Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/trntJUljpyKQ_RbnudcW1AEz8hI.roa
File: trntJUljpyKQ_RbnudcW1AEz8hI.roa (raw, json)
Hash identifier: ThfGBtnYJx9e9HpZNJCs79E8qICBYx162pji3AgfT1c=
Subject key identifier: B6:B9:ED:25:49:63:A7:22:90:FD:16:E7:B9:D7:16:D4:01:33:F2:12
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 0199E1DCCE271FEF3B2B49CDDD73EE0414C9
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/trntJUljpyKQ_RbnudcW1AEz8hI.roa
Signing time: Tue 14 Oct 2025 08:36:08 +0000
ROA not before: Tue 14 Oct 2025 08:36:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 2.154.0.0/15 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
2.155.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.117.128.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.184.0.0/16 maxlen: 16
81.202.0.0/16 maxlen: 16
82.159.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
83.138.192.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 16
89.141.0.0/16 maxlen: 16
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.22.32.0/19 maxlen: 20
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.122.96.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e1:dc:ce:27:1f:ef:3b:2b:49:cd:dd:73:ee:04:14:c9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Oct 14 08:36:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6b9ed254963a72290fd16e7b9d716d40133f212
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:05:6c:9f:e1:af:a2:3b:d7:df:1a:2d:2d:99:
f8:62:2d:22:11:64:4f:0c:c4:7b:e4:a4:88:b7:1c:
bb:28:ae:48:d9:18:77:67:e3:f6:c8:57:c8:87:67:
02:80:88:38:05:30:91:3a:e2:62:23:be:67:6a:d4:
0d:a3:c1:94:d3:7a:64:42:c4:fc:b1:77:c8:50:fc:
45:9b:e2:63:bb:07:fa:6f:b7:c4:f4:b2:95:5c:0b:
49:cb:d3:99:09:22:40:e0:da:35:90:39:3e:93:6d:
7e:d3:95:62:e3:7e:d0:cb:d2:8e:f5:3f:2b:01:62:
cb:fa:5d:ac:12:c3:ec:62:c6:75:ed:4d:43:17:ad:
4c:0b:6d:cb:dd:a0:79:3e:1a:07:e0:4c:5b:aa:1e:
8f:04:a8:94:04:43:68:12:c2:63:de:8a:68:90:90:
9e:b2:db:79:70:f9:da:a0:50:b3:14:7a:6a:23:90:
f3:9c:7d:64:9a:47:08:4d:98:cb:e4:01:11:f8:fd:
b4:be:0e:b1:7a:ef:e8:dd:15:89:4d:20:e8:10:a0:
10:ac:6b:3c:37:77:10:cc:2b:ef:0c:9b:61:c0:d3:
22:92:18:01:ef:14:80:1e:39:17:ab:ce:8e:11:ca:
3a:4e:bc:1a:77:8e:d4:29:9e:de:b4:ca:e4:95:16:
87:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:B9:ED:25:49:63:A7:22:90:FD:16:E7:B9:D7:16:D4:01:33:F2:12
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/trntJUljpyKQ_RbnudcW1AEz8hI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.154.0.0/15
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.117.128.0/17
62.174.0.0/15
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/16
82.159.0.0/16
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.22.32.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
Signature Algorithm: sha256WithRSAEncryption
76:26:35:a9:b9:30:1b:98:3b:1f:f4:8c:48:96:0c:f7:3e:09:
a3:82:dc:a5:72:03:31:9c:94:2d:c5:ce:31:54:e0:37:d0:03:
31:fc:b2:5b:82:b0:d0:84:6a:0f:3e:81:89:0c:fc:34:e3:c2:
5d:2c:ff:23:3d:65:15:2d:d8:df:34:17:cd:88:5e:24:4d:64:
c0:f3:1e:14:f9:71:41:46:f9:ed:19:e4:05:1e:b8:80:53:17:
7e:88:0f:7c:66:75:26:97:6b:02:e2:f6:72:d0:98:b6:32:2d:
eb:37:95:6f:83:3a:be:d3:4a:a4:fa:6a:51:98:29:75:9c:e7:
6b:fd:fd:a4:4e:cd:d6:d5:b0:5a:40:8b:37:f7:2e:9b:9a:55:
ab:e5:97:89:2e:52:29:b4:93:26:db:7e:09:81:ec:56:69:df:
15:d3:e0:a9:0e:9e:5a:4b:6c:4a:94:6c:ae:45:c6:03:9f:86:
05:42:ac:b3:ff:60:9a:99:22:b1:cc:cb:58:bb:4b:e8:b4:bc:
b2:49:2c:82:dc:fa:48:54:3e:ac:a4:bf:4b:b6:7f:1c:a4:6d:
41:0a:07:a9:f3:68:71:87:5b:c5:aa:48:ff:2c:13:f5:04:fd:
d1:e0:de:a5:49:c3:c4:d1:10:25:3e:1b:49:54:23:73:ca:c6:
02:fe:4e:e6
-----BEGIN CERTIFICATE-----
MIIF1zCCBL+gAwIBAgISAZnh3M4nH+87K0nN3XPuBBTJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUxMDE0MDgzNjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmI5ZWQyNTQ5NjNhNzIyOTBmZDE2ZTdiOWQ3MTZkNDAxMzNmMjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsQVsn+GvojvX3xotLZn4Yi0iEWRP
DMR75KSItxy7KK5I2Rh3Z+P2yFfIh2cCgIg4BTCROuJiI75natQNo8GU03pkQsT8
sXfIUPxFm+Jjuwf6b7fE9LKVXAtJy9OZCSJA4No1kDk+k21+05Vi437Qy9KO9T8r
AWLL+l2sEsPsYsZ17U1DF61MC23L3aB5PhoH4Exbqh6PBKiUBENoEsJj3opokJCe
stt5cPnaoFCzFHpqI5DznH1kmkcITZjL5AER+P20vg6xeu/o3RWJTSDoEKAQrGs8
N3cQzCvvDJthwNMikhgB7xSAHjkXq86OEco6Trwad47UKZ7etMrklRaHRQIDAQAB
o4IC4zCCAt8wHQYDVR0OBBYEFLa57SVJY6cikP0W57nXFtQBM/ISMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvdHJudEpVbGpweUtRX1JibnVkY1cxQUV6OGhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH4BggrBgEFBQcBBwEB/wSB6DCB5TCB4gQCAAEwgdsDAwEC
mgMDAAUoAwMBPioDAwA+OTAKAwMAPlEDAwI+UAMEBT5kYAMEBz51gAMDAT6uAwMA
UOADAwFRPAMDAFG4AwMAUcoDAwBSnwMEBlLVgAMEBlOKwAMEBlOtgAMDA1R4AwQH
VdsAAwMAVfsDAwFZjAMDAF8nAwQCuYCAAwQFwmoAAwQGwoyAAwQFwpXAAwQF1BXg
AwQF1BYgAwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/AAwQF1GGgAwQF1HpgAwQG1LfA
AwMA1SUDBAfVyQADBAbV4wADBAbV50AwDQYJKoZIhvcNAQELBQADggEBAHYmNam5
MBuYOx/0jEiWDPc+CaOC3KVyAzGclC3FzjFU4DfQAzH8sluCsNCEag8+gYkM/DTj
wl0s/yM9ZRUt2N80F82IXiRNZMDzHhT5cUFG+e0Z5AUeuIBTF36ID3xmdSaXawLi
9nLQmLYyLes3lW+DOr7TSqT6alGYKXWc52v9/aROzdbVsFpAizf3LpuaVavll4ku
Uim0kybbfgmB7FZp3xXT4KkOnlpLbEqUbK5FxgOfhgVCrLP/YJqZIrHMy1i7S+i0
vLJJLILc+khUPqykv0u2fxykbUEKB6nzaHGHW8WqSP8sE/UE/dHg3qVJw8TRECU+
G0lUI3PKxgL+TuY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 04:34:46 2025 by rpki-client