Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/0u5MB7MHn7bL2gqyo5sqX2hHnxg.roa
File: 0u5MB7MHn7bL2gqyo5sqX2hHnxg.roa (raw, json)
Hash identifier: dTLKNW3bqLmuZGafffFw/K7jFyKobZ/sSRa/waRYTh4=
Subject key identifier: D2:EE:4C:07:B3:07:9F:B6:CB:DA:0A:B2:A3:9B:2A:5F:68:47:9F:18
Certificate issuer: /CN=9788de1b757eaaab5e76b196e178b60b5e6c240c
Certificate serial: 0199E4255E8807411E1CD90FA0E25D42FD72
Authority key identifier: 97:88:DE:1B:75:7E:AA:AB:5E:76:B1:96:E1:78:B6:0B:5E:6C:24:0C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/0u5MB7MHn7bL2gqyo5sqX2hHnxg.roa
Signing time: Tue 14 Oct 2025 19:14:38 +0000
ROA not before: Tue 14 Oct 2025 19:14:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212286
IP address blocks: 45.87.128.0/23 maxlen: 23
45.91.73.0/24 maxlen: 24
45.128.80.0/22 maxlen: 22
45.129.72.0/24 maxlen: 24
45.131.216.0/22 maxlen: 22
45.132.164.0/22 maxlen: 22
45.138.248.0/22 maxlen: 22
45.145.136.0/22 maxlen: 22
45.153.36.0/22 maxlen: 22
45.154.148.0/22 maxlen: 22
81.85.32.0/20 maxlen: 20
152.114.202.0/23 maxlen: 23
152.114.204.0/23 maxlen: 23
158.94.188.0/22 maxlen: 22
158.94.217.0/24 maxlen: 24
185.121.236.0/22 maxlen: 22
193.17.224.0/24 maxlen: 24
193.17.231.0/24 maxlen: 24
193.17.253.0/24 maxlen: 24
193.17.255.0/24 maxlen: 24
212.97.80.0/21 maxlen: 21
212.102.124.0/24 maxlen: 24
213.184.68.0/22 maxlen: 22
217.179.80.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/l4jeG3V-qqtedrGW4Xi2C15sJAw.crl
rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/l4jeG3V-qqtedrGW4Xi2C15sJAw.mft
rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e4:25:5e:88:07:41:1e:1c:d9:0f:a0:e2:5d:42:fd:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9788de1b757eaaab5e76b196e178b60b5e6c240c
Validity
Not Before: Oct 14 19:14:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2ee4c07b3079fb6cbda0ab2a39b2a5f68479f18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:ae:05:44:73:21:ec:87:d5:a0:ec:f3:c4:15:
ca:86:76:81:8b:16:91:e2:38:f7:84:07:b7:91:5f:
5c:6a:5f:fc:7d:22:7e:36:dd:dc:66:bc:a1:74:57:
ae:ed:b8:8d:f1:04:ae:0c:be:0b:ed:15:85:7c:cb:
7a:62:c6:df:0a:46:ea:13:c4:c2:51:54:3d:9a:ef:
fb:96:79:35:f5:4c:8c:ee:a4:4f:8c:0e:f7:61:ac:
cc:37:e4:c5:97:51:09:23:80:bb:6d:72:b1:b4:ad:
f4:bc:70:36:c0:a4:48:be:6d:eb:22:9f:9c:26:39:
ac:8f:b1:6d:53:c6:9f:c9:2c:99:be:4a:fd:5f:b3:
3e:ae:c5:ed:f6:0c:96:86:41:ae:ad:89:6e:a3:12:
92:d4:3f:d7:1d:6c:f6:44:40:1c:00:c0:5b:7d:92:
36:5c:dc:bb:73:7a:91:4b:34:03:1c:26:8f:aa:6b:
e7:f8:9b:96:26:ed:85:02:d1:b1:dc:2b:0e:c9:0b:
1f:59:39:af:3a:28:9c:31:7d:5a:32:8b:14:21:70:
e4:5d:dc:eb:8c:cc:43:fa:df:e2:78:11:c3:49:30:
91:ee:40:f6:4c:7e:11:46:bb:3f:27:d3:ac:38:03:
e2:db:4f:e0:7a:5b:b1:02:43:57:49:d6:0f:81:1f:
a2:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:EE:4C:07:B3:07:9F:B6:CB:DA:0A:B2:A3:9B:2A:5F:68:47:9F:18
X509v3 Authority Key Identifier:
keyid:97:88:DE:1B:75:7E:AA:AB:5E:76:B1:96:E1:78:B6:0B:5E:6C:24:0C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l4jeG3V-qqtedrGW4Xi2C15sJAw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/0u5MB7MHn7bL2gqyo5sqX2hHnxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e3/73ca57-4eee-4c29-814a-81790f61e794/1/l4jeG3V-qqtedrGW4Xi2C15sJAw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.87.128.0/23
45.91.73.0/24
45.128.80.0/22
45.129.72.0/24
45.131.216.0/22
45.132.164.0/22
45.138.248.0/22
45.145.136.0/22
45.153.36.0/22
45.154.148.0/22
81.85.32.0/20
152.114.202.0-152.114.205.255
158.94.188.0/22
158.94.217.0/24
185.121.236.0/22
193.17.224.0/24
193.17.231.0/24
193.17.253.0/24
193.17.255.0/24
212.97.80.0/21
212.102.124.0/24
213.184.68.0/22
217.179.80.0/22
Signature Algorithm: sha256WithRSAEncryption
d4:48:95:8b:fb:1b:dc:9c:1b:5a:0c:bf:89:1f:8d:5a:49:1e:
3c:ff:7f:72:7a:24:c8:d6:c3:2f:21:ae:9c:c3:ba:3c:7f:e6:
fc:f5:27:d7:8b:04:f2:df:ff:d1:38:ac:98:fd:81:d0:bc:93:
df:0f:da:d4:75:af:53:66:4e:98:df:99:f8:5a:6a:41:95:aa:
20:8d:f5:f6:0f:5d:51:80:9a:88:fc:b8:e4:3e:ad:46:be:5a:
df:8f:89:45:ce:a1:4a:69:ce:96:73:eb:3f:8a:83:2b:c2:73:
ed:0c:d8:32:fe:f6:85:31:09:1f:3d:07:41:2b:6c:81:ac:e7:
04:8d:35:4e:eb:74:3f:a4:e2:35:8d:bf:6e:12:05:94:3a:fd:
96:25:ff:70:ae:3e:89:ab:02:4a:ad:6d:ab:12:13:c5:40:99:
49:82:48:07:68:8c:14:8e:cf:7f:6d:47:eb:7e:9a:c7:8d:5d:
2e:3c:cd:c2:12:ec:ab:28:02:fa:43:a0:18:e1:a0:b8:fa:5a:
60:30:09:3a:4d:10:86:e4:d3:2d:1b:d4:bc:9e:e5:20:63:aa:
80:45:3e:f4:1d:bb:1f:b7:6c:da:f8:fe:5a:6c:af:00:b4:1c:
61:81:0c:80:84:c8:78:b6:9c:33:5c:40:f9:8b:bb:bd:4b:01:
e0:4f:94:7d
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZnkJV6IB0EeHNkPoOJdQv1yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3ODhkZTFiNzU3ZWFhYWI1ZTc2YjE5NmUxNzhiNjBiNWU2
YzI0MGMwHhcNMjUxMDE0MTkxNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMmVlNGMwN2IzMDc5ZmI2Y2JkYTBhYjJhMzliMmE1ZjY4NDc5ZjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6K4FRHMh7IfVoOzzxBXKhnaBixaR
4jj3hAe3kV9cal/8fSJ+Nt3cZryhdFeu7biN8QSuDL4L7RWFfMt6YsbfCkbqE8TC
UVQ9mu/7lnk19UyM7qRPjA73YazMN+TFl1EJI4C7bXKxtK30vHA2wKRIvm3rIp+c
Jjmsj7FtU8afySyZvkr9X7M+rsXt9gyWhkGurYluoxKS1D/XHWz2REAcAMBbfZI2
XNy7c3qRSzQDHCaPqmvn+JuWJu2FAtGx3CsOyQsfWTmvOiicMX1aMosUIXDkXdzr
jMxD+t/ieBHDSTCR7kD2TH4RRrs/J9OsOAPi20/geluxAkNXSdYPgR+iCwIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFNLuTAezB5+2y9oKsqObKl9oR58YMB8GA1UdIwQY
MBaAFJeI3ht1fqqrXnaxluF4tgtebCQMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDRqZUczVi1xcXRlZHJHVzRYaTJDMTVzSkF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMy83M2NhNTctNGVlZS00YzI5LTgxNGEt
ODE3OTBmNjFlNzk0LzEvMHU1TUI3TUhuN2JMMmdxeW81c3FYMmhIbnhnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMy83M2NhNTctNGVlZS00YzI5LTgxNGEtODE3OTBmNjFlNzk0
LzEvbDRqZUczVi1xcXRlZHJHVzRYaTJDMTVzSkF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAEt
V4ADBAAtW0kDBAItgFADBAAtgUgDBAItg9gDBAIthKQDBAItivgDBAItkYgDBAIt
mSQDBAItmpQDBARRVSAwDAMEAZhyygMEAZhyzAMEAp5evAMEAJ5e2QMEArl57AME
AMER4AMEAMER5wMEAMER/QMEAMER/wMEA9RhUAMEANRmfAMEAtW4RAMEAtmzUDAN
BgkqhkiG9w0BAQsFAAOCAQEA1EiVi/sb3JwbWgy/iR+NWkkePP9/cnokyNbDLyGu
nMO6PH/m/PUn14sE8t//0TismP2B0LyT3w/a1HWvU2ZOmN+Z+FpqQZWqII319g9d
UYCaiPy45D6tRr5a34+JRc6hSmnOlnPrP4qDK8Jz7QzYMv72hTEJHz0HQStsgazn
BI01Tut0P6TiNY2/bhIFlDr9liX/cK4+iasCSq1tqxITxUCZSYJIB2iMFI7Pf21H
636ax41dLjzNwhLsqygC+kOgGOGguPpaYDAJOk0QhuTTLRvUvJ7lIGOqgEU+9B27
H7ds2vj+WmyvALQcYYEMgITIeLacM1xA+Yu7vUsB4E+UfQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:57 2025 by rpki-client