Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/6p4XsIf2Jgcq13AHXoka66lPepQ.roa
File: 6p4XsIf2Jgcq13AHXoka66lPepQ.roa (raw, json)
Hash identifier: F8bsec6BH3gYkJZZyTqqlWAkRjpHnfjlO6lHL0W2xoU=
Subject key identifier: EA:9E:17:B0:87:F6:26:07:2A:D7:70:07:5E:89:1A:EB:A9:4F:7A:94
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019A4E15ABA17E13535944F0B38B3224443F
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/6p4XsIf2Jgcq13AHXoka66lPepQ.roa
Signing time: Tue 04 Nov 2025 08:57:14 +0000
ROA not before: Tue 04 Nov 2025 08:57:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209737
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
77.83.203.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb00::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:15:ab:a1:7e:13:53:59:44:f0:b3:8b:32:24:44:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 4 08:57:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ea9e17b087f626072ad770075e891aeba94f7a94
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:23:50:49:24:4e:68:63:fd:e6:bd:87:aa:d5:
1b:85:62:b2:ae:c0:44:aa:0b:97:e6:07:98:0a:4c:
f8:3c:1a:d5:7d:af:04:ea:ca:f1:cd:97:f4:f9:f7:
6a:55:b9:e2:62:2f:e7:f0:c8:6e:2b:7d:81:4b:8d:
f4:1d:85:43:f2:69:6e:49:a3:d7:02:75:0e:bb:54:
6c:ab:29:d9:b8:c1:db:4b:38:3b:6c:9c:20:a1:06:
67:35:f2:2b:b4:53:60:c0:08:ff:84:79:85:7f:2c:
19:f6:fb:ea:dd:17:4c:80:35:9c:32:88:57:52:3c:
a4:bc:fa:95:3d:f6:85:1e:1f:1d:c4:56:8d:db:da:
9f:82:ba:aa:a5:bf:21:07:a2:14:8c:f5:d1:70:56:
f2:79:d8:92:12:ae:69:18:d7:67:0f:08:b4:23:99:
4d:d6:f3:1a:e5:cd:28:88:35:a0:ac:be:bc:f8:0b:
0f:14:6c:16:a1:14:9d:1e:11:50:12:dd:1c:ba:70:
17:23:96:70:39:7d:a4:0d:02:cf:22:c0:6a:4e:ad:
38:d0:5a:e6:21:18:05:4a:8b:db:4f:d1:83:5a:66:
96:b2:a3:00:0d:58:55:9e:39:a2:7d:c2:5a:78:f1:
61:1b:cd:27:cb:60:1f:c6:eb:6d:0f:84:4e:71:f6:
57:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EA:9E:17:B0:87:F6:26:07:2A:D7:70:07:5E:89:1A:EB:A9:4F:7A:94
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/6p4XsIf2Jgcq13AHXoka66lPepQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.131.0.0/23
45.136.4.0/24
45.141.149.0/24
45.147.44.0/24
77.83.200.0/22
194.116.237.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::/32
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
5e:66:a9:16:b5:11:a6:0a:32:d8:f7:b2:81:5b:3f:99:c8:52:
25:74:b5:55:ea:0c:1d:d3:d4:ff:44:d6:4a:b1:82:21:08:9d:
e8:ca:14:7e:af:84:c7:c3:99:93:a6:14:59:b4:37:ba:04:93:
50:ce:c0:f7:1d:0c:1f:8a:5a:67:90:5c:f3:98:b2:7c:16:f4:
a0:c4:e6:9f:7a:63:25:40:37:3c:47:9d:c5:63:a4:26:5a:3c:
99:6d:9f:1b:7f:cf:58:df:17:a2:cb:2a:a5:d5:8b:12:5a:b3:
ce:c8:59:eb:54:a8:04:4b:5f:a2:f0:14:ab:0e:6a:11:0f:cd:
7b:1d:4f:6c:b8:db:a6:00:cb:c7:ef:a9:3c:fd:7b:b8:0a:23:
94:4f:5a:9d:7e:9d:b9:ed:64:b4:b5:ce:d4:60:41:c0:38:50:
75:30:bb:49:83:95:e8:b9:97:cc:d7:d6:3c:57:42:19:a7:4c:
ad:d0:56:99:33:a1:89:4c:fe:65:fb:e1:50:02:09:33:72:33:
50:d2:e2:d0:cb:2a:c2:f5:19:31:a3:2a:69:29:f3:ff:ed:d6:
20:ca:4a:20:84:62:5d:f3:9e:0d:16:97:0e:34:28:87:98:7c:
e1:17:f8:a7:6e:5d:f1:09:81:b4:31:ec:6a:fb:19:94:78:83:
a9:be:b4:80
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZpOFauhfhNTWUTws4syJEQ/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUxMTA0MDg1NzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYTllMTdiMDg3ZjYyNjA3MmFkNzcwMDc1ZTg5MWFlYmE5NGY3YTk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwSNQSSROaGP95r2HqtUbhWKyrsBE
qguX5geYCkz4PBrVfa8E6srxzZf0+fdqVbniYi/n8MhuK32BS430HYVD8mluSaPX
AnUOu1RsqynZuMHbSzg7bJwgoQZnNfIrtFNgwAj/hHmFfywZ9vvq3RdMgDWcMohX
UjykvPqVPfaFHh8dxFaN29qfgrqqpb8hB6IUjPXRcFbyediSEq5pGNdnDwi0I5lN
1vMa5c0oiDWgrL68+AsPFGwWoRSdHhFQEt0cunAXI5ZwOX2kDQLPIsBqTq040Frm
IRgFSovbT9GDWmaWsqMADVhVnjmifcJaePFhG80ny2AfxuttD4ROcfZXUwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFOqeF7CH9iYHKtdwB16JGuupT3qUMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvNnA0WHNJZjJKZ2NxMTNBSFhva2E2NmxQZXBRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljBEBAIAATA+MAwDBAAF
tGkDBAIFtGgDBAEtgwADBAAtiAQDBAAtjZUDBAAtkywDBAJNU8gDBADCdO0DBADC
kiQDBADCki8wTgQCAAIwSAMFAyoJh4ADBQMqD7cAAwUDKg/pAAMFAyoP6wADBQMq
D+0AAwUDKg/5AAMHACoTpEAABwMFACoTpEEDBQAqE6RFAwUAKhOkRzANBgkqhkiG
9w0BAQsFAAOCAQEAXmapFrURpgoy2PeygVs/mchSJXS1VeoMHdPU/0TWSrGCIQid
6MoUfq+Ex8OZk6YUWbQ3ugSTUM7A9x0MH4paZ5Bc85iyfBb0oMTmn3pjJUA3PEed
xWOkJlo8mW2fG3/PWN8XossqpdWLElqzzshZ61SoBEtfovAUqw5qEQ/Nex1PbLjb
pgDLx++pPP17uAojlE9anX6due1ktLXO1GBBwDhQdTC7SYOV6LmXzNfWPFdCGadM
rdBWmTOhiUz+ZfvhUAIJM3IzUNLi0MsqwvUZMaMqaSnz/+3WIMpKIIRiXfOeDRaX
DjQoh5h84Rf4p25d8QmBtDHsavsZlHiDqb60gA==
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:29:11 2025 by rpki-client