Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/cFeByErCtBYA-kSmL5oyRcirFxI.roa
File: cFeByErCtBYA-kSmL5oyRcirFxI.roa (raw, json)
Hash identifier: NYVwxx+ttLoViTQMH46DPjJwNIHj9URyaW98Ufjb+rg=
Subject key identifier: 70:57:81:C8:4A:C2:B4:16:00:FA:44:A6:2F:9A:32:45:C8:AB:17:12
Certificate issuer: /CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Certificate serial: 019A301E4B3D483F8E0E0398E1E5001B37ED
Authority key identifier: E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/cFeByErCtBYA-kSmL5oyRcirFxI.roa
Signing time: Wed 29 Oct 2025 13:18:02 +0000
ROA not before: Wed 29 Oct 2025 13:18:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214798
IP address blocks: 45.129.140.0/24 maxlen: 24
130.49.160.0/22 maxlen: 24
185.164.163.0/24 maxlen: 24
185.169.107.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
2a09:31c0:cafe::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.mft
rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:30:1e:4b:3d:48:3f:8e:0e:03:98:e1:e5:00:1b:37:ed
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e91ef22adaa16d53dcf637c569f4131f26215b91
Validity
Not Before: Oct 29 13:18:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=705781c84ac2b41600fa44a62f9a3245c8ab1712
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:0f:cb:cf:5c:7f:ed:de:a8:c4:11:1b:3d:8f:
da:41:4b:b7:7a:8a:80:0c:f6:68:e4:1d:bd:33:c7:
67:79:11:2b:c8:e4:cf:a3:5d:2a:35:36:8d:19:c3:
ec:63:b0:16:2e:96:22:43:dc:68:11:07:b0:dc:15:
ae:ce:4e:2f:06:b8:29:17:7e:bf:91:9c:cb:aa:5c:
b1:7f:72:84:eb:dd:ae:a6:db:04:06:bd:97:e3:f3:
e1:76:aa:74:46:08:2e:0b:d4:c7:e7:e1:f1:ba:1c:
2c:e4:5f:b3:e3:da:3a:eb:a7:2d:d3:a9:d3:45:53:
5f:ef:34:56:f7:93:95:55:f1:4c:fe:f5:1c:f1:75:
4d:bd:22:35:c7:6a:41:bf:4c:52:d6:12:f8:b2:e4:
06:09:59:42:b0:af:c1:89:0a:d0:38:98:bd:cd:20:
3d:66:94:af:58:18:bd:55:a0:2a:5f:89:c0:d3:02:
f7:f3:b7:0d:3e:bc:7d:bf:d4:ca:03:0a:21:0b:33:
77:b8:ca:f9:81:cf:83:84:db:9d:b2:ae:bc:89:8c:
65:81:c5:76:e3:c9:8f:a2:16:a1:b5:da:3b:d5:f7:
34:71:1a:06:aa:5e:a6:7c:22:0d:c5:9d:23:09:25:
19:6c:b7:46:63:83:73:1b:38:a1:20:fd:2d:97:e8:
99:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:57:81:C8:4A:C2:B4:16:00:FA:44:A6:2F:9A:32:45:C8:AB:17:12
X509v3 Authority Key Identifier:
keyid:E9:1E:F2:2A:DA:A1:6D:53:DC:F6:37:C5:69:F4:13:1F:26:21:5B:91
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6R7yKtqhbVPc9jfFafQTHyYhW5E.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/cFeByErCtBYA-kSmL5oyRcirFxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/111385-2eb6-4c6a-b9c4-34ae891a72cf/1/6R7yKtqhbVPc9jfFafQTHyYhW5E.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.129.140.0/24
130.49.160.0/22
185.164.163.0/24
185.169.107.0/24
185.216.84.0/22
IPv6:
2a09:31c0:cafe::/48
Signature Algorithm: sha256WithRSAEncryption
93:a0:6e:36:16:bb:d0:10:eb:4a:27:b8:a5:40:d3:af:50:cb:
0e:b9:a9:26:47:84:4c:4d:63:8e:d9:60:2d:5c:5f:2b:f9:9f:
d1:cf:54:5a:6d:a2:ef:ca:6c:19:82:a4:35:e7:59:a8:4c:09:
91:f7:fd:30:dc:1e:f3:0b:0b:f4:f0:b0:45:da:7a:22:fe:a2:
ac:db:f1:50:61:52:4a:85:3c:b7:f2:25:dd:62:92:c1:23:55:
c7:46:8b:af:ff:bd:f7:ff:51:43:82:28:9c:8a:27:4f:95:17:
f8:3e:0e:bb:87:81:73:69:72:a8:79:ba:4a:d9:5c:5d:09:9c:
00:26:87:92:ba:f0:70:48:d0:47:a3:77:df:c0:3d:36:4c:b0:
ea:7a:36:89:22:b1:0a:8e:80:3a:2b:15:0c:fa:2e:33:69:4b:
ea:0e:30:30:60:20:71:9b:b2:78:88:da:bf:58:eb:a5:03:b5:
b1:93:4b:74:af:83:98:4e:da:56:a1:7d:4c:0e:e6:ac:92:7e:
58:ef:cd:e3:49:a0:33:79:de:77:83:9b:88:c1:53:3f:36:97:
f6:25:c9:5c:77:2e:67:55:ec:3d:b4:c7:2f:e8:ce:77:5b:1c:
a3:29:e8:f7:35:ec:8d:58:cd:5e:fb:23:81:ad:7e:0b:d5:14:
92:75:4b:49
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZowHks9SD+ODgOY4eUAGzftMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5MWVmMjJhZGFhMTZkNTNkY2Y2MzdjNTY5ZjQxMzFmMjYy
MTViOTEwHhcNMjUxMDI5MTMxODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDU3ODFjODRhYzJiNDE2MDBmYTQ0YTYyZjlhMzI0NWM4YWIxNzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvA/Lz1x/7d6oxBEbPY/aQUu3eoqA
DPZo5B29M8dneREryOTPo10qNTaNGcPsY7AWLpYiQ9xoEQew3BWuzk4vBrgpF36/
kZzLqlyxf3KE692uptsEBr2X4/Phdqp0RgguC9TH5+Hxuhws5F+z49o666ct06nT
RVNf7zRW95OVVfFM/vUc8XVNvSI1x2pBv0xS1hL4suQGCVlCsK/BiQrQOJi9zSA9
ZpSvWBi9VaAqX4nA0wL387cNPrx9v9TKAwohCzN3uMr5gc+DhNudsq68iYxlgcV2
48mPohahtdo71fc0cRoGql6mfCINxZ0jCSUZbLdGY4NzGzihIP0tl+iZzwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFHBXgchKwrQWAPpEpi+aMkXIqxcSMB8GA1UdIwQY
MBaAFOke8iraoW1T3PY3xWn0Ex8mIVuRMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQt
MzRhZTg5MWE3MmNmLzEvY0ZlQnlFckN0QllBLWtTbUw1b3lSY2lyRnhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS8xMTEzODUtMmViNi00YzZhLWI5YzQtMzRhZTg5MWE3MmNm
LzEvNlI3eUt0cWhiVlBjOWpmRmFmUVRIeVloVzVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAkBAIAATAeAwQALYGMAwQC
gjGgAwQAuaSjAwQAualrAwQCudhUMA8EAgACMAkDBwAqCTHAyv4wDQYJKoZIhvcN
AQELBQADggEBAJOgbjYWu9AQ60onuKVA069Qyw65qSZHhExNY47ZYC1cXyv5n9HP
VFptou/KbBmCpDXnWahMCZH3/TDcHvMLC/TwsEXaeiL+oqzb8VBhUkqFPLfyJd1i
ksEjVcdGi6//vff/UUOCKJyKJ0+VF/g+DruHgXNpcqh5ukrZXF0JnAAmh5K68HBI
0Eejd9/APTZMsOp6NokisQqOgDorFQz6LjNpS+oOMDBgIHGbsniI2r9Y66UDtbGT
S3Svg5hO2lahfUwO5qySfljvzeNJoDN53neDm4jBUz82l/YlyVx3LmdV7D20xy/o
zndbHKMp6Pc17I1YzV77I4GtfgvVFJJ1S0k=
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:32:29 2025 by rpki-client