Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/Tejvj9qxpmK-Q9ozwoa4JgqAODI.roa
File: Tejvj9qxpmK-Q9ozwoa4JgqAODI.roa (raw, json)
Hash identifier: /TPy8RknH5DLQDL1CebXsA2bJBvL5d5fEGLi3cWXKps=
Subject key identifier: 4D:E8:EF:8F:DA:B1:A6:62:BE:43:DA:33:C2:86:B8:26:0A:80:38:32
Certificate issuer: /CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Certificate serial: 019A48D31F4F928973F5591ED5C80750A1CC
Authority key identifier: 1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/Tejvj9qxpmK-Q9ozwoa4JgqAODI.roa
Signing time: Mon 03 Nov 2025 08:26:26 +0000
ROA not before: Mon 03 Nov 2025 08:26:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5400
IP address blocks: 62.5.0.0/17 maxlen: 17
62.102.0.0/17 maxlen: 17
62.134.0.0/16 maxlen: 16
62.134.255.0/24 maxlen: 24
62.173.192.0/18 maxlen: 18
62.180.0.0/16 maxlen: 16
82.150.0.0/19 maxlen: 19
185.94.0.0/22 maxlen: 22
194.213.64.0/19 maxlen: 19
195.90.64.0/19 maxlen: 19
195.100.0.0/16 maxlen: 16
195.163.0.0/16 maxlen: 16
195.182.96.0/19 maxlen: 19
212.8.160.0/19 maxlen: 19
212.21.192.0/19 maxlen: 19
212.31.192.0/19 maxlen: 19
212.41.128.0/19 maxlen: 19
212.108.0.0/19 maxlen: 19
212.127.0.0/19 maxlen: 19
212.162.192.0/18 maxlen: 18
213.15.0.0/16 maxlen: 16
213.137.160.0/19 maxlen: 19
213.194.0.0/18 maxlen: 18
213.236.64.0/18 maxlen: 18
2001:740::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.mft
rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:d3:1f:4f:92:89:73:f5:59:1e:d5:c8:07:50:a1:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ed3d8e29e063b9d2740ab3de6c72255ec8d0557
Validity
Not Before: Nov 3 08:26:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4de8ef8fdab1a662be43da33c286b8260a803832
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:fd:f4:8c:fa:fe:d6:57:f1:9d:36:e0:25:aa:
a2:8c:94:f1:3d:69:54:c7:73:b8:6c:33:82:e3:7f:
6d:70:a5:8b:b2:08:c7:a2:76:57:8c:46:f4:a2:7e:
03:29:c9:fc:94:f5:c3:f2:9d:65:b7:b5:f7:b8:84:
54:bf:f8:55:db:e4:dd:03:36:48:f8:68:d7:c4:6a:
52:9b:37:66:dd:2a:23:1a:f8:ed:d6:12:7d:e3:54:
dc:da:e4:ae:b1:d3:be:10:59:1d:82:47:8e:5a:0d:
d7:65:c9:d0:93:f1:78:10:44:04:02:db:9e:2c:70:
a0:c2:c4:68:2c:74:29:01:67:78:89:31:d4:c3:8e:
e2:d6:02:04:dc:47:2c:d7:a3:74:b2:51:09:22:1c:
40:bc:b4:4f:42:ec:18:7d:ca:20:bf:44:44:21:23:
9a:73:33:e1:9b:c1:65:d3:e4:67:4d:fe:79:dd:78:
9a:17:af:08:54:f8:e4:8a:c5:a3:dc:79:0a:55:8a:
bb:07:3d:76:c7:f4:f3:54:fb:68:37:cc:16:ea:a9:
2c:ff:82:1c:1c:a8:ae:3b:2d:12:85:0a:cf:3b:a7:
8b:1c:82:3d:3d:27:1b:2d:6f:81:0b:f2:5b:39:d6:
aa:c2:a6:ff:32:ff:05:6e:d4:a3:15:35:06:25:65:
95:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4D:E8:EF:8F:DA:B1:A6:62:BE:43:DA:33:C2:86:B8:26:0A:80:38:32
X509v3 Authority Key Identifier:
keyid:1E:D3:D8:E2:9E:06:3B:9D:27:40:AB:3D:E6:C7:22:55:EC:8D:05:57
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/HtPY4p4GO50nQKs95sciVeyNBVc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/Tejvj9qxpmK-Q9ozwoa4JgqAODI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/4d9c83-f960-48ac-bbf5-9dca5cc80dd9/1/HtPY4p4GO50nQKs95sciVeyNBVc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.5.0.0/17
62.102.0.0/17
62.134.0.0/16
62.173.192.0/18
62.180.0.0/16
82.150.0.0/19
185.94.0.0/22
194.213.64.0/19
195.90.64.0/19
195.100.0.0/16
195.163.0.0/16
195.182.96.0/19
212.8.160.0/19
212.21.192.0/19
212.31.192.0/19
212.41.128.0/19
212.108.0.0/19
212.127.0.0/19
212.162.192.0/18
213.15.0.0/16
213.137.160.0/19
213.194.0.0/18
213.236.64.0/18
IPv6:
2001:740::/32
Signature Algorithm: sha256WithRSAEncryption
2a:e2:9f:33:5a:d9:97:0f:ec:a1:9f:97:42:d8:f7:00:0b:11:
67:dd:c2:e4:24:64:ae:06:93:ea:1a:35:59:02:c1:8f:3a:24:
dc:7e:ab:bc:eb:d6:0e:16:26:02:6f:5c:9a:db:77:1e:43:95:
8f:1b:85:f4:7c:f8:27:18:1e:e6:e0:3d:9c:57:48:4b:22:d7:
15:cc:73:cb:ca:3b:a5:9d:62:36:5c:d1:0c:04:cc:57:6e:99:
2c:98:b1:8c:df:6b:b8:d0:8e:9c:f5:30:df:cc:cf:b7:b8:08:
80:9d:e8:60:7f:e7:96:ef:5b:fd:e4:c6:b2:f6:ff:d5:a5:b3:
1e:1a:0b:a7:5b:32:4b:6f:53:71:ae:73:77:9f:84:6d:45:0f:
62:19:10:72:95:b4:77:e9:da:40:4a:99:c8:7b:99:a7:f3:03:
43:95:4c:03:8b:45:ad:ef:c0:0c:84:57:db:28:4a:a6:9b:49:
bf:4e:32:37:da:39:8a:07:ab:8c:62:94:f9:b2:6b:19:11:30:
bb:f9:98:88:53:1a:cd:20:79:6a:29:56:70:e4:d5:36:cf:74:
fd:9d:e6:81:e9:93:df:18:83:00:e2:ed:5e:6c:50:2a:35:95:
65:e6:cb:5b:ca:0e:00:3a:f8:8e:2d:87:32:84:05:09:cc:60:
4b:d2:9f:d2
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZpI0x9Pkolz9Vke1cgHUKHMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFlZDNkOGUyOWUwNjNiOWQyNzQwYWIzZGU2YzcyMjU1ZWM4
ZDA1NTcwHhcNMjUxMTAzMDgyNjI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZGU4ZWY4ZmRhYjFhNjYyYmU0M2RhMzNjMjg2YjgyNjBhODAzODMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5f30jPr+1lfxnTbgJaqijJTxPWlU
x3O4bDOC439tcKWLsgjHonZXjEb0on4DKcn8lPXD8p1lt7X3uIRUv/hV2+TdAzZI
+GjXxGpSmzdm3SojGvjt1hJ941Tc2uSusdO+EFkdgkeOWg3XZcnQk/F4EEQEAtue
LHCgwsRoLHQpAWd4iTHUw47i1gIE3Ecs16N0slEJIhxAvLRPQuwYfcogv0REISOa
czPhm8Fl0+RnTf553XiaF68IVPjkisWj3HkKVYq7Bz12x/TzVPtoN8wW6qks/4Ic
HKiuOy0ShQrPO6eLHII9PScbLW+BC/JbOdaqwqb/Mv8FbtSjFTUGJWWVZQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFE3o74/asaZivkPaM8KGuCYKgDgyMB8GA1UdIwQY
MBaAFB7T2OKeBjudJ0CrPebHIlXsjQVXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUt
OWRjYTVjYzgwZGQ5LzEvVGVqdmo5cXhwbUstUTlvendvYTRKZ3FBT0RJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi80ZDljODMtZjk2MC00OGFjLWJiZjUtOWRjYTVjYzgwZGQ5
LzEvSHRQWTRwNEdPNTBuUUtzOTVzY2lWZXlOQlZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjCBjAQCAAEwgYUDBAc+
BQADBAc+ZgADAwA+hgMEBj6twAMDAD60AwQFUpYAAwQCuV4AAwQFwtVAAwQFw1pA
AwMAw2QDAwDDowMEBcO2YAMEBdQIoAMEBdQVwAMEBdQfwAMEBdQpgAMEBdRsAAME
BdR/AAMEBtSiwAMDANUPAwQF1YmgAwQG1cIAAwQG1exAMA0EAgACMAcDBQAgAQdA
MA0GCSqGSIb3DQEBCwUAA4IBAQAq4p8zWtmXD+yhn5dC2PcACxFn3cLkJGSuBpPq
GjVZAsGPOiTcfqu869YOFiYCb1ya23ceQ5WPG4X0fPgnGB7m4D2cV0hLItcVzHPL
yjulnWI2XNEMBMxXbpksmLGM32u40I6c9TDfzM+3uAiAnehgf+eW71v95May9v/V
pbMeGgunWzJLb1NxrnN3n4RtRQ9iGRBylbR36dpASpnIe5mn8wNDlUwDi0Wt78AM
hFfbKEqmm0m/TjI32jmKB6uMYpT5smsZETC7+ZiIUxrNIHlqKVZw5NU2z3T9neaB
6ZPfGIMA4u1ebFAqNZVl5stbyg4AOviOLYcyhAUJzGBL0p/S
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:12:57 2025 by rpki-client