmPONlPHMWU+K/2nolyJhs=
Subject key identifier: D7:C3:BC:73:3A:E3:7B:62:C2:01:89:16:30:DF:8E:27:C5:0F:F6:5D
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0199C03F4D94CA2349C8B75CDB0A627072AB
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/18O8czrje2LCAYkWMN-OJ8UP9l0.roa
Signing time: Tue 07 Oct 2025 19:56:38 +0000
ROA not before: Tue 07 Oct 2025 19:56:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 45.91.161.0/24 maxlen: 24
45.135.176.0/24 maxlen: 24
45.135.178.0/24 maxlen: 24
45.135.179.0/24 maxlen: 24
45.140.61.0/24 maxlen: 24
45.143.141.0/24 maxlen: 24
45.143.143.0/24 maxlen: 24
45.147.246.0/24 maxlen: 24
45.156.149.0/24 maxlen: 24
45.156.150.0/24 maxlen: 24
193.8.164.0/24 maxlen: 24
193.8.167.0/24 maxlen: 24
193.8.175.0/24 maxlen: 24
194.156.1.0/24 maxlen: 24
213.109.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c0:3f:4d:94:ca:23:49:c8:b7:5c:db:0a:62:70:72:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Oct 7 19:56:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d7c3bc733ae37b62c201891630df8e27c50ff65d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:b1:0c:7a:08:a7:18:da:dd:30:36:9f:23:42:
ea:9c:87:64:d5:82:cc:a5:0f:8b:3d:12:5b:6c:11:
85:18:5e:1c:d4:24:fa:bb:ec:9a:08:cb:85:0f:d8:
3e:3f:c8:ea:83:91:cd:0e:ec:97:52:e0:b7:f2:38:
69:29:a7:19:f4:08:81:c8:a0:14:0c:c8:2f:26:b5:
75:10:36:99:23:5f:ec:9b:dc:c4:0c:9c:9f:5d:90:
eb:99:3b:90:49:bf:7d:72:b4:8f:af:9f:18:f8:d5:
97:f5:10:40:27:a6:2f:4f:77:46:47:35:d7:33:9d:
91:8c:6d:14:3a:67:98:fc:74:3d:29:42:04:42:f2:
a0:11:6e:23:26:59:d2:48:de:1a:70:11:b7:09:d1:
01:71:14:56:a3:e4:48:a9:c5:1e:5b:35:f8:4e:e9:
49:5d:bd:87:da:10:51:43:34:45:fb:dc:8e:5f:2b:
1c:ed:58:6e:a4:11:79:e6:77:fa:20:2a:0f:af:6a:
3d:2e:47:2b:64:2b:71:04:43:ee:07:a6:40:d3:fa:
f5:65:73:30:c6:5f:1f:3a:4f:33:e6:02:03:9b:7b:
bb:9e:6f:39:00:ba:f1:e6:58:9a:b9:fd:d5:7d:3e:
44:95:92:43:4e:37:86:57:5d:49:97:db:e4:20:91:
dd:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:C3:BC:73:3A:E3:7B:62:C2:01:89:16:30:DF:8E:27:C5:0F:F6:5D
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/18O8czrje2LCAYkWMN-OJ8UP9l0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.161.0/24
45.135.176.0/24
45.135.178.0/23
45.140.61.0/24
45.143.141.0/24
45.143.143.0/24
45.147.246.0/24
45.156.149.0-45.156.150.255
193.8.164.0/24
193.8.167.0/24
193.8.175.0/24
194.156.1.0/24
213.109.109.0/24
Signature Algorithm: sha256WithRSAEncryption
55:87:2d:93:90:41:4e:4d:e6:b7:ce:d4:7c:a1:7c:7b:5d:09:
7d:ab:ad:de:f7:87:19:9a:a7:ff:87:c8:8f:8c:a6:28:0a:a5:
91:d9:f3:ae:1c:e3:c9:aa:c0:e6:3e:df:b7:64:14:6f:4b:a9:
26:f8:80:e2:0f:d3:f3:ad:3c:67:09:cf:a0:72:7f:44:2d:87:
b5:a0:f8:40:ec:a9:7c:09:de:b5:b0:08:6f:4b:b8:90:74:be:
28:a5:6b:81:86:6a:b5:24:ef:ab:ab:8d:53:68:ff:cb:27:5a:
82:dc:e9:54:11:57:08:65:ab:f2:5a:3c:04:d4:9a:c1:1e:7e:
13:03:ba:49:5c:53:1a:14:7b:4a:da:86:29:a0:7d:43:cd:42:
d9:bd:eb:c7:f3:e8:03:87:db:7a:bd:e5:79:8d:7b:72:f6:c1:
19:c9:e2:a0:d8:00:7a:f4:ca:4e:84:9b:41:f8:0e:6c:ca:4a:
c4:57:49:6f:c8:73:6f:1a:fb:f8:a6:23:2f:28:77:23:db:b6:
96:30:10:6d:5b:d8:a3:49:4e:89:b6:dd:4b:8c:98:47:a9:4a:
d9:16:34:ea:65:f8:4a:6c:8a:d7:fa:75:9c:cf:57:bf:8a:0f:
4a:97:9d:e8:f0:ef:1b:b9:ea:9b:d1:60:b4:f1:6c:37:66:5b:
d5:fe:ef:58
-----BEGIN CERTIFICATE-----
MIIFTTCCBDWgAwIBAgISAZnAP02UyiNJyLdc2wpicHKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUxMDA3MTk1NjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkN2MzYmM3MzNhZTM3YjYyYzIwMTg5MTYzMGRmOGUyN2M1MGZmNjVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5rEMeginGNrdMDafI0LqnIdk1YLM
pQ+LPRJbbBGFGF4c1CT6u+yaCMuFD9g+P8jqg5HNDuyXUuC38jhpKacZ9AiByKAU
DMgvJrV1EDaZI1/sm9zEDJyfXZDrmTuQSb99crSPr58Y+NWX9RBAJ6YvT3dGRzXX
M52RjG0UOmeY/HQ9KUIEQvKgEW4jJlnSSN4acBG3CdEBcRRWo+RIqcUeWzX4TulJ
Xb2H2hBRQzRF+9yOXysc7VhupBF55nf6ICoPr2o9LkcrZCtxBEPuB6ZA0/r1ZXMw
xl8fOk8z5gIDm3u7nm85ALrx5liauf3VfT5ElZJDTjeGV11Jl9vkIJHdDwIDAQAB
o4ICWTCCAlUwHQYDVR0OBBYEFNfDvHM643tiwgGJFjDfjifFD/ZdMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvMThPOGN6cmplMkxDQVlrV01OLU9KOFVQOWwwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG8GCCsGAQUFBwEHAQH/BGAwXjBcBAIAATBWAwQALVuhAwQA
LYewAwQBLYeyAwQALYw9AwQALY+NAwQALY+PAwQALZP2MAwDBAAtnJUDBAAtnJYD
BADBCKQDBADBCKcDBADBCK8DBADCnAEDBADVbW0wDQYJKoZIhvcNAQELBQADggEB
AFWHLZOQQU5N5rfO1HyhfHtdCX2rrd73hxmap/+HyI+MpigKpZHZ864c48mqwOY+
37dkFG9LqSb4gOIP0/OtPGcJz6Byf0Qth7Wg+EDsqXwJ3rWwCG9LuJB0viila4GG
arUk76urjVNo/8snWoLc6VQRVwhlq/JaPATUmsEefhMDuklcUxoUe0rahimgfUPN
Qtm968fz6AOH23q95XmNe3L2wRnJ4qDYAHr0yk6Em0H4DmzKSsRXSW/Ic28a+/im
Iy8odyPbtpYwEG1b2KNJTom23UuMmEepStkWNOpl+Epsitf6dZzPV7+KD0qXnejw
7xu56pvRYLTxbDdmW9X+71g=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:08:54 2025 by rpki-client