Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/kSpuRGxO_iNcJfkapdieZEQ9Gzw.roa
File: kSpuRGxO_iNcJfkapdieZEQ9Gzw.roa (raw, json)
Hash identifier: 91LnZ3BDnBwvzNsiz95IDFu3DO+o+HcnWci0jcIsOmg=
Subject key identifier: 91:2A:6E:44:6C:4E:FE:23:5C:25:F9:1A:A5:D8:9E:64:44:3D:1B:3C
Certificate issuer: /CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Certificate serial: 01999B03351DFA6A2CD51630FD23AB9A299E
Authority key identifier: 74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/kSpuRGxO_iNcJfkapdieZEQ9Gzw.roa
Signing time: Tue 30 Sep 2025 14:25:02 +0000
ROA not before: Tue 30 Sep 2025 14:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 151.145.128.0/19 maxlen: 19
158.120.48.0/24 maxlen: 24
158.120.50.0/24 maxlen: 24
158.120.52.0/24 maxlen: 24
158.120.54.0/24 maxlen: 24
158.120.56.0/24 maxlen: 24
158.120.58.0/24 maxlen: 24
158.120.60.0/24 maxlen: 24
158.120.62.0/24 maxlen: 24
170.100.147.0/24 maxlen: 24
170.100.148.0/22 maxlen: 22
170.100.204.0/24 maxlen: 24
170.100.206.0/23 maxlen: 23
192.6.64.0/22 maxlen: 22
192.6.172.0/22 maxlen: 22
192.6.252.0/22 maxlen: 22
192.25.180.0/22 maxlen: 22
192.25.200.0/22 maxlen: 22
192.25.208.0/22 maxlen: 22
192.25.232.0/22 maxlen: 22
192.25.244.0/22 maxlen: 22
192.137.24.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.mft
rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9b:03:35:1d:fa:6a:2c:d5:16:30:fd:23:ab:9a:29:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=743e447edb8a5e0e1b1d7f5cdc287c364a5fb0b5
Validity
Not Before: Sep 30 14:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=912a6e446c4efe235c25f91aa5d89e64443d1b3c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:80:71:d8:9e:ad:45:b3:41:ba:5d:4b:7f:c7:
0e:9c:2b:c7:d3:38:04:ad:ec:84:63:f9:14:6e:ee:
e0:16:d1:63:d7:93:a4:25:cc:23:14:00:c7:e0:70:
de:ef:25:aa:39:d5:f3:60:3a:9e:99:b6:f8:8e:32:
e3:0c:54:66:ab:bb:65:ad:3b:6a:0b:02:eb:a5:18:
2e:9f:17:51:46:4c:7a:d8:b0:cd:46:49:f4:94:6d:
f8:cd:11:6a:b0:a1:0e:30:04:db:47:60:ca:0f:fe:
c4:8e:02:1a:15:ae:92:3f:83:f9:c6:ba:07:c4:b9:
e2:ba:1c:2f:5e:a3:fb:20:41:ee:5f:b1:cf:76:b3:
77:f9:2a:c4:58:7d:92:82:31:cb:1e:62:53:ce:58:
e2:37:1f:36:53:84:54:aa:c5:0a:20:bd:6e:d1:2e:
65:c6:59:94:7e:63:fb:15:48:21:a0:89:81:0f:8d:
71:b9:5b:50:16:77:8a:4a:03:48:27:f6:3f:2a:0a:
7b:f3:0f:99:48:6e:ba:30:ab:98:21:41:f7:1d:ce:
fa:87:ea:8a:5c:5d:9b:c5:c8:41:e7:3a:d8:0d:ba:
7f:bc:af:97:78:72:f3:ac:ee:4e:08:22:f8:79:2a:
62:9d:57:03:96:d7:28:e3:2e:23:55:e1:f1:97:c7:
11:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:2A:6E:44:6C:4E:FE:23:5C:25:F9:1A:A5:D8:9E:64:44:3D:1B:3C
X509v3 Authority Key Identifier:
keyid:74:3E:44:7E:DB:8A:5E:0E:1B:1D:7F:5C:DC:28:7C:36:4A:5F:B0:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/dD5EftuKXg4bHX9c3Ch8NkpfsLU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/kSpuRGxO_iNcJfkapdieZEQ9Gzw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/a1ae70-7996-4687-a0d7-5e0f4ab809bb/1/dD5EftuKXg4bHX9c3Ch8NkpfsLU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.145.128.0/19
158.120.48.0/24
158.120.50.0/24
158.120.52.0/24
158.120.54.0/24
158.120.56.0/24
158.120.58.0/24
158.120.60.0/24
158.120.62.0/24
170.100.147.0-170.100.151.255
170.100.204.0/24
170.100.206.0/23
192.6.64.0/22
192.6.172.0/22
192.6.252.0/22
192.25.180.0/22
192.25.200.0/22
192.25.208.0/22
192.25.232.0/22
192.25.244.0/22
192.137.24.0/22
Signature Algorithm: sha256WithRSAEncryption
a4:9f:df:df:cd:a5:99:cb:87:f3:e1:fc:24:33:41:05:d9:2e:
20:e3:ea:ba:8f:e0:23:93:19:76:1a:1f:83:d1:ec:7c:7d:85:
34:5e:bc:48:63:68:28:54:91:a2:35:61:f0:af:bb:2e:74:f7:
c9:92:21:37:5d:be:08:8f:c2:ba:94:ed:50:4c:1d:ad:a6:f1:
86:69:90:c0:6a:d3:2c:3c:b3:de:2f:40:e9:e2:7b:99:cb:9d:
60:9b:70:43:7c:86:c7:08:e2:a1:91:0d:2b:47:31:49:e8:b6:
12:49:55:54:02:9b:9f:40:b9:df:1c:ce:22:bf:1c:90:a2:b7:
25:be:48:22:cd:14:82:f8:f4:66:1a:37:d9:c1:15:02:31:3d:
7d:71:f5:10:fe:7e:26:18:a2:4b:49:73:ed:f9:18:e5:9b:12:
f2:93:a3:88:8c:ef:ad:01:95:c6:8e:f8:43:ca:e1:40:5c:15:
ab:78:1a:cf:56:16:a0:81:93:6b:58:bb:18:ec:73:a2:89:25:
04:d7:67:14:1a:98:f3:f9:ed:34:d8:9d:c0:06:e3:cd:8b:7b:
66:19:87:da:94:ea:87:b9:6e:12:74:d8:a8:a5:b6:7f:d9:38:
20:57:44:f7:7c:3e:8c:dc:b8:e8:4a:12:e9:53:b9:32:2f:56:
8b:ff:03:98
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZmbAzUd+mos1RYw/SOrmimeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc0M2U0NDdlZGI4YTVlMGUxYjFkN2Y1Y2RjMjg3YzM2NGE1
ZmIwYjUwHhcNMjUwOTMwMTQyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTJhNmU0NDZjNGVmZTIzNWMyNWY5MWFhNWQ4OWU2NDQ0M2QxYjNjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyoBx2J6tRbNBul1Lf8cOnCvH0zgE
reyEY/kUbu7gFtFj15OkJcwjFADH4HDe7yWqOdXzYDqembb4jjLjDFRmq7tlrTtq
CwLrpRgunxdRRkx62LDNRkn0lG34zRFqsKEOMATbR2DKD/7EjgIaFa6SP4P5xroH
xLniuhwvXqP7IEHuX7HPdrN3+SrEWH2SgjHLHmJTzljiNx82U4RUqsUKIL1u0S5l
xlmUfmP7FUghoImBD41xuVtQFneKSgNIJ/Y/Kgp78w+ZSG66MKuYIUH3Hc76h+qK
XF2bxchB5zrYDbp/vK+XeHLzrO5OCCL4eSpinVcDltco4y4jVeHxl8cRzQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFJEqbkRsTv4jXCX5GqXYnmREPRs8MB8GA1UdIwQY
MBaAFHQ+RH7bil4OGx1/XNwofDZKX7C1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDct
NWUwZjRhYjgwOWJiLzEva1NwdVJHeE9faU5jSmZrYXBkaWVaRVE5R3p3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9hMWFlNzAtNzk5Ni00Njg3LWEwZDctNWUwZjRhYjgwOWJi
LzEvZEQ1RWZ0dUtYZzRiSFg5YzNDaDhOa3Bmc0xVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYDBAWX
kYADBACeeDADBACeeDIDBACeeDQDBACeeDYDBACeeDgDBACeeDoDBACeeDwDBACe
eD4wDAMEAKpkkwMEA6pkkAMEAKpkzAMEAapkzgMEAsAGQAMEAsAGrAMEAsAG/AME
AsAZtAMEAsAZyAMEAsAZ0AMEAsAZ6AMEAsAZ9AMEAsCJGDANBgkqhkiG9w0BAQsF
AAOCAQEApJ/f382lmcuH8+H8JDNBBdkuIOPquo/gI5MZdhofg9HsfH2FNF68SGNo
KFSRojVh8K+7LnT3yZIhN12+CI/CupTtUEwdrabxhmmQwGrTLDyz3i9A6eJ7mcud
YJtwQ3yGxwjioZENK0cxSei2EklVVAKbn0C53xzOIr8ckKK3Jb5IIs0Ugvj0Zho3
2cEVAjE9fXH1EP5+JhiiS0lz7fkY5ZsS8pOjiIzvrQGVxo74Q8rhQFwVq3gaz1YW
oIGTa1i7GOxzooklBNdnFBqY8/ntNNidwAbjzYt7ZhmH2pTqh7luEnTYqKW2f9k4
IFdE93w+jNy46EoS6VO5Mi9Wi/8DmA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:05:29 2025 by rpki-client