Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/IwmqUO5Bdk2j3timNXeqPfEF5nc.roa
File: IwmqUO5Bdk2j3timNXeqPfEF5nc.roa (raw, json)
Hash identifier: FQvshkZef45phExzjp94y2UhhZ4QwXZc9vGnxeRHx6E=
Subject key identifier: 23:09:AA:50:EE:41:76:4D:A3:DE:D8:A6:35:77:AA:3D:F1:05:E6:77
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 01997FFDCE151F690FA82B5E0031C437DF63
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/IwmqUO5Bdk2j3timNXeqPfEF5nc.roa
Signing time: Thu 25 Sep 2025 08:29:23 +0000
ROA not before: Thu 25 Sep 2025 08:29:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59651
IP address blocks: 5.181.168.0/24 maxlen: 24
5.181.169.0/24 maxlen: 24
5.183.255.0/24 maxlen: 24
185.89.42.0/24 maxlen: 24
185.89.43.0/24 maxlen: 24
213.232.120.0/24 maxlen: 24
213.232.122.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 12 Oct 2025 11:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7f:fd:ce:15:1f:69:0f:a8:2b:5e:00:31:c4:37:df:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Sep 25 08:29:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2309aa50ee41764da3ded8a63577aa3df105e677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:a4:3b:62:24:c9:6b:21:23:68:17:ec:ec:28:
7b:6d:76:65:72:c0:b8:16:c1:5e:a4:c7:1e:51:11:
b4:71:30:66:fc:73:a1:5b:80:06:c2:09:5f:1f:9b:
30:9c:8f:12:9f:35:9f:46:9e:b3:45:d5:b9:c0:b3:
30:65:13:55:3d:d3:e4:56:da:38:79:28:5e:3a:9b:
7c:7d:fd:2f:7f:8f:bf:4c:75:a8:8a:e7:bc:d3:c7:
82:31:ec:c8:33:82:89:9c:58:aa:98:c4:44:67:48:
d4:1e:3e:d4:b0:24:7f:60:2c:65:25:ca:5c:c6:dc:
46:e5:a4:b8:95:b6:42:47:8d:4a:3b:76:c5:82:9f:
a7:f4:5f:78:81:a5:c9:b6:f6:4b:1b:81:23:da:f9:
7c:35:70:c6:57:0f:00:49:e9:7f:cd:bf:d8:ea:6a:
2b:b8:c2:e7:56:be:68:af:f2:b0:54:66:ae:43:64:
38:7d:0a:13:a1:16:85:e6:9a:96:ce:ff:38:b7:1c:
62:cb:7f:ac:ae:9b:f3:52:7c:8e:77:b3:07:a9:10:
c1:5b:bd:bb:2c:10:25:28:0b:ad:f3:9b:1b:c8:09:
fb:e2:f4:ef:1e:64:92:f1:22:36:da:63:d2:84:84:
f5:23:5b:20:82:00:34:9d:a5:ab:5a:5c:4b:7f:2a:
92:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:09:AA:50:EE:41:76:4D:A3:DE:D8:A6:35:77:AA:3D:F1:05:E6:77
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/IwmqUO5Bdk2j3timNXeqPfEF5nc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.168.0/23
5.183.255.0/24
185.89.42.0/23
213.232.120.0/24
213.232.122.0/24
Signature Algorithm: sha256WithRSAEncryption
66:6a:28:75:39:95:9f:1a:fb:7b:06:50:ec:68:c4:ed:1a:83:
6d:a7:30:44:c2:84:97:d1:fe:4b:c4:e0:7a:79:27:6a:5c:08:
5d:d3:69:4b:b2:82:9d:dc:a8:71:3d:26:33:3b:14:f4:62:31:
87:dc:9c:43:80:a6:be:5f:69:4e:e3:98:fc:2a:26:04:91:62:
08:56:5a:7b:e6:46:1d:cc:69:62:38:15:3d:68:05:2e:f5:5f:
a4:54:78:61:17:6d:8b:a7:8b:1e:d9:21:6c:df:27:cb:6e:66:
9c:73:15:9b:1a:b8:10:91:a9:c5:99:73:91:12:3e:28:27:d3:
12:b3:a4:2f:64:e0:58:e3:21:ca:79:f6:6b:07:bc:c4:d5:f1:
39:5c:9a:4d:47:e9:fa:73:cb:99:8f:7a:fe:e1:cb:4b:fd:6b:
cd:2a:ee:22:d2:ac:23:cf:9e:33:2c:c2:ae:ee:c6:2a:10:3d:
3f:fe:d2:05:49:bc:10:87:07:43:39:5d:66:83:37:74:f8:f1:
40:78:43:b6:1f:15:0e:02:a4:f0:64:3f:08:82:f6:c7:6e:e1:
1f:da:99:53:34:df:a4:c3:21:f5:87:58:58:b8:5c:9e:e1:50:
8c:f1:e6:4e:f8:b5:54:0b:93:ca:37:07:6e:80:a5:a0:60:0e:
85:4c:8f:e8
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZl//c4VH2kPqCteADHEN99jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUwOTI1MDgyOTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMzA5YWE1MGVlNDE3NjRkYTNkZWQ4YTYzNTc3YWEzZGYxMDVlNjc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp6Q7YiTJayEjaBfs7Ch7bXZlcsC4
FsFepMceURG0cTBm/HOhW4AGwglfH5swnI8SnzWfRp6zRdW5wLMwZRNVPdPkVto4
eSheOpt8ff0vf4+/THWoiue808eCMezIM4KJnFiqmMREZ0jUHj7UsCR/YCxlJcpc
xtxG5aS4lbZCR41KO3bFgp+n9F94gaXJtvZLG4Ej2vl8NXDGVw8ASel/zb/Y6mor
uMLnVr5or/KwVGauQ2Q4fQoToRaF5pqWzv84txxiy3+srpvzUnyOd7MHqRDBW727
LBAlKAut85sbyAn74vTvHmSS8SI22mPShIT1I1sgggA0naWrWlxLfyqSDQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFCMJqlDuQXZNo97YpjV3qj3xBeZ3MB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvSXdtcVVPNUJkazJqM3RpbU5YZXFQZkVGNW5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBBbWoAwQA
Bbf/AwQBuVkqAwQA1eh4AwQA1eh6MA0GCSqGSIb3DQEBCwUAA4IBAQBmaih1OZWf
Gvt7BlDsaMTtGoNtpzBEwoSX0f5LxOB6eSdqXAhd02lLsoKd3KhxPSYzOxT0YjGH
3JxDgKa+X2lO45j8KiYEkWIIVlp75kYdzGliOBU9aAUu9V+kVHhhF22Lp4se2SFs
3yfLbmaccxWbGrgQkanFmXOREj4oJ9MSs6QvZOBY4yHKefZrB7zE1fE5XJpNR+n6
c8uZj3r+4ctL/WvNKu4i0qwjz54zLMKu7sYqED0//tIFSbwQhwdDOV1mgzd0+PFA
eEO2HxUOAqTwZD8IgvbHbuEf2plTNN+kwyH1h1hYuFye4VCM8eZO+LVUC5PKNwdu
gKWgYA6FTI/o
-----END CERTIFICATE-----
Generated at Sat Oct 11 17:46:20 2025 by rpki-client