Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/aeFVo5dh0x2s2x-G-DMeovNIBu0.roa
File: aeFVo5dh0x2s2x-G-DMeovNIBu0.roa (raw, json)
Hash identifier: aCQHOjIuExedt1H9Qi2wUbhVCXELk63ILm+7QLD2vmY=
Subject key identifier: 69:E1:55:A3:97:61:D3:1D:AC:DB:1F:86:F8:33:1E:A2:F3:48:06:ED
Certificate issuer: /CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Certificate serial: 0199951E6B3A041535C8404D9D30016722B8
Authority key identifier: FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/aeFVo5dh0x2s2x-G-DMeovNIBu0.roa
Signing time: Mon 29 Sep 2025 10:57:02 +0000
ROA not before: Mon 29 Sep 2025 10:57:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59395
IP address blocks: 5.133.16.0/21 maxlen: 21
46.31.80.0/21 maxlen: 21
46.31.168.0/21 maxlen: 21
46.231.64.0/21 maxlen: 21
82.144.224.0/19 maxlen: 19
87.238.216.0/21 maxlen: 21
89.105.0.0/19 maxlen: 19
89.105.25.0/24 maxlen: 24
109.235.120.0/21 maxlen: 21
109.235.127.0/24 maxlen: 24
185.7.188.0/22 maxlen: 22
185.36.248.0/22 maxlen: 22
185.45.24.0/22 maxlen: 22
185.63.80.0/22 maxlen: 22
185.65.24.0/22 maxlen: 22
185.74.232.0/21 maxlen: 21
185.74.232.0/22 maxlen: 22
185.74.236.0/22 maxlen: 22
185.109.106.0/24 maxlen: 24
185.159.216.0/22 maxlen: 22
185.175.112.0/22 maxlen: 22
217.119.128.0/24 maxlen: 24
217.119.137.0/24 maxlen: 24
2a02:73c0::/32 maxlen: 32
2a05:4b80::/29 maxlen: 29
2a05:4bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.mft
rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:95:1e:6b:3a:04:15:35:c8:40:4d:9d:30:01:67:22:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fef918c5a9330dbbe6eee17cb9a1d62fbc855bde
Validity
Not Before: Sep 29 10:57:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=69e155a39761d31dacdb1f86f8331ea2f34806ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:1f:c3:b4:dc:8f:f5:6b:76:ef:41:db:80:68:
d6:b8:b4:df:39:e6:f7:e1:e1:7a:2c:ec:d3:92:05:
e6:2e:f8:da:ba:05:a8:6d:a2:52:e7:29:bc:a2:4b:
08:b8:a5:00:b8:be:e4:1e:cc:88:c2:86:8a:6b:90:
80:d4:45:6c:b6:d0:17:63:d1:63:93:98:da:5b:8f:
7c:90:3c:96:62:89:57:64:5e:45:9b:d3:d2:ee:a6:
9e:cc:92:0e:e8:58:07:d9:96:51:e8:c9:6e:a8:5f:
87:a4:b3:10:d0:89:ee:6d:07:90:37:01:66:7b:23:
5b:de:cb:f5:9b:9f:86:a8:4d:d0:dd:3a:c6:0f:65:
01:e6:b0:44:f9:d2:cc:72:fa:df:9b:d8:ee:75:a1:
6d:6c:01:7a:8e:93:10:2b:00:12:ef:9b:b1:a1:43:
22:17:3c:3f:3b:d4:a0:80:4b:e1:97:c6:29:60:c6:
b9:b9:dd:49:60:fe:10:d1:86:6e:b0:c1:9b:2d:de:
0c:ed:6e:da:23:9f:35:52:d7:81:ef:19:d5:93:45:
02:a0:bb:0b:c6:2e:d4:88:8b:72:5b:44:a5:72:22:
3d:58:72:ff:ce:4d:6f:e6:32:f5:d9:16:a9:16:8b:
6e:40:c0:b1:6a:f3:8e:b8:2a:26:d9:0b:c4:40:bc:
10:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
69:E1:55:A3:97:61:D3:1D:AC:DB:1F:86:F8:33:1E:A2:F3:48:06:ED
X509v3 Authority Key Identifier:
keyid:FE:F9:18:C5:A9:33:0D:BB:E6:EE:E1:7C:B9:A1:D6:2F:BC:85:5B:DE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_vkYxakzDbvm7uF8uaHWL7yFW94.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/aeFVo5dh0x2s2x-G-DMeovNIBu0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ff/ed655d-5102-4932-b1db-ba2889afaadd/1/_vkYxakzDbvm7uF8uaHWL7yFW94.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.16.0/21
46.31.80.0/21
46.31.168.0/21
46.231.64.0/21
82.144.224.0/19
87.238.216.0/21
89.105.0.0/19
109.235.120.0/21
185.7.188.0/22
185.36.248.0/22
185.45.24.0/22
185.63.80.0/22
185.65.24.0/22
185.74.232.0/21
185.109.106.0/24
185.159.216.0/22
185.175.112.0/22
217.119.128.0/24
217.119.137.0/24
IPv6:
2a02:73c0::/32
2a05:4b80::/29
2a05:4bc0::/29
Signature Algorithm: sha256WithRSAEncryption
7b:2d:a0:c6:34:1c:bd:36:82:6a:38:d9:26:a7:9a:72:c9:dd:
57:d9:e3:07:d0:2f:7b:09:92:59:c3:e5:62:f5:a3:db:da:25:
34:fb:e9:59:d4:31:b0:37:83:33:51:53:cc:50:13:a5:bc:85:
8a:9d:93:ee:80:23:e5:8d:54:e8:a6:8e:6f:9c:02:ce:78:2f:
0c:34:15:0e:55:61:7d:aa:e3:ce:d4:90:84:5b:29:88:b9:b2:
19:a5:62:25:9f:41:f0:b3:b8:6a:63:ae:bb:49:86:97:e2:cd:
e3:bc:e2:d8:3c:71:97:9c:4b:7d:bd:15:ed:e8:3f:48:c7:13:
b2:22:3f:19:b5:dc:0e:9a:48:74:23:7b:cb:22:0f:ea:b2:b0:
0a:9e:aa:63:dc:4d:a2:78:49:91:52:97:7f:3b:54:99:e4:e2:
38:19:b4:b6:65:ba:7f:6c:4a:39:02:6e:f8:e0:14:2e:46:a1:
23:eb:5b:81:ea:ba:68:91:73:f0:b8:45:93:10:cf:8e:28:bb:
24:2b:ba:08:3d:ad:52:13:75:35:58:f0:1f:61:08:83:0a:f8:
6f:f9:84:e6:07:3b:6c:32:a8:0f:22:4a:9d:03:73:57:d2:bc:
07:c4:82:ad:36:a8:79:71:3a:ed:e7:bb:ea:dd:63:07:cf:af:
fe:0d:42:81
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAZmVHms6BBU1yEBNnTABZyK4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZlZjkxOGM1YTkzMzBkYmJlNmVlZTE3Y2I5YTFkNjJmYmM4
NTViZGUwHhcNMjUwOTI5MTA1NzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2OWUxNTVhMzk3NjFkMzFkYWNkYjFmODZmODMzMWVhMmYzNDgwNmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3x/DtNyP9Wt270HbgGjWuLTfOeb3
4eF6LOzTkgXmLvjaugWobaJS5ym8oksIuKUAuL7kHsyIwoaKa5CA1EVsttAXY9Fj
k5jaW498kDyWYolXZF5Fm9PS7qaezJIO6FgH2ZZR6MluqF+HpLMQ0InubQeQNwFm
eyNb3sv1m5+GqE3Q3TrGD2UB5rBE+dLMcvrfm9judaFtbAF6jpMQKwAS75uxoUMi
Fzw/O9SggEvhl8YpYMa5ud1JYP4Q0YZusMGbLd4M7W7aI581UteB7xnVk0UCoLsL
xi7UiItyW0SlciI9WHL/zk1v5jL12RapFotuQMCxavOOuCom2QvEQLwQ3QIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFGnhVaOXYdMdrNsfhvgzHqLzSAbtMB8GA1UdIwQY
MBaAFP75GMWpMw275u7hfLmh1i+8hVveMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGIt
YmEyODg5YWZhYWRkLzEvYWVGVm81ZGgweDJzMngtRy1ETWVvdk5JQnUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZi9lZDY1NWQtNTEwMi00OTMyLWIxZGItYmEyODg5YWZhYWRk
LzEvX3ZrWXhha3pEYnZtN3VGOHVhSFdMN3lGVzk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzB4BAIAATByAwQDBYUQ
AwQDLh9QAwQDLh+oAwQDLudAAwQFUpDgAwQDV+7YAwQFWWkAAwQDbet4AwQCuQe8
AwQCuST4AwQCuS0YAwQCuT9QAwQCuUEYAwQDuUroAwQAuW1qAwQCuZ/YAwQCua9w
AwQA2XeAAwQA2XeJMBsEAgACMBUDBQAqAnPAAwUDKgVLgAMFAyoFS8AwDQYJKoZI
hvcNAQELBQADggEBAHstoMY0HL02gmo42SanmnLJ3VfZ4wfQL3sJklnD5WL1o9va
JTT76VnUMbA3gzNRU8xQE6W8hYqdk+6AI+WNVOimjm+cAs54Lww0FQ5VYX2q487U
kIRbKYi5shmlYiWfQfCzuGpjrrtJhpfizeO84tg8cZecS329Fe3oP0jHE7IiPxm1
3A6aSHQje8siD+qysAqeqmPcTaJ4SZFSl387VJnk4jgZtLZlun9sSjkCbvjgFC5G
oSPrW4HqumiRc/C4RZMQz44ouyQrugg9rVITdTVY8B9hCIMK+G/5hOYHO2wyqA8i
Sp0Dc1fSvAfEgq02qHlxOu3nu+rdYwfPr/4NQoE=
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:59:38 2025 by rpki-client