Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/619zNDqmtLKKCjzlIw8zZSm1ZZE.roa
File: 619zNDqmtLKKCjzlIw8zZSm1ZZE.roa (raw, json)
Hash identifier: zZAwiAuYtnzM2ojN5bJH5pjkYxQOefSCs6lkaP9dQ7s=
Subject key identifier: EB:5F:73:34:3A:A6:B4:B2:8A:0A:3C:E5:23:0F:33:65:29:B5:65:91
Certificate issuer: /CN=ef8455d40c2e3dbcb24446fcc97a09ed4badedc3
Certificate serial: 019A3A00D06F0C1A8B6722C9DEBE41A32550
Authority key identifier: EF:84:55:D4:0C:2E:3D:BC:B2:44:46:FC:C9:7A:09:ED:4B:AD:ED:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/74RV1AwuPbyyREb8yXoJ7Uut7cM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/619zNDqmtLKKCjzlIw8zZSm1ZZE.roa
Signing time: Fri 31 Oct 2025 11:22:03 +0000
ROA not before: Fri 31 Oct 2025 11:22:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198050
IP address blocks: 5.253.230.0/24 maxlen: 24
64.190.43.0/24 maxlen: 24
91.231.70.0/23 maxlen: 23
91.231.80.0/22 maxlen: 22
176.97.24.0/21 maxlen: 21
209.162.203.0/24 maxlen: 24
2a0f:1700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/74RV1AwuPbyyREb8yXoJ7Uut7cM.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/74RV1AwuPbyyREb8yXoJ7Uut7cM.mft
rsync://rpki.ripe.net/repository/DEFAULT/74RV1AwuPbyyREb8yXoJ7Uut7cM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 14:00:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3a:00:d0:6f:0c:1a:8b:67:22:c9:de:be:41:a3:25:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ef8455d40c2e3dbcb24446fcc97a09ed4badedc3
Validity
Not Before: Oct 31 11:22:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eb5f73343aa6b4b28a0a3ce5230f336529b56591
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:89:32:e8:0a:36:ce:38:33:d3:93:ee:fa:de:a5:
8d:e2:a7:81:b0:bc:0f:34:79:c5:45:3c:01:61:96:
be:54:02:a0:8e:7b:db:0e:37:8a:1a:6f:c3:58:83:
11:80:b5:15:2c:5a:28:10:11:e8:9c:74:18:ce:3e:
98:49:98:64:45:8a:4e:81:a7:93:54:46:41:0f:2c:
c7:a0:de:02:3c:b2:a2:1b:ff:46:21:04:61:90:3c:
2a:00:e2:14:b4:cb:93:a1:19:d9:c9:71:dd:fa:b8:
2c:cc:d7:13:55:a9:c2:27:08:f1:02:ec:ed:f5:a6:
d4:61:5b:e0:8f:e6:3c:b9:f8:b0:18:7e:18:18:dd:
f5:b0:6a:82:ef:d6:c8:f3:37:d0:4f:ab:99:12:eb:
f1:f0:66:cb:ec:f1:d7:bf:e1:94:90:84:0e:28:54:
51:6c:5b:8c:c9:ac:8e:9e:9a:bd:4d:c0:db:65:c3:
39:20:70:0b:54:9e:58:b5:b5:45:75:b3:5c:c1:b6:
9e:57:32:bb:95:7b:e0:a2:09:11:b1:2d:74:e4:1b:
1e:7b:2c:50:a3:d0:52:86:e6:ba:8a:35:15:83:98:
cf:07:2a:4a:61:5a:cd:26:79:5a:ce:a1:6d:bb:0e:
a0:11:9b:57:7c:08:4e:17:f1:64:93:2e:8f:4d:67:
d9:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:5F:73:34:3A:A6:B4:B2:8A:0A:3C:E5:23:0F:33:65:29:B5:65:91
X509v3 Authority Key Identifier:
keyid:EF:84:55:D4:0C:2E:3D:BC:B2:44:46:FC:C9:7A:09:ED:4B:AD:ED:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/74RV1AwuPbyyREb8yXoJ7Uut7cM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/619zNDqmtLKKCjzlIw8zZSm1ZZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/0e488f-180d-4c8a-a452-4c74bb59c594/1/74RV1AwuPbyyREb8yXoJ7Uut7cM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.253.230.0/24
64.190.43.0/24
91.231.70.0/23
91.231.80.0/22
176.97.24.0/21
209.162.203.0/24
IPv6:
2a0f:1700::/29
Signature Algorithm: sha256WithRSAEncryption
9c:31:9a:81:9d:ae:3d:9e:91:da:fd:42:03:9c:26:d3:ed:a4:
48:6e:34:9e:b3:e6:9e:22:56:8b:e6:0f:73:43:ca:1a:d4:3f:
60:c8:3e:56:00:be:54:df:24:57:e6:03:18:89:a6:b9:5f:54:
a5:42:9d:52:b4:f7:3d:b3:ac:ee:a3:0a:f3:0c:49:d9:21:3b:
b6:07:f7:6d:53:8e:30:f7:67:30:39:d1:f0:74:5a:df:4a:54:
14:df:ca:33:3d:25:e2:4e:cb:6a:e1:52:dd:59:dc:55:5e:62:
10:aa:60:1d:2a:98:e1:d7:0e:48:62:00:2f:b4:09:06:7d:da:
89:d3:8f:2a:2a:c4:63:0d:02:78:86:af:18:4d:0b:53:85:e0:
ba:a4:f6:02:84:d9:df:af:68:e0:54:dd:7d:ee:4f:88:36:72:
43:6a:1e:6a:62:f6:1b:4a:82:ba:4b:d6:f9:8d:0b:d1:f0:0a:
3d:ad:ad:f6:9d:43:b4:54:1b:72:31:f6:0a:38:31:02:9a:4e:
04:b9:11:16:12:45:1d:6f:ab:e5:d7:c1:d5:01:1c:57:30:87:
83:73:bb:8f:e7:9a:81:36:6c:80:42:ca:10:01:8e:07:58:7e:
17:be:60:d5:60:f4:83:cb:22:0f:02:56:13:2b:0e:75:69:08:
fa:7e:c3:dc
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZo6ANBvDBqLZyLJ3r5BoyVQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVmODQ1NWQ0MGMyZTNkYmNiMjQ0NDZmY2M5N2EwOWVkNGJh
ZGVkYzMwHhcNMjUxMDMxMTEyMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYjVmNzMzNDNhYTZiNGIyOGEwYTNjZTUyMzBmMzM2NTI5YjU2NTkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiTLoCjbOODPTk+763qWN4qeBsLwP
NHnFRTwBYZa+VAKgjnvbDjeKGm/DWIMRgLUVLFooEBHonHQYzj6YSZhkRYpOgaeT
VEZBDyzHoN4CPLKiG/9GIQRhkDwqAOIUtMuToRnZyXHd+rgszNcTVanCJwjxAuzt
9abUYVvgj+Y8ufiwGH4YGN31sGqC79bI8zfQT6uZEuvx8GbL7PHXv+GUkIQOKFRR
bFuMyayOnpq9TcDbZcM5IHALVJ5YtbVFdbNcwbaeVzK7lXvgogkRsS105BseeyxQ
o9BShua6ijUVg5jPBypKYVrNJnlazqFtuw6gEZtXfAhOF/Fkky6PTWfZiwIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFOtfczQ6prSyigo85SMPM2UptWWRMB8GA1UdIwQY
MBaAFO+EVdQMLj28skRG/Ml6Ce1Lre3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNzRSVjFBd3VQYnl5UkViOHlYb0o3VXV0N2NNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi8wZTQ4OGYtMTgwZC00YzhhLWE0NTIt
NGM3NGJiNTljNTk0LzEvNjE5ek5EcW10TEtLQ2p6bEl3OHpaU20xWlpFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi8wZTQ4OGYtMTgwZC00YzhhLWE0NTItNGM3NGJiNTljNTk0
LzEvNzRSVjFBd3VQYnl5UkViOHlYb0o3VXV0N2NNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQABf3mAwQA
QL4rAwQBW+dGAwQCW+dQAwQDsGEYAwQA0aLLMA0EAgACMAcDBQMqDxcAMA0GCSqG
SIb3DQEBCwUAA4IBAQCcMZqBna49npHa/UIDnCbT7aRIbjSes+aeIlaL5g9zQ8oa
1D9gyD5WAL5U3yRX5gMYiaa5X1SlQp1StPc9s6zuowrzDEnZITu2B/dtU44w92cw
OdHwdFrfSlQU38ozPSXiTstq4VLdWdxVXmIQqmAdKpjh1w5IYgAvtAkGfdqJ048q
KsRjDQJ4hq8YTQtTheC6pPYChNnfr2jgVN197k+INnJDah5qYvYbSoK6S9b5jQvR
8Ao9ra32nUO0VBtyMfYKODECmk4EuREWEkUdb6vl18HVARxXMIeDc7uP55qBNmyA
QsoQAY4HWH4XvmDVYPSDyyIPAlYTKw51aQj6fsPc
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:14:47 2025 by rpki-client