Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Z2hCqyh6BmW90Ph3YJgbvH-8Kw.roa
File: 4Z2hCqyh6BmW90Ph3YJgbvH-8Kw.roa (raw, json)
Hash identifier: Ir4hBZQ+f+lKLqxyAW+VSZk1PLwye846E8VymHnnxpk=
Subject key identifier: E1:9D:A1:0A:AC:A1:E8:19:96:F7:43:E1:DD:82:60:6E:F1:FE:F0:AC
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 019A4D3F44A8884131CA9F0C8799CCEF083F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Z2hCqyh6BmW90Ph3YJgbvH-8Kw.roa
Signing time: Tue 04 Nov 2025 05:03:03 +0000
ROA not before: Tue 04 Nov 2025 05:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6079
IP address blocks: 5.182.185.0/24 maxlen: 24
45.248.55.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.177.0/24 maxlen: 24
162.218.88.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.253.122.0/24 maxlen: 24
192.145.71.0/24 maxlen: 24
193.160.80.0/22 maxlen: 22
217.197.170.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:3f:44:a8:88:41:31:ca:9f:0c:87:99:cc:ef:08:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Nov 4 05:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e19da10aaca1e81996f743e1dd82606ef1fef0ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:32:3c:3d:e7:75:35:a1:1c:63:bc:0b:8d:68:
c8:77:23:f3:2a:6a:47:00:e7:46:70:f2:54:58:8d:
aa:f6:63:d3:0f:da:a4:e8:8f:b1:04:d4:d7:54:6e:
11:3e:a3:98:28:c5:24:46:c6:c0:5c:2e:57:d3:81:
27:85:18:6b:67:83:d1:2b:65:4a:0c:22:a0:de:08:
14:55:f3:76:16:7d:17:e5:b7:5f:84:cb:01:4c:26:
48:4f:9b:28:1d:13:50:62:48:fe:4d:0c:8b:65:48:
c3:f9:ac:ea:4d:90:46:73:d8:56:4c:1c:f1:3c:26:
a1:94:e7:29:f9:b7:38:15:92:23:67:20:d1:3f:42:
1b:23:f1:9c:9a:8d:17:25:8b:80:d3:7a:2b:fa:d7:
b3:fe:e1:1d:bf:88:47:37:dc:93:2a:ba:62:03:53:
57:ae:2b:e2:25:f3:f7:d9:aa:ac:4c:74:df:25:45:
1c:1d:50:33:75:e8:03:3d:7a:4c:d1:8f:5d:bb:a2:
8d:83:09:ce:2a:b0:95:18:70:39:eb:bb:56:c2:97:
c3:4f:ac:99:7b:25:70:a4:21:bf:94:a9:a6:0c:b9:
af:e8:51:b3:2c:a1:a2:90:a2:39:18:a4:82:9f:43:
07:ea:fd:52:77:d5:b8:db:71:b1:ff:a9:5b:a3:14:
75:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:9D:A1:0A:AC:A1:E8:19:96:F7:43:E1:DD:82:60:6E:F1:FE:F0:AC
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/4Z2hCqyh6BmW90Ph3YJgbvH-8Kw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
45.248.55.0/24
92.249.29.0/24
94.154.177.0/24
162.218.88.0/24
185.52.136.0/24
185.253.122.0/24
192.145.71.0/24
193.160.80.0/22
217.197.170.0/24
Signature Algorithm: sha256WithRSAEncryption
48:c8:35:6c:9d:45:82:d0:79:48:de:eb:be:79:a2:d2:16:4c:
95:79:6f:e6:6d:71:96:d7:52:6f:2e:c1:56:dc:dd:ef:9d:e7:
72:4a:b0:ce:bc:99:c0:6c:05:64:e5:b7:17:71:da:42:79:02:
12:a1:4e:05:e8:d7:f7:5e:9b:09:fd:b4:50:3e:dd:17:d0:4c:
c9:cd:29:96:7b:0c:ed:8d:b9:56:61:89:9c:56:f9:ed:97:56:
04:32:d5:16:62:83:ba:64:01:8c:51:56:d9:92:6c:04:60:e7:
44:96:9e:21:b8:e0:ad:8a:1c:c5:e2:0d:b6:65:44:05:bd:0f:
ab:f9:49:89:7e:b5:16:3d:74:3f:7d:36:c4:d4:bd:9d:1c:08:
32:71:e9:d4:cb:f8:b7:6a:9e:37:ef:97:ba:db:bf:8c:8b:84:
8e:fa:b0:58:54:f2:b6:4a:52:de:bd:14:a9:be:8a:a4:15:3b:
31:e5:58:be:0c:70:64:f6:e0:1e:8f:da:35:25:18:2f:de:19:
b4:4a:68:5f:c8:ab:d3:7a:69:78:ab:f0:5b:5f:fd:2f:03:3f:
f6:d2:a7:e1:f9:36:93:07:13:48:36:05:19:c8:98:11:a5:2c:
ca:d8:2f:c0:57:2c:9d:eb:00:7d:a3:dc:5a:f8:cf:c8:b2:f3:
ad:7d:e1:cf
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZpNP0SoiEExyp8Mh5nM7wg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUxMTA0MDUwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTlkYTEwYWFjYTFlODE5OTZmNzQzZTFkZDgyNjA2ZWYxZmVmMGFjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnTI8Ped1NaEcY7wLjWjIdyPzKmpH
AOdGcPJUWI2q9mPTD9qk6I+xBNTXVG4RPqOYKMUkRsbAXC5X04EnhRhrZ4PRK2VK
DCKg3ggUVfN2Fn0X5bdfhMsBTCZIT5soHRNQYkj+TQyLZUjD+azqTZBGc9hWTBzx
PCahlOcp+bc4FZIjZyDRP0IbI/Gcmo0XJYuA03or+tez/uEdv4hHN9yTKrpiA1NX
riviJfP32aqsTHTfJUUcHVAzdegDPXpM0Y9du6KNgwnOKrCVGHA567tWwpfDT6yZ
eyVwpCG/lKmmDLmv6FGzLKGikKI5GKSCn0MH6v1Sd9W423Gx/6lboxR1QwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOGdoQqsoegZlvdD4d2CYG7x/vCsMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNFoyaENxeWg2Qm1XOTBQaDNZSmdidkgtOEt3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQABba5AwQA
Lfg3AwQAXPkdAwQAXpqxAwQAotpYAwQAuTSIAwQAuf16AwQAwJFHAwQCwaBQAwQA
2cWqMA0GCSqGSIb3DQEBCwUAA4IBAQBIyDVsnUWC0HlI3uu+eaLSFkyVeW/mbXGW
11JvLsFW3N3vnedySrDOvJnAbAVk5bcXcdpCeQISoU4F6Nf3XpsJ/bRQPt0X0EzJ
zSmWewztjblWYYmcVvntl1YEMtUWYoO6ZAGMUVbZkmwEYOdElp4huOCtihzF4g22
ZUQFvQ+r+UmJfrUWPXQ/fTbE1L2dHAgycenUy/i3ap4375e627+Mi4SO+rBYVPK2
SlLevRSpvoqkFTsx5Vi+DHBk9uAej9o1JRgv3hm0SmhfyKvTeml4q/BbX/0vAz/2
0qfh+TaTBxNINgUZyJgRpSzK2C/AVyyd6wB9o9xa+M/IsvOtfeHP
-----END CERTIFICATE-----
Generated at Tue Nov 4 16:34:05 2025 by rpki-client