Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/tR3TEHFvvR2VitMXj_cHb7YQRIY.roa
File: tR3TEHFvvR2VitMXj_cHb7YQRIY.roa (raw, json)
Hash identifier: cxy/9j+hAy+nwst2XkcuokO4fIuUh2+sQrbLfBWLSSg=
Subject key identifier: B5:1D:D3:10:71:6F:BD:1D:95:8A:D3:17:8F:F7:07:6F:B6:10:44:86
Certificate issuer: /CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Certificate serial: 019A6D4F7F7ABD3008F4535A180DCB4652BE
Authority key identifier: 98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/tR3TEHFvvR2VitMXj_cHb7YQRIY.roa
Signing time: Mon 10 Nov 2025 10:28:37 +0000
ROA not before: Mon 10 Nov 2025 10:28:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56958
IP address blocks: 45.130.16.0/22 maxlen: 22
45.142.228.0/22 maxlen: 22
178.211.133.0/24 maxlen: 24
185.237.234.0/23 maxlen: 23
201.46.112.0/23 maxlen: 23
2a12:d280::/31 maxlen: 31
2a12:d282::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.mft
rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 09:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:6d:4f:7f:7a:bd:30:08:f4:53:5a:18:0d:cb:46:52:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=98eb33c2cefb5da34607b00b5005e44b75524a1f
Validity
Not Before: Nov 10 10:28:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b51dd310716fbd1d958ad3178ff7076fb6104486
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:88:fb:87:16:0b:a6:43:d6:06:39:0d:78:a0:
4f:1f:dd:0c:3c:01:e0:f3:99:2f:6a:fb:d9:41:32:
49:9a:2c:a4:19:f1:99:52:1f:0b:63:40:a8:d7:50:
bf:7a:4b:80:e2:3b:e5:b0:42:df:7e:b9:a5:b5:1d:
9b:d2:ee:ed:22:d2:a6:1a:0d:6a:f2:a1:e6:00:d1:
8e:72:9b:90:1f:43:a9:c5:00:f7:09:6c:5f:3c:41:
37:7d:a9:04:14:f6:67:e7:57:26:86:b8:c8:6b:0b:
b3:f9:b7:42:fa:38:10:f8:d1:b8:ae:ff:3e:5d:7f:
fc:76:0a:ab:39:10:ae:05:73:72:46:bd:b9:7c:23:
71:56:09:f8:b5:2f:f5:36:07:49:d1:3b:78:26:d4:
ad:c5:e0:94:26:4b:79:f6:e9:9e:d9:89:e9:d9:57:
22:28:0d:a4:1b:f3:bf:18:b5:ba:3c:e3:ba:28:60:
68:0a:d9:f8:0d:d6:0d:bc:db:0a:f4:f1:a7:2f:f6:
4a:66:6f:b1:df:bc:4b:39:7c:53:4f:e7:5c:b5:4b:
5b:f6:9b:42:a5:83:37:f5:8c:0d:b9:fe:5f:15:6d:
da:43:21:38:4b:06:1c:ed:77:ab:ce:b8:c5:66:73:
e1:7f:38:80:85:c2:b4:72:1e:21:1f:3d:96:68:50:
fc:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:1D:D3:10:71:6F:BD:1D:95:8A:D3:17:8F:F7:07:6F:B6:10:44:86
X509v3 Authority Key Identifier:
keyid:98:EB:33:C2:CE:FB:5D:A3:46:07:B0:0B:50:05:E4:4B:75:52:4A:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mOszws77XaNGB7ALUAXkS3VSSh8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/tR3TEHFvvR2VitMXj_cHb7YQRIY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/76b1d3-4fd9-46cf-83e6-20c4dc1e4a77/1/mOszws77XaNGB7ALUAXkS3VSSh8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.130.16.0/22
45.142.228.0/22
178.211.133.0/24
185.237.234.0/23
201.46.112.0/23
IPv6:
2a12:d280::/30
Signature Algorithm: sha256WithRSAEncryption
76:1f:80:d6:93:20:b0:7a:7d:0e:d3:50:dd:35:dc:68:8c:47:
90:fc:3c:9b:c6:a6:64:c0:41:57:4b:b1:3e:d8:6e:46:6f:cd:
6a:29:c7:e1:8e:88:fa:20:96:1b:15:06:0a:84:36:0d:10:d1:
21:c3:c3:0f:f1:8c:7d:64:dd:20:cb:10:04:61:27:45:84:a0:
09:c8:69:20:33:e9:0a:1a:38:f3:fb:64:ac:14:eb:7b:7f:4d:
15:69:be:5f:5c:76:6e:66:70:10:d2:8d:4e:aa:88:52:7d:ed:
1c:9d:40:61:9a:f9:36:66:39:a5:c8:bf:31:7b:c4:b6:a6:2f:
59:2d:ed:44:9f:22:18:bb:88:d1:32:9e:d2:cc:88:f0:85:ab:
55:62:32:fe:50:b7:6f:79:42:a3:14:57:aa:85:af:01:a7:76:
4c:cc:03:f5:36:3a:bf:17:44:65:5a:a9:ce:3e:fe:6b:0c:be:
6c:5f:4d:33:7a:d0:00:6b:6d:91:27:43:95:55:bd:41:32:27:
6a:db:65:9f:8c:a6:15:00:36:e8:c2:53:2f:66:ea:3c:65:bc:
e2:9e:91:47:9c:16:ec:c5:cb:fc:6a:32:d0:ea:0c:e7:c9:87:
8e:bd:cb:a8:d1:7d:70:06:f2:75:d6:4d:a3:df:c0:6e:39:8e:
61:ab:f2:bb
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZptT396vTAI9FNaGA3LRlK+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4ZWIzM2MyY2VmYjVkYTM0NjA3YjAwYjUwMDVlNDRiNzU1
MjRhMWYwHhcNMjUxMTEwMTAyODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTFkZDMxMDcxNmZiZDFkOTU4YWQzMTc4ZmY3MDc2ZmI2MTA0NDg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApYj7hxYLpkPWBjkNeKBPH90MPAHg
85kvavvZQTJJmiykGfGZUh8LY0Co11C/ekuA4jvlsELffrmltR2b0u7tItKmGg1q
8qHmANGOcpuQH0OpxQD3CWxfPEE3fakEFPZn51cmhrjIawuz+bdC+jgQ+NG4rv8+
XX/8dgqrORCuBXNyRr25fCNxVgn4tS/1NgdJ0Tt4JtStxeCUJkt59ume2Ynp2Vci
KA2kG/O/GLW6POO6KGBoCtn4DdYNvNsK9PGnL/ZKZm+x37xLOXxTT+dctUtb9ptC
pYM39YwNuf5fFW3aQyE4SwYc7XerzrjFZnPhfziAhcK0ch4hHz2WaFD8pQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFLUd0xBxb70dlYrTF4/3B2+2EESGMB8GA1UdIwQY
MBaAFJjrM8LO+12jRgewC1AF5Et1UkofMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYt
MjBjNGRjMWU0YTc3LzEvdFIzVEVIRnZ2UjJWaXRNWGpfY0hiN1lRUklZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi83NmIxZDMtNGZkOS00NmNmLTgzZTYtMjBjNGRjMWU0YTc3
LzEvbU9zendzNzdYYU5HQjdBTFVBWGtTM1ZTU2g4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQCLYIQAwQC
LY7kAwQAstOFAwQBue3qAwQByS5wMA0EAgACMAcDBQIqEtKAMA0GCSqGSIb3DQEB
CwUAA4IBAQB2H4DWkyCwen0O01DdNdxojEeQ/DybxqZkwEFXS7E+2G5Gb81qKcfh
joj6IJYbFQYKhDYNENEhw8MP8Yx9ZN0gyxAEYSdFhKAJyGkgM+kKGjjz+2SsFOt7
f00Vab5fXHZuZnAQ0o1OqohSfe0cnUBhmvk2ZjmlyL8xe8S2pi9ZLe1EnyIYu4jR
Mp7SzIjwhatVYjL+ULdveUKjFFeqha8Bp3ZMzAP1Njq/F0RlWqnOPv5rDL5sX00z
etAAa22RJ0OVVb1BMidq22WfjKYVADbowlMvZuo8ZbzinpFHnBbsxcv8ajLQ6gzn
yYeOvcuo0X1wBvJ11k2j38BuOY5hq/K7
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:47:53 2025 by rpki-client