Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/_jJzyRmJqrwFJuS0RLJ0hiZgdfA.roa
File: _jJzyRmJqrwFJuS0RLJ0hiZgdfA.roa (raw, json)
Hash identifier: sbAUhaABWE5Yto64ATcg+Zla28iIZdfHxrQK/XE2Z0c=
Subject key identifier: FE:32:73:C9:19:89:AA:BC:05:26:E4:B4:44:B2:74:86:26:60:75:F0
Certificate issuer: /CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Certificate serial: 0199C30D9AAB306EF30A2E5D31D1E98652AB
Authority key identifier: 4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/_jJzyRmJqrwFJuS0RLJ0hiZgdfA.roa
Signing time: Wed 08 Oct 2025 09:01:12 +0000
ROA not before: Wed 08 Oct 2025 09:01:12 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25160
IP address blocks: 5.10.144.0/20 maxlen: 20
31.28.65.0/24 maxlen: 24
31.28.67.0/24 maxlen: 24
31.28.68.0/24 maxlen: 24
31.28.70.0/24 maxlen: 24
31.28.72.0/24 maxlen: 24
31.28.75.0/24 maxlen: 24
31.28.80.0/22 maxlen: 22
31.28.84.0/23 maxlen: 23
31.28.86.0/24 maxlen: 24
37.157.32.0/21 maxlen: 21
45.88.112.0/22 maxlen: 22
82.163.112.0/21 maxlen: 21
82.163.124.0/22 maxlen: 22
82.163.192.0/19 maxlen: 24
82.163.205.0/24 maxlen: 24
91.238.221.0/24 maxlen: 24
94.126.43.0/24 maxlen: 24
94.126.47.0/24 maxlen: 24
144.98.0.0/16 maxlen: 16
158.41.64.0/18 maxlen: 18
165.65.0.0/16 maxlen: 16
178.18.116.0/23 maxlen: 23
178.18.119.0/24 maxlen: 24
185.28.240.0/22 maxlen: 22
185.53.224.0/22 maxlen: 22
185.120.204.0/22 maxlen: 22
185.121.76.0/22 maxlen: 22
185.135.164.0/22 maxlen: 22
185.237.48.0/22 maxlen: 22
193.0.176.0/23 maxlen: 23
193.221.128.0/19 maxlen: 19
194.8.254.0/23 maxlen: 23
195.250.16.0/22 maxlen: 22
206.245.192.0/18 maxlen: 24
2a00:e340::/29 maxlen: 29
2a01:a220::/29 maxlen: 29
2a10:d700::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.mft
rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c3:0d:9a:ab:30:6e:f3:0a:2e:5d:31:d1:e9:86:52:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ee843a85dd664e9dc0310892bd7dd9ce52591c7
Validity
Not Before: Oct 8 09:01:12 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe3273c91989aabc0526e4b444b27486266075f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:b7:2b:a8:e4:32:d2:8b:db:2a:73:53:74:bd:
d0:d4:6c:5b:9a:78:e8:88:35:70:dd:3d:29:00:8c:
f6:ea:99:83:35:83:05:95:ae:af:71:45:65:85:d0:
5d:2f:37:42:f8:67:18:ae:8f:ea:b1:02:c4:b7:cb:
ec:71:6a:9c:b2:2a:54:5d:c5:ed:16:8d:29:1b:ae:
f0:23:c8:e3:62:df:0b:28:db:42:88:ce:1a:67:d3:
a1:f1:99:46:ed:65:c1:ba:87:e3:e4:a4:58:94:07:
77:c2:34:7d:28:4f:c9:09:5b:88:cc:28:f2:93:56:
d1:30:52:c5:c9:db:d3:f7:30:64:de:7f:c7:e7:29:
97:fe:da:b5:a1:12:ce:75:54:ca:72:f0:ea:a6:44:
1f:6b:b0:1f:79:b1:29:99:6f:8d:79:85:d3:aa:3d:
ee:f2:ec:6f:01:33:a5:59:4f:66:fb:7a:ac:1a:13:
bd:27:b7:0e:ce:83:79:4e:6a:c5:35:8d:9e:c6:7d:
27:58:dc:2b:28:0d:28:9e:a0:fe:1d:54:29:5f:76:
cb:10:b7:11:94:c6:59:09:56:34:a2:e4:6e:d4:d4:
a0:21:5f:75:cf:e4:b8:40:25:9f:ae:65:98:e1:4c:
55:c1:fb:7d:e6:00:c2:f3:73:ae:24:7f:15:35:f8:
5c:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:32:73:C9:19:89:AA:BC:05:26:E4:B4:44:B2:74:86:26:60:75:F0
X509v3 Authority Key Identifier:
keyid:4E:E8:43:A8:5D:D6:64:E9:DC:03:10:89:2B:D7:DD:9C:E5:25:91:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TuhDqF3WZOncAxCJK9fdnOUlkcc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/_jJzyRmJqrwFJuS0RLJ0hiZgdfA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8d/adad20-c512-4fb0-a127-48cf412b387b/1/TuhDqF3WZOncAxCJK9fdnOUlkcc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.10.144.0/20
31.28.65.0/24
31.28.67.0-31.28.68.255
31.28.70.0/24
31.28.72.0/24
31.28.75.0/24
31.28.80.0-31.28.86.255
37.157.32.0/21
45.88.112.0/22
82.163.112.0/21
82.163.124.0/22
82.163.192.0/19
91.238.221.0/24
94.126.43.0/24
94.126.47.0/24
144.98.0.0/16
158.41.64.0/18
165.65.0.0/16
178.18.116.0/23
178.18.119.0/24
185.28.240.0/22
185.53.224.0/22
185.120.204.0/22
185.121.76.0/22
185.135.164.0/22
185.237.48.0/22
193.0.176.0/23
193.221.128.0/19
194.8.254.0/23
195.250.16.0/22
206.245.192.0/18
IPv6:
2a00:e340::/29
2a01:a220::/29
2a10:d700::/29
Signature Algorithm: sha256WithRSAEncryption
c1:0e:7b:4f:69:76:a4:77:c6:de:9b:81:13:11:e6:d3:06:48:
57:fc:68:c5:71:ba:07:b5:4b:9f:e4:e5:59:5a:e0:6d:00:3d:
49:57:ff:ca:81:b0:6e:d4:e5:18:0d:d5:36:84:ce:9e:38:14:
e3:ec:53:19:18:c2:a6:ad:43:8a:be:83:bb:03:1b:b2:ef:60:
82:d5:0b:ad:d8:32:73:c9:5f:fc:8a:9a:87:8c:a8:09:c3:54:
eb:04:17:5e:3a:d9:27:a3:0d:f1:f1:61:17:60:ca:1c:70:fc:
11:49:50:83:54:e4:11:e7:c2:a7:58:5b:37:df:52:a4:be:c6:
10:67:2d:a9:7c:b5:48:08:12:d8:b1:6a:8e:74:ee:73:2d:87:
c2:7d:ba:ce:da:9f:08:dc:dc:00:b8:cf:e8:d9:8d:d9:ac:c9:
19:da:7d:9b:90:86:b4:bb:da:95:6a:f8:e3:f3:be:5c:bf:5a:
ca:22:7f:38:62:76:2b:e8:06:98:2a:3e:5a:98:3b:c5:7a:64:
dd:1b:fd:71:f5:87:39:3e:38:49:19:38:98:63:10:a4:b4:63:
f5:65:24:f8:49:76:8f:e4:aa:6e:82:2d:6a:a7:b2:c8:c7:c1:
13:d9:f9:90:5a:42:6a:e5:5e:5f:30:e8:93:d6:c2:ea:02:ef:
e8:ae:db:11
-----BEGIN CERTIFICATE-----
MIIF4jCCBMqgAwIBAgISAZnDDZqrMG7zCi5dMdHphlKrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlZTg0M2E4NWRkNjY0ZTlkYzAzMTA4OTJiZDdkZDljZTUy
NTkxYzcwHhcNMjUxMDA4MDkwMTEyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTMyNzNjOTE5ODlhYWJjMDUyNmU0YjQ0NGIyNzQ4NjI2NjA3NWYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAprcrqOQy0ovbKnNTdL3Q1Gxbmnjo
iDVw3T0pAIz26pmDNYMFla6vcUVlhdBdLzdC+GcYro/qsQLEt8vscWqcsipUXcXt
Fo0pG67wI8jjYt8LKNtCiM4aZ9Oh8ZlG7WXBuofj5KRYlAd3wjR9KE/JCVuIzCjy
k1bRMFLFydvT9zBk3n/H5ymX/tq1oRLOdVTKcvDqpkQfa7AfebEpmW+NeYXTqj3u
8uxvATOlWU9m+3qsGhO9J7cOzoN5TmrFNY2exn0nWNwrKA0onqD+HVQpX3bLELcR
lMZZCVY0ouRu1NSgIV91z+S4QCWfrmWY4UxVwft95gDC83OuJH8VNfhcZQIDAQAB
o4IC7jCCAuowHQYDVR0OBBYEFP4yc8kZiaq8BSbktESydIYmYHXwMB8GA1UdIwQY
MBaAFE7oQ6hd1mTp3AMQiSvX3ZzlJZHHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjct
NDhjZjQxMmIzODdiLzEvX2pKenlSbUpxcndGSnVTMFJMSjBoaVpnZGZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZC9hZGFkMjAtYzUxMi00ZmIwLWExMjctNDhjZjQxMmIzODdi
LzEvVHVoRHFGM1daT25jQXhDSks5ZmRuT1Vsa2NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAgYIKwYBBQUHAQcBAf8EgfIwge8wgc8EAgABMIHIAwQE
BQqQAwQAHxxBMAwDBAAfHEMDBAAfHEQDBAAfHEYDBAAfHEgDBAAfHEswDAMEBB8c
UAMEAB8cVgMEAyWdIAMEAi1YcAMEA1KjcAMEAlKjfAMEBVKjwAMEAFvu3QMEAF5+
KwMEAF5+LwMDAJBiAwQGnilAAwMApUEDBAGyEnQDBACyEncDBAK5HPADBAK5NeAD
BAK5eMwDBAK5eUwDBAK5h6QDBAK57TADBAHBALADBAXB3YADBAHCCP4DBALD+hAD
BAbO9cAwGwQCAAIwFQMFAyoA40ADBQMqAaIgAwUDKhDXADANBgkqhkiG9w0BAQsF
AAOCAQEAwQ57T2l2pHfG3puBExHm0wZIV/xoxXG6B7VLn+TlWVrgbQA9SVf/yoGw
btTlGA3VNoTOnjgU4+xTGRjCpq1Dir6DuwMbsu9ggtULrdgyc8lf/Iqah4yoCcNU
6wQXXjrZJ6MN8fFhF2DKHHD8EUlQg1TkEefCp1hbN99SpL7GEGctqXy1SAgS2LFq
jnTucy2Hwn26ztqfCNzcALjP6NmN2azJGdp9m5CGtLvalWr44/O+XL9ayiJ/OGJ2
K+gGmCo+Wpg7xXpk3Rv9cfWHOT44SRk4mGMQpLRj9WUk+El2j+SqboItaqeyyMfB
E9n5kFpCauVeXzDok9bC6gLv6K7bEQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:10:32 2025 by rpki-client