Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/7z1CEaiQeIhLfGd7pGfu2uxsPac.roa
File: 7z1CEaiQeIhLfGd7pGfu2uxsPac.roa (raw, json)
Hash identifier: 7C2NyJj4g6x2FviGxPNRDMPSybLsn4cJWtQ3CeiM6xk=
Subject key identifier: EF:3D:42:11:A8:90:78:88:4B:7C:67:7B:A4:67:EE:DA:EC:6C:3D:A7
Certificate issuer: /CN=5be979fb8e477304bb591d6b68eea73da94a815b
Certificate serial: 019A10CD05BB91D8508994D17906889B8497
Authority key identifier: 5B:E9:79:FB:8E:47:73:04:BB:59:1D:6B:68:EE:A7:3D:A9:4A:81:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/W-l5-45HcwS7WR1raO6nPalKgVs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/7z1CEaiQeIhLfGd7pGfu2uxsPac.roa
Signing time: Thu 23 Oct 2025 11:21:03 +0000
ROA not before: Thu 23 Oct 2025 11:21:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201290
IP address blocks: 45.128.0.0/22 maxlen: 22
45.153.252.0/22 maxlen: 22
46.231.16.0/23 maxlen: 23
46.231.18.0/23 maxlen: 23
46.231.20.0/23 maxlen: 23
46.231.22.0/23 maxlen: 23
46.231.244.0/22 maxlen: 22
130.112.0.0/17 maxlen: 17
130.112.128.0/17 maxlen: 17
185.41.36.0/23 maxlen: 23
185.41.38.0/23 maxlen: 23
185.94.244.0/23 maxlen: 23
185.94.246.0/23 maxlen: 23
185.146.104.0/22 maxlen: 22
185.214.112.0/23 maxlen: 23
185.214.114.0/23 maxlen: 23
185.229.52.0/23 maxlen: 23
185.229.54.0/23 maxlen: 23
192.145.56.0/22 maxlen: 22
194.39.40.0/22 maxlen: 22
195.191.198.0/23 maxlen: 23
195.191.206.0/23 maxlen: 23
212.115.36.0/22 maxlen: 22
2a05:3600::/29 maxlen: 29
2a0d:6e00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/W-l5-45HcwS7WR1raO6nPalKgVs.crl
rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/W-l5-45HcwS7WR1raO6nPalKgVs.mft
rsync://rpki.ripe.net/repository/DEFAULT/W-l5-45HcwS7WR1raO6nPalKgVs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 05:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:cd:05:bb:91:d8:50:89:94:d1:79:06:88:9b:84:97
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5be979fb8e477304bb591d6b68eea73da94a815b
Validity
Not Before: Oct 23 11:21:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef3d4211a89078884b7c677ba467eedaec6c3da7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:f2:05:d1:f9:04:bb:bc:41:f9:b4:4b:26:4b:
6e:1a:db:47:09:eb:f6:78:39:2c:0b:aa:ca:5d:2a:
30:f1:79:0f:75:12:a7:e2:85:e9:1f:ec:c1:34:64:
d6:a0:b6:ce:46:bc:e5:a2:3a:21:d1:03:ce:93:84:
23:9a:57:dd:20:e4:20:0c:db:ba:8a:6d:63:2f:e5:
15:ef:1b:ea:5d:ce:00:78:5f:6a:4f:93:96:a2:a2:
de:04:20:1b:5d:54:ff:01:d9:e4:9f:40:e9:12:28:
20:bb:34:5b:6c:30:ed:8d:3e:ec:8d:7c:62:1b:75:
69:00:fd:85:54:36:1f:79:6b:1e:c0:82:3c:28:c2:
5b:7d:b7:03:2a:52:ab:62:6a:7f:11:4b:7e:a8:14:
20:9d:1d:1b:29:b1:14:41:83:28:ff:62:51:6f:0c:
5f:eb:15:9f:5c:f1:5a:d2:1d:b9:71:c3:38:9e:88:
7a:2f:4a:22:cf:e9:41:b6:c0:01:c0:61:f3:7c:59:
b3:99:cf:c7:2d:92:31:b7:78:0a:61:46:bb:cf:89:
7e:61:b2:91:df:ac:18:bc:49:4f:19:78:08:ed:b1:
5c:dd:a6:a8:9c:2b:5b:d5:2f:20:a7:02:c4:72:78:
73:fa:b9:37:be:08:c2:15:fa:7a:a6:01:18:b0:2c:
50:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:3D:42:11:A8:90:78:88:4B:7C:67:7B:A4:67:EE:DA:EC:6C:3D:A7
X509v3 Authority Key Identifier:
keyid:5B:E9:79:FB:8E:47:73:04:BB:59:1D:6B:68:EE:A7:3D:A9:4A:81:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/W-l5-45HcwS7WR1raO6nPalKgVs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/7z1CEaiQeIhLfGd7pGfu2uxsPac.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3d/8311df-c3b2-461e-bd23-1605b1bd298e/1/W-l5-45HcwS7WR1raO6nPalKgVs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.128.0.0/22
45.153.252.0/22
46.231.16.0/21
46.231.244.0/22
130.112.0.0/16
185.41.36.0/22
185.94.244.0/22
185.146.104.0/22
185.214.112.0/22
185.229.52.0/22
192.145.56.0/22
194.39.40.0/22
195.191.198.0/23
195.191.206.0/23
212.115.36.0/22
IPv6:
2a05:3600::/29
2a0d:6e00::/29
Signature Algorithm: sha256WithRSAEncryption
3f:7b:d1:f8:f6:d0:f1:eb:a3:76:c4:3c:a4:34:f3:f8:4a:df:
cc:db:d7:3b:0d:cf:78:0a:38:1a:11:6a:0e:dd:b2:da:c6:e7:
b9:e7:b0:4c:89:20:b2:dc:31:07:cb:7b:9d:e0:c4:19:6f:88:
b2:8b:5b:9b:39:6f:67:5f:bc:d7:7a:c9:31:12:f3:8c:c2:80:
0a:65:70:b5:c2:4c:a4:38:ee:37:77:6e:40:b7:42:d5:a9:68:
a3:ed:17:cf:ba:e5:41:e9:23:eb:73:a0:0e:6e:39:c9:21:60:
93:d4:f5:f0:68:b0:48:62:ea:97:88:37:0b:9c:57:76:83:dd:
93:41:f2:e1:c8:c7:d5:5f:c2:83:a9:5f:3f:22:e9:87:7b:a0:
d0:49:29:5c:79:c4:04:fa:e5:76:85:f4:f5:8c:c9:08:11:58:
9a:df:0d:d8:b9:3a:a7:32:ea:e7:66:8a:27:11:a9:dc:4a:b0:
0d:15:5c:b2:03:92:f5:f3:e5:db:8b:5d:88:d7:25:b0:50:23:
d9:53:0e:a2:18:b7:ff:1e:69:98:2d:df:a4:c8:4d:69:5c:df:
f1:7a:45:71:68:1b:a9:bf:cd:5a:e0:b0:21:8c:8e:a2:18:d2:
7e:36:8b:6e:c3:97:f4:f6:22:7f:a3:22:e1:a8:c2:1e:44:f2:
4c:0c:44:36
-----BEGIN CERTIFICATE-----
MIIFZzCCBE+gAwIBAgISAZoQzQW7kdhQiZTReQaIm4SXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDViZTk3OWZiOGU0NzczMDRiYjU5MWQ2YjY4ZWVhNzNkYTk0
YTgxNWIwHhcNMjUxMDIzMTEyMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjNkNDIxMWE4OTA3ODg4NGI3YzY3N2JhNDY3ZWVkYWVjNmMzZGE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1fIF0fkEu7xB+bRLJktuGttHCev2
eDksC6rKXSow8XkPdRKn4oXpH+zBNGTWoLbORrzlojoh0QPOk4QjmlfdIOQgDNu6
im1jL+UV7xvqXc4AeF9qT5OWoqLeBCAbXVT/Adnkn0DpEigguzRbbDDtjT7sjXxi
G3VpAP2FVDYfeWsewII8KMJbfbcDKlKrYmp/EUt+qBQgnR0bKbEUQYMo/2JRbwxf
6xWfXPFa0h25ccM4noh6L0oiz+lBtsABwGHzfFmzmc/HLZIxt3gKYUa7z4l+YbKR
36wYvElPGXgI7bFc3aaonCtb1S8gpwLEcnhz+rk3vgjCFfp6pgEYsCxQ5wIDAQAB
o4ICczCCAm8wHQYDVR0OBBYEFO89QhGokHiIS3xne6Rn7trsbD2nMB8GA1UdIwQY
MBaAFFvpefuOR3MEu1kda2jupz2pSoFbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVy1sNS00NUhjd1M3V1IxcmFPNm5QYWxLZ1ZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zZC84MzExZGYtYzNiMi00NjFlLWJkMjMt
MTYwNWIxYmQyOThlLzEvN3oxQ0VhaVFlSWhMZkdkN3BHZnUydXhzUGFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zZC84MzExZGYtYzNiMi00NjFlLWJkMjMtMTYwNWIxYmQyOThl
LzEvVy1sNS00NUhjd1M3V1IxcmFPNm5QYWxLZ1ZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGIBggrBgEFBQcBBwEB/wR5MHcwXwQCAAEwWQMEAi2AAAME
Ai2Z/AMEAy7nEAMEAi7n9AMDAIJwAwQCuSkkAwQCuV70AwQCuZJoAwQCudZwAwQC
ueU0AwQCwJE4AwQCwicoAwQBw7/GAwQBw7/OAwQC1HMkMBQEAgACMA4DBQMqBTYA
AwUDKg1uADANBgkqhkiG9w0BAQsFAAOCAQEAP3vR+PbQ8eujdsQ8pDTz+ErfzNvX
Ow3PeAo4GhFqDt2y2sbnueewTIkgstwxB8t7neDEGW+IsotbmzlvZ1+813rJMRLz
jMKACmVwtcJMpDjuN3duQLdC1aloo+0Xz7rlQekj63OgDm45ySFgk9T18GiwSGLq
l4g3C5xXdoPdk0Hy4cjH1V/Cg6lfPyLph3ug0EkpXHnEBPrldoX09YzJCBFYmt8N
2Lk6pzLq52aKJxGp3EqwDRVcsgOS9fPl24tdiNclsFAj2VMOohi3/x5pmC3fpMhN
aVzf8XpFcWgbqb/NWuCwIYyOohjSfjaLbsOX9PYif6Mi4ajCHkTyTAxENg==
-----END CERTIFICATE-----
Generated at Mon Oct 27 12:12:55 2025 by rpki-client