Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/ETv26zxQcsr8JhZ4MeGRkRkjDDY.roa
File: ETv26zxQcsr8JhZ4MeGRkRkjDDY.roa (raw, json)
Hash identifier: V/KbOS0vpdDJobu1pDGY/r9sUVjvdSgLOWgc2BMLZzY=
Subject key identifier: 11:3B:F6:EB:3C:50:72:CA:FC:26:16:78:31:E1:91:91:19:23:0C:36
Certificate issuer: /CN=ae72e47d56692499a726bf800ea8380362deb6be
Certificate serial: 0199B8809D3DDDE6AAF6EF7CAA64AC547C46
Authority key identifier: AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/ETv26zxQcsr8JhZ4MeGRkRkjDDY.roa
Signing time: Mon 06 Oct 2025 07:51:00 +0000
ROA not before: Mon 06 Oct 2025 07:51:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21309
IP address blocks: 5.63.136.0/21 maxlen: 21
31.216.240.0/20 maxlen: 20
31.216.240.0/22 maxlen: 22
31.216.244.0/22 maxlen: 22
31.216.248.0/22 maxlen: 22
31.216.250.0/24 maxlen: 24
31.216.252.0/22 maxlen: 22
77.89.0.0/18 maxlen: 18
77.89.0.0/19 maxlen: 19
77.89.0.0/20 maxlen: 20
77.89.16.0/20 maxlen: 20
77.89.32.0/19 maxlen: 19
77.89.32.0/20 maxlen: 20
77.89.48.0/20 maxlen: 20
80.86.144.0/20 maxlen: 24
83.216.160.0/19 maxlen: 19
83.216.160.0/20 maxlen: 20
83.216.160.0/21 maxlen: 21
83.216.168.0/21 maxlen: 21
83.216.176.0/20 maxlen: 20
83.216.176.0/21 maxlen: 21
83.216.184.0/21 maxlen: 21
86.110.128.0/19 maxlen: 19
86.110.128.0/20 maxlen: 20
86.110.128.0/21 maxlen: 21
86.110.136.0/21 maxlen: 21
86.110.144.0/20 maxlen: 20
86.110.144.0/21 maxlen: 21
86.110.152.0/21 maxlen: 21
185.123.8.0/22 maxlen: 22
185.123.8.0/24 maxlen: 24
185.123.9.0/24 maxlen: 24
185.182.196.0/22 maxlen: 24
188.125.96.0/19 maxlen: 24
188.125.122.0/24 maxlen: 24
213.174.160.0/19 maxlen: 19
213.174.160.0/20 maxlen: 20
213.174.160.0/21 maxlen: 21
213.174.168.0/21 maxlen: 21
213.174.176.0/20 maxlen: 20
213.174.176.0/21 maxlen: 21
213.174.184.0/21 maxlen: 21
213.209.192.0/18 maxlen: 18
213.209.192.0/19 maxlen: 19
213.209.192.0/20 maxlen: 20
213.209.208.0/20 maxlen: 20
213.209.224.0/19 maxlen: 19
213.209.224.0/20 maxlen: 20
213.209.240.0/20 maxlen: 20
2a03:c380::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:80:9d:3d:dd:e6:aa:f6:ef:7c:aa:64:ac:54:7c:46
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ae72e47d56692499a726bf800ea8380362deb6be
Validity
Not Before: Oct 6 07:51:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=113bf6eb3c5072cafc26167831e1919119230c36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:ed:d5:8a:4f:2f:9e:9e:4c:47:50:62:8e:41:
e8:d7:29:0e:4d:67:a8:3a:0b:1d:a3:f0:41:4a:8c:
7f:fc:e2:7c:7a:33:ad:41:0a:ec:5e:f4:48:10:32:
8e:e8:2c:8a:b2:68:4e:07:d5:98:63:4d:5c:6d:d5:
a8:98:bb:a8:72:d9:1e:bb:ce:c4:06:8a:ad:bb:35:
03:b2:68:57:80:13:c7:7a:4d:93:49:9d:c9:a2:5f:
83:46:b6:70:42:a0:59:24:9f:91:13:86:08:e7:e5:
ed:78:62:e1:ce:01:d1:14:19:77:19:2a:41:9e:28:
41:64:ae:df:cb:6b:02:76:85:d9:d5:11:f6:a4:40:
f1:2a:e3:71:8c:7d:fa:3d:a0:4a:fe:26:dd:1c:db:
52:e4:46:e8:05:b4:b1:c1:d5:72:2d:81:d8:b7:64:
51:c3:f5:c6:8e:1e:a6:f1:fc:ca:8c:09:6c:9f:6b:
95:2d:74:a2:56:cb:7d:1e:af:3a:04:2b:86:f7:67:
52:03:43:3a:59:59:dd:f1:ed:5a:dd:4a:1d:c8:51:
e1:e4:5a:92:1f:36:c5:fd:a8:7e:95:1e:71:4d:f0:
6c:2d:08:eb:da:27:4f:a2:ad:0e:2f:2f:2d:9a:c7:
e3:45:68:22:d5:8f:a4:8e:c9:f4:38:55:7f:f3:df:
82:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:3B:F6:EB:3C:50:72:CA:FC:26:16:78:31:E1:91:91:19:23:0C:36
X509v3 Authority Key Identifier:
keyid:AE:72:E4:7D:56:69:24:99:A7:26:BF:80:0E:A8:38:03:62:DE:B6:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rnLkfVZpJJmnJr-ADqg4A2Letr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/ETv26zxQcsr8JhZ4MeGRkRkjDDY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fa/6bb471-4a3e-488d-b88c-fe12c75bf4ab/1/rnLkfVZpJJmnJr-ADqg4A2Letr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.136.0/21
31.216.240.0/20
77.89.0.0/18
80.86.144.0/20
83.216.160.0/19
86.110.128.0/19
185.123.8.0/22
185.182.196.0/22
188.125.96.0/19
213.174.160.0/19
213.209.192.0/18
IPv6:
2a03:c380::/32
Signature Algorithm: sha256WithRSAEncryption
5e:3f:85:52:eb:01:60:85:04:dd:bc:38:53:7d:3e:07:74:ba:
e4:55:7a:c0:c8:87:4f:fd:2e:de:79:b3:25:0d:45:fb:96:a0:
57:33:2f:ec:6b:4b:19:98:fb:06:70:3a:be:4f:84:eb:ea:6d:
48:f8:3d:3c:76:4d:ef:29:c5:d3:a1:0b:5d:36:6a:b9:20:29:
60:61:13:1b:a0:3e:f2:68:5c:2a:52:e6:e3:af:f3:c0:97:e2:
b8:ed:2e:12:04:48:0a:80:10:c0:1b:a0:e2:97:fe:38:c9:da:
35:fa:67:1f:59:9b:59:29:94:87:2d:af:11:48:e0:0b:50:9d:
b4:e8:0e:e7:b0:20:64:ef:cc:e0:66:8b:e7:bd:14:10:6b:a4:
fa:fc:48:d3:b2:e0:a7:34:b9:3b:d5:c6:66:88:35:35:b9:23:
f8:35:f5:79:a4:58:e5:85:1b:9b:b2:58:2b:34:c4:c9:22:b0:
b2:28:f8:05:cd:d6:78:72:b2:2a:6d:31:a2:01:08:a3:6d:b7:
8e:8e:f7:18:f0:da:8a:f5:98:96:97:df:fa:b3:70:ac:c0:7e:
f4:ca:e1:8e:d0:f1:44:13:c9:03:4d:5c:e8:7b:6a:8a:6c:f0:
be:22:0f:10:9e:41:15:f0:a1:5f:8e:cf:50:a4:1e:8e:18:7b:
12:31:3b:c2
-----BEGIN CERTIFICATE-----
MIIFSDCCBDCgAwIBAgISAZm4gJ093eaq9u98qmSsVHxGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlNzJlNDdkNTY2OTI0OTlhNzI2YmY4MDBlYTgzODAzNjJk
ZWI2YmUwHhcNMjUxMDA2MDc1MTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTNiZjZlYjNjNTA3MmNhZmMyNjE2NzgzMWUxOTE5MTE5MjMwYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1e3Vik8vnp5MR1BijkHo1ykOTWeo
Ogsdo/BBSox//OJ8ejOtQQrsXvRIEDKO6CyKsmhOB9WYY01cbdWomLuoctkeu87E
BoqtuzUDsmhXgBPHek2TSZ3Jol+DRrZwQqBZJJ+RE4YI5+XteGLhzgHRFBl3GSpB
nihBZK7fy2sCdoXZ1RH2pEDxKuNxjH36PaBK/ibdHNtS5EboBbSxwdVyLYHYt2RR
w/XGjh6m8fzKjAlsn2uVLXSiVst9Hq86BCuG92dSA0M6WVnd8e1a3UodyFHh5FqS
HzbF/ah+lR5xTfBsLQjr2idPoq0OLy8tmsfjRWgi1Y+kjsn0OFV/89+CgwIDAQAB
o4ICVDCCAlAwHQYDVR0OBBYEFBE79us8UHLK/CYWeDHhkZEZIww2MB8GA1UdIwQY
MBaAFK5y5H1WaSSZpya/gA6oOANi3ra+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMt
ZmUxMmM3NWJmNGFiLzEvRVR2MjZ6eFFjc3I4SmhaNE1lR1JrUmtqRERZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYS82YmI0NzEtNGEzZS00ODhkLWI4OGMtZmUxMmM3NWJmNGFi
LzEvcm5Ma2ZWWnBKSm1uSnItQURxZzRBMkxldHI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGoGCCsGAQUFBwEHAQH/BFswWTBIBAIAATBCAwQDBT+IAwQE
H9jwAwQGTVkAAwQEUFaQAwQFU9igAwQFVm6AAwQCuXsIAwQCubbEAwQFvH1gAwQF
1a6gAwQG1dHAMA0EAgACMAcDBQAqA8OAMA0GCSqGSIb3DQEBCwUAA4IBAQBeP4VS
6wFghQTdvDhTfT4HdLrkVXrAyIdP/S7eebMlDUX7lqBXMy/sa0sZmPsGcDq+T4Tr
6m1I+D08dk3vKcXToQtdNmq5IClgYRMboD7yaFwqUubjr/PAl+K47S4SBEgKgBDA
G6Dil/44ydo1+mcfWZtZKZSHLa8RSOALUJ206A7nsCBk78zgZovnvRQQa6T6/EjT
suCnNLk71cZmiDU1uSP4NfV5pFjlhRubslgrNMTJIrCyKPgFzdZ4crIqbTGiAQij
bbeOjvcY8NqK9ZiWl9/6s3CswH70yuGO0PFEE8kDTVzoe2qKbPC+Ig8QnkEV8KFf
js9QpB6OGHsSMTvC
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:32:37 2025 by rpki-client