Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/SKxDDN4UBf_CllwzTGJ3CPbNpUM.roa
File: SKxDDN4UBf_CllwzTGJ3CPbNpUM.roa (raw, json)
Hash identifier: 04KRHtOfsqzFagPDRWh59zcgvv9F81j3APUUeBVDsFM=
Subject key identifier: 48:AC:43:0C:DE:14:05:FF:C2:96:5C:33:4C:62:77:08:F6:CD:A5:43
Certificate issuer: /CN=cb662ceeb726774b1b44c51ff1fc0df908bdebbc
Certificate serial: 019A4E8F44244A3813ED39F62EE5089462FB
Authority key identifier: CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/SKxDDN4UBf_CllwzTGJ3CPbNpUM.roa
Signing time: Tue 04 Nov 2025 11:10:03 +0000
ROA not before: Tue 04 Nov 2025 11:10:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12969
IP address blocks: 5.23.64.0/19 maxlen: 19
5.23.64.0/20 maxlen: 20
5.23.80.0/20 maxlen: 20
46.239.192.0/18 maxlen: 18
46.239.192.0/19 maxlen: 19
46.239.224.0/19 maxlen: 19
62.145.128.0/19 maxlen: 19
81.15.0.0/17 maxlen: 17
88.149.0.0/17 maxlen: 17
89.160.128.0/17 maxlen: 17
185.21.16.0/22 maxlen: 22
185.21.16.0/23 maxlen: 23
185.21.18.0/23 maxlen: 23
185.24.0.0/22 maxlen: 22
185.24.0.0/23 maxlen: 23
193.4.0.0/19 maxlen: 19
193.4.4.0/24 maxlen: 24
193.4.5.0/24 maxlen: 24
193.4.6.0/24 maxlen: 24
193.4.48.0/21 maxlen: 21
193.4.56.0/23 maxlen: 23
193.4.60.0/22 maxlen: 22
193.4.64.0/18 maxlen: 18
193.4.128.0/17 maxlen: 17
194.144.0.0/16 maxlen: 16
213.176.128.0/19 maxlen: 19
213.176.131.0/24 maxlen: 24
213.213.128.0/19 maxlen: 19
213.220.64.0/18 maxlen: 18
217.9.128.0/20 maxlen: 20
217.151.160.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.crl
rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.mft
rsync://rpki.ripe.net/repository/DEFAULT/y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 14:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:8f:44:24:4a:38:13:ed:39:f6:2e:e5:08:94:62:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cb662ceeb726774b1b44c51ff1fc0df908bdebbc
Validity
Not Before: Nov 4 11:10:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48ac430cde1405ffc2965c334c627708f6cda543
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:27:3c:e7:3c:fa:fc:ad:90:ff:c4:79:99:ff:
02:f3:80:cd:2d:49:07:41:76:bf:05:15:fa:7a:0c:
b4:65:3a:ef:d9:bf:1a:e4:fa:6e:04:86:40:32:5d:
a0:f0:52:7e:ae:23:ef:e2:7a:3a:fb:49:92:b8:73:
f1:4c:5a:67:8a:84:fd:11:65:2a:4c:5b:7e:e9:10:
73:c0:e2:be:78:ee:c4:22:dd:60:67:aa:54:14:ae:
10:56:63:a4:bf:d9:19:50:7e:00:31:d5:c6:bf:6f:
ac:bb:32:60:3a:b4:c7:fc:5d:f2:d1:cb:78:54:de:
83:e9:6c:d9:a4:b4:9c:04:69:c2:36:06:3b:9b:ea:
d5:a4:4f:8f:f1:b8:ec:12:b4:24:bf:61:19:65:d1:
52:0a:75:ab:5c:9a:93:80:0a:62:a9:d8:2c:16:dd:
4b:28:d1:fd:83:d7:33:64:5e:e2:4b:9e:8b:e5:de:
4d:a6:af:36:2b:76:2e:f9:b1:b8:9d:02:41:19:83:
62:47:b3:f2:ec:1b:80:02:5f:e2:32:b5:9a:bd:57:
91:86:27:66:ac:97:65:c9:2b:b5:cd:b4:2a:b8:1e:
c0:25:df:73:ee:71:91:55:6e:ea:fb:3a:eb:8d:c8:
d4:d9:d2:4b:82:44:86:e7:a3:80:b3:fc:9c:21:0a:
e2:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:AC:43:0C:DE:14:05:FF:C2:96:5C:33:4C:62:77:08:F6:CD:A5:43
X509v3 Authority Key Identifier:
keyid:CB:66:2C:EE:B7:26:77:4B:1B:44:C5:1F:F1:FC:0D:F9:08:BD:EB:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/y2Ys7rcmd0sbRMUf8fwN-Qi967w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/SKxDDN4UBf_CllwzTGJ3CPbNpUM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/43/a962a9-abff-4495-86cc-b56c8ccb2935/1/y2Ys7rcmd0sbRMUf8fwN-Qi967w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.64.0/19
46.239.192.0/18
62.145.128.0/19
81.15.0.0/17
88.149.0.0/17
89.160.128.0/17
185.21.16.0/22
185.24.0.0/22
193.4.0.0/19
193.4.48.0-193.4.57.255
193.4.60.0-193.4.255.255
194.144.0.0/16
213.176.128.0/19
213.213.128.0/19
213.220.64.0/18
217.9.128.0/20
217.151.160.0/19
Signature Algorithm: sha256WithRSAEncryption
26:c3:67:72:e0:81:5c:d7:4c:8e:ab:21:4e:4f:06:88:fd:e5:
05:e8:90:6b:98:94:52:13:57:b7:99:c1:d2:8c:97:64:ba:8e:
43:e7:11:00:43:ba:cc:15:41:55:78:7f:12:94:94:59:e1:24:
03:b6:e2:0b:4c:c2:ff:38:73:55:a5:fe:da:6a:1b:dc:d0:e3:
c1:30:e1:9f:67:5a:63:f3:f1:1c:02:cc:ec:98:e2:7a:20:cd:
ea:a7:74:28:12:89:08:8f:ab:a5:ff:40:ed:b8:e5:19:c2:99:
b5:18:ec:f3:21:40:6c:c7:50:c9:5d:1a:31:95:a6:9c:5a:8f:
de:58:19:c5:9e:dd:a7:90:61:e2:87:3b:2f:93:18:ef:64:67:
a5:75:e5:f4:a9:67:5e:b7:0e:33:97:e6:18:d0:20:43:3b:7e:
c6:f3:92:ed:7d:aa:77:77:7c:ef:20:5b:7b:42:b0:f2:61:2d:
28:1e:91:49:71:ce:79:78:4b:9d:e4:60:02:b5:81:21:62:83:
95:49:bb:3e:1f:43:7d:6a:20:1e:7d:e1:d2:05:bf:c9:a4:b8:
a9:75:cb:48:06:56:01:5d:a9:d0:87:46:73:51:21:4d:7d:c8:
52:4e:95:d6:36:be:b6:05:ff:55:85:13:1a:49:a2:59:39:e1:
00:8a:7b:19
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZpOj0QkSjgT7Tn2LuUIlGL7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNiNjYyY2VlYjcyNjc3NGIxYjQ0YzUxZmYxZmMwZGY5MDhi
ZGViYmMwHhcNMjUxMTA0MTExMDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGFjNDMwY2RlMTQwNWZmYzI5NjVjMzM0YzYyNzcwOGY2Y2RhNTQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2yc85zz6/K2Q/8R5mf8C84DNLUkH
QXa/BRX6egy0ZTrv2b8a5PpuBIZAMl2g8FJ+riPv4no6+0mSuHPxTFpnioT9EWUq
TFt+6RBzwOK+eO7EIt1gZ6pUFK4QVmOkv9kZUH4AMdXGv2+suzJgOrTH/F3y0ct4
VN6D6WzZpLScBGnCNgY7m+rVpE+P8bjsErQkv2EZZdFSCnWrXJqTgApiqdgsFt1L
KNH9g9czZF7iS56L5d5Npq82K3Yu+bG4nQJBGYNiR7Py7BuAAl/iMrWavVeRhidm
rJdlySu1zbQquB7AJd9z7nGRVW7q+zrrjcjU2dJLgkSG56OAs/ycIQriAwIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFEisQwzeFAX/wpZcM0xidwj2zaVDMB8GA1UdIwQY
MBaAFMtmLO63JndLG0TFH/H8DfkIveu8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveTJZczdyY21kMHNiUk1VZjhmd04tUWk5Njd3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80My9hOTYyYTktYWJmZi00NDk1LTg2Y2Mt
YjU2YzhjY2IyOTM1LzEvU0t4RERONFVCZl9DbGx3elRHSjNDUGJOcFVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80My9hOTYyYTktYWJmZi00NDk1LTg2Y2MtYjU2YzhjY2IyOTM1
LzEveTJZczdyY21kMHNiUk1VZjhmd04tUWk5Njd3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEBQUXQAME
Bi7vwAMEBT6RgAMEB1EPAAMEB1iVAAMEB1mggAMEArkVEAMEArkYAAMEBcEEADAM
AwQEwQQwAwQBwQQ4MAsDBALBBDwDAwDBBAMDAMKQAwQF1bCAAwQF1dWAAwQG1dxA
AwQE2QmAAwQF2ZegMA0GCSqGSIb3DQEBCwUAA4IBAQAmw2dy4IFc10yOqyFOTwaI
/eUF6JBrmJRSE1e3mcHSjJdkuo5D5xEAQ7rMFUFVeH8SlJRZ4SQDtuILTML/OHNV
pf7aahvc0OPBMOGfZ1pj8/EcAszsmOJ6IM3qp3QoEokIj6ul/0DtuOUZwpm1GOzz
IUBsx1DJXRoxlaacWo/eWBnFnt2nkGHihzsvkxjvZGeldeX0qWdetw4zl+YY0CBD
O37G85Ltfap3d3zvIFt7QrDyYS0oHpFJcc55eEud5GACtYEhYoOVSbs+H0N9aiAe
feHSBb/JpLipdctIBlYBXanQh0ZzUSFNfchSTpXWNr62Bf9VhRMaSaJZOeEAinsZ
-----END CERTIFICATE-----
Generated at Wed Nov 5 22:43:34 2025 by rpki-client