Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/i0SeWpSdogsaJx8W0_kVOAU_lRM.roa
File: i0SeWpSdogsaJx8W0_kVOAU_lRM.roa (raw, json)
Hash identifier: zq4L3oJxr9W9+WWee/L9rMw2rGgwNa6vusNf5ygshpI=
Subject key identifier: 8B:44:9E:5A:94:9D:A2:0B:1A:27:1F:16:D3:F9:15:38:05:3F:95:13
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019A2A322F39A6533B99C47810EF443FDFE5
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/i0SeWpSdogsaJx8W0_kVOAU_lRM.roa
Signing time: Tue 28 Oct 2025 09:42:03 +0000
ROA not before: Tue 28 Oct 2025 09:42:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 45.91.52.0/22 maxlen: 32
45.91.52.0/24 maxlen: 24
45.91.53.0/24 maxlen: 24
45.91.54.0/24 maxlen: 24
45.91.55.0/24 maxlen: 24
45.140.166.0/24 maxlen: 32
45.155.52.0/22 maxlen: 32
45.155.52.0/24 maxlen: 24
45.155.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 18:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2a:32:2f:39:a6:53:3b:99:c4:78:10:ef:44:3f:df:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Oct 28 09:42:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b449e5a949da20b1a271f16d3f91538053f9513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:0c:fc:e7:45:e8:36:8b:57:a6:76:ab:0b:83:
bd:ce:27:77:f2:e1:1c:05:66:d1:25:bb:f7:37:db:
19:25:36:d6:14:dc:0d:8d:e4:48:8f:3a:32:77:c5:
7b:f0:d5:b5:c5:a2:e3:fb:66:9a:9b:2a:f6:88:d9:
74:6e:74:03:69:9a:cd:af:a6:08:25:58:47:b8:d9:
7f:e7:eb:62:22:27:bc:bb:1a:d5:bf:9b:09:68:b6:
cc:93:c5:b4:ff:36:10:6e:bb:60:14:2d:51:8a:20:
1a:78:32:88:a2:d5:47:b4:58:5e:58:62:b0:1f:13:
ae:3c:ca:62:50:49:6a:aa:9a:49:26:f4:c5:82:e3:
f6:39:ca:ff:9e:8c:c8:9b:3c:0d:28:1f:f0:f8:98:
29:7b:9e:fc:5b:64:52:79:14:28:61:cb:4c:fb:00:
0e:b2:84:92:3e:07:68:da:cc:f7:f5:2a:2b:9f:42:
f8:af:29:ed:9f:ee:75:da:73:5b:bb:81:91:7e:7c:
86:b7:da:6d:20:86:02:57:0f:80:10:53:0b:56:83:
0a:ff:fe:64:8e:c1:ed:02:5c:00:38:6f:af:a5:8d:
e0:0d:87:a9:7b:b9:0a:05:9d:eb:76:cf:4d:c9:07:
69:18:1d:43:e6:67:7c:2e:25:1b:c0:24:fa:f7:34:
ba:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:44:9E:5A:94:9D:A2:0B:1A:27:1F:16:D3:F9:15:38:05:3F:95:13
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/i0SeWpSdogsaJx8W0_kVOAU_lRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.52.0/22
45.140.166.0/24
45.155.52.0/22
Signature Algorithm: sha256WithRSAEncryption
4a:17:82:3d:90:18:a1:39:21:ad:57:29:54:06:79:86:57:1c:
9e:53:0f:13:63:1e:39:9c:34:86:08:4c:1a:34:dd:1f:ee:32:
c0:8b:86:fc:c0:4b:45:bf:3b:b6:ef:a3:70:cf:73:a4:7c:6a:
de:a3:3a:fc:c7:d5:22:f1:32:e9:02:06:1e:76:1a:02:cd:18:
6c:3a:bf:ed:12:04:76:09:99:0a:ac:9e:f1:e3:ed:9c:82:0d:
4d:bd:ef:b6:2c:f0:e4:75:d1:04:62:bf:a2:a1:eb:b2:67:3a:
ee:d4:76:b1:30:91:1f:17:a0:4e:ec:de:87:ca:4e:33:d0:fb:
ed:0e:4e:f3:36:b9:2e:b4:77:45:ae:46:7b:67:ca:1e:fb:91:
f0:c6:c7:5b:80:dc:9f:83:0c:78:1d:36:d4:41:2b:e2:1f:88:
85:4b:93:d2:4d:b0:e2:57:43:c8:26:0a:2a:15:5d:06:d7:bd:
ed:fc:9b:8a:b4:3c:b8:48:ea:24:bb:fb:94:6c:d4:d9:cd:92:
e5:3a:c1:50:75:b9:d6:89:ce:a9:97:6a:88:97:0a:70:29:af:
11:da:ad:b6:05:56:d1:e0:dd:3e:d1:66:07:57:d2:f5:30:83:
ec:f1:a9:45:af:21:d0:12:3d:fb:bb:fc:d4:95:7b:7e:33:7d:
ea:6b:7f:3b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZoqMi85plM7mcR4EO9EP9/lMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUxMDI4MDk0MjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ0OWU1YTk0OWRhMjBiMWEyNzFmMTZkM2Y5MTUzODA1M2Y5NTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxAz850XoNotXpnarC4O9zid38uEc
BWbRJbv3N9sZJTbWFNwNjeRIjzoyd8V78NW1xaLj+2aamyr2iNl0bnQDaZrNr6YI
JVhHuNl/5+tiIie8uxrVv5sJaLbMk8W0/zYQbrtgFC1RiiAaeDKIotVHtFheWGKw
HxOuPMpiUElqqppJJvTFguP2Ocr/nozImzwNKB/w+Jgpe578W2RSeRQoYctM+wAO
soSSPgdo2sz39Sorn0L4ryntn+512nNbu4GRfnyGt9ptIIYCVw+AEFMLVoMK//5k
jsHtAlwAOG+vpY3gDYepe7kKBZ3rds9NyQdpGB1D5md8LiUbwCT69zS6pwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFItEnlqUnaILGicfFtP5FTgFP5UTMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvaTBTZVdwU2RvZ3NhSng4VzBfa1ZPQVVfbFJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCLVs0AwQA
LYymAwQCLZs0MA0GCSqGSIb3DQEBCwUAA4IBAQBKF4I9kBihOSGtVylUBnmGVxye
Uw8TYx45nDSGCEwaNN0f7jLAi4b8wEtFvzu276Nwz3OkfGreozr8x9Ui8TLpAgYe
dhoCzRhsOr/tEgR2CZkKrJ7x4+2cgg1Nve+2LPDkddEEYr+ioeuyZzru1HaxMJEf
F6BO7N6Hyk4z0PvtDk7zNrkutHdFrkZ7Z8oe+5HwxsdbgNyfgwx4HTbUQSviH4iF
S5PSTbDiV0PIJgoqFV0G173t/JuKtDy4SOoku/uUbNTZzZLlOsFQdbnWic6pl2qI
lwpwKa8R2q22BVbR4N0+0WYHV9L1MIPs8alFryHQEj37u/zUlXt+M33qa387
-----END CERTIFICATE-----
Generated at Tue Nov 4 03:18:15 2025 by rpki-client