Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/IegCq5Rn6lRcI8xWT2uJVhdssC4.roa
File: IegCq5Rn6lRcI8xWT2uJVhdssC4.roa (raw, json)
Hash identifier: 3LOlFCnRNEtS1BzrpkbbTbroRAOO52KhdPqdPy9GeZM=
Subject key identifier: 21:E8:02:AB:94:67:EA:54:5C:23:CC:56:4F:6B:89:56:17:6C:B0:2E
Certificate issuer: /CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Certificate serial: 0198E0C37DA09C8E138E80E866604F36172D
Authority key identifier: B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/IegCq5Rn6lRcI8xWT2uJVhdssC4.roa
Signing time: Mon 25 Aug 2025 10:26:04 +0000
ROA not before: Mon 25 Aug 2025 10:26:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206092
IP address blocks: 45.86.200.0/24 maxlen: 24
45.86.202.0/24 maxlen: 24
45.92.229.0/24 maxlen: 24
45.146.54.0/24 maxlen: 24
45.154.138.0/24 maxlen: 24
45.157.112.0/24 maxlen: 24
136.144.17.0/24 maxlen: 24
136.144.19.0/24 maxlen: 24
136.144.33.0/24 maxlen: 24
136.144.42.0/24 maxlen: 24
193.36.224.0/24 maxlen: 24
193.36.225.0/24 maxlen: 24
193.37.32.0/24 maxlen: 24
193.37.33.0/24 maxlen: 24
193.176.211.0/24 maxlen: 24
194.5.48.0/24 maxlen: 24
194.5.53.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 13:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e0:c3:7d:a0:9c:8e:13:8e:80:e8:66:60:4f:36:17:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b155009c3de421cc4e67b9a9ae423bb35de0b926
Validity
Not Before: Aug 25 10:26:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=21e802ab9467ea545c23cc564f6b8956176cb02e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:94:ea:df:24:32:bd:51:8e:6c:96:2a:28:2f:
f0:cc:b2:28:e7:1e:42:55:4c:f4:ee:21:84:ca:4b:
8d:97:4f:bb:a2:86:bb:84:25:2a:6b:1e:8c:6c:3c:
82:dc:d0:d6:52:41:20:0d:e0:c7:36:29:74:6f:bd:
39:8f:fa:31:ea:45:bd:03:db:cf:e0:3e:4e:95:b5:
63:0e:bb:51:d6:7c:a7:cc:47:46:56:fc:83:57:de:
1c:cc:b8:08:93:e7:fb:d9:c4:32:e9:97:63:ab:cc:
1b:e4:1d:94:10:b1:1b:8e:45:17:37:90:57:af:3f:
d6:1a:0e:9c:ec:fe:f2:01:68:54:a4:48:bc:75:37:
e4:32:2d:0d:86:9c:27:b2:b6:14:61:85:0f:df:98:
90:e5:ac:62:ab:66:24:5e:7c:87:a3:a1:23:78:30:
2d:15:30:b4:4f:f9:a8:c1:07:66:e9:e2:b8:95:73:
a2:b5:ac:ce:b8:f5:76:30:0c:06:24:45:23:4d:7a:
8c:08:56:f8:7e:f2:59:f7:b9:b6:e5:d2:4c:94:35:
e5:ce:e2:52:f6:70:12:7d:d8:7e:91:8e:e3:e9:3e:
de:65:37:5a:70:10:19:75:9d:ec:2e:1d:b1:c9:65:
17:6e:3a:b0:d9:8b:72:fa:7d:15:76:6a:02:57:48:
87:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:E8:02:AB:94:67:EA:54:5C:23:CC:56:4F:6B:89:56:17:6C:B0:2E
X509v3 Authority Key Identifier:
keyid:B1:55:00:9C:3D:E4:21:CC:4E:67:B9:A9:AE:42:3B:B3:5D:E0:B9:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sVUAnD3kIcxOZ7mprkI7s13guSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/IegCq5Rn6lRcI8xWT2uJVhdssC4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/de902c-3d13-47d1-a5e6-73856af49f3e/1/sVUAnD3kIcxOZ7mprkI7s13guSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.200.0/24
45.86.202.0/24
45.92.229.0/24
45.146.54.0/24
45.154.138.0/24
45.157.112.0/24
136.144.17.0/24
136.144.19.0/24
136.144.33.0/24
136.144.42.0/24
193.36.224.0/23
193.37.32.0/23
193.176.211.0/24
194.5.48.0/24
194.5.53.0/24
Signature Algorithm: sha256WithRSAEncryption
49:9f:90:cb:3e:f8:7a:e8:14:a2:26:e0:a0:1e:e8:aa:26:21:
56:98:01:90:db:93:6a:4e:c0:1d:40:a3:c6:f2:24:27:9e:e4:
05:70:15:b4:9e:2d:80:44:53:b3:fa:6c:94:60:f9:6f:7d:2a:
9e:02:c7:71:11:eb:31:e3:91:06:0e:50:59:d4:3a:18:87:62:
ab:1b:47:4e:f0:bd:c2:68:0d:8b:ce:3b:a0:09:a9:ee:0b:1f:
8d:18:97:8e:52:90:ad:f5:a2:8e:76:bb:41:e0:f6:31:55:2f:
d8:3c:b4:de:8c:50:18:a9:73:9d:7e:8f:98:4d:b1:d1:36:0c:
d0:ea:d3:42:63:9e:ae:9b:0b:1f:58:6a:3a:de:d8:49:e4:36:
23:e3:87:f7:ea:da:12:cb:e7:29:3b:51:a0:f9:13:69:bd:44:
c5:81:ee:c5:c2:36:8d:25:68:b3:01:f4:17:48:fb:9e:ca:34:
59:55:2f:99:29:ae:bb:24:18:ee:44:0a:74:06:53:8f:9f:8c:
43:82:72:19:4b:21:e7:7b:ff:00:04:cb:d0:89:78:2d:7d:da:
e6:6c:cd:9b:e4:ec:b1:38:83:f7:de:89:87:c5:16:f3:3e:10:
65:e7:28:fd:e5:a9:36:8b:59:cd:5a:ee:f9:68:8e:e0:97:52:
af:63:0e:08
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZjgw32gnI4TjoDoZmBPNhctMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxNTUwMDljM2RlNDIxY2M0ZTY3YjlhOWFlNDIzYmIzNWRl
MGI5MjYwHhcNMjUwODI1MTAyNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMWU4MDJhYjk0NjdlYTU0NWMyM2NjNTY0ZjZiODk1NjE3NmNiMDJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArpTq3yQyvVGObJYqKC/wzLIo5x5C
VUz07iGEykuNl0+7ooa7hCUqax6MbDyC3NDWUkEgDeDHNil0b705j/ox6kW9A9vP
4D5OlbVjDrtR1nynzEdGVvyDV94czLgIk+f72cQy6Zdjq8wb5B2UELEbjkUXN5BX
rz/WGg6c7P7yAWhUpEi8dTfkMi0NhpwnsrYUYYUP35iQ5axiq2YkXnyHo6EjeDAt
FTC0T/mowQdm6eK4lXOitazOuPV2MAwGJEUjTXqMCFb4fvJZ97m25dJMlDXlzuJS
9nASfdh+kY7j6T7eZTdacBAZdZ3sLh2xyWUXbjqw2Yty+n0VdmoCV0iHXwIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFCHoAquUZ+pUXCPMVk9riVYXbLAuMB8GA1UdIwQY
MBaAFLFVAJw95CHMTme5qa5CO7Nd4LkmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYt
NzM4NTZhZjQ5ZjNlLzEvSWVnQ3E1Um42bFJjSTh4V1QydUpWaGRzc0M0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kZTkwMmMtM2QxMy00N2QxLWE1ZTYtNzM4NTZhZjQ5ZjNl
LzEvc1ZVQW5EM2tJY3hPWjdtcHJrSTdzMTNndVNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQALVbIAwQA
LVbKAwQALVzlAwQALZI2AwQALZqKAwQALZ1wAwQAiJARAwQAiJATAwQAiJAhAwQA
iJAqAwQBwSTgAwQBwSUgAwQAwbDTAwQAwgUwAwQAwgU1MA0GCSqGSIb3DQEBCwUA
A4IBAQBJn5DLPvh66BSiJuCgHuiqJiFWmAGQ25NqTsAdQKPG8iQnnuQFcBW0ni2A
RFOz+myUYPlvfSqeAsdxEesx45EGDlBZ1DoYh2KrG0dO8L3CaA2LzjugCanuCx+N
GJeOUpCt9aKOdrtB4PYxVS/YPLTejFAYqXOdfo+YTbHRNgzQ6tNCY56umwsfWGo6
3thJ5DYj44f36toSy+cpO1Gg+RNpvUTFge7FwjaNJWizAfQXSPueyjRZVS+ZKa67
JBjuRAp0BlOPn4xDgnIZSyHne/8ABMvQiXgtfdrmbM2b5OyxOIP33omHxRbzPhBl
5yj95ak2i1nNWu75aI7gl1KvYw4I
-----END CERTIFICATE-----
Generated at Fri Sep 5 22:17:05 2025 by rpki-client