Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/jqEPhcVvU8VT7JgRGBBWhCXCn1c.roa
File: jqEPhcVvU8VT7JgRGBBWhCXCn1c.roa (raw, json)
Hash identifier: KKzpFI0sTDCcjDi0/2IoNKlsapD0/Xws0RroR1jaHMQ=
Subject key identifier: 8E:A1:0F:85:C5:6F:53:C5:53:EC:98:11:18:10:56:84:25:C2:9F:57
Certificate issuer: /CN=9aee15c33de358938d6900a1b3c14480a389e85b
Certificate serial: 019A8216B504818EDD0CE6D5A2BD42A69A5D
Authority key identifier: 9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/jqEPhcVvU8VT7JgRGBBWhCXCn1c.roa
Signing time: Fri 14 Nov 2025 11:18:37 +0000
ROA not before: Fri 14 Nov 2025 11:18:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207713
IP address blocks: 45.93.213.0/24 maxlen: 24
45.93.214.0/24 maxlen: 24
45.151.234.0/24 maxlen: 24
45.151.235.0/24 maxlen: 24
77.83.246.0/24 maxlen: 24
160.20.156.0/24 maxlen: 24
160.20.157.0/24 maxlen: 24
185.68.186.0/24 maxlen: 24
185.68.187.0/24 maxlen: 24
185.71.214.0/24 maxlen: 24
185.71.215.0/24 maxlen: 24
185.73.180.0/24 maxlen: 24
185.73.181.0/24 maxlen: 24
185.75.132.0/24 maxlen: 24
185.76.240.0/24 maxlen: 24
185.76.241.0/24 maxlen: 24
185.76.242.0/24 maxlen: 24
185.77.138.0/24 maxlen: 24
185.77.139.0/24 maxlen: 24
185.79.132.0/24 maxlen: 24
185.79.133.0/24 maxlen: 24
185.88.98.0/24 maxlen: 24
185.88.99.0/24 maxlen: 24
185.95.228.0/24 maxlen: 24
185.95.230.0/24 maxlen: 24
185.100.156.0/24 maxlen: 24
185.102.114.0/24 maxlen: 24
185.111.24.0/24 maxlen: 24
185.182.130.0/24 maxlen: 24
185.182.131.0/24 maxlen: 24
193.38.228.0/24 maxlen: 24
193.38.229.0/24 maxlen: 24
193.38.230.0/24 maxlen: 24
193.38.231.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.mft
rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 12:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:82:16:b5:04:81:8e:dd:0c:e6:d5:a2:bd:42:a6:9a:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9aee15c33de358938d6900a1b3c14480a389e85b
Validity
Not Before: Nov 14 11:18:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8ea10f85c56f53c553ec98111810568425c29f57
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:1d:09:3d:ea:5f:a6:a8:fb:5b:dd:4a:2c:c8:
21:cf:ca:7c:e0:a1:6d:37:ea:91:3b:95:53:79:60:
c0:d1:f0:a5:71:f4:1f:5f:e3:2f:a8:3a:fa:7b:de:
67:ae:2b:b6:16:8c:24:f8:1c:27:2f:6c:52:59:21:
0b:78:b8:f0:00:f4:5b:3d:ba:a1:2f:9d:7d:51:bd:
16:61:82:a5:b7:bc:0f:b7:5c:64:b2:9a:a6:41:18:
66:78:f5:25:c3:ca:b1:08:6f:e3:55:18:b3:94:f6:
5a:6a:21:0c:07:7c:60:fd:ec:b2:95:97:bf:5d:db:
47:34:dc:0f:4c:8f:7d:85:67:a3:91:07:a7:9b:43:
80:61:46:31:27:dc:7b:24:73:05:35:aa:3f:7f:6a:
cf:e4:b9:6c:b5:86:c7:02:6c:63:6e:21:44:71:e4:
a4:1e:8a:fb:65:b8:2c:88:78:c7:64:73:cb:6a:dd:
8b:75:2b:e5:5e:c4:b9:46:9f:a5:ac:ee:3d:e0:d5:
87:fe:76:e5:0a:65:36:32:77:cd:61:41:e8:db:07:
3a:8e:11:64:7a:c7:cc:87:b2:f5:74:e3:34:95:3e:
43:ca:0e:d7:7c:88:c1:89:5f:ca:7c:a7:78:ae:a1:
97:9a:a9:93:53:f1:35:c5:fb:c5:b4:03:5b:6a:8f:
95:ef
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:A1:0F:85:C5:6F:53:C5:53:EC:98:11:18:10:56:84:25:C2:9F:57
X509v3 Authority Key Identifier:
keyid:9A:EE:15:C3:3D:E3:58:93:8D:69:00:A1:B3:C1:44:80:A3:89:E8:5B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/jqEPhcVvU8VT7JgRGBBWhCXCn1c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/72f77f-76ab-4e79-a062-6ee534d92e52/1/mu4Vwz3jWJONaQChs8FEgKOJ6Fs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.93.213.0-45.93.214.255
45.151.234.0/23
77.83.246.0/24
160.20.156.0/23
185.68.186.0/23
185.71.214.0/23
185.73.180.0/23
185.75.132.0/24
185.76.240.0-185.76.242.255
185.77.138.0/23
185.79.132.0/23
185.88.98.0/23
185.95.228.0/24
185.95.230.0/24
185.100.156.0/24
185.102.114.0/24
185.111.24.0/24
185.182.130.0/23
193.38.228.0/22
Signature Algorithm: sha256WithRSAEncryption
80:f1:3d:ab:bf:c2:cb:b7:12:d5:04:14:53:08:2f:c2:0e:90:
21:7a:11:f3:87:72:fc:d9:99:b6:81:b6:78:28:de:46:3c:49:
74:f6:5c:d3:58:9a:3f:45:aa:75:8e:f3:42:1c:a5:4a:ec:ab:
1d:2d:99:ef:74:16:66:00:08:98:7a:60:c9:06:92:86:f8:ad:
60:60:f2:84:bc:25:48:a1:2d:bf:39:d6:76:7e:f0:fb:8d:7d:
48:47:84:11:e7:30:7d:7d:14:f8:b7:cc:b9:40:53:75:c6:da:
c3:96:b1:b8:ab:42:3c:64:4c:f9:5d:00:4a:64:a9:67:c4:90:
35:94:63:49:60:e3:40:bd:20:56:2e:c2:6d:aa:38:91:72:a8:
e9:17:cc:94:1f:df:2a:1f:bd:de:19:79:ff:a8:9e:ec:5b:9e:
8b:40:0a:72:44:5a:3d:8e:8b:27:b6:13:73:19:f3:af:e7:37:
6b:d5:95:c2:66:85:5a:8f:41:c0:25:b8:48:12:62:c9:5a:11:
43:ea:1a:06:40:c1:f9:4f:5b:c1:f9:45:4f:a1:a4:04:78:b0:
d1:d6:d6:cb:05:db:27:7d:74:85:a5:47:7d:cd:14:93:2a:3f:
bc:19:ff:97:c5:b0:05:cb:35:52:98:88:fd:6c:89:bf:c9:61:
98:6c:bc:e7
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZqCFrUEgY7dDObVor1CpppdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlhZWUxNWMzM2RlMzU4OTM4ZDY5MDBhMWIzYzE0NDgwYTM4
OWU4NWIwHhcNMjUxMTE0MTExODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWExMGY4NWM1NmY1M2M1NTNlYzk4MTExODEwNTY4NDI1YzI5ZjU3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhB0JPepfpqj7W91KLMghz8p84KFt
N+qRO5VTeWDA0fClcfQfX+MvqDr6e95nriu2Fowk+BwnL2xSWSELeLjwAPRbPbqh
L519Ub0WYYKlt7wPt1xkspqmQRhmePUlw8qxCG/jVRizlPZaaiEMB3xg/eyylZe/
XdtHNNwPTI99hWejkQenm0OAYUYxJ9x7JHMFNao/f2rP5LlstYbHAmxjbiFEceSk
Hor7ZbgsiHjHZHPLat2LdSvlXsS5Rp+lrO494NWH/nblCmU2MnfNYUHo2wc6jhFk
esfMh7L1dOM0lT5Dyg7XfIjBiV/KfKd4rqGXmqmTU/E1xfvFtANbao+V7wIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFI6hD4XFb1PFU+yYERgQVoQlwp9XMB8GA1UdIwQY
MBaAFJruFcM941iTjWkAobPBRICjiehbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjIt
NmVlNTM0ZDkyZTUyLzEvanFFUGhjVnZVOFZUN0pnUkdCQldoQ1hDbjFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS83MmY3N2YtNzZhYi00ZTc5LWEwNjItNmVlNTM0ZDkyZTUy
LzEvbXU0Vnd6M2pXSk9OYVFDaHM4RkVnS09KNkZzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIwDAME
AC1d1QMEAC1d1gMEAS2X6gMEAE1T9gMEAaAUnAMEAblEugMEAblH1gMEAblJtAME
ALlLhDAMAwQEuUzwAwQAuUzyAwQBuU2KAwQBuU+EAwQBuVhiAwQAuV/kAwQAuV/m
AwQAuWScAwQAuWZyAwQAuW8YAwQBubaCAwQCwSbkMA0GCSqGSIb3DQEBCwUAA4IB
AQCA8T2rv8LLtxLVBBRTCC/CDpAhehHzh3L82Zm2gbZ4KN5GPEl09lzTWJo/Rap1
jvNCHKVK7KsdLZnvdBZmAAiYemDJBpKG+K1gYPKEvCVIoS2/OdZ2fvD7jX1IR4QR
5zB9fRT4t8y5QFN1xtrDlrG4q0I8ZEz5XQBKZKlnxJA1lGNJYONAvSBWLsJtqjiR
cqjpF8yUH98qH73eGXn/qJ7sW56LQApyRFo9josnthNzGfOv5zdr1ZXCZoVaj0HA
JbhIEmLJWhFD6hoGQMH5T1vB+UVPoaQEeLDR1tbLBdsnfXSFpUd9zRSTKj+8Gf+X
xbAFyzVSmIj9bIm/yWGYbLzn
-----END CERTIFICATE-----
Generated at Sat Nov 15 22:09:01 2025 by rpki-client