Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sRKyFjWls0TVknEviLVPHznqfQY.roa
File: sRKyFjWls0TVknEviLVPHznqfQY.roa (raw, json)
Hash identifier: oCsrgUm/p9XB6dCGrQ8r9R2FuW+9BvdmhFaxDzmb+J0=
Subject key identifier: B1:12:B2:16:35:A5:B3:44:D5:92:71:2F:88:B5:4F:1F:39:EA:7D:06
Certificate issuer: /CN=827603a93bca31b018f511f6d4b0b7546e963362
Certificate serial: 019A10909907DDE3B27A60294A87D377114B
Authority key identifier: 82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sRKyFjWls0TVknEviLVPHznqfQY.roa
Signing time: Thu 23 Oct 2025 10:15:03 +0000
ROA not before: Thu 23 Oct 2025 10:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212609
IP address blocks: 45.90.248.0/22 maxlen: 22
45.93.224.0/24 maxlen: 24
45.93.225.0/24 maxlen: 24
45.93.226.0/24 maxlen: 24
45.130.79.0/24 maxlen: 24
89.190.148.0/24 maxlen: 24
89.190.149.0/24 maxlen: 24
212.60.0.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:90:99:07:dd:e3:b2:7a:60:29:4a:87:d3:77:11:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=827603a93bca31b018f511f6d4b0b7546e963362
Validity
Not Before: Oct 23 10:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b112b21635a5b344d592712f88b54f1f39ea7d06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:af:e1:88:82:c4:f1:d5:05:44:2f:71:3e:e4:
cd:ea:52:5b:ba:4c:74:05:b4:39:0a:6e:76:43:6c:
b3:eb:f7:46:16:23:62:30:23:67:69:b2:e8:a9:8d:
cc:ef:b7:a0:c4:94:cc:11:e3:94:16:fa:4f:d8:ec:
f7:21:e8:40:97:e3:d8:96:02:e9:c9:8e:7e:4f:5d:
cc:a6:82:42:22:74:14:e7:fc:01:df:b5:7f:18:24:
18:5d:2c:e2:98:0d:a1:1e:4d:53:3a:d7:a7:27:94:
09:cd:da:d8:4b:98:26:9e:70:41:d0:58:b1:28:f5:
63:5c:9e:ce:8a:d9:24:79:54:41:b0:5f:f1:ca:0e:
5b:a7:27:17:f4:af:a6:1c:4c:1f:6d:1c:c7:52:71:
b8:2f:af:a9:6c:72:a4:55:4e:92:9d:c4:b5:b4:00:
b7:22:a9:5a:a3:6d:c1:ef:6b:56:2f:b1:96:04:c3:
30:be:89:40:86:ab:b2:27:c9:82:f7:c6:70:da:bf:
3c:29:2c:5b:53:77:12:73:8b:3d:69:cb:60:6e:e7:
80:6f:bb:bf:45:7f:c1:bc:6a:6c:45:56:ed:7e:8d:
f2:85:f2:66:2d:0a:19:9d:06:76:5b:75:01:a3:09:
15:70:20:ca:7b:27:d4:d6:c0:8f:9e:56:87:a3:f6:
c0:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:12:B2:16:35:A5:B3:44:D5:92:71:2F:88:B5:4F:1F:39:EA:7D:06
X509v3 Authority Key Identifier:
keyid:82:76:03:A9:3B:CA:31:B0:18:F5:11:F6:D4:B0:B7:54:6E:96:33:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/gnYDqTvKMbAY9RH21LC3VG6WM2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/sRKyFjWls0TVknEviLVPHznqfQY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/91af66-d394-42fa-a0c6-b16cb4dfadd3/1/gnYDqTvKMbAY9RH21LC3VG6WM2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.248.0/22
45.93.224.0-45.93.226.255
45.130.79.0/24
89.190.148.0/23
212.60.0.0/22
Signature Algorithm: sha256WithRSAEncryption
33:31:d7:26:d0:d4:6b:3e:5e:95:8d:05:59:51:e2:14:13:6c:
06:fa:18:13:45:52:c0:9f:2a:1c:38:93:28:a0:a1:f0:db:a0:
7d:36:71:18:5a:72:ce:40:67:3f:5b:fb:53:a0:bf:6b:5b:16:
31:c7:fd:60:a3:67:d0:e8:a0:10:c5:4d:db:be:2a:98:bb:a2:
15:3f:45:57:24:8a:7d:60:9b:3f:b1:d5:6e:2d:2a:6f:bf:40:
9c:fc:96:19:4e:f5:ce:88:8e:e2:eb:ed:1d:23:c3:1f:14:05:
4a:3c:ea:2c:95:5c:01:ad:f4:67:08:17:3c:fd:0c:8e:ce:c5:
da:72:73:f0:00:6d:31:40:d7:5c:14:58:29:b6:13:96:56:a6:
8a:cb:51:33:ab:f3:96:34:ca:7e:f5:15:cc:2b:2f:f3:1e:77:
52:47:fb:eb:e5:d5:82:68:7e:a6:65:fc:41:a7:b6:0d:e3:66:
15:d6:c2:a4:fc:51:64:5f:3b:5c:36:80:9f:fb:e1:cd:bc:ba:
7f:19:7b:39:f8:c6:75:24:58:67:89:7e:72:c5:fa:ce:02:c6:
db:db:fc:e6:b1:a8:47:9c:ad:04:ea:b6:5b:2d:25:90:b6:1f:
3f:26:cb:10:bb:02:25:e8:5d:55:9c:05:e3:f5:93:ca:69:b4:
f9:62:77:6d
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZoQkJkH3eOyemApSofTdxFLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDgyNzYwM2E5M2JjYTMxYjAxOGY1MTFmNmQ0YjBiNzU0NmU5
NjMzNjIwHhcNMjUxMDIzMTAxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTEyYjIxNjM1YTViMzQ0ZDU5MjcxMmY4OGI1NGYxZjM5ZWE3ZDA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAma/hiILE8dUFRC9xPuTN6lJbukx0
BbQ5Cm52Q2yz6/dGFiNiMCNnabLoqY3M77egxJTMEeOUFvpP2Oz3IehAl+PYlgLp
yY5+T13MpoJCInQU5/wB37V/GCQYXSzimA2hHk1TOtenJ5QJzdrYS5gmnnBB0Fix
KPVjXJ7OitkkeVRBsF/xyg5bpycX9K+mHEwfbRzHUnG4L6+pbHKkVU6SncS1tAC3
Iqlao23B72tWL7GWBMMwvolAhquyJ8mC98Zw2r88KSxbU3cSc4s9actgbueAb7u/
RX/BvGpsRVbtfo3yhfJmLQoZnQZ2W3UBowkVcCDKeyfU1sCPnlaHo/bA1QIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFLESshY1pbNE1ZJxL4i1Tx856n0GMB8GA1UdIwQY
MBaAFIJ2A6k7yjGwGPUR9tSwt1RuljNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYt
YjE2Y2I0ZGZhZGQzLzEvc1JLeUZqV2xzMFRWa25FdmlMVlBIem5xZlFZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi85MWFmNjYtZDM5NC00MmZhLWEwYzYtYjE2Y2I0ZGZhZGQz
LzEvZ25ZRHFUdktNYkFZOVJIMjFMQzNWRzZXTTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCLVr4MAwD
BAUtXeADBAAtXeIDBAAtgk8DBAFZvpQDBALUPAAwDQYJKoZIhvcNAQELBQADggEB
ADMx1ybQ1Gs+XpWNBVlR4hQTbAb6GBNFUsCfKhw4kyigofDboH02cRhacs5AZz9b
+1Ogv2tbFjHH/WCjZ9DooBDFTdu+Kpi7ohU/RVckin1gmz+x1W4tKm+/QJz8lhlO
9c6IjuLr7R0jwx8UBUo86iyVXAGt9GcIFzz9DI7Oxdpyc/AAbTFA11wUWCm2E5ZW
porLUTOr85Y0yn71FcwrL/Med1JH++vl1YJofqZl/EGntg3jZhXWwqT8UWRfO1w2
gJ/74c28un8Zezn4xnUkWGeJfnLF+s4Cxtvb/OaxqEecrQTqtlstJZC2Hz8myxC7
AiXoXVWcBeP1k8pptPlid20=
-----END CERTIFICATE-----
Generated at Tue Nov 4 08:01:28 2025 by rpki-client