Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/q9XJgBmsECwFsvtqXUwFBFHNsiU.roa
File: q9XJgBmsECwFsvtqXUwFBFHNsiU.roa (raw, json)
Hash identifier: +errkst+fIToo8wYi0oW8MfMgMlkMJXXHcVL/Wl4EOo=
Subject key identifier: AB:D5:C9:80:19:AC:10:2C:05:B2:FB:6A:5D:4C:05:04:51:CD:B2:25
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 019A4DCE16835B5061E52078D04D36C9E712
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/q9XJgBmsECwFsvtqXUwFBFHNsiU.roa
Signing time: Tue 04 Nov 2025 07:39:03 +0000
ROA not before: Tue 04 Nov 2025 07:39:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 45.91.161.0/24 maxlen: 24
45.135.176.0/24 maxlen: 24
45.135.178.0/24 maxlen: 24
45.135.179.0/24 maxlen: 24
45.140.61.0/24 maxlen: 24
45.143.141.0/24 maxlen: 24
45.143.143.0/24 maxlen: 24
45.147.246.0/24 maxlen: 24
45.156.149.0/24 maxlen: 24
45.156.150.0/24 maxlen: 24
176.101.59.0/24 maxlen: 24
176.101.60.0/24 maxlen: 24
193.8.164.0/24 maxlen: 24
193.8.167.0/24 maxlen: 24
193.8.175.0/24 maxlen: 24
194.156.1.0/24 maxlen: 24
213.109.109.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4d:ce:16:83:5b:50:61:e5:20:78:d0:4d:36:c9:e7:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Nov 4 07:39:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=abd5c98019ac102c05b2fb6a5d4c050451cdb225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:6f:a2:7b:51:0a:70:d0:74:81:ae:e4:ea:33:
08:7c:e7:0b:54:e4:02:75:4c:33:94:1b:e8:50:77:
5f:7a:d2:2d:32:cf:bc:4f:35:87:08:a8:4e:14:9b:
30:5d:a4:ce:91:a6:23:53:f1:15:09:de:79:dc:49:
d2:8b:db:03:0e:28:69:73:14:5e:03:bf:79:89:b5:
2f:28:15:76:8a:30:8d:b4:e0:07:92:1a:b9:6a:50:
f5:64:e3:38:dd:27:c8:81:89:58:73:61:eb:6f:9c:
0e:58:5f:11:f7:56:e9:47:0c:c9:0f:0a:0e:e3:01:
4e:8b:79:c2:c6:74:d5:bc:2f:6a:e7:c4:a3:1c:ee:
76:28:e7:45:af:f3:5c:be:df:ab:7d:ed:83:71:70:
1d:59:91:45:17:dd:d4:0a:13:ab:65:fa:c7:b8:c6:
a0:af:96:88:5d:b9:7c:72:d3:60:54:1e:62:b7:22:
af:dd:e7:2b:28:b7:bd:2e:16:4d:16:94:8a:c8:4f:
4e:fb:c5:c0:12:8a:ce:0d:1e:5a:12:32:ed:be:eb:
bc:b6:69:27:5e:d8:c0:c9:52:dd:61:da:ac:60:66:
6c:70:ef:5f:5a:7b:e4:bc:55:69:b8:7f:4c:dd:be:
a1:0a:0f:2f:c7:5e:f8:3d:cc:99:f0:b0:c5:c5:d8:
a2:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AB:D5:C9:80:19:AC:10:2C:05:B2:FB:6A:5D:4C:05:04:51:CD:B2:25
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/q9XJgBmsECwFsvtqXUwFBFHNsiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.161.0/24
45.135.176.0/24
45.135.178.0/23
45.140.61.0/24
45.143.141.0/24
45.143.143.0/24
45.147.246.0/24
45.156.149.0-45.156.150.255
176.101.59.0-176.101.60.255
193.8.164.0/24
193.8.167.0/24
193.8.175.0/24
194.156.1.0/24
213.109.109.0/24
Signature Algorithm: sha256WithRSAEncryption
25:6d:c4:51:ca:cd:9e:55:fe:c5:21:d6:9f:c4:ab:87:53:3d:
03:b8:7b:ca:4f:fa:77:7d:3b:96:5c:95:ae:12:a6:5e:df:b2:
49:60:19:e6:1e:de:7f:36:75:de:a3:4b:8a:3f:02:8a:1b:a1:
cf:99:a3:dd:fe:c4:5c:68:9f:2c:c7:2c:27:fc:0d:36:8b:47:
5f:3b:68:12:9b:60:1e:59:94:e5:a2:d7:d7:dd:6b:af:0e:e8:
61:96:ad:45:aa:f6:84:23:0f:73:05:1b:88:4d:7a:9e:00:6c:
ba:8a:32:33:5a:cb:d1:99:39:ed:ff:68:25:1d:3a:ac:6d:30:
99:e0:6c:89:66:35:63:92:0c:fb:a6:95:44:ce:9d:dc:78:fd:
25:91:35:1d:fa:6f:05:54:6d:4e:1e:55:4d:f8:40:48:5c:60:
6f:54:c1:24:75:57:6f:dc:5c:6e:74:4c:d3:68:50:92:0d:69:
86:11:34:17:8d:43:be:ab:1b:0a:e7:ce:da:cc:15:6b:17:9f:
d9:99:39:3b:93:1e:ed:d8:07:70:72:c4:e7:d3:f3:f1:30:7c:
97:a9:03:24:24:12:e7:91:28:12:d9:d9:47:bc:0b:4e:22:57:
58:09:db:2b:0c:23:92:7f:97:01:27:bf:59:34:14:c3:63:06:
89:61:d7:e7
-----BEGIN CERTIFICATE-----
MIIFWzCCBEOgAwIBAgISAZpNzhaDW1Bh5SB40E02yecSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUxMTA0MDczOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYmQ1Yzk4MDE5YWMxMDJjMDViMmZiNmE1ZDRjMDUwNDUxY2RiMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2+ie1EKcNB0ga7k6jMIfOcLVOQC
dUwzlBvoUHdfetItMs+8TzWHCKhOFJswXaTOkaYjU/EVCd553EnSi9sDDihpcxRe
A795ibUvKBV2ijCNtOAHkhq5alD1ZOM43SfIgYlYc2Hrb5wOWF8R91bpRwzJDwoO
4wFOi3nCxnTVvC9q58SjHO52KOdFr/Ncvt+rfe2DcXAdWZFFF93UChOrZfrHuMag
r5aIXbl8ctNgVB5ityKv3ecrKLe9LhZNFpSKyE9O+8XAEorODR5aEjLtvuu8tmkn
XtjAyVLdYdqsYGZscO9fWnvkvFVpuH9M3b6hCg8vx174PcyZ8LDFxdii7QIDAQAB
o4ICZzCCAmMwHQYDVR0OBBYEFKvVyYAZrBAsBbL7al1MBQRRzbIlMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvcTlYSmdCbXNFQ3dGc3Z0cVhVd0ZCRkhOc2lVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH0GCCsGAQUFBwEHAQH/BG4wbDBqBAIAATBkAwQALVuhAwQA
LYewAwQBLYeyAwQALYw9AwQALY+NAwQALY+PAwQALZP2MAwDBAAtnJUDBAAtnJYw
DAMEALBlOwMEALBlPAMEAMEIpAMEAMEIpwMEAMEIrwMEAMKcAQMEANVtbTANBgkq
hkiG9w0BAQsFAAOCAQEAJW3EUcrNnlX+xSHWn8Srh1M9A7h7yk/6d307llyVrhKm
Xt+ySWAZ5h7efzZ13qNLij8Cihuhz5mj3f7EXGifLMcsJ/wNNotHXztoEptgHlmU
5aLX191rrw7oYZatRar2hCMPcwUbiE16ngBsuooyM1rL0Zk57f9oJR06rG0wmeBs
iWY1Y5IM+6aVRM6d3Hj9JZE1HfpvBVRtTh5VTfhASFxgb1TBJHVXb9xcbnRM02hQ
kg1phhE0F41DvqsbCufO2swVaxef2Zk5O5Me7dgHcHLE59Pz8TB8l6kDJCQS55Eo
EtnZR7wLTiJXWAnbKwwjkn+XASe/WTQUw2MGiWHX5w==
-----END CERTIFICATE-----
Generated at Wed Nov 5 00:09:35 2025 by rpki-client