Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/U_dXAZ3qmdqC05k6YkKLMUhEYjA.roa
File: U_dXAZ3qmdqC05k6YkKLMUhEYjA.roa (raw, json)
Hash identifier: FIETwdLlQ4BShNFsAbnXOHgv4iEwZwQLhKZyYuqs+ls=
Subject key identifier: 53:F7:57:01:9D:EA:99:DA:82:D3:99:3A:62:42:8B:31:48:44:62:30
Certificate issuer: /CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Certificate serial: 019A49AF289AA84E1964C6F49E5747B2CC97
Authority key identifier: D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/U_dXAZ3qmdqC05k6YkKLMUhEYjA.roa
Signing time: Mon 03 Nov 2025 12:26:47 +0000
ROA not before: Mon 03 Nov 2025 12:26:47 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 2.154.0.0/15 maxlen: 16
2.154.0.0/16 maxlen: 16
2.154.192.0/18 maxlen: 18
2.155.0.0/16 maxlen: 16
5.40.0.0/16 maxlen: 16
62.42.0.0/15 maxlen: 16
62.57.0.0/16 maxlen: 16
62.81.0.0/16 maxlen: 24
62.82.0.0/15 maxlen: 16
62.100.96.0/19 maxlen: 19
62.117.128.0/17 maxlen: 17
62.174.0.0/15 maxlen: 19
80.224.0.0/16 maxlen: 16
81.60.0.0/15 maxlen: 18
81.184.0.0/16 maxlen: 16
81.202.0.0/16 maxlen: 16
82.159.0.0/16 maxlen: 16
82.213.128.0/18 maxlen: 18
83.138.192.0/18 maxlen: 18
83.173.128.0/18 maxlen: 18
84.120.0.0/13 maxlen: 19
84.127.229.0/24 maxlen: 24
85.219.0.0/17 maxlen: 17
85.251.0.0/16 maxlen: 17
89.140.0.0/16 maxlen: 16
89.141.0.0/16 maxlen: 16
95.39.0.0/16 maxlen: 19
185.128.128.0/22 maxlen: 24
194.106.0.0/19 maxlen: 19
194.140.128.0/18 maxlen: 18
194.149.192.0/19 maxlen: 19
212.21.224.0/19 maxlen: 19
212.40.224.0/19 maxlen: 19
212.40.224.0/24 maxlen: 24
212.78.128.0/19 maxlen: 19
212.79.128.0/19 maxlen: 19
212.95.192.0/19 maxlen: 19
212.97.160.0/19 maxlen: 19
212.122.96.0/19 maxlen: 19
212.183.192.0/18 maxlen: 18
213.37.0.0/16 maxlen: 16
213.201.0.0/17 maxlen: 17
213.227.0.0/18 maxlen: 18
213.231.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 22:37:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:49:af:28:9a:a8:4e:19:64:c6:f4:9e:57:47:b2:cc:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d434f1686102876c6216bcea28a5e502ec0d7b6b
Validity
Not Before: Nov 3 12:26:47 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=53f757019dea99da82d3993a62428b3148446230
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:2f:93:98:e2:9e:27:fe:fe:b5:50:45:13:91:
22:1b:ab:58:fd:f5:e7:b0:f2:37:7b:ae:09:52:a2:
60:eb:70:e7:1b:47:7a:47:6f:a5:ec:46:95:77:70:
b0:48:fe:c5:d7:4b:ac:90:d9:88:69:f9:2e:73:44:
7b:02:19:cc:6a:a3:8a:ac:97:f1:19:91:06:d3:35:
36:fa:c5:58:e0:f1:30:ad:a2:e7:14:26:dd:f8:a4:
b7:4b:38:15:6f:4e:8e:39:d2:26:43:87:8a:cf:2e:
13:95:b8:f2:07:cb:0d:5e:74:9c:50:a2:55:cd:2d:
c2:8d:b7:46:95:61:de:09:29:7c:fb:36:f0:d0:2c:
dc:35:2a:cf:1c:19:23:5a:58:b0:fc:77:e4:5f:bc:
bc:cf:38:c9:e3:a8:a8:58:e8:cf:25:41:b8:0e:10:
0c:88:39:08:d7:da:53:4e:da:e3:e6:50:1a:af:70:
50:05:c8:e7:59:26:11:6b:34:ea:b1:b2:57:20:ae:
b2:8c:91:75:ca:95:92:cb:f1:68:b9:f6:af:66:a9:
c5:64:d7:31:cf:bc:0e:5c:f8:a9:76:9a:24:b3:0f:
c2:8c:b0:50:e4:7d:be:d7:07:4f:72:72:2a:dc:06:
07:53:37:8b:fb:4e:69:d3:7b:73:11:3a:ec:59:0a:
33:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:F7:57:01:9D:EA:99:DA:82:D3:99:3A:62:42:8B:31:48:44:62:30
X509v3 Authority Key Identifier:
keyid:D4:34:F1:68:61:02:87:6C:62:16:BC:EA:28:A5:E5:02:EC:0D:7B:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1DTxaGECh2xiFrzqKKXlAuwNe2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/U_dXAZ3qmdqC05k6YkKLMUhEYjA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/726bb4-5d87-402d-91ce-5712d95ae638/1/1DTxaGECh2xiFrzqKKXlAuwNe2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.154.0.0/15
5.40.0.0/16
62.42.0.0/15
62.57.0.0/16
62.81.0.0-62.83.255.255
62.100.96.0/19
62.117.128.0/17
62.174.0.0/15
80.224.0.0/16
81.60.0.0/15
81.184.0.0/16
81.202.0.0/16
82.159.0.0/16
82.213.128.0/18
83.138.192.0/18
83.173.128.0/18
84.120.0.0/13
85.219.0.0/17
85.251.0.0/16
89.140.0.0/15
95.39.0.0/16
185.128.128.0/22
194.106.0.0/19
194.140.128.0/18
194.149.192.0/19
212.21.224.0/19
212.40.224.0/19
212.78.128.0/19
212.79.128.0/19
212.95.192.0/19
212.97.160.0/19
212.122.96.0/19
212.183.192.0/18
213.37.0.0/16
213.201.0.0/17
213.227.0.0/18
213.231.64.0/18
Signature Algorithm: sha256WithRSAEncryption
74:a9:27:ce:ec:47:be:88:1f:9c:fc:ff:22:59:07:88:3f:f5:
7d:e3:e1:af:15:e2:77:f6:5b:e8:0b:17:63:e9:dd:9a:ff:8f:
2a:a6:71:62:eb:24:81:89:6f:39:ad:b5:5d:27:0c:ab:8a:15:
07:8a:41:e6:ee:b7:1f:a7:36:16:53:0e:14:5b:f3:bf:f1:24:
d4:e8:0f:89:62:eb:61:5c:30:1c:1a:99:c2:35:33:e7:36:b9:
53:4b:8b:63:b4:c1:ec:04:d4:98:53:b1:13:2c:cb:79:a2:a0:
42:fa:b4:1a:78:6a:2c:d8:eb:f2:1c:16:5b:60:6c:fb:85:46:
85:2f:25:3c:14:47:ee:a6:81:fd:9d:c6:75:33:37:4e:8e:1f:
8f:95:e9:f8:71:81:af:52:49:eb:22:32:1e:ba:27:94:0b:70:
43:c3:c2:3d:51:83:36:8a:3c:8e:c0:3f:3a:69:05:b8:ed:d6:
d3:8e:81:04:95:e0:18:22:04:ea:9c:bd:c8:8c:ef:7f:b6:40:
de:e5:cb:f1:95:7d:9f:ed:c7:6f:70:51:e1:51:ae:45:74:65:
8b:25:1e:76:4f:c0:91:9d:e0:4d:c4:77:74:a7:d7:7a:78:41:
0a:35:f4:e8:4a:07:a7:6b:31:af:bc:ea:80:12:21:ec:7c:44:
56:0c:8e:2b
-----BEGIN CERTIFICATE-----
MIIF0TCCBLmgAwIBAgISAZpJryiaqE4ZZMb0nldHssyXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0MzRmMTY4NjEwMjg3NmM2MjE2YmNlYTI4YTVlNTAyZWMw
ZDdiNmIwHhcNMjUxMTAzMTIyNjQ3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1M2Y3NTcwMTlkZWE5OWRhODJkMzk5M2E2MjQyOGIzMTQ4NDQ2MjMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0C+TmOKeJ/7+tVBFE5EiG6tY/fXn
sPI3e64JUqJg63DnG0d6R2+l7EaVd3CwSP7F10uskNmIafkuc0R7AhnMaqOKrJfx
GZEG0zU2+sVY4PEwraLnFCbd+KS3SzgVb06OOdImQ4eKzy4TlbjyB8sNXnScUKJV
zS3CjbdGlWHeCSl8+zbw0CzcNSrPHBkjWliw/HfkX7y8zzjJ46ioWOjPJUG4DhAM
iDkI19pTTtrj5lAar3BQBcjnWSYRazTqsbJXIK6yjJF1ypWSy/FoufavZqnFZNcx
z7wOXPipdpoksw/CjLBQ5H2+1wdPcnIq3AYHUzeL+05p03tzETrsWQozyQIDAQAB
o4IC3TCCAtkwHQYDVR0OBBYEFFP3VwGd6pnagtOZOmJCizFIRGIwMB8GA1UdIwQY
MBaAFNQ08WhhAodsYha86iil5QLsDXtrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2Ut
NTcxMmQ5NWFlNjM4LzEvVV9kWEFaM3FtZHFDMDVrNllrS0xNVWhFWWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC83MjZiYjQtNWQ4Ny00MDJkLTkxY2UtNTcxMmQ5NWFlNjM4
LzEvMURUeGFHRUNoMnhpRnJ6cUtLWGxBdXdOZTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHyBggrBgEFBQcBBwEB/wSB4jCB3zCB3AQCAAEwgdUDAwEC
mgMDAAUoAwMBPioDAwA+OTAKAwMAPlEDAwI+UAMEBT5kYAMEBz51gAMDAT6uAwMA
UOADAwFRPAMDAFG4AwMAUcoDAwBSnwMEBlLVgAMEBlOKwAMEBlOtgAMDA1R4AwQH
VdsAAwMAVfsDAwFZjAMDAF8nAwQCuYCAAwQFwmoAAwQGwoyAAwQFwpXAAwQF1BXg
AwQF1CjgAwQF1E6AAwQF1E+AAwQF1F/AAwQF1GGgAwQF1HpgAwQG1LfAAwMA1SUD
BAfVyQADBAbV4wADBAbV50AwDQYJKoZIhvcNAQELBQADggEBAHSpJ87sR76IH5z8
/yJZB4g/9X3j4a8V4nf2W+gLF2Pp3Zr/jyqmcWLrJIGJbzmttV0nDKuKFQeKQebu
tx+nNhZTDhRb87/xJNToD4li62FcMBwamcI1M+c2uVNLi2O0wewE1JhTsRMsy3mi
oEL6tBp4aizY6/IcFltgbPuFRoUvJTwUR+6mgf2dxnUzN06OH4+V6fhxga9SSesi
Mh66J5QLcEPDwj1RgzaKPI7APzppBbjt1tOOgQSV4BgiBOqcvciM73+2QN7ly/GV
fZ/tx29wUeFRrkV0ZYslHnZPwJGd4E3Ed3Sn13p4QQo19OhKB6drMa+86oASIex8
RFYMjis=
-----END CERTIFICATE-----
Generated at Wed Nov 5 06:40:58 2025 by rpki-client