Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0liUM7ua6GwS0d6LLHErgJ0DjuM.roa
File: 0liUM7ua6GwS0d6LLHErgJ0DjuM.roa (raw, json)
Hash identifier: dBI2hjXrgKAOmVaqiJb8ZoH1Mnp+RK4dO5uccvqLQh0=
Subject key identifier: D2:58:94:33:BB:9A:E8:6C:12:D1:DE:8B:2C:71:2B:80:9D:03:8E:E3
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019A259AA5C7C9EEF2C4E9E4934F3C4972BC
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0liUM7ua6GwS0d6LLHErgJ0DjuM.roa
Signing time: Mon 27 Oct 2025 12:18:03 +0000
ROA not before: Mon 27 Oct 2025 12:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205023
IP address blocks: 45.148.51.0/24 maxlen: 24
45.152.37.0/24 maxlen: 24
45.154.237.0/24 maxlen: 24
185.208.211.0/24 maxlen: 24
185.232.85.0/24 maxlen: 24
193.57.9.0/24 maxlen: 24
195.60.177.0/24 maxlen: 24
195.88.210.0/24 maxlen: 24
213.185.92.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:9a:a5:c7:c9:ee:f2:c4:e9:e4:93:4f:3c:49:72:bc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 27 12:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2589433bb9ae86c12d1de8b2c712b809d038ee3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:0d:d6:21:d2:e7:53:ad:db:92:ac:85:16:de:
29:ec:73:33:27:0e:c2:60:14:9f:f1:89:26:ee:5e:
a7:5e:ad:ee:3b:6e:25:14:22:9c:f7:8b:1d:80:c4:
c9:49:5c:62:ea:6d:65:a1:86:52:fb:77:6d:d4:e6:
b1:7f:1c:d4:c4:6d:c4:7c:da:0a:fd:86:d2:a4:6f:
be:82:cd:98:89:f1:a7:25:59:e7:5e:c2:99:16:b1:
ac:43:09:14:d5:68:ca:a1:58:64:42:45:8f:64:19:
a8:8b:00:9d:a3:2a:9d:9a:ac:51:9b:f2:69:b8:73:
7b:e7:e2:56:2b:cc:aa:09:6f:5b:81:93:b6:6a:31:
6c:5c:f7:62:02:eb:83:26:47:7e:20:34:3a:d4:2c:
64:7b:c7:34:36:91:2a:92:7d:22:76:e0:6f:9f:02:
be:a9:5d:59:6b:ce:4e:1b:a3:33:dd:ac:44:25:94:
7c:31:ed:f0:f4:20:b6:2c:08:c7:e8:70:b9:c5:80:
8a:20:8c:16:fe:b5:d7:35:e6:f0:4b:e1:7c:ff:60:
99:61:15:90:57:ee:a1:a8:b4:0b:a8:46:18:6c:e1:
57:aa:33:ac:14:e3:f9:54:a0:02:34:89:b0:30:21:
d3:be:12:6c:5d:97:b9:4d:2e:48:b8:3a:c5:0d:f1:
69:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:58:94:33:BB:9A:E8:6C:12:D1:DE:8B:2C:71:2B:80:9D:03:8E:E3
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/0liUM7ua6GwS0d6LLHErgJ0DjuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.148.51.0/24
45.152.37.0/24
45.154.237.0/24
185.208.211.0/24
185.232.85.0/24
193.57.9.0/24
195.60.177.0/24
195.88.210.0/24
213.185.92.0/22
Signature Algorithm: sha256WithRSAEncryption
34:46:49:ed:31:44:fc:33:94:36:46:ed:1c:91:f6:47:b2:8e:
73:8b:53:46:7c:fd:a1:3a:8d:be:fb:32:d3:57:28:90:c0:b9:
72:6b:90:f2:37:61:5c:13:9e:16:33:4c:f3:75:4f:aa:0b:0d:
0e:8b:70:89:23:7c:52:82:7f:56:8f:83:e5:bd:fd:93:7a:d4:
90:49:37:28:fd:ee:60:be:33:de:ff:b9:ab:00:f7:dd:f5:58:
dc:ff:96:b1:1d:fb:25:67:10:02:91:2f:64:53:38:15:be:b8:
67:9d:a2:4c:2f:f5:f2:89:66:ad:50:0e:59:c7:f7:fb:4b:b3:
cb:95:70:0a:23:ae:e0:dc:f3:48:ef:37:7b:20:70:d5:c6:cd:
6b:94:f6:01:56:b9:5e:69:83:e7:c2:d9:4b:ea:59:e9:e2:0c:
39:70:f0:8e:1f:4c:18:5d:41:05:90:6b:2b:a8:b4:34:60:fc:
ba:7f:0f:0f:50:61:09:9d:fc:e2:88:6b:5b:4a:e2:8f:88:fd:
48:88:90:e7:46:f6:42:7c:73:c1:2f:ab:17:ea:c8:d6:c7:c4:
80:e5:26:a8:f1:27:d9:9c:0b:60:d0:db:a9:a7:c7:01:10:ff:
fa:6d:2b:ec:ff:9b:bb:c9:28:f5:18:e7:c6:d3:55:bd:88:b4:
5a:75:b6:b4
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZolmqXHye7yxOnkk088SXK8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUxMDI3MTIxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjU4OTQzM2JiOWFlODZjMTJkMWRlOGIyYzcxMmI4MDlkMDM4ZWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAww3WIdLnU63bkqyFFt4p7HMzJw7C
YBSf8Ykm7l6nXq3uO24lFCKc94sdgMTJSVxi6m1loYZS+3dt1OaxfxzUxG3EfNoK
/YbSpG++gs2YifGnJVnnXsKZFrGsQwkU1WjKoVhkQkWPZBmoiwCdoyqdmqxRm/Jp
uHN75+JWK8yqCW9bgZO2ajFsXPdiAuuDJkd+IDQ61Cxke8c0NpEqkn0iduBvnwK+
qV1Za85OG6Mz3axEJZR8Me3w9CC2LAjH6HC5xYCKIIwW/rXXNebwS+F8/2CZYRWQ
V+6hqLQLqEYYbOFXqjOsFOP5VKACNImwMCHTvhJsXZe5TS5IuDrFDfFp4QIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFNJYlDO7muhsEtHeiyxxK4CdA47jMB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvMGxpVU03dWE2R3dTMGQ2TExIRXJnSjBEanVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQALZQzAwQA
LZglAwQALZrtAwQAudDTAwQAuehVAwQAwTkJAwQAwzyxAwQAw1jSAwQC1blcMA0G
CSqGSIb3DQEBCwUAA4IBAQA0RkntMUT8M5Q2Ru0ckfZHso5zi1NGfP2hOo2++zLT
VyiQwLlya5DyN2FcE54WM0zzdU+qCw0Oi3CJI3xSgn9Wj4Plvf2TetSQSTco/e5g
vjPe/7mrAPfd9Vjc/5axHfslZxACkS9kUzgVvrhnnaJML/XyiWatUA5Zx/f7S7PL
lXAKI67g3PNI7zd7IHDVxs1rlPYBVrleaYPnwtlL6lnp4gw5cPCOH0wYXUEFkGsr
qLQ0YPy6fw8PUGEJnfziiGtbSuKPiP1IiJDnRvZCfHPBL6sX6sjWx8SA5Sao8SfZ
nAtg0Nupp8cBEP/6bSvs/5u7ySj1GOfG01W9iLRadba0
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:12:45 2025 by rpki-client