Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/5ec852VSLmx9EApZVtekGuMWMuA.roa
File: 5ec852VSLmx9EApZVtekGuMWMuA.roa (raw, json)
Hash identifier: Q8SzlqH4yGoWtfk90Iu07qmBDO1qFxoWDH2ZvTONdRM=
Subject key identifier: E5:E7:3C:E7:65:52:2E:6C:7D:10:0A:59:56:D7:A4:1A:E3:16:32:E0
Certificate issuer: /CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Certificate serial: 019A4FD1879EE164779900E52FAE1A59ABD8
Authority key identifier: 1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/5ec852VSLmx9EApZVtekGuMWMuA.roa
Signing time: Tue 04 Nov 2025 17:02:03 +0000
ROA not before: Tue 04 Nov 2025 17:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25135
IP address blocks: 77.233.128.0/24 maxlen: 24
85.255.224.0/20 maxlen: 20
85.255.232.0/23 maxlen: 23
85.255.234.0/23 maxlen: 23
85.255.236.0/23 maxlen: 23
88.82.0.0/19 maxlen: 19
148.252.128.0/19 maxlen: 19
148.252.128.0/23 maxlen: 23
148.252.132.0/23 maxlen: 23
148.252.136.0/22 maxlen: 22
148.252.140.0/23 maxlen: 23
148.252.144.0/23 maxlen: 23
148.252.146.0/23 maxlen: 23
148.252.148.0/23 maxlen: 23
148.252.150.0/24 maxlen: 24
148.252.152.0/24 maxlen: 24
148.252.156.0/23 maxlen: 23
148.252.158.0/23 maxlen: 23
148.252.160.0/19 maxlen: 19
185.69.144.0/23 maxlen: 23
185.69.146.0/23 maxlen: 23
194.62.232.0/24 maxlen: 24
194.62.238.0/24 maxlen: 24
212.183.128.0/19 maxlen: 19
212.183.128.0/20 maxlen: 20
212.183.152.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.mft
rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 17:02:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:d1:87:9e:e1:64:77:99:00:e5:2f:ae:1a:59:ab:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ada225cb7f29416e7534695fbfb21762fee93c8
Validity
Not Before: Nov 4 17:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5e73ce765522e6c7d100a5956d7a41ae31632e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:40:8e:98:88:ca:51:6c:b0:2d:de:15:72:5e:
fc:14:81:c6:c8:99:03:49:ed:16:59:64:44:ab:47:
ce:d8:ec:23:59:8a:2b:c4:25:0d:d9:10:c1:7e:bc:
b6:38:6e:6f:14:53:33:91:b1:c8:72:97:76:95:d2:
9e:c0:ef:a5:f5:b0:f8:7b:19:a0:e2:e8:81:f6:ea:
b5:17:11:b7:cd:8d:b9:62:15:5b:65:b8:c8:ba:10:
47:06:5c:69:b5:4d:52:7e:54:e0:5d:76:0b:44:cf:
a2:fa:8b:30:6d:9a:9a:ba:6b:5e:aa:b9:7d:17:30:
09:97:64:d1:6e:44:9d:ca:74:f3:87:a9:3c:dd:e1:
2b:ad:2a:f8:95:6e:15:b1:8b:f0:72:0d:60:90:6d:
17:1f:a3:0e:9e:16:e9:a3:4c:1b:6a:83:37:50:3f:
68:13:b5:b5:43:be:ad:da:06:d1:61:ac:59:d2:38:
de:61:5d:06:02:9c:d2:1b:a4:8f:da:73:d6:de:1a:
2e:48:3b:e2:44:a9:d9:d7:22:c2:74:7e:00:7e:45:
ba:7b:ff:e5:3e:49:ee:7e:14:a4:75:11:96:3e:a8:
7e:94:99:7e:b9:e3:f9:b3:a7:e1:d8:92:a3:69:3d:
80:0a:f8:5c:e5:cd:0c:ea:b6:92:a2:f5:57:a3:8e:
7d:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:E7:3C:E7:65:52:2E:6C:7D:10:0A:59:56:D7:A4:1A:E3:16:32:E0
X509v3 Authority Key Identifier:
keyid:1A:DA:22:5C:B7:F2:94:16:E7:53:46:95:FB:FB:21:76:2F:EE:93:C8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GtoiXLfylBbnU0aV-_shdi_uk8g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/5ec852VSLmx9EApZVtekGuMWMuA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/e9d9cc-2668-42fc-8315-7525d4d408b5/1/GtoiXLfylBbnU0aV-_shdi_uk8g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.233.128.0/24
85.255.224.0/20
88.82.0.0/19
148.252.128.0/18
185.69.144.0/22
194.62.232.0/24
194.62.238.0/24
212.183.128.0/19
Signature Algorithm: sha256WithRSAEncryption
cd:cd:95:49:e3:a4:af:2a:ad:7e:87:c5:dc:fa:0b:0c:62:69:
bc:92:00:29:b1:94:d2:fe:1b:68:a3:f6:2e:35:b9:5f:6f:d4:
20:83:56:10:62:96:d9:0a:36:8b:d0:45:cf:4e:ba:e7:6b:30:
2b:fe:14:16:9c:ec:29:8a:c0:51:1a:1b:69:cd:3e:f8:ba:c2:
20:bb:7e:0b:a3:27:4f:f9:fb:d8:1e:73:9d:b7:36:0e:df:65:
a7:70:02:6d:a6:f3:ce:d6:17:9c:8a:ca:66:75:e4:21:e8:01:
8c:11:b0:30:7d:3d:61:55:d0:7e:c9:db:a4:1f:7d:a0:ee:67:
d9:bf:e8:c5:d2:31:db:32:04:d2:7f:62:3e:8d:4f:62:20:ef:
5a:6e:1e:c2:27:47:7c:7b:26:a5:09:8a:4d:fc:98:a3:7d:d6:
41:22:85:63:58:17:3c:8c:08:4a:d4:2f:77:4f:d8:be:7c:4e:
97:7b:73:11:ce:8a:7c:21:75:cb:07:f0:e8:53:1b:3b:57:b5:
c6:4f:be:87:38:8c:2c:e7:13:a7:ac:c6:e8:dc:e9:be:96:74:
3d:e3:d1:c7:37:75:80:46:50:0d:78:16:ed:ac:2d:64:4b:b2:
4f:c8:77:5f:7c:84:4c:a1:41:fe:b8:ec:0e:86:a6:5a:e0:6a:
95:70:84:74
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZpP0Yee4WR3mQDlL64aWavYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFhZGEyMjVjYjdmMjk0MTZlNzUzNDY5NWZiZmIyMTc2MmZl
ZTkzYzgwHhcNMjUxMTA0MTcwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWU3M2NlNzY1NTIyZTZjN2QxMDBhNTk1NmQ3YTQxYWUzMTYzMmUwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAukCOmIjKUWywLd4Vcl78FIHGyJkD
Se0WWWREq0fO2OwjWYorxCUN2RDBfry2OG5vFFMzkbHIcpd2ldKewO+l9bD4exmg
4uiB9uq1FxG3zY25YhVbZbjIuhBHBlxptU1SflTgXXYLRM+i+oswbZqaumteqrl9
FzAJl2TRbkSdynTzh6k83eErrSr4lW4VsYvwcg1gkG0XH6MOnhbpo0wbaoM3UD9o
E7W1Q76t2gbRYaxZ0jjeYV0GApzSG6SP2nPW3houSDviRKnZ1yLCdH4AfkW6e//l
PknufhSkdRGWPqh+lJl+ueP5s6fh2JKjaT2ACvhc5c0M6raSovVXo459UQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFOXnPOdlUi5sfRAKWVbXpBrjFjLgMB8GA1UdIwQY
MBaAFBraIly38pQW51NGlfv7IXYv7pPIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUt
NzUyNWQ0ZDQwOGI1LzEvNWVjODUyVlNMbXg5RUFwWlZ0ZWtHdU1XTXVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9lOWQ5Y2MtMjY2OC00MmZjLTgzMTUtNzUyNWQ0ZDQwOGI1
LzEvR3RvaVhMZnlsQmJuVTBhVi1fc2hkaV91azhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQATemAAwQE
Vf/gAwQFWFIAAwQGlPyAAwQCuUWQAwQAwj7oAwQAwj7uAwQF1LeAMA0GCSqGSIb3
DQEBCwUAA4IBAQDNzZVJ46SvKq1+h8Xc+gsMYmm8kgApsZTS/htoo/YuNblfb9Qg
g1YQYpbZCjaL0EXPTrrnazAr/hQWnOwpisBRGhtpzT74usIgu34LoydP+fvYHnOd
tzYO32WncAJtpvPO1hecispmdeQh6AGMEbAwfT1hVdB+ydukH32g7mfZv+jF0jHb
MgTSf2I+jU9iIO9abh7CJ0d8eyalCYpN/JijfdZBIoVjWBc8jAhK1C93T9i+fE6X
e3MRzop8IXXLB/DoUxs7V7XGT76HOIws5xOnrMbo3Om+lnQ949HHN3WARlANeBbt
rC1kS7JPyHdffIRMoUH+uOwOhqZa4GqVcIR0
-----END CERTIFICATE-----
Generated at Wed Nov 5 02:39:40 2025 by rpki-client