Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/sAE-Hl68vnhnSeOEkdOvbCITI3s.roa
File: sAE-Hl68vnhnSeOEkdOvbCITI3s.roa (raw, json)
Hash identifier: +zv5NFL3GNnw57mEaHIY7DHrB2enuzSZniAXWNA14go=
Subject key identifier: B0:01:3E:1E:5E:BC:BE:78:67:49:E3:84:91:D3:AF:6C:22:13:23:7B
Certificate issuer: /CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Certificate serial: 019A4F5D41D798F579D5E7E6C61F467F205A
Authority key identifier: B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/sAE-Hl68vnhnSeOEkdOvbCITI3s.roa
Signing time: Tue 04 Nov 2025 14:55:03 +0000
ROA not before: Tue 04 Nov 2025 14:55:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1299
IP address blocks: 153.112.128.0/24 maxlen: 24
153.112.195.0/24 maxlen: 24
153.112.200.0/23 maxlen: 24
153.112.203.0/24 maxlen: 24
153.112.205.0/24 maxlen: 24
153.112.210.0/24 maxlen: 24
153.112.216.0/24 maxlen: 24
153.112.217.0/24 maxlen: 24
153.112.223.0/24 maxlen: 24
153.112.224.0/24 maxlen: 24
153.112.225.0/24 maxlen: 24
153.112.226.0/24 maxlen: 24
153.112.227.0/24 maxlen: 24
153.112.228.0/24 maxlen: 24
153.112.229.0/24 maxlen: 24
153.112.230.0/24 maxlen: 24
153.112.231.0/24 maxlen: 24
192.131.25.0/24 maxlen: 24
192.157.12.0/23 maxlen: 24
192.157.14.0/24 maxlen: 24
192.157.15.0/24 maxlen: 24
192.157.16.0/23 maxlen: 23
192.157.16.0/24 maxlen: 24
192.157.17.0/24 maxlen: 24
193.53.25.0/24 maxlen: 24
193.53.29.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 08:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4f:5d:41:d7:98:f5:79:d5:e7:e6:c6:1f:46:7f:20:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4852ffba7d57c5a8afbb6ea5beaf7dfec0c145a
Validity
Not Before: Nov 4 14:55:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b0013e1e5ebcbe786749e38491d3af6c2213237b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:fe:b9:06:9c:42:56:2b:d1:f6:cf:15:ad:cc:
80:2f:dc:23:c0:3d:6f:15:86:34:85:de:cc:50:aa:
5f:dc:69:ee:48:9e:0c:7f:90:98:33:5c:d3:48:34:
02:85:38:a5:e8:d9:0c:2e:33:d7:fa:d6:e8:33:cf:
f7:0d:c4:dc:98:bd:ab:0a:2d:98:96:d4:c4:f9:e0:
bc:70:c9:11:3c:5e:ac:03:13:49:9e:93:2f:db:5b:
02:33:08:67:ae:45:86:dc:dc:d6:f4:57:63:98:13:
bf:6f:e0:f9:a8:fb:7d:73:41:4c:85:22:14:c1:01:
fa:42:e9:76:d9:96:b6:86:78:ba:21:ba:7e:43:bf:
9c:f7:f2:ed:51:5a:5e:3f:71:a3:71:0c:ed:3b:c1:
d4:ae:cc:d2:38:58:ef:57:da:37:cd:f2:4b:e6:c6:
20:b7:1c:e9:92:ea:e3:a5:3f:ea:22:45:8a:9f:44:
06:3e:b0:ef:eb:7d:85:30:fc:05:a8:5d:3e:10:7e:
48:f3:d6:bd:2f:87:9c:c6:b6:5e:94:eb:a2:c6:09:
a2:eb:0e:2b:3c:ab:87:77:1f:a0:13:26:b7:a5:82:
a3:a0:55:bb:20:8a:c4:8b:91:db:f2:1f:e1:0e:ae:
95:a4:cb:d3:c5:20:ee:a1:23:9a:05:ef:90:51:d2:
4d:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:01:3E:1E:5E:BC:BE:78:67:49:E3:84:91:D3:AF:6C:22:13:23:7B
X509v3 Authority Key Identifier:
keyid:B4:85:2F:FB:A7:D5:7C:5A:8A:FB:B6:EA:5B:EA:F7:DF:EC:0C:14:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tIUv-6fVfFqK-7bqW-r33-wMFFo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/sAE-Hl68vnhnSeOEkdOvbCITI3s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/e45e30-e7d8-4fb8-90ad-f71038e967a4/1/tIUv-6fVfFqK-7bqW-r33-wMFFo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
153.112.128.0/24
153.112.195.0/24
153.112.200.0/23
153.112.203.0/24
153.112.205.0/24
153.112.210.0/24
153.112.216.0/23
153.112.223.0-153.112.231.255
192.131.25.0/24
192.157.12.0-192.157.17.255
193.53.25.0/24
193.53.29.0/24
Signature Algorithm: sha256WithRSAEncryption
8c:e0:c3:b6:91:0b:5a:be:c8:c8:b1:1e:ff:38:ee:61:cb:1c:
b4:c5:0c:dd:1b:c1:e9:84:13:c4:bf:80:05:02:c2:90:f5:e3:
1b:18:10:33:54:55:51:ff:bd:ef:33:23:6a:6c:98:99:48:ba:
bf:c5:91:be:34:e4:f9:42:c8:a9:68:8c:76:ac:54:28:e8:1d:
a8:37:13:81:f4:ad:77:86:df:d8:1a:c3:39:6a:01:a8:f3:49:
08:89:1d:d0:be:64:19:cf:ef:7b:45:01:56:04:b5:79:b2:39:
85:92:2f:73:54:07:ba:c8:3b:b0:08:a3:a8:6e:d8:ea:c3:ea:
23:b8:e8:77:35:1b:1a:db:8b:52:2e:12:1c:e2:03:51:4f:aa:
f7:c0:19:e5:9e:75:4b:0c:60:31:e4:c6:50:c3:59:31:1e:e8:
a5:13:42:ae:73:5d:55:29:59:50:af:a3:e0:45:1c:a3:14:f5:
25:28:13:bc:d3:bd:fa:12:47:ea:1e:eb:47:77:18:79:11:6d:
a9:30:5d:58:a1:98:54:5f:bc:2b:60:3f:d7:32:46:ab:24:73:
8d:90:8a:a4:3a:e1:d9:9f:f6:44:50:d0:ca:e2:da:c6:ea:f7:
99:ae:af:ba:fc:3f:4e:d3:9a:c5:e4:4c:30:89:94:4c:76:e6:
ee:6e:30:b8
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZpPXUHXmPV51efmxh9GfyBaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0ODUyZmZiYTdkNTdjNWE4YWZiYjZlYTViZWFmN2RmZWMw
YzE0NWEwHhcNMjUxMTA0MTQ1NTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDAxM2UxZTVlYmNiZTc4Njc0OWUzODQ5MWQzYWY2YzIyMTMyMzdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr/65BpxCVivR9s8VrcyAL9wjwD1v
FYY0hd7MUKpf3GnuSJ4Mf5CYM1zTSDQChTil6NkMLjPX+tboM8/3DcTcmL2rCi2Y
ltTE+eC8cMkRPF6sAxNJnpMv21sCMwhnrkWG3NzW9FdjmBO/b+D5qPt9c0FMhSIU
wQH6Qul22Za2hni6Ibp+Q7+c9/LtUVpeP3GjcQztO8HUrszSOFjvV9o3zfJL5sYg
txzpkurjpT/qIkWKn0QGPrDv632FMPwFqF0+EH5I89a9L4ecxrZelOuixgmi6w4r
PKuHdx+gEya3pYKjoFW7IIrEi5Hb8h/hDq6VpMvTxSDuoSOaBe+QUdJNLwIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFLABPh5evL54Z0njhJHTr2wiEyN7MB8GA1UdIwQY
MBaAFLSFL/un1Xxaivu26lvq99/sDBRaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQt
ZjcxMDM4ZTk2N2E0LzEvc0FFLUhsNjh2bmhuU2VPRWtkT3ZiQ0lUSTNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC9lNDVlMzAtZTdkOC00ZmI4LTkwYWQtZjcxMDM4ZTk2N2E0
LzEvdElVdi02ZlZmRnFLLTdicVctcjMzLXdNRkZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQAmXCAAwQA
mXDDAwQBmXDIAwQAmXDLAwQAmXDNAwQAmXDSAwQBmXDYMAwDBACZcN8DBAOZcOAD
BADAgxkwDAMEAsCdDAMEAcCdEAMEAME1GQMEAME1HTANBgkqhkiG9w0BAQsFAAOC
AQEAjODDtpELWr7IyLEe/zjuYcsctMUM3RvB6YQTxL+ABQLCkPXjGxgQM1RVUf+9
7zMjamyYmUi6v8WRvjTk+ULIqWiMdqxUKOgdqDcTgfStd4bf2BrDOWoBqPNJCIkd
0L5kGc/ve0UBVgS1ebI5hZIvc1QHusg7sAijqG7Y6sPqI7jodzUbGtuLUi4SHOID
UU+q98AZ5Z51SwxgMeTGUMNZMR7opRNCrnNdVSlZUK+j4EUcoxT1JSgTvNO9+hJH
6h7rR3cYeRFtqTBdWKGYVF+8K2A/1zJGqyRzjZCKpDrh2Z/2RFDQyuLaxur3ma6v
uvw/TtOaxeRMMImUTHbm7m4wuA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 18:29:47 2025 by rpki-client