Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kGz-5BPpfemznKBPO8EptTMUiSE.roa
File: kGz-5BPpfemznKBPO8EptTMUiSE.roa (raw, json)
Hash identifier: OMaeqeqp+KmlVJgUgw0odgVFaOilLVRKkcZvRzv5j68=
Subject key identifier: 90:6C:FE:E4:13:E9:7D:E9:B3:9C:A0:4F:3B:C1:29:B5:33:14:89:21
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 019A34F7C1704928C4016843939EB16CA2E1
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kGz-5BPpfemznKBPO8EptTMUiSE.roa
Signing time: Thu 30 Oct 2025 11:54:03 +0000
ROA not before: Thu 30 Oct 2025 11:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209854
IP address blocks: 45.95.242.0/24 maxlen: 24
45.130.137.0/24 maxlen: 24
45.139.252.0/24 maxlen: 24
45.139.253.0/24 maxlen: 24
45.149.3.0/24 maxlen: 24
93.185.162.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:f7:c1:70:49:28:c4:01:68:43:93:9e:b1:6c:a2:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Oct 30 11:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=906cfee413e97de9b39ca04f3bc129b533148921
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:58:25:01:00:12:9d:b4:0e:7b:24:17:e9:65:
bb:f7:5d:7a:28:a1:f1:8d:44:66:e2:ef:8c:a4:ef:
93:cb:a4:6a:c1:57:58:fe:1a:a1:99:4b:1f:13:2f:
c6:df:17:c1:68:cc:66:48:e5:c0:22:19:0b:b7:87:
45:c8:46:56:e1:21:fd:52:a5:29:58:55:2c:04:c3:
82:9c:e6:a8:1d:95:a1:f0:82:7a:b2:e0:6b:5e:70:
de:82:87:46:bb:00:2d:bc:d2:c1:b0:b7:14:72:47:
33:26:fd:4f:9f:bb:14:58:b7:c6:97:30:10:ee:f4:
28:5a:dc:0d:bc:59:8a:d3:46:f9:c2:4b:d6:3b:45:
0b:1c:a2:13:27:3c:89:d9:8e:12:51:4d:85:8b:18:
64:e9:6b:bf:87:55:30:87:78:6a:de:39:cf:80:f8:
31:1f:69:1c:44:02:59:63:fa:42:9e:80:81:ee:dd:
de:40:a6:8d:01:d2:01:16:51:2a:d9:23:dc:49:e5:
2c:5b:65:5e:5f:3f:39:82:87:41:d1:4d:5d:5a:c8:
c1:8f:55:34:31:76:a5:7b:0a:6b:4e:b1:76:89:ed:
a3:72:84:4c:4b:29:66:be:d3:4c:35:75:ad:04:a2:
d6:cf:18:75:1e:81:21:d3:1c:b6:3a:be:47:94:e4:
08:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:6C:FE:E4:13:E9:7D:E9:B3:9C:A0:4F:3B:C1:29:B5:33:14:89:21
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/kGz-5BPpfemznKBPO8EptTMUiSE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.95.242.0/24
45.130.137.0/24
45.139.252.0/23
45.149.3.0/24
93.185.162.0/24
Signature Algorithm: sha256WithRSAEncryption
88:28:96:ff:cd:45:59:ba:66:41:82:da:d8:06:e0:5a:8a:c7:
34:67:59:85:3b:fc:be:96:9c:21:39:46:cd:22:c7:dd:04:ac:
51:cb:f9:86:33:d0:97:d1:99:ab:ce:96:a8:ab:74:ec:a4:cb:
1d:ff:42:87:05:b0:83:14:47:02:b5:75:c1:a4:9d:71:b6:c0:
a9:ea:a8:81:20:66:ef:93:bf:db:ca:37:e5:df:43:23:18:12:
27:da:d9:cf:6b:bc:ac:0d:8d:e6:58:f0:88:aa:df:f2:fb:1c:
42:d7:64:d6:2b:f5:29:48:24:d1:10:a0:b8:39:15:89:d9:09:
d6:7f:af:fa:63:9d:3e:ec:15:80:58:b6:6b:ee:fb:d9:f4:f9:
fe:7c:28:d1:66:52:3b:f8:f0:86:f5:1a:f0:36:8d:37:7f:66:
aa:05:dd:73:ba:59:4b:5e:d6:f8:08:7a:d9:a9:54:8c:55:d3:
46:85:90:27:af:b0:3d:85:9c:55:db:4a:aa:c0:6f:1d:2f:a8:
4e:df:30:f4:9c:69:ed:cc:c3:31:53:5c:56:3c:60:9d:3c:05:
be:90:c1:22:ef:85:69:2b:05:dd:06:77:28:42:cb:d7:f2:d6:
50:e8:a2:ca:48:05:1f:b3:7b:8b:31:81:e0:cc:49:de:64:3a:
6a:95:1a:fc
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZo098FwSSjEAWhDk56xbKLhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUxMDMwMTE1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDZjZmVlNDEzZTk3ZGU5YjM5Y2EwNGYzYmMxMjliNTMzMTQ4OTIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArFglAQASnbQOeyQX6WW79116KKHx
jURm4u+MpO+Ty6RqwVdY/hqhmUsfEy/G3xfBaMxmSOXAIhkLt4dFyEZW4SH9UqUp
WFUsBMOCnOaoHZWh8IJ6suBrXnDegodGuwAtvNLBsLcUckczJv1Pn7sUWLfGlzAQ
7vQoWtwNvFmK00b5wkvWO0ULHKITJzyJ2Y4SUU2Fixhk6Wu/h1Uwh3hq3jnPgPgx
H2kcRAJZY/pCnoCB7t3eQKaNAdIBFlEq2SPcSeUsW2VeXz85godB0U1dWsjBj1U0
MXalewprTrF2ie2jcoRMSylmvtNMNXWtBKLWzxh1HoEh0xy2Or5HlOQIXQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFJBs/uQT6X3ps5ygTzvBKbUzFIkhMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEva0d6LTVCUHBmZW16bktCUE84RXB0VE1VaVNFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQALV/yAwQA
LYKJAwQBLYv8AwQALZUDAwQAXbmiMA0GCSqGSIb3DQEBCwUAA4IBAQCIKJb/zUVZ
umZBgtrYBuBaisc0Z1mFO/y+lpwhOUbNIsfdBKxRy/mGM9CX0Zmrzpaoq3TspMsd
/0KHBbCDFEcCtXXBpJ1xtsCp6qiBIGbvk7/byjfl30MjGBIn2tnPa7ysDY3mWPCI
qt/y+xxC12TWK/UpSCTREKC4ORWJ2QnWf6/6Y50+7BWAWLZr7vvZ9Pn+fCjRZlI7
+PCG9RrwNo03f2aqBd1zullLXtb4CHrZqVSMVdNGhZAnr7A9hZxV20qqwG8dL6hO
3zD0nGntzMMxU1xWPGCdPAW+kMEi74VpKwXdBncoQsvX8tZQ6KLKSAUfs3uLMYHg
zEneZDpqlRr8
-----END CERTIFICATE-----
Generated at Wed Nov 5 08:13:16 2025 by rpki-client