Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/q4vFEw2QFzFOOigkg_Oz6Dj8caI.roa
File: q4vFEw2QFzFOOigkg_Oz6Dj8caI.roa (raw, json)
Hash identifier: P/kG5pJXyCnqwH59BmdhYZXtEDA5nc0ZCuOjHAZWVEs=
Subject key identifier: AB:8B:C5:13:0D:90:17:31:4E:3A:28:24:83:F3:B3:E8:38:FC:71:A2
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 019A4E15AB22AA049B548BD9C3A9691CA09D
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/q4vFEw2QFzFOOigkg_Oz6Dj8caI.roa
Signing time: Tue 04 Nov 2025 08:57:14 +0000
ROA not before: Tue 04 Nov 2025 08:57:14 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 17:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:15:ab:22:aa:04:9b:54:8b:d9:c3:a9:69:1c:a0:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Nov 4 08:57:14 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ab8bc5130d9017314e3a282483f3b3e838fc71a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:61:77:c8:69:62:37:47:a9:02:20:eb:41:56:
ca:2d:0e:97:28:5a:c8:8f:e9:3d:2a:84:ec:05:c9:
48:5f:69:60:2b:49:5c:72:1c:15:dd:53:35:25:2c:
60:bb:b1:52:9c:0f:ea:88:23:e6:28:76:d0:d6:5b:
f6:a8:57:62:d4:96:03:45:4a:46:9c:41:a5:af:ef:
cf:da:bc:2a:c0:57:bb:a8:6c:ab:d2:5e:40:9b:6c:
90:ca:e0:f0:c2:c0:52:20:ee:c5:f5:e2:59:48:ec:
11:62:75:28:ea:5e:5d:d3:d4:64:f9:89:0c:b9:f2:
c1:bb:fe:e7:55:7c:85:d8:6c:96:2b:52:18:ac:09:
43:e1:ea:fb:bc:7b:f4:a3:5d:c1:76:d1:d9:ad:87:
f2:0d:71:1d:e9:8f:f1:c8:53:02:7f:e6:98:94:0b:
c3:48:96:a5:da:16:d8:f9:0a:45:34:53:97:f8:05:
e7:97:66:84:83:03:2a:06:d1:b4:e4:31:d9:86:dd:
34:e8:4d:96:f3:2e:bc:6f:f6:0d:9a:03:20:ea:24:
77:71:2f:6d:60:f9:01:3b:d3:e9:fb:9a:44:50:ca:
bd:9a:67:0b:6e:56:98:cd:f9:bf:b2:84:76:79:db:
c8:a4:24:ce:ac:ec:b4:32:38:7c:23:28:86:6f:14:
b3:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:8B:C5:13:0D:90:17:31:4E:3A:28:24:83:F3:B3:E8:38:FC:71:A2
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/q4vFEw2QFzFOOigkg_Oz6Dj8caI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.131.0.0/22
45.136.4.0/24
45.141.149.0/24
45.147.44.0/24
77.83.200.0-77.83.202.255
194.116.237.0/24
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::/32
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
58:35:00:1e:46:5c:33:fa:4a:eb:75:19:5c:0b:78:9c:3e:a2:
e0:6e:49:be:4f:81:91:18:6f:8b:98:a7:ce:0c:02:cb:c3:2b:
53:59:d2:a4:c6:39:69:d2:5c:d1:b4:30:19:ea:2b:49:39:85:
17:a2:a0:d5:57:6e:e5:03:13:c5:c9:15:79:b1:42:d0:80:48:
17:23:5c:70:cd:03:64:6b:d3:58:13:f7:f6:0f:4a:59:b3:c9:
d7:51:74:4a:e2:23:3c:07:66:b0:8d:56:a6:b9:86:6d:4e:80:
7c:24:bb:a9:c3:d3:c8:c0:0f:a5:bc:6b:d2:a8:25:ff:d8:57:
87:8d:7c:4c:7b:52:8c:52:98:db:82:84:91:85:30:eb:35:11:
ac:44:49:c2:c7:23:c0:b4:21:d7:80:dd:bd:1d:bd:51:0f:bc:
96:12:11:2d:32:26:cf:10:b4:a0:d0:d9:82:ae:0d:48:12:ef:
df:b4:81:d8:64:bd:1c:f1:16:68:66:4f:20:cc:db:95:33:48:
11:ec:2c:4c:38:85:89:93:5d:f6:a0:13:01:ad:a7:1d:41:80:
35:66:ea:b0:a5:fc:b2:7f:c7:0e:77:ce:88:44:a0:a8:41:a2:
57:42:0c:b0:ea:e1:5a:41:57:b7:cb:ad:bf:5c:52:5b:b8:c1:
d1:29:a7:07
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZpOFasiqgSbVIvZw6lpHKCdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUxMTA0MDg1NzE0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYjhiYzUxMzBkOTAxNzMxNGUzYTI4MjQ4M2YzYjNlODM4ZmM3MWEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGF3yGliN0epAiDrQVbKLQ6XKFrI
j+k9KoTsBclIX2lgK0lcchwV3VM1JSxgu7FSnA/qiCPmKHbQ1lv2qFdi1JYDRUpG
nEGlr+/P2rwqwFe7qGyr0l5Am2yQyuDwwsBSIO7F9eJZSOwRYnUo6l5d09Rk+YkM
ufLBu/7nVXyF2GyWK1IYrAlD4er7vHv0o13BdtHZrYfyDXEd6Y/xyFMCf+aYlAvD
SJal2hbY+QpFNFOX+AXnl2aEgwMqBtG05DHZht006E2W8y68b/YNmgMg6iR3cS9t
YPkBO9Pp+5pEUMq9mmcLblaYzfm/soR2edvIpCTOrOy0Mjh8IyiGbxSzPQIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFKuLxRMNkBcxTjooJIPzs+g4/HGiMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvcTR2RkV3MlFGekZPT2lna2dfT3o2RGo4Y2FJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBMBAIAATBGMAwDBAAF
tGkDBAIFtGgDBAItgwADBAAtiAQDBAAtjZUDBAAtkywwDAMEA01TyAMEAE1TygME
AMJ07QMEAMKSJAMEAMKSLzBOBAIAAjBIAwUDKgmHgAMFAyoPtwADBQMqD+kAAwUD
Kg/rAAMFAyoP7QADBQMqD/kAAwcAKhOkQAAHAwUAKhOkQQMFACoTpEUDBQAqE6RH
MA0GCSqGSIb3DQEBCwUAA4IBAQBYNQAeRlwz+krrdRlcC3icPqLgbkm+T4GRGG+L
mKfODALLwytTWdKkxjlp0lzRtDAZ6itJOYUXoqDVV27lAxPFyRV5sULQgEgXI1xw
zQNka9NYE/f2D0pZs8nXUXRK4iM8B2awjVamuYZtToB8JLupw9PIwA+lvGvSqCX/
2FeHjXxMe1KMUpjbgoSRhTDrNRGsREnCxyPAtCHXgN29Hb1RD7yWEhEtMibPELSg
0NmCrg1IEu/ftIHYZL0c8RZoZk8gzNuVM0gR7CxMOIWJk132oBMBracdQYA1Zuqw
pfyyf8cOd86IRKCoQaJXQgyw6uFaQVe3y62/XFJbuMHRKacH
-----END CERTIFICATE-----
Generated at Tue Nov 4 22:54:19 2025 by rpki-client