Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/e9Ia3nTW7BtxeEyVAmYIBxB8jwY.roa
File: e9Ia3nTW7BtxeEyVAmYIBxB8jwY.roa (raw, json)
Hash identifier: 5bmosw3ArbJeiwWAcq4cSzUyKwhQypT29sg64a1YKk4=
Subject key identifier: 7B:D2:1A:DE:74:D6:EC:1B:71:78:4C:95:02:66:08:07:10:7C:8F:06
Certificate issuer: /CN=05976801363d375786152e4d061e75c8beb35058
Certificate serial: 019A0FB4DF4B405BEA31A0596952DC6EA3F7
Authority key identifier: 05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/e9Ia3nTW7BtxeEyVAmYIBxB8jwY.roa
Signing time: Thu 23 Oct 2025 06:15:03 +0000
ROA not before: Thu 23 Oct 2025 06:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34872
IP address blocks: 45.154.97.0/24 maxlen: 32
45.154.99.0/24 maxlen: 32
62.3.50.0/24 maxlen: 32
194.28.96.0/24 maxlen: 24
194.28.98.0/23 maxlen: 32
2a0c:b640::/32 maxlen: 128
2a0c:b641::/44 maxlen: 128
2a0c:b641:10::/44 maxlen: 128
2a0c:b641:50::/44 maxlen: 128
2a0c:b641:60::/44 maxlen: 128
2a0c:b641:530::/44 maxlen: 128
2a0c:b641:5e0::/44 maxlen: 48
2a0c:b641:6d0::/44 maxlen: 128
2a0c:b641:70f::/48 maxlen: 128
2a0c:b641:820::/44 maxlen: 128
2a0f:8400::/32 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.mft
rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 10:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0f:b4:df:4b:40:5b:ea:31:a0:59:69:52:dc:6e:a3:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05976801363d375786152e4d061e75c8beb35058
Validity
Not Before: Oct 23 06:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bd21ade74d6ec1b71784c9502660807107c8f06
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:ac:d9:78:cf:a9:d6:20:63:5a:b4:f1:e0:70:
6a:d4:3f:17:63:73:52:3a:94:af:05:15:89:42:6d:
e2:50:e4:eb:36:70:30:1f:2b:f4:ea:f0:aa:ea:96:
d3:32:d8:a8:e1:8b:42:be:10:f8:a7:8f:31:d3:e7:
4d:40:df:ec:a5:e1:c7:28:1e:04:16:82:85:14:0f:
f0:53:a9:35:b4:16:dd:9d:49:c1:91:de:8a:f4:21:
aa:6b:a0:c7:6d:84:92:c9:cb:8a:46:45:b2:36:36:
69:b7:77:dd:5b:8a:48:06:94:96:8c:35:4a:a9:bf:
22:1e:3f:63:97:e0:e2:50:c8:a7:8d:b6:55:82:74:
d4:07:59:94:6a:45:88:25:d2:01:59:2f:e8:29:37:
78:9b:cf:9b:75:01:43:9f:2c:3e:23:b0:91:9c:c7:
cd:26:aa:02:84:a0:d7:19:4c:08:4f:de:ee:45:1d:
8a:4b:d6:25:d0:7e:ee:b7:11:1d:b2:b0:66:c5:9e:
7c:fb:44:f9:a4:d6:65:c9:59:97:8c:e5:c1:74:2b:
30:1c:1f:83:98:08:86:5c:25:74:f6:54:8c:af:c7:
06:ed:17:84:77:75:0b:52:cc:06:ef:b0:a4:fd:ff:
3a:c5:eb:de:d2:dd:bf:2a:33:be:05:4d:f3:92:26:
07:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:D2:1A:DE:74:D6:EC:1B:71:78:4C:95:02:66:08:07:10:7C:8F:06
X509v3 Authority Key Identifier:
keyid:05:97:68:01:36:3D:37:57:86:15:2E:4D:06:1E:75:C8:BE:B3:50:58
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BZdoATY9N1eGFS5NBh51yL6zUFg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/e9Ia3nTW7BtxeEyVAmYIBxB8jwY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/2baadc-2b7a-4ec0-95ca-5ec8c8ed60fd/1/BZdoATY9N1eGFS5NBh51yL6zUFg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.154.97.0/24
45.154.99.0/24
62.3.50.0/24
194.28.96.0/24
194.28.98.0/23
IPv6:
2a0c:b640::-2a0c:b641:1f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:50::-2a0c:b641:6f:ffff:ffff:ffff:ffff:ffff
2a0c:b641:530::/44
2a0c:b641:5e0::/44
2a0c:b641:6d0::/44
2a0c:b641:70f::/48
2a0c:b641:820::/44
2a0f:8400::/32
Signature Algorithm: sha256WithRSAEncryption
60:fe:9e:de:ea:d7:d3:bd:ce:54:1d:fc:91:b8:4b:4c:51:60:
28:97:b7:07:4c:ba:58:06:92:5a:c3:22:ad:81:c9:c8:37:5f:
4b:99:94:74:79:c4:f5:97:e5:ba:8d:08:87:5c:99:85:7c:94:
69:99:5f:c6:44:d1:33:46:35:6e:f1:49:df:64:46:49:69:13:
6a:b0:18:65:a8:0c:ad:ab:88:7c:3e:18:51:c5:31:0d:6c:98:
50:03:a6:90:36:2a:c9:43:6f:d8:e9:d2:32:cb:64:4c:14:d6:
3c:a9:19:23:00:64:66:da:46:9a:cf:f5:6a:79:3d:2e:8f:e4:
c3:a2:7b:dd:fb:6f:76:12:0f:3d:b7:e9:bb:a8:98:1a:87:64:
18:93:26:33:c8:e9:93:65:5c:04:85:39:91:e1:e3:6e:29:96:
09:cf:5f:cd:40:d2:c7:ce:4f:d0:51:75:db:b2:50:a6:f0:5b:
45:4d:94:47:a8:fc:9b:ba:5e:8d:b8:5b:46:87:21:09:e2:80:
56:6e:88:ed:54:f5:a2:2f:85:0f:ef:d5:ef:f5:04:b4:13:b8:
0e:d6:6c:31:58:63:d2:c4:49:29:2e:87:56:49:00:3c:25:1b:
a9:27:b6:59:15:03:d0:b2:51:7b:ed:76:be:4e:7e:19:1f:b9:
18:c9:de:9f
-----BEGIN CERTIFICATE-----
MIIFejCCBGKgAwIBAgISAZoPtN9LQFvqMaBZaVLcbqP3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1OTc2ODAxMzYzZDM3NTc4NjE1MmU0ZDA2MWU3NWM4YmVi
MzUwNTgwHhcNMjUxMDIzMDYxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmQyMWFkZTc0ZDZlYzFiNzE3ODRjOTUwMjY2MDgwNzEwN2M4ZjA2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjKzZeM+p1iBjWrTx4HBq1D8XY3NS
OpSvBRWJQm3iUOTrNnAwHyv06vCq6pbTMtio4YtCvhD4p48x0+dNQN/speHHKB4E
FoKFFA/wU6k1tBbdnUnBkd6K9CGqa6DHbYSSycuKRkWyNjZpt3fdW4pIBpSWjDVK
qb8iHj9jl+DiUMinjbZVgnTUB1mUakWIJdIBWS/oKTd4m8+bdQFDnyw+I7CRnMfN
JqoChKDXGUwIT97uRR2KS9Yl0H7utxEdsrBmxZ58+0T5pNZlyVmXjOXBdCswHB+D
mAiGXCV09lSMr8cG7ReEd3ULUswG77Ck/f86xeve0t2/KjO+BU3zkiYHtQIDAQAB
o4IChjCCAoIwHQYDVR0OBBYEFHvSGt501uwbcXhMlQJmCAcQfI8GMB8GA1UdIwQY
MBaAFAWXaAE2PTdXhhUuTQYedci+s1BYMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2Et
NWVjOGM4ZWQ2MGZkLzEvZTlJYTNuVFc3QnR4ZUV5VkFtWUlCeEI4andZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yOS8yYmFhZGMtMmI3YS00ZWMwLTk1Y2EtNWVjOGM4ZWQ2MGZk
LzEvQlpkb0FUWTlOMWVHRlM1TkJoNTF5TDZ6VUZnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGbBggrBgEFBQcBBwEB/wSBizCBiDAkBAIAATAeAwQALZph
AwQALZpjAwQAPgMyAwQAwhxgAwQBwhxiMGAEAgACMFowEAMFBioMtkADBwUqDLZB
AAAwEgMHBCoMtkEAUAMHBCoMtkEAYAMHBCoMtkEFMAMHBCoMtkEF4AMHBCoMtkEG
0AMHACoMtkEHDwMHBCoMtkEIIAMFACoPhAAwDQYJKoZIhvcNAQELBQADggEBAGD+
nt7q19O9zlQd/JG4S0xRYCiXtwdMulgGklrDIq2Bycg3X0uZlHR5xPWX5bqNCIdc
mYV8lGmZX8ZE0TNGNW7xSd9kRklpE2qwGGWoDK2riHw+GFHFMQ1smFADppA2KslD
b9jp0jLLZEwU1jypGSMAZGbaRprP9Wp5PS6P5MOie937b3YSDz236buomBqHZBiT
JjPI6ZNlXASFOZHh424plgnPX81A0sfOT9BRdduyUKbwW0VNlEeo/Ju6Xo24W0aH
IQnigFZuiO1U9aIvhQ/v1e/1BLQTuA7WbDFYY9LESSkuh1ZJADwlG6kntlkVA9Cy
UXvtdr5OfhkfuRjJ3p8=
-----END CERTIFICATE-----
Generated at Sat Nov 1 14:10:48 2025 by rpki-client