Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/1-uxvgJ33Ep83LKDPOWyK_TQkRjs.roa
File: 1-uxvgJ33Ep83LKDPOWyK_TQkRjs.roa (raw, json)
Hash identifier: DSKQp+AywW/AiTaKMnd/V3/aO8KTX7yy5Li9SZt44DU=
Subject key identifier: FA:EC:6F:80:9D:F7:12:9F:37:2C:A0:CF:39:6C:8A:FD:34:24:46:3B
Certificate issuer: /CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Certificate serial: 019986534B12CAE33DA0A63C381743D140D4
Authority key identifier: 66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/1-uxvgJ33Ep83LKDPOWyK_TQkRjs.roa
Signing time: Fri 26 Sep 2025 14:00:29 +0000
ROA not before: Fri 26 Sep 2025 14:00:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198507
IP address blocks: 37.143.52.0/22 maxlen: 22
37.143.55.0/24 maxlen: 24
45.9.196.0/22 maxlen: 22
45.14.176.0/22 maxlen: 22
45.81.192.0/22 maxlen: 22
185.132.73.0/24 maxlen: 24
185.132.74.0/24 maxlen: 24
185.132.75.0/24 maxlen: 24
2a06:e040::/32 maxlen: 32
2a06:e040:3501::/48 maxlen: 48
2a06:e040:3502::/48 maxlen: 48
2a06:e040:6900::/40 maxlen: 40
2a06:e040:7601::/48 maxlen: 48
2a06:e040:7603::/48 maxlen: 48
2a06:e043::/32 maxlen: 32
2a06:e044:10::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 11:00:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:86:53:4b:12:ca:e3:3d:a0:a6:3c:38:17:43:d1:40:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66de1d9dcdb25c1e532c5c9b69dfa757e306210e
Validity
Not Before: Sep 26 14:00:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=faec6f809df7129f372ca0cf396c8afd3424463b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:ad:d9:cc:b6:99:6b:a6:6f:ea:45:2a:d6:18:
ea:58:6e:12:b3:7d:d7:f8:b4:98:4a:66:16:cc:10:
6c:ff:bf:0f:dc:37:60:17:4b:d4:c8:3b:e6:8c:3b:
a1:a3:9e:22:c0:20:61:0f:af:88:65:35:53:c7:0d:
5d:3b:75:26:e3:a5:af:c7:b9:9f:71:bc:7c:34:2b:
98:25:15:f3:bb:17:4e:c6:d9:e6:bc:d9:16:25:28:
16:05:e0:1d:13:48:aa:29:7e:df:3b:67:e8:66:2a:
c8:11:2c:53:cd:94:69:ac:ce:2a:91:06:f4:a1:c1:
f8:49:63:0b:29:00:00:6e:45:7a:e5:29:d4:14:19:
e3:e6:b5:de:0e:22:d0:11:77:81:dd:5a:3f:63:33:
80:99:59:59:fb:da:47:9a:bd:75:02:15:23:71:48:
32:e4:01:a2:6b:72:47:5d:36:da:cd:f5:b8:58:a2:
f9:14:fe:97:2f:14:a5:02:48:87:62:a1:ab:d6:69:
2d:b4:a1:a6:b0:d7:22:72:ca:00:3e:3f:3a:9b:1b:
37:4d:e5:f9:60:0c:bc:59:6f:8c:bf:99:35:b7:df:
08:5e:b6:80:6a:e1:9b:39:22:ab:b3:fe:e3:5e:cd:
14:2d:56:cb:38:07:c7:08:6f:72:62:b4:60:ea:7c:
d0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:EC:6F:80:9D:F7:12:9F:37:2C:A0:CF:39:6C:8A:FD:34:24:46:3B
X509v3 Authority Key Identifier:
keyid:66:DE:1D:9D:CD:B2:5C:1E:53:2C:5C:9B:69:DF:A7:57:E3:06:21:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt4dnc2yXB5TLFybad-nV-MGIQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/1-uxvgJ33Ep83LKDPOWyK_TQkRjs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/64/60fcfe-7b2c-4672-bc2f-40479870976e/1/Zt4dnc2yXB5TLFybad-nV-MGIQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.143.52.0/22
45.9.196.0/22
45.14.176.0/22
45.81.192.0/22
185.132.73.0-185.132.75.255
IPv6:
2a06:e040::/32
2a06:e043::/32
2a06:e044:10::/48
Signature Algorithm: sha256WithRSAEncryption
6c:6e:ce:99:49:ad:3f:95:29:86:d5:7e:0a:9f:75:ed:84:b4:
19:59:13:87:32:14:8b:4d:f8:47:e5:b8:b9:30:6b:1b:a0:0e:
8c:be:a5:ee:a8:6d:57:08:d2:36:11:6f:2d:28:7b:14:56:e5:
8d:24:a9:0b:43:50:21:ee:c6:b8:bb:89:d1:08:36:96:4a:61:
a6:38:88:52:31:07:12:f9:1a:0e:fd:b9:47:ab:de:8e:9a:aa:
07:ab:03:99:cd:7c:db:e0:9d:53:c4:b0:35:3b:ef:58:e2:1e:
48:2f:01:01:25:66:c2:31:40:03:da:f7:56:c1:ee:c0:84:91:
6c:0e:f4:95:62:44:3d:e4:39:af:9b:30:b4:e3:18:58:be:5c:
43:37:1e:fb:84:44:0a:7c:4f:7d:26:07:fc:13:3a:dd:18:fe:
07:a0:4f:90:df:0c:69:6e:b6:74:72:8c:b2:3a:76:20:81:15:
ba:bd:b1:64:47:59:7f:c1:9e:5d:61:b3:da:91:18:eb:75:e5:
a8:86:4d:48:c3:70:e9:bf:98:17:c8:be:7c:e3:36:1f:50:df:
42:77:fd:c0:8b:6a:33:eb:64:e6:92:3e:09:63:bd:6b:02:97:
50:40:2d:21:da:02:52:09:00:ca:17:7e:f5:73:9a:18:69:bf:
76:41:c4:85
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZmGU0sSyuM9oKY8OBdD0UDUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGUxZDlkY2RiMjVjMWU1MzJjNWM5YjY5ZGZhNzU3ZTMw
NjIxMGUwHhcNMjUwOTI2MTQwMDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWVjNmY4MDlkZjcxMjlmMzcyY2EwY2YzOTZjOGFmZDM0MjQ0NjNiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAna3ZzLaZa6Zv6kUq1hjqWG4Ss33X
+LSYSmYWzBBs/78P3DdgF0vUyDvmjDuho54iwCBhD6+IZTVTxw1dO3Um46Wvx7mf
cbx8NCuYJRXzuxdOxtnmvNkWJSgWBeAdE0iqKX7fO2foZirIESxTzZRprM4qkQb0
ocH4SWMLKQAAbkV65SnUFBnj5rXeDiLQEXeB3Vo/YzOAmVlZ+9pHmr11AhUjcUgy
5AGia3JHXTbazfW4WKL5FP6XLxSlAkiHYqGr1mkttKGmsNcicsoAPj86mxs3TeX5
YAy8WW+Mv5k1t98IXraAauGbOSKrs/7jXs0ULVbLOAfHCG9yYrRg6nzQewIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFPrsb4Cd9xKfNyygzzlsiv00JEY7MB8GA1UdIwQY
MBaAFGbeHZ3NslweUyxcm2nfp1fjBiEOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ0ZG5jMnlYQjVUTEZ5YmFkLW5WLU1HSVE0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NC82MGZjZmUtN2IyYy00NjcyLWJjMmYt
NDA0Nzk4NzA5NzZlLzEvMS11eHZnSjMzRXA4M0xLRFBPV3lLX1RRa1Jqcy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNjQvNjBmY2ZlLTdiMmMtNDY3Mi1iYzJmLTQwNDc5ODcwOTc2
ZS8xL1p0NGRuYzJ5WEI1VExGeWJhZC1uVi1NR0lRNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBeBggrBgEFBQcBBwEB/wRPME0wLAQCAAEwJgMEAiWPNAME
Ai0JxAMEAi0OsAMEAi1RwDAMAwQAuYRJAwQCuYRIMB0EAgACMBcDBQAqBuBAAwUA
KgbgQwMHACoG4EQAEDANBgkqhkiG9w0BAQsFAAOCAQEAbG7OmUmtP5UphtV+Cp91
7YS0GVkThzIUi034R+W4uTBrG6AOjL6l7qhtVwjSNhFvLSh7FFbljSSpC0NQIe7G
uLuJ0Qg2lkphpjiIUjEHEvkaDv25R6vejpqqB6sDmc182+CdU8SwNTvvWOIeSC8B
ASVmwjFAA9r3VsHuwISRbA70lWJEPeQ5r5swtOMYWL5cQzce+4RECnxPfSYH/BM6
3Rj+B6BPkN8MaW62dHKMsjp2IIEVur2xZEdZf8GeXWGz2pEY63XlqIZNSMNw6b+Y
F8i+fOM2H1DfQnf9wItqM+tk5pI+CWO9awKXUEAtIdoCUgkAyhd+9XOaGGm/dkHE
hQ==
-----END CERTIFICATE-----
Generated at Wed Oct 22 18:56:40 2025 by rpki-client