Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/wr8foz5Mir5CdXg4AJzu9v_vxAA.roa
File: wr8foz5Mir5CdXg4AJzu9v_vxAA.roa (raw, json)
Hash identifier: ixM1cMPLJGFu51fGqV4fl5yayoYnJRWGn/rjQ5uu5VM=
Subject key identifier: C2:BF:1F:A3:3E:4C:8A:BE:42:75:78:38:00:9C:EE:F6:FF:EF:C4:00
Certificate issuer: /CN=bf84113545d9000760f66062a4221933a2e959d8
Certificate serial: 019A0203D7996DE0426F9BA83C8C3713E03C
Authority key identifier: BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/wr8foz5Mir5CdXg4AJzu9v_vxAA.roa
Signing time: Mon 20 Oct 2025 14:26:37 +0000
ROA not before: Mon 20 Oct 2025 14:26:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 5.181.20.0/24 maxlen: 24
5.181.21.0/24 maxlen: 24
5.181.22.0/24 maxlen: 24
45.14.244.0/24 maxlen: 24
45.14.245.0/24 maxlen: 24
45.14.246.0/24 maxlen: 24
45.14.247.0/24 maxlen: 24
45.140.146.0/24 maxlen: 24
45.140.147.0/24 maxlen: 24
45.140.167.0/24 maxlen: 24
45.144.28.0/24 maxlen: 24
45.144.29.0/24 maxlen: 24
45.150.65.0/24 maxlen: 24
45.150.67.0/24 maxlen: 24
91.194.11.0/24 maxlen: 24
138.124.180.0/24 maxlen: 24
138.124.183.0/24 maxlen: 24
138.124.184.0/24 maxlen: 24
146.19.106.0/24 maxlen: 24
146.19.230.0/24 maxlen: 24
185.33.24.0/24 maxlen: 24
185.74.222.0/24 maxlen: 24
185.234.247.0/24 maxlen: 24
195.16.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.mft
rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 02:00:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:03:d7:99:6d:e0:42:6f:9b:a8:3c:8c:37:13:e0:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bf84113545d9000760f66062a4221933a2e959d8
Validity
Not Before: Oct 20 14:26:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c2bf1fa33e4c8abe42757838009ceef6ffefc400
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:53:11:1a:11:21:a4:7f:9e:9d:bf:e1:10:32:
f0:b3:bb:67:13:30:68:4f:cf:56:46:70:e5:2b:a4:
c2:d2:d8:32:ef:98:5c:21:dc:3f:96:aa:73:38:46:
c2:d3:22:67:c7:f2:30:d9:b9:cc:b4:d0:69:2e:e5:
1a:57:fc:51:88:10:8c:c1:d4:68:e3:2a:c2:8f:58:
38:fb:56:85:15:22:79:ac:90:ec:bd:c2:48:e6:4f:
df:c8:81:cc:f7:6b:65:bc:25:cf:ac:41:e1:91:12:
07:b6:a0:fc:53:3f:29:16:81:1d:29:59:1a:db:de:
45:7e:59:04:1a:73:4e:eb:77:58:03:25:71:18:76:
63:f9:62:06:56:0a:88:aa:58:a8:fc:98:bb:91:dd:
a4:14:4b:73:d8:6f:e8:4e:fd:14:31:0f:43:aa:7a:
2f:5d:5a:57:99:0d:a6:db:84:3c:fd:24:17:1f:60:
f6:27:ed:ff:69:0c:4a:87:6d:d2:0a:00:16:88:26:
da:86:41:83:82:da:70:fd:4e:a3:49:cd:c1:7a:3e:
34:9d:3d:67:cf:79:dd:72:e0:74:eb:31:d2:1c:1e:
a6:cb:08:69:58:f9:81:36:7b:e1:cd:4b:31:69:e2:
d0:76:d8:fd:93:50:50:0c:fa:55:ed:ad:d2:0a:a2:
32:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:BF:1F:A3:3E:4C:8A:BE:42:75:78:38:00:9C:EE:F6:FF:EF:C4:00
X509v3 Authority Key Identifier:
keyid:BF:84:11:35:45:D9:00:07:60:F6:60:62:A4:22:19:33:A2:E9:59:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v4QRNUXZAAdg9mBipCIZM6LpWdg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/wr8foz5Mir5CdXg4AJzu9v_vxAA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/30dc85-2dd8-4b1c-b151-4bd63adc7354/1/v4QRNUXZAAdg9mBipCIZM6LpWdg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.20.0-5.181.22.255
45.14.244.0/22
45.140.146.0/23
45.140.167.0/24
45.144.28.0/23
45.150.65.0/24
45.150.67.0/24
91.194.11.0/24
138.124.180.0/24
138.124.183.0-138.124.184.255
146.19.106.0/24
146.19.230.0/24
185.33.24.0/24
185.74.222.0/24
185.234.247.0/24
195.16.74.0/24
Signature Algorithm: sha256WithRSAEncryption
88:58:61:f7:d2:05:49:27:8b:bd:d2:94:0d:02:f4:f9:80:10:
3e:74:cc:73:2c:c1:a9:d6:2d:2e:8c:6c:9f:f6:00:56:49:ca:
98:5f:75:d7:6d:f3:7f:c8:b8:b1:d6:a0:4f:92:ec:27:31:15:
3a:af:89:9e:43:49:00:a9:fa:4d:a6:68:db:33:b4:13:c4:aa:
42:1d:d2:a7:d0:50:4a:da:8b:0b:6f:41:96:97:18:36:42:30:
cf:66:42:3d:d0:4f:fa:6e:1a:9d:7b:31:75:f9:9e:11:f6:ce:
bf:d8:28:5d:2c:53:42:56:ff:35:91:9a:c4:73:ae:a0:b8:8b:
96:b1:ef:a1:a4:8e:7e:43:10:c6:3e:23:3c:16:19:8c:62:18:
48:0a:95:84:03:3c:86:08:07:50:2a:71:26:73:f3:a7:12:eb:
f7:b6:b4:ca:a2:19:af:06:b5:87:95:0d:bf:7a:41:aa:47:8c:
09:bc:38:5d:f0:97:44:74:c3:d8:30:46:95:6b:30:d1:d3:16:
1e:7b:a4:7b:8d:c7:2d:c6:8f:d7:a3:c3:68:cb:84:63:a5:0a:
82:66:ef:c6:e3:c0:71:a3:72:2b:01:de:39:49:88:cd:e4:56:
8f:e3:5c:4f:a9:95:94:06:2a:25:38:2e:e7:ae:3d:1c:8a:a8:
36:de:50:a9
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZoCA9eZbeBCb5uoPIw3E+A8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmODQxMTM1NDVkOTAwMDc2MGY2NjA2MmE0MjIxOTMzYTJl
OTU5ZDgwHhcNMjUxMDIwMTQyNjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMmJmMWZhMzNlNGM4YWJlNDI3NTc4MzgwMDljZWVmNmZmZWZjNDAwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzVMRGhEhpH+enb/hEDLws7tnEzBo
T89WRnDlK6TC0tgy75hcIdw/lqpzOEbC0yJnx/Iw2bnMtNBpLuUaV/xRiBCMwdRo
4yrCj1g4+1aFFSJ5rJDsvcJI5k/fyIHM92tlvCXPrEHhkRIHtqD8Uz8pFoEdKVka
295FflkEGnNO63dYAyVxGHZj+WIGVgqIqlio/Ji7kd2kFEtz2G/oTv0UMQ9Dqnov
XVpXmQ2m24Q8/SQXH2D2J+3/aQxKh23SCgAWiCbahkGDgtpw/U6jSc3Bej40nT1n
z3ndcuB06zHSHB6mywhpWPmBNnvhzUsxaeLQdtj9k1BQDPpV7a3SCqIy0wIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFMK/H6M+TIq+QnV4OACc7vb/78QAMB8GA1UdIwQY
MBaAFL+EETVF2QAHYPZgYqQiGTOi6VnYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEt
NGJkNjNhZGM3MzU0LzEvd3I4Zm96NU1pcjVDZFhnNEFKenU5dl92eEFBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS8zMGRjODUtMmRkOC00YjFjLWIxNTEtNGJkNjNhZGM3MzU0
LzEvdjRRUk5VWFpBQWRnOW1CaXBDSVpNNkxwV2RnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcDAMAwQCBbUU
AwQABbUWAwQCLQ70AwQBLYySAwQALYynAwQBLZAcAwQALZZBAwQALZZDAwQAW8IL
AwQAiny0MAwDBACKfLcDBACKfLgDBACSE2oDBACSE+YDBAC5IRgDBAC5St4DBAC5
6vcDBADDEEowDQYJKoZIhvcNAQELBQADggEBAIhYYffSBUkni73SlA0C9PmAED50
zHMswanWLS6MbJ/2AFZJyphfdddt83/IuLHWoE+S7CcxFTqviZ5DSQCp+k2maNsz
tBPEqkId0qfQUEraiwtvQZaXGDZCMM9mQj3QT/puGp17MXX5nhH2zr/YKF0sU0JW
/zWRmsRzrqC4i5ax76Gkjn5DEMY+IzwWGYxiGEgKlYQDPIYIB1AqcSZz86cS6/e2
tMqiGa8GtYeVDb96QapHjAm8OF3wl0R0w9gwRpVrMNHTFh57pHuNxy3Gj9ejw2jL
hGOlCoJm78bjwHGjcisB3jlJiM3kVo/jXE+plZQGKiU4LueuPRyKqDbeUKk=
-----END CERTIFICATE-----
Generated at Wed Oct 22 09:52:08 2025 by rpki-client