Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/ieCaBaxpA2GUFQ0ZgL1Mhifb7Aw.roa
File: ieCaBaxpA2GUFQ0ZgL1Mhifb7Aw.roa (raw, json)
Hash identifier: kRgpfoyDp30dlrYqiAurvsWbw4QikrmUNVZImGj5L5A=
Subject key identifier: 89:E0:9A:05:AC:69:03:61:94:15:0D:19:80:BD:4C:86:27:DB:EC:0C
Certificate issuer: /CN=363f09508fdf256448219b284bb09b23b2b51396
Certificate serial: 019A21592A72B4CA5DFE9B4729AC711E02CD
Authority key identifier: 36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/ieCaBaxpA2GUFQ0ZgL1Mhifb7Aw.roa
Signing time: Sun 26 Oct 2025 16:28:03 +0000
ROA not before: Sun 26 Oct 2025 16:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30058
IP address blocks: 45.12.60.0/24 maxlen: 24
86.54.28.0/24 maxlen: 24
86.54.29.0/24 maxlen: 24
2a01:e940::/48 maxlen: 48
2a01:e944::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:21:59:2a:72:b4:ca:5d:fe:9b:47:29:ac:71:1e:02:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=363f09508fdf256448219b284bb09b23b2b51396
Validity
Not Before: Oct 26 16:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=89e09a05ac69036194150d1980bd4c8627dbec0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:03:58:29:50:46:b8:ea:bc:a0:88:07:78:40:
80:2e:69:72:af:c7:3f:9d:95:da:f9:9e:10:8e:24:
48:8b:b6:1c:d5:dc:bb:e7:e1:65:ee:03:9a:c8:20:
4f:5a:65:64:53:d2:aa:3a:03:16:94:3f:c2:b9:fa:
28:31:69:7e:39:9a:ed:8d:8b:b3:a6:a2:24:68:29:
b1:e4:a9:00:6a:37:bb:77:3a:2c:f5:d0:c2:12:23:
57:02:a1:bd:64:a3:72:45:85:66:f9:e8:10:79:6d:
08:78:58:22:6e:74:bd:15:b3:84:f7:6a:e3:dd:37:
5f:10:d3:8c:98:35:78:a9:3a:72:de:fd:0e:94:11:
a7:98:9e:90:93:98:3f:60:6f:4f:32:16:22:73:8f:
3d:04:85:c4:7c:1f:a0:0c:4b:19:7a:7c:a7:f9:cc:
cd:da:32:e6:bd:c4:d7:5d:cb:7f:9a:bb:cd:aa:d3:
d0:9b:ef:21:ad:4f:a9:0b:1d:b2:fe:98:de:15:ec:
9d:97:d3:00:89:42:53:70:27:ab:62:36:e2:dc:40:
ea:e0:88:10:13:e1:30:b2:ca:e5:6f:03:24:67:43:
62:77:1f:e6:ea:84:5e:c0:fd:5c:10:63:9d:b4:3d:
f0:7e:19:4f:fb:14:91:6b:8c:11:1a:28:c8:a7:fa:
16:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:E0:9A:05:AC:69:03:61:94:15:0D:19:80:BD:4C:86:27:DB:EC:0C
X509v3 Authority Key Identifier:
keyid:36:3F:09:50:8F:DF:25:64:48:21:9B:28:4B:B0:9B:23:B2:B5:13:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/ieCaBaxpA2GUFQ0ZgL1Mhifb7Aw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5f/ad05f2-ab39-4132-8492-fd814455a868/1/Nj8JUI_fJWRIIZsoS7CbI7K1E5Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.12.60.0/24
86.54.28.0/23
IPv6:
2a01:e940::/48
2a01:e944::/48
Signature Algorithm: sha256WithRSAEncryption
1e:04:81:a7:ad:00:31:da:ca:ea:5c:56:fa:55:d5:1b:cc:22:
83:97:c3:63:28:8e:98:50:cd:0e:b3:f1:e4:75:73:14:99:3e:
a7:7e:5d:c3:0f:7a:dd:9f:90:bd:41:73:56:66:6d:56:25:77:
ed:0b:79:5e:46:4d:d5:b5:bd:4c:06:89:25:aa:0f:e2:80:b4:
f9:ed:5f:12:77:0a:07:bc:ac:8e:a2:80:e4:10:52:18:84:0f:
78:4e:34:9d:bb:a9:b6:07:79:1e:7e:25:5e:1c:df:c1:2c:c3:
78:7d:50:e2:08:e8:f6:0d:72:89:a9:2a:6f:ed:a7:9e:91:c5:
57:4a:67:5a:49:83:db:30:51:f4:7f:19:4f:ba:05:bd:e3:72:
4e:20:e3:84:be:a9:c7:3a:da:4f:da:10:3c:ab:2d:1f:8c:56:
8c:84:88:94:d2:49:69:ad:f6:d8:51:de:58:31:45:ef:09:10:
34:af:17:29:93:78:61:c9:04:7d:7c:3e:61:6d:82:5e:58:9a:
1d:71:75:47:e8:72:d0:19:35:b7:7e:05:04:45:79:5c:1d:b0:
e2:d1:03:58:4b:8a:93:95:23:a4:61:f9:15:e5:e8:e6:0b:68:
93:11:4b:5b:62:93:2e:63:e5:50:15:0d:a3:15:65:d6:d0:9a:
fe:1b:74:ee
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZohWSpytMpd/ptHKaxxHgLNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2M2YwOTUwOGZkZjI1NjQ0ODIxOWIyODRiYjA5YjIzYjJi
NTEzOTYwHhcNMjUxMDI2MTYyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OWUwOWEwNWFjNjkwMzYxOTQxNTBkMTk4MGJkNGM4NjI3ZGJlYzBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqQNYKVBGuOq8oIgHeECALmlyr8c/
nZXa+Z4QjiRIi7Yc1dy75+Fl7gOayCBPWmVkU9KqOgMWlD/CufooMWl+OZrtjYuz
pqIkaCmx5KkAaje7dzos9dDCEiNXAqG9ZKNyRYVm+egQeW0IeFgibnS9FbOE92rj
3TdfENOMmDV4qTpy3v0OlBGnmJ6Qk5g/YG9PMhYic489BIXEfB+gDEsZenyn+czN
2jLmvcTXXct/mrvNqtPQm+8hrU+pCx2y/pjeFeydl9MAiUJTcCerYjbi3EDq4IgQ
E+EwssrlbwMkZ0Nidx/m6oRewP1cEGOdtD3wfhlP+xSRa4wRGijIp/oWlwIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFIngmgWsaQNhlBUNGYC9TIYn2+wMMB8GA1UdIwQY
MBaAFDY/CVCP3yVkSCGbKEuwmyOytROWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTIt
ZmQ4MTQ0NTVhODY4LzEvaWVDYUJheHBBMkdVRlEwWmdMMU1oaWZiN0F3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Zi9hZDA1ZjItYWIzOS00MTMyLTg0OTItZmQ4MTQ0NTVhODY4
LzEvTmo4SlVJX2ZKV1JJSVpzb1M3Q2JJN0sxRTVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjASBAIAATAMAwQALQw8AwQB
VjYcMBgEAgACMBIDBwAqAelAAAADBwAqAelEAAAwDQYJKoZIhvcNAQELBQADggEB
AB4EgaetADHayupcVvpV1RvMIoOXw2MojphQzQ6z8eR1cxSZPqd+XcMPet2fkL1B
c1ZmbVYld+0LeV5GTdW1vUwGiSWqD+KAtPntXxJ3Cge8rI6igOQQUhiED3hONJ27
qbYHeR5+JV4c38Esw3h9UOII6PYNcompKm/tp56RxVdKZ1pJg9swUfR/GU+6Bb3j
ck4g44S+qcc62k/aEDyrLR+MVoyEiJTSSWmt9thR3lgxRe8JEDSvFymTeGHJBH18
PmFtgl5Ymh1xdUfoctAZNbd+BQRFeVwdsOLRA1hLipOVI6Rh+RXl6OYLaJMRS1ti
ky5j5VAVDaMVZdbQmv4bdO4=
-----END CERTIFICATE-----
Generated at Tue Nov 4 23:00:50 2025 by rpki-client