Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/_StlH5eIvhRhIFd9OziABO-PKkk.roa
File: _StlH5eIvhRhIFd9OziABO-PKkk.roa (raw, json)
Hash identifier: xudhtiysfPYZAmW/EkAuhJ+PTTYYin5pqKjrH0VIfs8=
Subject key identifier: FD:2B:65:1F:97:88:BE:14:61:20:57:7D:3B:38:80:04:EF:8F:2A:49
Certificate issuer: /CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Certificate serial: 019982B8F231855386CC8F52C84D59530FDE
Authority key identifier: AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/_StlH5eIvhRhIFd9OziABO-PKkk.roa
Signing time: Thu 25 Sep 2025 21:13:02 +0000
ROA not before: Thu 25 Sep 2025 21:13:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 22616
IP address blocks: 147.161.128.0/23 maxlen: 24
159.254.60.0/23 maxlen: 24
159.254.62.0/23 maxlen: 24
159.254.64.0/23 maxlen: 24
159.254.66.0/23 maxlen: 24
159.254.69.0/24 maxlen: 24
159.254.84.0/24 maxlen: 24
159.254.85.0/24 maxlen: 24
159.254.86.0/24 maxlen: 24
164.137.4.0/24 maxlen: 24
164.137.5.0/24 maxlen: 24
164.137.6.0/24 maxlen: 24
164.137.7.0/24 maxlen: 24
164.137.8.0/24 maxlen: 24
164.137.9.0/24 maxlen: 24
164.137.10.0/24 maxlen: 24
164.137.11.0/24 maxlen: 24
164.137.12.0/24 maxlen: 24
164.137.13.0/24 maxlen: 24
164.137.14.0/24 maxlen: 24
164.137.15.0/24 maxlen: 24
164.137.16.0/24 maxlen: 24
164.137.17.0/24 maxlen: 24
164.137.18.0/24 maxlen: 24
164.137.19.0/24 maxlen: 24
164.137.20.0/24 maxlen: 24
164.137.21.0/24 maxlen: 24
164.137.22.0/24 maxlen: 24
164.137.23.0/24 maxlen: 24
164.137.24.0/24 maxlen: 24
164.137.25.0/24 maxlen: 24
164.137.26.0/24 maxlen: 24
164.137.27.0/24 maxlen: 24
164.137.28.0/24 maxlen: 24
164.137.29.0/24 maxlen: 24
164.137.30.0/24 maxlen: 24
164.137.31.0/24 maxlen: 24
164.137.32.0/24 maxlen: 24
164.137.33.0/24 maxlen: 24
164.137.34.0/24 maxlen: 24
164.137.35.0/24 maxlen: 24
164.137.36.0/24 maxlen: 24
164.137.37.0/24 maxlen: 24
164.137.38.0/24 maxlen: 24
164.137.39.0/24 maxlen: 24
164.137.40.0/24 maxlen: 24
164.137.41.0/24 maxlen: 24
164.137.42.0/24 maxlen: 24
164.137.43.0/24 maxlen: 24
164.137.44.0/24 maxlen: 24
164.137.45.0/24 maxlen: 24
164.137.46.0/24 maxlen: 24
164.137.47.0/24 maxlen: 24
164.137.48.0/24 maxlen: 24
164.137.49.0/24 maxlen: 24
164.137.50.0/24 maxlen: 24
164.137.51.0/24 maxlen: 24
164.137.52.0/24 maxlen: 24
164.137.53.0/24 maxlen: 24
2a03:eec0:322b::/48 maxlen: 48
2a03:eec0:322c::/48 maxlen: 48
2a03:eec0:322d::/48 maxlen: 48
2a03:eec0:322e::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 18 Oct 2025 09:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:82:b8:f2:31:85:53:86:cc:8f:52:c8:4d:59:53:0f:de
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aca66a5938af567a9e29b4f76f115607c2b8aa20
Validity
Not Before: Sep 25 21:13:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fd2b651f9788be146120577d3b388004ef8f2a49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:ab:1f:c1:36:5c:de:cb:81:8d:c3:83:43:29:
3d:69:54:bf:68:db:42:69:a5:c8:a2:78:f4:1d:51:
89:b3:5e:7a:c7:5b:38:c8:ef:d0:10:1c:5e:28:2a:
a3:60:b2:ea:39:78:6c:a6:85:b4:aa:87:91:9d:a9:
2a:43:6f:06:11:4c:64:21:73:36:11:fa:5c:21:2d:
9f:76:51:a4:3c:4f:10:ea:e2:7c:fd:9d:1f:b7:11:
d4:9a:93:5b:bf:ad:a9:74:ae:66:2b:84:04:f7:43:
ea:fc:30:43:6b:ea:60:7a:7d:5a:aa:6f:f3:17:75:
e6:c8:3d:0d:6e:aa:ba:d9:87:c2:b4:69:dd:66:af:
a1:6a:ab:fd:7f:fa:f0:3a:94:4d:5a:cd:b9:08:3c:
d7:e2:b0:a5:4a:a5:7c:26:ac:75:c3:24:b2:51:dc:
d9:ec:40:2a:a8:43:00:b8:2f:ca:09:a9:f8:fb:2b:
c6:54:03:70:b7:c6:c5:69:d5:4e:87:94:69:63:fe:
50:42:26:56:d2:54:7a:2e:4f:dd:54:7b:e7:94:cc:
4d:aa:e2:dd:6c:87:b5:e7:ee:70:f4:87:85:ce:ff:
de:b2:ae:19:2a:b5:cd:e1:cd:98:43:c2:b1:79:a5:
65:94:8a:22:37:d4:57:21:c4:5a:68:53:dc:02:57:
6d:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FD:2B:65:1F:97:88:BE:14:61:20:57:7D:3B:38:80:04:EF:8F:2A:49
X509v3 Authority Key Identifier:
keyid:AC:A6:6A:59:38:AF:56:7A:9E:29:B4:F7:6F:11:56:07:C2:B8:AA:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rKZqWTivVnqeKbT3bxFWB8K4qiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/_StlH5eIvhRhIFd9OziABO-PKkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/15089b-18d7-4ff0-9d28-b9b65402b928/1/rKZqWTivVnqeKbT3bxFWB8K4qiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
147.161.128.0/23
159.254.60.0-159.254.67.255
159.254.69.0/24
159.254.84.0-159.254.86.255
164.137.4.0-164.137.53.255
IPv6:
2a03:eec0:322b::-2a03:eec0:322e:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
00:2c:0a:ec:d8:55:44:dc:d6:98:63:e0:85:78:ed:f7:02:36:
f9:99:ce:48:04:17:35:92:31:1b:e3:ef:68:01:c1:0a:ea:38:
bf:a2:bd:3e:86:e4:7e:3d:47:c0:ce:d6:d8:0d:12:26:8b:a7:
2b:0f:2a:2c:2e:c1:63:8f:76:9c:bc:b4:19:4b:80:b7:2c:2e:
26:26:e8:4f:a1:f0:e8:ab:1d:db:03:8d:5e:5f:bd:d1:7a:96:
93:6e:d1:67:66:a4:b1:c7:a1:5c:18:f5:bd:58:36:33:03:6a:
97:92:23:ed:e3:70:b0:4e:45:e9:21:4c:e1:99:e3:e7:9a:d7:
92:07:67:37:e2:6b:9a:83:6d:2f:19:a3:ce:92:73:d2:d3:2e:
cf:df:9f:2c:d6:cf:d3:ab:94:f3:c5:ec:75:93:6e:f2:bf:5c:
6f:e3:f4:d5:07:ef:c8:dd:5b:20:cf:da:8c:2f:31:bf:03:b7:
3e:9f:f3:b1:ea:d2:10:d5:e0:d5:8f:36:3f:12:65:d8:3a:08:
59:66:3d:04:23:a2:35:80:5b:8c:d1:08:da:34:75:3f:7e:40:
d2:95:96:ca:a0:e1:35:24:d3:ce:7d:ab:90:74:e6:fe:10:ca:
49:d2:e4:80:bd:87:ac:b9:c1:db:7b:ad:7f:3d:1f:e9:97:3f:
31:59:4a:a0
-----BEGIN CERTIFICATE-----
MIIFSTCCBDGgAwIBAgISAZmCuPIxhVOGzI9SyE1ZUw/eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFjYTY2YTU5MzhhZjU2N2E5ZTI5YjRmNzZmMTE1NjA3YzJi
OGFhMjAwHhcNMjUwOTI1MjExMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZDJiNjUxZjk3ODhiZTE0NjEyMDU3N2QzYjM4ODAwNGVmOGYyYTQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0KsfwTZc3suBjcODQyk9aVS/aNtC
aaXIonj0HVGJs156x1s4yO/QEBxeKCqjYLLqOXhspoW0qoeRnakqQ28GEUxkIXM2
EfpcIS2fdlGkPE8Q6uJ8/Z0ftxHUmpNbv62pdK5mK4QE90Pq/DBDa+pgen1aqm/z
F3XmyD0Nbqq62YfCtGndZq+haqv9f/rwOpRNWs25CDzX4rClSqV8Jqx1wySyUdzZ
7EAqqEMAuC/KCan4+yvGVANwt8bFadVOh5RpY/5QQiZW0lR6Lk/dVHvnlMxNquLd
bIe15+5w9IeFzv/esq4ZKrXN4c2YQ8KxeaVllIoiN9RXIcRaaFPcAldtNQIDAQAB
o4ICVTCCAlEwHQYDVR0OBBYEFP0rZR+XiL4UYSBXfTs4gATvjypJMB8GA1UdIwQY
MBaAFKymalk4r1Z6nim0928RVgfCuKogMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgt
YjliNjU0MDJiOTI4LzEvX1N0bEg1ZUl2aFJoSUZkOU96aUFCTy1QS2trLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi8xNTA4OWItMThkNy00ZmYwLTlkMjgtYjliNjU0MDJiOTI4
LzEvcktacVdUaXZWbnFlS2JUM2J4RldCOEs0cWlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGsGCCsGAQUFBwEHAQH/BFwwWjA8BAIAATA2AwQBk6GAMAwD
BAKf/jwDBAKf/kADBACf/kUwDAMEAp/+VAMEAJ/+VjAMAwQCpIkEAwQBpIk0MBoE
AgACMBQwEgMHACoD7sAyKwMHACoD7sAyLjANBgkqhkiG9w0BAQsFAAOCAQEAACwK
7NhVRNzWmGPghXjt9wI2+ZnOSAQXNZIxG+PvaAHBCuo4v6K9Pobkfj1HwM7W2A0S
JounKw8qLC7BY492nLy0GUuAtywuJiboT6Hw6Ksd2wONXl+90XqWk27RZ2aksceh
XBj1vVg2MwNql5Ij7eNwsE5F6SFM4Znj55rXkgdnN+JrmoNtLxmjzpJz0tMuz9+f
LNbP06uU88XsdZNu8r9cb+P01QfvyN1bIM/ajC8xvwO3Pp/zserSENXg1Y82PxJl
2DoIWWY9BCOiNYBbjNEI2jR1P35A0pWWyqDhNSTTzn2rkHTm/hDKSdLkgL2HrLnB
23utfz0f6Zc/MVlKoA==
-----END CERTIFICATE-----
Generated at Fri Oct 17 14:51:18 2025 by rpki-client