Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/E1huK4lRaNqnfDwjhKC7S27samY.roa
File: E1huK4lRaNqnfDwjhKC7S27samY.roa (raw, json)
Hash identifier: 5eWDICwAkK513LsxaFUCZCYFQIVOjrg6WQ+rcwXWfbg=
Subject key identifier: 13:58:6E:2B:89:51:68:DA:A7:7C:3C:23:84:A0:BB:4B:6E:EC:6A:66
Certificate issuer: /CN=c34094e3236dcd1c835113791a3824da2973df9b
Certificate serial: 019A2A1223C2477CC9FEB14550A863D54B08
Authority key identifier: C3:40:94:E3:23:6D:CD:1C:83:51:13:79:1A:38:24:DA:29:73:DF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/E1huK4lRaNqnfDwjhKC7S27samY.roa
Signing time: Tue 28 Oct 2025 09:07:03 +0000
ROA not before: Tue 28 Oct 2025 09:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24812
IP address blocks: 91.196.96.0/22 maxlen: 22
91.198.249.0/24 maxlen: 24
91.206.252.0/23 maxlen: 23
176.105.192.0/22 maxlen: 22
176.105.193.0/24 maxlen: 24
176.105.194.0/23 maxlen: 23
176.105.194.0/24 maxlen: 24
176.105.196.0/24 maxlen: 24
176.105.197.0/24 maxlen: 24
176.105.198.0/24 maxlen: 24
176.105.199.0/24 maxlen: 24
176.105.200.0/22 maxlen: 22
176.105.200.0/23 maxlen: 23
176.105.204.0/23 maxlen: 23
176.105.204.0/24 maxlen: 24
176.105.206.0/23 maxlen: 23
176.105.208.0/22 maxlen: 22
176.105.208.0/24 maxlen: 24
176.105.209.0/24 maxlen: 24
176.105.210.0/23 maxlen: 23
176.105.212.0/22 maxlen: 22
176.105.212.0/23 maxlen: 23
176.105.216.0/23 maxlen: 23
176.105.218.0/23 maxlen: 23
176.105.218.0/24 maxlen: 24
176.105.220.0/24 maxlen: 24
176.105.221.0/24 maxlen: 24
176.105.222.0/24 maxlen: 24
176.105.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.mft
rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:12:23:c2:47:7c:c9:fe:b1:45:50:a8:63:d5:4b:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c34094e3236dcd1c835113791a3824da2973df9b
Validity
Not Before: Oct 28 09:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13586e2b895168daa77c3c2384a0bb4b6eec6a66
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:04:cf:5b:38:c9:f5:7e:b0:51:af:73:ac:ce:
1d:db:a9:72:eb:fb:c3:bf:a1:8d:1e:a6:0b:72:9e:
35:0b:2f:86:35:b6:97:d8:75:c5:f9:5b:a7:46:63:
0b:5d:64:45:1e:98:c3:af:78:87:a4:95:86:1a:d3:
f8:6c:fe:05:ae:cd:20:7b:73:7b:fa:a4:21:e8:7f:
01:d9:cd:28:01:37:69:28:00:f1:ef:31:90:cc:08:
2b:a0:c0:93:7c:d3:f9:f0:70:b1:db:43:89:d3:eb:
25:55:35:70:ef:3f:62:e3:9d:64:6b:91:b6:88:67:
41:d5:28:a7:0c:ee:75:49:c0:be:40:78:e6:94:1a:
9f:a7:c1:55:7a:70:1e:d8:c2:ce:43:41:0b:75:cf:
09:7a:25:89:c7:50:64:b3:f5:35:eb:2f:d1:94:c6:
a7:3e:8a:7a:02:fa:17:75:39:fa:b0:81:1a:f6:ed:
61:8c:00:bb:28:f6:ef:df:93:5d:a8:c2:08:b7:9b:
19:8a:6e:88:55:36:3b:a2:f0:bc:49:42:94:09:cb:
95:9e:45:0e:8d:62:a7:9d:fa:9f:1e:0e:73:af:39:
61:85:18:56:0e:0c:47:d7:a5:9d:61:df:e4:78:8b:
d0:09:b5:8c:41:88:9f:0b:6d:26:f3:d7:f3:2c:4a:
43:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:58:6E:2B:89:51:68:DA:A7:7C:3C:23:84:A0:BB:4B:6E:EC:6A:66
X509v3 Authority Key Identifier:
keyid:C3:40:94:E3:23:6D:CD:1C:83:51:13:79:1A:38:24:DA:29:73:DF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/E1huK4lRaNqnfDwjhKC7S27samY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.196.96.0/22
91.198.249.0/24
91.206.252.0/23
176.105.192.0/19
Signature Algorithm: sha256WithRSAEncryption
53:e9:6e:54:62:a1:b5:0a:d1:b3:28:5c:4e:3b:77:d7:5e:6b:
19:7d:1a:5b:6e:ec:04:ed:5f:0f:56:00:f8:f1:62:cc:a5:4b:
8c:f0:d7:c8:80:9e:be:ab:9e:c3:56:2d:3b:08:96:e3:07:5e:
e1:da:21:e2:c3:5f:13:af:56:de:b4:cb:0b:b5:b6:82:c3:c6:
84:46:f1:18:38:3a:7c:ac:b6:36:f5:ee:f9:55:bd:ac:ff:30:
81:e7:52:67:e6:a9:0a:c3:0c:96:5b:96:5f:44:a5:fd:ee:5e:
2f:2d:13:52:38:0d:ca:ad:37:19:9d:14:40:83:5f:e7:51:93:
2c:b2:d1:f2:f5:ae:2f:50:55:42:20:ee:c3:26:c0:f5:d8:bb:
a9:c9:13:77:5b:5c:1c:40:dc:ad:55:2f:e8:5b:c7:bb:85:5b:
dc:fe:4a:ce:1d:9b:07:47:e5:7e:3d:fa:5b:bb:3a:f8:ef:78:
b3:5e:46:91:b6:cf:31:80:04:b7:60:a2:2b:61:52:c2:81:b3:
cf:e3:66:46:95:9d:a5:3b:e7:e0:f4:a6:7d:0d:0f:ee:53:25:
3d:df:83:c2:38:46:7d:96:48:38:87:b5:0b:f0:b3:91:fc:f2:
df:be:b2:3d:bb:9f:e2:8d:f4:3c:31:f9:69:94:af:3d:c4:34:
eb:2e:fe:e5
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZoqEiPCR3zJ/rFFUKhj1UsIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNDA5NGUzMjM2ZGNkMWM4MzUxMTM3OTFhMzgyNGRhMjk3
M2RmOWIwHhcNMjUxMDI4MDkwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzU4NmUyYjg5NTE2OGRhYTc3YzNjMjM4NGEwYmI0YjZlZWM2YTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7ATPWzjJ9X6wUa9zrM4d26ly6/vD
v6GNHqYLcp41Cy+GNbaX2HXF+VunRmMLXWRFHpjDr3iHpJWGGtP4bP4Frs0ge3N7
+qQh6H8B2c0oATdpKADx7zGQzAgroMCTfNP58HCx20OJ0+slVTVw7z9i451ka5G2
iGdB1SinDO51ScC+QHjmlBqfp8FVenAe2MLOQ0ELdc8JeiWJx1Bks/U16y/RlMan
Pop6AvoXdTn6sIEa9u1hjAC7KPbv35NdqMIIt5sZim6IVTY7ovC8SUKUCcuVnkUO
jWKnnfqfHg5zrzlhhRhWDgxH16WdYd/keIvQCbWMQYifC20m89fzLEpDaQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBNYbiuJUWjap3w8I4Sgu0tu7GpmMB8GA1UdIwQY
MBaAFMNAlOMjbc0cg1ETeRo4JNopc9+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzBDVTR5TnR6UnlEVVJONUdqZ2syaWx6MzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzIt
ZThhMzlkZDYwODY0LzEvRTFodUs0bFJhTnFuZkR3amhLQzdTMjdzYW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzItZThhMzlkZDYwODY0
LzEvdzBDVTR5TnR6UnlEVVJONUdqZ2syaWx6MzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCW8RgAwQA
W8b5AwQBW878AwQFsGnAMA0GCSqGSIb3DQEBCwUAA4IBAQBT6W5UYqG1CtGzKFxO
O3fXXmsZfRpbbuwE7V8PVgD48WLMpUuM8NfIgJ6+q57DVi07CJbjB17h2iHiw18T
r1betMsLtbaCw8aERvEYODp8rLY29e75Vb2s/zCB51Jn5qkKwwyWW5ZfRKX97l4v
LRNSOA3KrTcZnRRAg1/nUZMsstHy9a4vUFVCIO7DJsD12LupyRN3W1wcQNytVS/o
W8e7hVvc/krOHZsHR+V+Pfpbuzr473izXkaRts8xgAS3YKIrYVLCgbPP42ZGlZ2l
O+fg9KZ9DQ/uUyU934PCOEZ9lkg4h7UL8LOR/PLfvrI9u5/ijfQ8MflplK89xDTr
Lv7l
-----END CERTIFICATE-----
Generated at Wed Nov 5 13:40:45 2025 by rpki-client