Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/dpxenuQjvci3ZpL8nHgF9W3MKcg.roa
File: dpxenuQjvci3ZpL8nHgF9W3MKcg.roa (raw, json)
Hash identifier: 6lYuC3m8waBrvvEp1GSL1BkXD3kqcshc7yTLgiT2sJc=
Subject key identifier: 76:9C:5E:9E:E4:23:BD:C8:B7:66:92:FC:9C:78:05:F5:6D:CC:29:C8
Certificate issuer: /CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Certificate serial: 01983750E619B2A762E5072910EBC92F577D
Authority key identifier: 5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/dpxenuQjvci3ZpL8nHgF9W3MKcg.roa
Signing time: Wed 23 Jul 2025 12:45:05 +0000
ROA not before: Wed 23 Jul 2025 12:45:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.151.69.0/24 maxlen: 24
45.151.70.0/24 maxlen: 24
45.151.71.0/24 maxlen: 24
88.218.42.0/24 maxlen: 24
185.173.144.0/24 maxlen: 24
185.173.145.0/24 maxlen: 24
185.173.146.0/24 maxlen: 24
185.173.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.mft
rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 08:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:50:e6:19:b2:a7:62:e5:07:29:10:eb:c9:2f:57:7d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5c892aed3833e6100f5e0cf12271fd80b755c361
Validity
Not Before: Jul 23 12:45:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=769c5e9ee423bdc8b76692fc9c7805f56dcc29c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:f3:ef:ce:a1:20:b9:c8:06:05:c7:2e:cc:4c:
b0:5a:af:b0:50:2c:64:36:02:b6:0c:7e:9b:99:c0:
ca:dc:d7:6c:44:29:d9:85:29:de:b0:03:b7:dd:a1:
38:70:75:7f:99:c6:a8:43:2e:8b:98:9a:c3:17:61:
20:dd:f0:84:3f:7a:0d:1f:87:01:9a:92:79:b9:e8:
3c:18:d5:bc:9f:b9:3e:aa:5f:b9:65:76:25:f2:85:
23:72:c6:80:b8:a0:86:f5:8b:b1:47:80:b0:1f:a6:
7d:5b:ff:f6:e1:29:d8:8a:d8:6e:6d:20:f2:5f:c7:
87:fb:8e:b1:d7:40:d5:ea:12:dc:fc:15:20:47:b4:
bc:d8:6d:e3:a1:af:8b:41:93:2e:5e:dd:6a:08:fe:
db:db:f0:66:cb:5f:97:0e:05:57:6e:f1:f9:4d:29:
03:12:a1:af:20:fd:33:84:bd:82:4b:36:3f:19:98:
df:c6:ba:86:1c:f4:26:81:42:c2:70:e3:66:72:1d:
1e:df:b4:d2:11:65:f7:43:91:7e:ed:34:97:fb:c4:
73:57:89:0b:e5:1e:f8:48:15:47:d2:6e:9c:3d:de:
91:03:09:42:d9:b8:b2:b6:97:37:19:29:92:e8:32:
b3:d5:18:ed:fd:3e:8a:dd:b2:0b:22:4b:ca:8c:7d:
60:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
76:9C:5E:9E:E4:23:BD:C8:B7:66:92:FC:9C:78:05:F5:6D:CC:29:C8
X509v3 Authority Key Identifier:
keyid:5C:89:2A:ED:38:33:E6:10:0F:5E:0C:F1:22:71:FD:80:B7:55:C3:61
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XIkq7Tgz5hAPXgzxInH9gLdVw2E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/dpxenuQjvci3ZpL8nHgF9W3MKcg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/86fb46-d712-4602-9cce-3aa7daa9d3ec/1/XIkq7Tgz5hAPXgzxInH9gLdVw2E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.151.69.0-45.151.71.255
88.218.42.0/24
185.173.144.0/22
Signature Algorithm: sha256WithRSAEncryption
45:d2:80:dc:c4:82:aa:55:a1:20:72:34:5e:c4:02:8b:65:20:
e4:9c:af:c8:1d:1b:9c:c0:dd:9f:a6:f1:83:97:e5:b4:21:62:
72:0e:44:94:0b:b5:4e:e4:8c:61:16:a2:7c:3f:25:40:c9:52:
3c:50:0c:3f:d8:15:49:49:be:74:79:c3:a9:79:16:92:1c:d6:
bd:be:7e:6d:6b:be:e3:e1:0d:9f:1c:34:3c:d7:2b:b0:82:18:
50:30:b7:73:4c:c4:d4:6c:1b:ae:d5:32:66:80:ea:af:6a:2b:
3d:7a:06:56:c7:14:20:ce:2e:71:da:7a:d3:00:51:ae:8c:66:
7a:3e:16:a6:d9:23:66:0a:09:97:9f:18:eb:b3:a2:6e:67:ac:
c7:97:d4:5d:61:df:45:cf:d0:30:10:db:fa:95:45:43:40:0b:
a0:59:cc:a1:0f:69:16:9a:6f:3a:84:04:1c:5b:1c:9a:69:5a:
ac:26:58:d0:87:f8:cd:4f:bb:2b:07:c5:22:d1:45:8b:57:be:
ff:76:75:52:22:95:4a:5e:8f:a3:69:e4:e0:8e:7b:13:dd:0b:
4d:81:e2:fe:f7:11:59:2a:cc:16:c9:ab:43:ad:36:6a:5c:ab:
18:92:40:d7:07:99:39:2c:59:90:36:c3:e5:72:01:76:5a:5f:
52:4a:4d:b3
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZg3UOYZsqdi5QcpEOvJL1d9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjODkyYWVkMzgzM2U2MTAwZjVlMGNmMTIyNzFmZDgwYjc1
NWMzNjEwHhcNMjUwNzIzMTI0NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NjljNWU5ZWU0MjNiZGM4Yjc2NjkyZmM5Yzc4MDVmNTZkY2MyOWM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2PPvzqEgucgGBccuzEywWq+wUCxk
NgK2DH6bmcDK3NdsRCnZhSnesAO33aE4cHV/mcaoQy6LmJrDF2Eg3fCEP3oNH4cB
mpJ5ueg8GNW8n7k+ql+5ZXYl8oUjcsaAuKCG9YuxR4CwH6Z9W//24SnYithubSDy
X8eH+46x10DV6hLc/BUgR7S82G3joa+LQZMuXt1qCP7b2/Bmy1+XDgVXbvH5TSkD
EqGvIP0zhL2CSzY/GZjfxrqGHPQmgULCcONmch0e37TSEWX3Q5F+7TSX+8RzV4kL
5R74SBVH0m6cPd6RAwlC2biytpc3GSmS6DKz1Rjt/T6K3bILIkvKjH1gfwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFHacXp7kI73It2aS/Jx4BfVtzCnIMB8GA1UdIwQY
MBaAFFyJKu04M+YQD14M8SJx/YC3VcNhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2Ut
M2FhN2RhYTlkM2VjLzEvZHB4ZW51UWp2Y2kzWnBMOG5IZ0Y5VzNNS2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi84NmZiNDYtZDcxMi00NjAyLTljY2UtM2FhN2RhYTlkM2Vj
LzEvWElrcTdUZ3o1aEFQWGd6eEluSDlnTGRWdzJFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaMAwDBAAtl0UD
BAMtl0ADBABY2ioDBAK5rZAwDQYJKoZIhvcNAQELBQADggEBAEXSgNzEgqpVoSBy
NF7EAotlIOScr8gdG5zA3Z+m8YOX5bQhYnIORJQLtU7kjGEWonw/JUDJUjxQDD/Y
FUlJvnR5w6l5FpIc1r2+fm1rvuPhDZ8cNDzXK7CCGFAwt3NMxNRsG67VMmaA6q9q
Kz16BlbHFCDOLnHaetMAUa6MZno+FqbZI2YKCZefGOuzom5nrMeX1F1h30XP0DAQ
2/qVRUNAC6BZzKEPaRaabzqEBBxbHJppWqwmWNCH+M1PuysHxSLRRYtXvv92dVIi
lUpej6Np5OCOexPdC02B4v73EVkqzBbJq0OtNmpcqxiSQNcHmTksWZA2w+VyAXZa
X1JKTbM=
-----END CERTIFICATE-----
Generated at Sun Aug 10 14:00:24 2025 by rpki-client