Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/_gmVRSrmGFGz08Wzh-YVxW9qIoQ.roa
File: _gmVRSrmGFGz08Wzh-YVxW9qIoQ.roa (raw, json)
Hash identifier: YfSn9GarNCCzvXX+2Du0PUha8FiujUpkLLPl3MzN4Ic=
Subject key identifier: FE:09:95:45:2A:E6:18:51:B3:D3:C5:B3:87:E6:15:C5:6F:6A:22:84
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 019A02ECC6FDC1D0036C4BAED57258CEA3AA
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/_gmVRSrmGFGz08Wzh-YVxW9qIoQ.roa
Signing time: Mon 20 Oct 2025 18:41:03 +0000
ROA not before: Mon 20 Oct 2025 18:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 45.137.155.0/24 maxlen: 24
45.153.229.0/24 maxlen: 24
45.153.230.0/24 maxlen: 24
193.38.54.0/24 maxlen: 24
193.38.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 12:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:02:ec:c6:fd:c1:d0:03:6c:4b:ae:d5:72:58:ce:a3:aa
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Oct 20 18:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fe0995452ae61851b3d3c5b387e615c56f6a2284
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:b0:b0:c8:bc:f3:08:96:f2:1f:6d:c5:8c:42:
17:ca:43:1a:ef:db:d5:ad:12:6c:62:c7:1b:e1:db:
b8:90:40:21:38:b0:bb:37:e9:85:f7:e8:ef:bf:73:
e4:69:32:3d:15:20:60:ad:a8:5c:fd:85:92:fd:38:
74:6a:8c:c7:ad:0a:5e:4c:76:c6:68:7c:1b:61:0a:
5e:cf:35:e7:b3:02:8d:c5:a4:0b:ec:a2:b9:39:e9:
fa:a1:f2:9b:70:b4:a6:ec:ba:9f:1e:a4:8b:7b:c8:
73:b9:53:30:b7:20:49:d7:74:77:62:1b:ed:62:37:
61:c2:fc:75:05:42:c3:0f:75:2b:75:71:c7:7b:d6:
14:48:f6:39:38:a6:d7:8b:72:73:db:2e:16:2d:e8:
b0:58:71:89:64:43:1e:8b:38:15:81:6d:8a:02:d8:
c2:c0:43:db:a0:46:11:de:72:04:86:a8:0d:13:8e:
2b:12:e4:16:22:1c:7d:df:b8:e2:60:75:1f:84:92:
43:86:9a:c3:aa:ff:53:a7:1a:18:ac:f0:09:6a:d0:
3a:7b:7d:c1:2d:b2:e4:2f:5d:27:9e:53:a0:36:94:
55:e2:97:92:9b:ac:54:d1:45:a4:4a:d9:0f:c9:48:
d8:ce:7f:67:34:fd:56:34:11:11:6f:a2:18:13:04:
f6:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:09:95:45:2A:E6:18:51:B3:D3:C5:B3:87:E6:15:C5:6F:6A:22:84
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/_gmVRSrmGFGz08Wzh-YVxW9qIoQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.137.155.0/24
45.153.229.0-45.153.230.255
193.38.54.0/23
Signature Algorithm: sha256WithRSAEncryption
1e:08:db:16:97:ba:91:5c:83:5f:73:01:71:b5:4a:2a:b3:7b:
ff:aa:e6:2f:a5:59:5b:c6:dc:4b:22:d1:d6:eb:cc:70:ab:f4:
0d:80:81:ff:68:c2:f4:e4:7d:25:ac:71:ac:6c:48:77:c7:ab:
8f:41:81:04:95:8e:be:5e:b2:a1:78:65:b0:7d:48:c5:92:66:
f4:84:5b:a3:01:69:7f:55:ad:49:2a:55:36:d6:e2:f3:82:d5:
7d:de:5b:40:ce:e3:ae:71:17:0c:80:95:0d:fe:3a:a1:44:63:
2a:0a:94:7b:3f:77:b3:ba:fd:6f:5f:12:5e:a4:45:3f:b1:41:
d5:f7:dd:64:c1:cc:84:e3:cd:ed:36:6e:52:45:35:ac:67:87:
bc:41:15:8e:8e:01:34:9f:c3:7d:23:09:8b:f1:60:ef:7f:d8:
1a:aa:8b:a7:f3:ca:95:c3:82:9e:4e:17:52:fe:33:c4:b5:83:
32:7e:c7:4a:49:db:dc:ea:9c:80:7f:35:c2:a7:63:ae:a8:a7:
d3:14:85:d8:d0:c8:87:ca:a0:85:a4:12:8a:e9:3b:ef:e6:b2:
69:ee:3b:b0:7f:4a:bd:69:b0:d9:c0:7e:27:5b:e1:df:3e:23:
49:7a:ce:e2:b2:f7:f1:b5:db:7b:f3:c6:4e:fc:bd:08:26:78:
ee:f5:d4:32
-----BEGIN CERTIFICATE-----
MIIFETCCA/mgAwIBAgISAZoC7Mb9wdADbEuu1XJYzqOqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUxMDIwMTg0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZTA5OTU0NTJhZTYxODUxYjNkM2M1YjM4N2U2MTVjNTZmNmEyMjg0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbCwyLzzCJbyH23FjEIXykMa79vV
rRJsYscb4du4kEAhOLC7N+mF9+jvv3PkaTI9FSBgrahc/YWS/Th0aozHrQpeTHbG
aHwbYQpezzXnswKNxaQL7KK5Oen6ofKbcLSm7LqfHqSLe8hzuVMwtyBJ13R3Yhvt
Yjdhwvx1BULDD3UrdXHHe9YUSPY5OKbXi3Jz2y4WLeiwWHGJZEMeizgVgW2KAtjC
wEPboEYR3nIEhqgNE44rEuQWIhx937jiYHUfhJJDhprDqv9TpxoYrPAJatA6e33B
LbLkL10nnlOgNpRV4peSm6xU0UWkStkPyUjYzn9nNP1WNBERb6IYEwT2cwIDAQAB
o4ICHTCCAhkwHQYDVR0OBBYEFP4JlUUq5hhRs9PFs4fmFcVvaiKEMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvX2dtVlJTcm1HRkd6MDhXemgtWVZ4VzlxSW9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDMGCCsGAQUFBwEHAQH/BCQwIjAgBAIAATAaAwQALYmbMAwD
BAAtmeUDBAAtmeYDBAHBJjYwDQYJKoZIhvcNAQELBQADggEBAB4I2xaXupFcg19z
AXG1Siqze/+q5i+lWVvG3Esi0dbrzHCr9A2Agf9owvTkfSWscaxsSHfHq49BgQSV
jr5esqF4ZbB9SMWSZvSEW6MBaX9VrUkqVTbW4vOC1X3eW0DO465xFwyAlQ3+OqFE
YyoKlHs/d7O6/W9fEl6kRT+xQdX33WTBzITjze02blJFNaxnh7xBFY6OATSfw30j
CYvxYO9/2Bqqi6fzypXDgp5OF1L+M8S1gzJ+x0pJ29zqnIB/NcKnY66op9MUhdjQ
yIfKoIWkEorpO+/msmnuO7B/Sr1psNnAfidb4d8+I0l6zuKy9/G123vzxk78vQgm
eO711DI=
-----END CERTIFICATE-----
Generated at Tue Oct 21 22:37:21 2025 by rpki-client