Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/87aWylfn6PRWGbe1Aw58sldPcT0.roa
File: 87aWylfn6PRWGbe1Aw58sldPcT0.roa (raw, json)
Hash identifier: e+HdCN198a7iMCrGSb/nzlbGmUzgY1BvJfo6vg/J6n0=
Subject key identifier: F3:B6:96:CA:57:E7:E8:F4:56:19:B7:B5:03:0E:7C:B2:57:4F:71:3D
Certificate issuer: /CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Certificate serial: 019A2597E6F532A57D6A4DBD31C0389F113B
Authority key identifier: B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/87aWylfn6PRWGbe1Aw58sldPcT0.roa
Signing time: Mon 27 Oct 2025 12:15:03 +0000
ROA not before: Mon 27 Oct 2025 12:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208258
IP address blocks: 45.141.204.0/23 maxlen: 24
45.144.244.0/23 maxlen: 24
45.144.246.0/24 maxlen: 24
45.151.156.0/23 maxlen: 24
45.151.158.0/24 maxlen: 24
45.154.238.0/24 maxlen: 24
45.154.239.0/24 maxlen: 24
185.208.208.0/24 maxlen: 24
185.208.209.0/24 maxlen: 24
185.208.210.0/24 maxlen: 24
185.227.82.0/24 maxlen: 24
185.228.83.0/24 maxlen: 24
185.243.112.0/24 maxlen: 24
185.243.113.0/24 maxlen: 24
194.146.48.0/24 maxlen: 24
195.26.6.0/24 maxlen: 24
195.26.7.0/24 maxlen: 24
2a0b:3c40:1::/48 maxlen: 48
2a0b:3c40:9::/48 maxlen: 48
2a0b:3c40:11::/48 maxlen: 48
2a0b:3c40:12::/48 maxlen: 48
2a0b:3c40:15::/48 maxlen: 48
2a0b:3c40:16::/48 maxlen: 48
2a0b:3c40:17::/48 maxlen: 48
2a0b:3c40:20::/48 maxlen: 48
2a0b:3c40:21::/48 maxlen: 48
2a0b:3c40:25::/48 maxlen: 48
2a0b:3c40:fca6::/48 maxlen: 48
2a0e:5540::/48 maxlen: 48
2a0e:5540:10::/48 maxlen: 48
2a0e:5540:11::/48 maxlen: 48
2a0e:5540:12::/48 maxlen: 48
2a0e:5540:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.mft
rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:25:97:e6:f5:32:a5:7d:6a:4d:bd:31:c0:38:9f:11:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b557ccd43afe816e4953228bf14a75dc29014b8d
Validity
Not Before: Oct 27 12:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f3b696ca57e7e8f45619b7b5030e7cb2574f713d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:7a:87:61:a4:c0:7f:f8:60:44:db:6d:22:0c:
ec:57:02:72:ab:96:84:2c:0e:1c:85:fc:19:dd:0f:
52:92:a8:a9:db:6e:9f:82:b7:c7:9d:31:73:45:0e:
96:7a:05:b9:2f:ee:73:57:b2:82:b1:31:7d:09:fd:
24:4f:50:cf:dd:63:19:98:36:f9:e2:b2:df:4a:a4:
9f:b6:72:ad:8d:03:d7:3e:bd:d2:a8:e4:22:5b:47:
78:8f:04:d2:2f:4d:b3:e6:93:f1:6f:1a:80:7d:fb:
36:44:f3:9d:e7:96:c3:15:f5:f3:78:fb:63:02:f1:
c7:b4:c4:b0:37:e1:94:e4:a6:58:75:2a:4e:c6:38:
4a:5a:06:6b:36:5d:de:ef:61:d5:85:1c:0d:50:54:
c1:db:cc:16:7d:63:5d:14:8a:88:ab:d2:f0:de:98:
ff:8b:71:57:93:8f:2f:a9:74:45:eb:49:ab:de:c9:
3f:6a:b7:2d:0d:16:d5:70:2f:05:58:99:54:fe:76:
41:d6:db:24:71:75:2d:51:16:ac:a6:da:b6:57:78:
98:f7:8e:bf:23:dc:31:9f:43:81:13:41:c8:74:83:
eb:16:ba:ff:dc:37:90:9e:e1:18:74:de:b7:02:d1:
db:14:46:b8:96:cc:97:7f:ec:79:51:57:8a:b3:6b:
67:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F3:B6:96:CA:57:E7:E8:F4:56:19:B7:B5:03:0E:7C:B2:57:4F:71:3D
X509v3 Authority Key Identifier:
keyid:B5:57:CC:D4:3A:FE:81:6E:49:53:22:8B:F1:4A:75:DC:29:01:4B:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tVfM1Dr-gW5JUyKL8Up13CkBS40.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/87aWylfn6PRWGbe1Aw58sldPcT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0b/190843-1803-4462-a795-6bc75578b4c3/1/tVfM1Dr-gW5JUyKL8Up13CkBS40.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.204.0/23
45.144.244.0-45.144.246.255
45.151.156.0-45.151.158.255
45.154.238.0/23
185.208.208.0-185.208.210.255
185.227.82.0/24
185.228.83.0/24
185.243.112.0/23
194.146.48.0/24
195.26.6.0/23
IPv6:
2a0b:3c40:1::/48
2a0b:3c40:9::/48
2a0b:3c40:11::-2a0b:3c40:12:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:15::-2a0b:3c40:17:ffff:ffff:ffff:ffff:ffff
2a0b:3c40:20::/47
2a0b:3c40:25::/48
2a0b:3c40:fca6::/48
2a0e:5540::/48
2a0e:5540:10::-2a0e:5540:12:ffff:ffff:ffff:ffff:ffff
2a0e:5540:100::/48
Signature Algorithm: sha256WithRSAEncryption
b6:91:4e:73:a0:7e:03:f7:81:70:d1:77:60:3b:70:4f:8f:6c:
65:c8:70:7f:cb:2b:01:10:d9:68:75:84:ed:57:f9:d3:f8:2e:
37:e4:68:38:d0:26:d8:31:58:94:89:af:24:e1:9a:5a:fa:c7:
dc:04:3f:57:67:63:13:fe:c7:f1:d5:85:fc:f9:31:10:87:16:
46:bb:46:0f:bf:e7:a3:64:01:75:62:5e:9d:a8:91:a1:95:73:
d6:74:a8:a1:b2:f7:96:de:3e:db:37:71:f6:9a:59:4c:db:82:
33:e1:62:72:ed:44:d1:5b:49:26:00:26:f1:24:5b:2c:37:99:
05:15:62:e4:93:90:fa:14:f1:e4:a7:bc:43:48:40:3f:fa:53:
9b:72:15:12:46:1e:e0:a7:43:c1:b7:ec:e9:ff:f9:3b:2d:21:
97:e9:5f:d9:56:98:c7:e2:9a:30:4f:88:f9:be:01:59:8f:f0:
c5:e4:cc:60:16:09:c3:06:f7:0f:0b:31:1b:05:4c:3b:32:65:
57:c3:71:2a:26:9f:1d:91:cf:84:34:3e:77:63:67:fb:f3:63:
39:30:62:96:db:48:61:24:2f:7c:65:f1:36:de:67:1e:f4:75:
da:a7:c7:f5:27:0e:f5:23:f6:fa:e6:bb:59:1f:65:a2:b9:7b:
29:86:0a:91
-----BEGIN CERTIFICATE-----
MIIF0jCCBLqgAwIBAgISAZoll+b1MqV9ak29McA4nxE7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI1NTdjY2Q0M2FmZTgxNmU0OTUzMjI4YmYxNGE3NWRjMjkw
MTRiOGQwHhcNMjUxMDI3MTIxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmM2I2OTZjYTU3ZTdlOGY0NTYxOWI3YjUwMzBlN2NiMjU3NGY3MTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwHqHYaTAf/hgRNttIgzsVwJyq5aE
LA4chfwZ3Q9Skqip226fgrfHnTFzRQ6WegW5L+5zV7KCsTF9Cf0kT1DP3WMZmDb5
4rLfSqSftnKtjQPXPr3SqOQiW0d4jwTSL02z5pPxbxqAffs2RPOd55bDFfXzePtj
AvHHtMSwN+GU5KZYdSpOxjhKWgZrNl3e72HVhRwNUFTB28wWfWNdFIqIq9Lw3pj/
i3FXk48vqXRF60mr3sk/arctDRbVcC8FWJlU/nZB1tskcXUtURasptq2V3iY946/
I9wxn0OBE0HIdIPrFrr/3DeQnuEYdN63AtHbFEa4lsyXf+x5UVeKs2tnMwIDAQAB
o4IC3jCCAtowHQYDVR0OBBYEFPO2lspX5+j0Vhm3tQMOfLJXT3E9MB8GA1UdIwQY
MBaAFLVXzNQ6/oFuSVMii/FKddwpAUuNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUt
NmJjNzU1NzhiNGMzLzEvODdhV3lsZm42UFJXR2JlMUF3NThzbGRQY1QwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wYi8xOTA4NDMtMTgwMy00NDYyLWE3OTUtNmJjNzU1NzhiNGMz
LzEvdFZmTTFEci1nVzVKVXlLTDhVcDEzQ2tCUzQwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHzBggrBgEFBQcBBwEB/wSB4zCB4DBaBAIAATBUAwQBLY3M
MAwDBAItkPQDBAAtkPYwDAMEAi2XnAMEAC2XngMEAS2a7jAMAwQEudDQAwQAudDS
AwQAueNSAwQAueRTAwQBufNwAwQAwpIwAwQBwxoGMIGBBAIAAjB7AwcAKgs8QAAB
AwcAKgs8QAAJMBIDBwAqCzxAABEDBwAqCzxAABIwEgMHACoLPEAAFQMHAyoLPEAA
EAMHASoLPEAAIAMHACoLPEAAJQMHACoLPED8pgMHACoOVUAAADASAwcEKg5VQAAQ
AwcAKg5VQAASAwcAKg5VQAEAMA0GCSqGSIb3DQEBCwUAA4IBAQC2kU5zoH4D94Fw
0XdgO3BPj2xlyHB/yysBENlodYTtV/nT+C435Gg40CbYMViUia8k4Zpa+sfcBD9X
Z2MT/sfx1YX8+TEQhxZGu0YPv+ejZAF1Yl6dqJGhlXPWdKihsveW3j7bN3H2mllM
24Iz4WJy7UTRW0kmACbxJFssN5kFFWLkk5D6FPHkp7xDSEA/+lObchUSRh7gp0PB
t+zp//k7LSGX6V/ZVpjH4powT4j5vgFZj/DF5MxgFgnDBvcPCzEbBUw7MmVXw3Eq
Jp8dkc+END53Y2f782M5MGKW20hhJC98ZfE23mce9HXap8f1Jw71I/b65rtZH2Wi
uXsphgqR
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:13:03 2025 by rpki-client