Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/tU2m5DrL5rP53xzJ77jtWjx-XDI.roa
File: tU2m5DrL5rP53xzJ77jtWjx-XDI.roa (raw, json)
Hash identifier: cIuKJRo/e71hOkxehoL05+2h6kML+pjr6RyBK3JDD+o=
Subject key identifier: B5:4D:A6:E4:3A:CB:E6:B3:F9:DF:1C:C9:EF:B8:ED:5A:3C:7E:5C:32
Certificate issuer: /CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Certificate serial: 0199056124A2EFBCA2A3865857135D3FDEE3
Authority key identifier: 17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/tU2m5DrL5rP53xzJ77jtWjx-XDI.roa
Signing time: Mon 01 Sep 2025 13:04:36 +0000
ROA not before: Mon 01 Sep 2025 13:04:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1103
IP address blocks: 145.0.0.0/16 maxlen: 24
145.2.0.0/15 maxlen: 24
145.9.0.0/16 maxlen: 24
145.19.0.0/16 maxlen: 24
145.19.0.0/24 maxlen: 24
145.20.0.0/16 maxlen: 24
145.23.0.0/16 maxlen: 24
145.23.0.0/19 maxlen: 24
145.24.0.0/16 maxlen: 24
145.28.0.0/15 maxlen: 24
145.33.0.0/16 maxlen: 24
145.37.0.0/16 maxlen: 24
145.38.0.0/15 maxlen: 24
145.41.0.0/16 maxlen: 24
145.44.0.0/16 maxlen: 24
145.48.0.0/15 maxlen: 24
145.51.0.0/16 maxlen: 24
145.52.0.0/16 maxlen: 24
145.74.0.0/15 maxlen: 24
145.76.0.0/16 maxlen: 24
145.81.0.0/16 maxlen: 24
145.85.0.0/16 maxlen: 24
145.85.0.0/24 maxlen: 24
145.88.0.0/15 maxlen: 24
145.90.0.0/16 maxlen: 24
145.90.10.0/23 maxlen: 24
145.91.0.0/16 maxlen: 24
145.91.0.0/24 maxlen: 24
145.92.0.0/15 maxlen: 24
145.95.0.0/16 maxlen: 24
145.96.0.0/16 maxlen: 24
145.97.16.0/22 maxlen: 24
145.97.20.0/22 maxlen: 24
145.97.24.0/21 maxlen: 24
145.97.48.0/20 maxlen: 24
145.97.64.0/18 maxlen: 24
145.97.128.0/18 maxlen: 24
145.97.128.0/24 maxlen: 24
145.97.192.0/18 maxlen: 24
145.98.0.0/16 maxlen: 24
145.100.0.0/15 maxlen: 24
145.102.0.0/16 maxlen: 24
145.103.0.0/16 maxlen: 24
145.107.0.0/16 maxlen: 24
145.108.0.0/16 maxlen: 24
145.109.128.0/17 maxlen: 24
145.116.0.0/20 maxlen: 24
145.116.16.0/21 maxlen: 24
145.116.24.0/21 maxlen: 24
145.116.64.0/18 maxlen: 24
145.116.128.0/18 maxlen: 24
145.116.192.0/20 maxlen: 24
145.116.224.0/19 maxlen: 24
145.117.0.0/16 maxlen: 24
145.118.0.0/16 maxlen: 24
145.120.0.0/14 maxlen: 24
145.124.0.0/15 maxlen: 24
145.126.0.0/16 maxlen: 24
145.127.0.0/17 maxlen: 24
145.136.0.0/15 maxlen: 24
145.137.128.0/18 maxlen: 24
145.138.0.0/16 maxlen: 24
145.140.0.0/14 maxlen: 24
145.144.0.0/12 maxlen: 24
145.146.0.0/16 maxlen: 24
192.87.0.0/16 maxlen: 24
194.171.0.0/16 maxlen: 24
195.169.0.0/16 maxlen: 24
2001:610::/29 maxlen: 29
2001:610::/32 maxlen: 48
2001:610:130::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.mft
rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 22:00:34 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:61:24:a2:ef:bc:a2:a3:86:58:57:13:5d:3f:de:e3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1773db17795d2bf1b4b5345c5b29390dbaf4523e
Validity
Not Before: Sep 1 13:04:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b54da6e43acbe6b3f9df1cc9efb8ed5a3c7e5c32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:3e:44:8b:ab:24:ca:a4:b4:9b:ed:95:93:b8:
53:e4:b9:a4:98:84:56:35:31:f1:17:3f:32:a6:fc:
07:4b:a0:f5:25:4c:b1:96:83:a9:59:c3:e0:07:89:
39:e9:60:fd:26:81:64:d9:03:0f:06:32:06:dd:b9:
ad:92:01:f6:6f:41:fb:da:1a:21:15:be:f2:86:5b:
ae:95:f5:59:c0:02:5c:a3:ef:00:8c:79:0e:13:af:
3a:6c:bb:a9:09:7e:03:64:09:96:10:c2:41:fc:a7:
1c:a0:93:90:6c:02:54:0c:a8:94:cd:45:a8:91:36:
b0:ad:4f:aa:1a:79:42:2e:70:73:6b:b8:73:5b:fa:
39:21:26:1e:af:8d:88:eb:a0:32:a0:b3:9a:a7:85:
8f:06:3c:6e:79:af:4f:1e:7a:19:84:48:4e:80:32:
c9:51:4b:5d:ae:17:05:44:25:3f:b3:1c:77:6c:7f:
45:1a:db:d5:b9:3d:eb:90:d5:b0:0f:23:11:66:a0:
5e:06:ef:a5:e1:67:3b:b2:fa:7c:00:f6:7a:86:17:
4f:05:50:d2:01:c2:1c:b9:ea:7b:71:79:4b:1f:9a:
9f:1a:75:72:ba:37:19:0f:e6:c9:b6:75:b3:aa:d0:
92:fc:48:85:5b:f4:34:50:dc:8e:15:58:1e:c0:60:
64:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:4D:A6:E4:3A:CB:E6:B3:F9:DF:1C:C9:EF:B8:ED:5A:3C:7E:5C:32
X509v3 Authority Key Identifier:
keyid:17:73:DB:17:79:5D:2B:F1:B4:B5:34:5C:5B:29:39:0D:BA:F4:52:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/tU2m5DrL5rP53xzJ77jtWjx-XDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f77cbd-893b-4616-9d76-54861f23249d/1/F3PbF3ldK_G0tTRcWyk5Dbr0Uj4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.0.0.0/16
145.2.0.0/15
145.9.0.0/16
145.19.0.0-145.20.255.255
145.23.0.0-145.24.255.255
145.28.0.0/15
145.33.0.0/16
145.37.0.0-145.39.255.255
145.41.0.0/16
145.44.0.0/16
145.48.0.0/15
145.51.0.0-145.52.255.255
145.74.0.0-145.76.255.255
145.81.0.0/16
145.85.0.0/16
145.88.0.0-145.93.255.255
145.95.0.0-145.96.255.255
145.97.16.0/20
145.97.48.0-145.98.255.255
145.100.0.0/14
145.107.0.0-145.108.255.255
145.109.128.0/17
145.116.0.0/19
145.116.64.0-145.116.207.255
145.116.224.0-145.118.255.255
145.120.0.0-145.127.127.255
145.136.0.0-145.138.255.255
145.140.0.0-145.159.255.255
192.87.0.0/16
194.171.0.0/16
195.169.0.0/16
IPv6:
2001:610::/29
Signature Algorithm: sha256WithRSAEncryption
13:e3:73:53:35:db:60:d4:6c:e9:37:70:89:82:7e:aa:e5:31:
26:a1:c9:76:ec:5e:6f:f5:b6:ec:9f:91:a5:91:8c:1b:6a:b9:
2b:84:90:2b:bb:d3:09:03:5c:f7:26:26:89:ff:66:b7:0c:b5:
91:be:ce:0b:8d:a3:17:08:4b:52:22:2b:a9:bf:af:62:35:b6:
c0:2d:f0:63:c5:8f:f0:2c:bf:9e:cd:9f:b9:33:77:dc:e5:5b:
41:90:95:a4:2c:ac:7b:08:9a:11:49:67:d6:10:6a:eb:3d:93:
27:88:a4:5a:4b:80:53:7c:10:bd:41:f6:7b:dd:63:ad:7f:a6:
4e:4e:49:4b:86:80:c6:d6:6a:c0:35:b4:96:a5:a0:9f:eb:6f:
e3:04:6f:b6:4d:f5:99:e8:28:90:9a:ff:b4:15:f7:f2:b4:db:
bc:40:55:4c:c5:02:cd:db:8f:44:6c:d8:a0:ea:23:72:18:5f:
77:67:4e:c4:0f:79:09:db:f3:a7:ec:a4:50:b3:96:d7:87:a6:
fd:bf:3d:9e:fe:7f:bb:dd:0a:43:fd:fa:72:55:70:15:90:a4:
54:d1:af:7a:a7:46:f7:78:98:d8:08:53:c8:a4:b8:9e:63:32:
d8:a4:d2:df:66:89:3a:21:a0:2e:f2:62:56:37:55:b6:bc:fd:
6f:d8:e7:a2
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZkFYSSi77yio4ZYVxNdP97jMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE3NzNkYjE3Nzk1ZDJiZjFiNGI1MzQ1YzViMjkzOTBkYmFm
NDUyM2UwHhcNMjUwOTAxMTMwNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTRkYTZlNDNhY2JlNmIzZjlkZjFjYzllZmI4ZWQ1YTNjN2U1YzMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1j5Ei6skyqS0m+2Vk7hT5LmkmIRW
NTHxFz8ypvwHS6D1JUyxloOpWcPgB4k56WD9JoFk2QMPBjIG3bmtkgH2b0H72hoh
Fb7yhluulfVZwAJco+8AjHkOE686bLupCX4DZAmWEMJB/KccoJOQbAJUDKiUzUWo
kTawrU+qGnlCLnBza7hzW/o5ISYer42I66AyoLOap4WPBjxuea9PHnoZhEhOgDLJ
UUtdrhcFRCU/sxx3bH9FGtvVuT3rkNWwDyMRZqBeBu+l4Wc7svp8APZ6hhdPBVDS
AcIcuep7cXlLH5qfGnVyujcZD+bJtnWzqtCS/EiFW/Q0UNyOFVgewGBkhQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFLVNpuQ6y+az+d8cye+47Vo8flwyMB8GA1UdIwQY
MBaAFBdz2xd5XSvxtLU0XFspOQ269FI+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYt
NTQ4NjFmMjMyNDlkLzEvdFUybTVEckw1clA1M3h6Sjc3anRXangtWERJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mNzdjYmQtODkzYi00NjE2LTlkNzYtNTQ4NjFmMjMyNDlk
LzEvRjNQYkYzbGRLX0cwdFRSY1d5azVEYnIwVWo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCCAQ0EAgABMIIB
BQMDAJEAAwMBkQIDAwCRCTAKAwMAkRMDAwCRFDAKAwMAkRcDAwCRGAMDAZEcAwMA
kSEwCgMDAJElAwMDkSADAwCRKQMDAJEsAwMBkTAwCgMDAJEzAwMAkTQwCgMDAZFK
AwMAkUwDAwCRUQMDAJFVMAoDAwORWAMDAZFcMAoDAwCRXwMDAJFgAwQEkWEQMAsD
BASRYTADAwCRYgMDApFkMAoDAwCRawMDAJFsAwQHkW2AAwQFkXQAMAwDBAaRdEAD
BASRdMAwCwMEBZF04AMDAJF2MAsDAwOReAMEB5F/ADAKAwMDkYgDAwCRijAKAwMC
kYwDAwWRgAMDAMBXAwMAwqsDAwDDqTANBAIAAjAHAwUDIAEGEDANBgkqhkiG9w0B
AQsFAAOCAQEAE+NzUzXbYNRs6TdwiYJ+quUxJqHJduxeb/W27J+RpZGMG2q5K4SQ
K7vTCQNc9yYmif9mtwy1kb7OC42jFwhLUiIrqb+vYjW2wC3wY8WP8Cy/ns2fuTN3
3OVbQZCVpCysewiaEUln1hBq6z2TJ4ikWkuAU3wQvUH2e91jrX+mTk5JS4aAxtZq
wDW0lqWgn+tv4wRvtk31megokJr/tBX38rTbvEBVTMUCzduPRGzYoOojchhfd2dO
xA95Cdvzp+ykULOW14em/b89nv5/u90KQ/36clVwFZCkVNGveqdG93iY2AhTyKS4
nmMy2KTS32aJOiGgLvJiVjdVtrz9b9jnog==
-----END CERTIFICATE-----
Generated at Mon Sep 8 05:18:26 2025 by rpki-client