Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o97Vn8U48n2nM3fxJpR3gIlOOzI.roa
File: o97Vn8U48n2nM3fxJpR3gIlOOzI.roa (raw, json)
Hash identifier: hTlGE4dV+nil2k6wrq0SR81Yy8YNzMTAZkanu6ESP5c=
Subject key identifier: A3:DE:D5:9F:C5:38:F2:7D:A7:33:77:F1:26:94:77:80:89:4E:3B:32
Certificate issuer: /CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Certificate serial: 019A73F0E2613578A6274B23136388FEAEF4
Authority key identifier: 60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o97Vn8U48n2nM3fxJpR3gIlOOzI.roa
Signing time: Tue 11 Nov 2025 17:22:37 +0000
ROA not before: Tue 11 Nov 2025 17:22:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 45.90.16.0/24 maxlen: 24
45.90.17.0/24 maxlen: 24
45.131.134.0/24 maxlen: 24
185.108.204.0/24 maxlen: 24
185.126.82.0/24 maxlen: 24
185.199.54.0/24 maxlen: 24
185.199.158.0/24 maxlen: 24
185.199.159.0/24 maxlen: 24
185.206.251.0/24 maxlen: 24
185.209.38.0/24 maxlen: 24
185.209.73.0/24 maxlen: 24
185.209.74.0/24 maxlen: 24
185.209.75.0/24 maxlen: 24
185.210.233.0/24 maxlen: 24
185.210.235.0/24 maxlen: 24
185.214.108.0/24 maxlen: 24
185.218.20.0/24 maxlen: 24
185.218.101.0/24 maxlen: 24
185.220.248.0/24 maxlen: 24
185.220.249.0/24 maxlen: 24
185.220.250.0/23 maxlen: 24
185.221.20.0/24 maxlen: 24
185.222.28.0/24 maxlen: 24
185.222.29.0/24 maxlen: 24
185.223.80.0/24 maxlen: 24
185.223.82.0/24 maxlen: 24
185.223.155.0/24 maxlen: 24
185.225.0.0/23 maxlen: 23
185.225.1.0/24 maxlen: 24
185.225.2.0/24 maxlen: 24
185.225.3.0/24 maxlen: 24
185.226.104.0/24 maxlen: 24
185.226.107.0/24 maxlen: 24
185.227.144.0/24 maxlen: 24
185.227.146.0/23 maxlen: 24
185.227.147.0/24 maxlen: 24
185.228.75.0/24 maxlen: 24
185.232.206.0/24 maxlen: 24
185.246.112.0/24 maxlen: 24
193.8.112.0/23 maxlen: 24
193.8.112.0/24 maxlen: 24
193.8.114.0/24 maxlen: 24
193.58.146.0/23 maxlen: 24
193.58.146.0/24 maxlen: 24
194.5.64.0/24 maxlen: 24
194.5.67.0/24 maxlen: 24
194.76.169.0/24 maxlen: 24
194.76.172.0/24 maxlen: 24
194.124.69.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 16 Nov 2025 15:37:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:73:f0:e2:61:35:78:a6:27:4b:23:13:63:88:fe:ae:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=606784c105085b9d6ad5f73a03b20d9a5c114caf
Validity
Not Before: Nov 11 17:22:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3ded59fc538f27da73377f126947780894e3b32
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a3:a5:60:2a:fd:65:6c:cc:a5:48:52:a2:23:81:
8e:c9:2d:fc:90:34:79:8a:63:04:27:1a:f1:b6:b9:
04:d8:04:75:3b:fe:e6:40:75:fc:c2:92:c2:44:c3:
a6:93:a3:1e:48:e8:aa:e1:a6:71:ff:df:b6:0d:79:
cb:62:7b:18:81:4f:8f:d8:1e:75:72:91:91:86:53:
3e:e6:8a:cf:2f:e0:f8:20:fb:68:16:26:2c:0e:42:
b2:15:c5:c0:a1:2f:63:7f:e0:1f:3f:ca:3b:c4:d1:
05:cc:b6:cb:93:b1:a8:33:33:d9:d2:cd:e7:5b:20:
c3:bc:d4:aa:85:74:bc:f4:6d:4c:c5:f3:b2:ca:a1:
63:0a:72:b0:15:b4:c2:7d:6b:b8:86:70:94:98:7e:
89:ef:18:1e:8d:87:27:48:dc:57:58:fa:c5:5d:5c:
be:11:b7:50:b6:df:e1:89:81:c3:1e:65:80:8d:29:
7d:de:c1:16:7a:89:b6:ab:f7:6b:fc:dc:4b:3d:5d:
f8:3d:37:3e:9f:27:e5:b9:82:f7:20:18:59:52:94:
49:09:6c:ff:44:47:5a:06:53:60:85:de:8e:05:74:
e8:f9:f5:20:f0:b7:59:41:63:59:91:3b:f1:1c:9b:
88:7e:20:1d:b0:d3:a2:05:2d:c2:e0:12:c8:5c:35:
a2:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:DE:D5:9F:C5:38:F2:7D:A7:33:77:F1:26:94:77:80:89:4E:3B:32
X509v3 Authority Key Identifier:
keyid:60:67:84:C1:05:08:5B:9D:6A:D5:F7:3A:03:B2:0D:9A:5C:11:4C:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YGeEwQUIW51q1fc6A7INmlwRTK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/o97Vn8U48n2nM3fxJpR3gIlOOzI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/2b834e-bad2-49ff-ba38-b4342ba91abc/1/YGeEwQUIW51q1fc6A7INmlwRTK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.90.16.0/23
45.131.134.0/24
185.108.204.0/24
185.126.82.0/24
185.199.54.0/24
185.199.158.0/23
185.206.251.0/24
185.209.38.0/24
185.209.73.0-185.209.75.255
185.210.233.0/24
185.210.235.0/24
185.214.108.0/24
185.218.20.0/24
185.218.101.0/24
185.220.248.0/22
185.221.20.0/24
185.222.28.0/23
185.223.80.0/24
185.223.82.0/24
185.223.155.0/24
185.225.0.0/22
185.226.104.0/24
185.226.107.0/24
185.227.144.0/24
185.227.146.0/23
185.228.75.0/24
185.232.206.0/24
185.246.112.0/24
193.8.112.0-193.8.114.255
193.58.146.0/23
194.5.64.0/24
194.5.67.0/24
194.76.169.0/24
194.76.172.0/24
194.124.69.0/24
Signature Algorithm: sha256WithRSAEncryption
75:71:ec:34:db:73:f5:45:5e:3a:a3:d1:4d:3f:e8:1b:14:7a:
2b:85:9a:84:01:90:0d:e8:ab:96:65:62:4a:06:a8:13:96:ab:
d2:b0:4c:37:ec:99:68:a3:a1:ee:13:31:0b:4e:03:75:5b:0b:
65:f8:d9:ec:7a:b1:5c:ab:71:7a:b5:83:d3:c0:02:b5:60:41:
b1:da:2e:07:b2:fb:4f:52:26:97:17:85:d2:b5:03:ca:85:de:
33:4b:66:1e:e8:22:7f:71:06:00:52:2d:75:16:15:1e:f0:75:
c7:12:73:67:65:c4:c5:b5:90:83:d8:bb:6a:ad:b1:3c:dd:1f:
90:f8:d6:3b:d2:99:16:1f:8d:28:ec:b1:a8:a7:f8:58:89:7e:
3c:80:6b:df:18:48:cc:dd:4c:67:bc:1d:82:32:2c:04:2b:22:
ad:c5:f7:9b:df:b4:c1:ad:f4:66:b8:50:0b:80:36:be:88:46:
2b:e5:bb:33:6c:25:15:10:ff:90:28:1e:80:ae:2b:83:95:f6:
41:31:c6:57:e5:59:a1:8b:53:d9:42:c1:cc:f4:de:da:7d:0c:
27:b1:ae:e9:18:e3:6c:ed:3a:1c:5a:c6:5d:61:96:bd:e1:43:
07:34:cc:99:f4:71:c0:07:6a:e0:ff:9a:ba:bd:59:89:b5:a8:
b6:fd:d2:e2
-----BEGIN CERTIFICATE-----
MIIF3jCCBMagAwIBAgISAZpz8OJhNXimJ0sjE2OI/q70MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwNjc4NGMxMDUwODViOWQ2YWQ1ZjczYTAzYjIwZDlhNWMx
MTRjYWYwHhcNMjUxMTExMTcyMjM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhM2RlZDU5ZmM1MzhmMjdkYTczMzc3ZjEyNjk0Nzc4MDg5NGUzYjMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAo6VgKv1lbMylSFKiI4GOyS38kDR5
imMEJxrxtrkE2AR1O/7mQHX8wpLCRMOmk6MeSOiq4aZx/9+2DXnLYnsYgU+P2B51
cpGRhlM+5orPL+D4IPtoFiYsDkKyFcXAoS9jf+AfP8o7xNEFzLbLk7GoMzPZ0s3n
WyDDvNSqhXS89G1MxfOyyqFjCnKwFbTCfWu4hnCUmH6J7xgejYcnSNxXWPrFXVy+
EbdQtt/hiYHDHmWAjSl93sEWeom2q/dr/NxLPV34PTc+nyfluYL3IBhZUpRJCWz/
REdaBlNghd6OBXTo+fUg8LdZQWNZkTvxHJuIfiAdsNOiBS3C4BLIXDWi3QIDAQAB
o4IC6jCCAuYwHQYDVR0OBBYEFKPe1Z/FOPJ9pzN38SaUd4CJTjsyMB8GA1UdIwQY
MBaAFGBnhMEFCFudatX3OgOyDZpcEUyvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgt
YjQzNDJiYTkxYWJjLzEvbzk3Vm44VTQ4bjJuTTNmeEpwUjNnSWxPT3pJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC8yYjgzNGUtYmFkMi00OWZmLWJhMzgtYjQzNDJiYTkxYWJj
LzEvWUdlRXdRVUlXNTFxMWZjNkE3SU5tbHdSVEs4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH/BggrBgEFBQcBBwEB/wSB7zCB7DCB6QQCAAEwgeIDBAEt
WhADBAAtg4YDBAC5bMwDBAC5flIDBAC5xzYDBAG5x54DBAC5zvsDBAC50SYwDAME
ALnRSQMEArnRSAMEALnS6QMEALnS6wMEALnWbAMEALnaFAMEALnaZQMEArnc+AME
ALndFAMEAbneHAMEALnfUAMEALnfUgMEALnfmwMEArnhAAMEALniaAMEALniawME
ALnjkAMEAbnjkgMEALnkSwMEALnozgMEALn2cDAMAwQEwQhwAwQAwQhyAwQBwTqS
AwQAwgVAAwQAwgVDAwQAwkypAwQAwkysAwQAwnxFMA0GCSqGSIb3DQEBCwUAA4IB
AQB1cew023P1RV46o9FNP+gbFHorhZqEAZAN6KuWZWJKBqgTlqvSsEw37Jloo6Hu
EzELTgN1Wwtl+NnserFcq3F6tYPTwAK1YEGx2i4HsvtPUiaXF4XStQPKhd4zS2Ye
6CJ/cQYAUi11FhUe8HXHEnNnZcTFtZCD2LtqrbE83R+Q+NY70pkWH40o7LGop/hY
iX48gGvfGEjM3UxnvB2CMiwEKyKtxfeb37TBrfRmuFALgDa+iEYr5bszbCUVEP+Q
KB6AriuDlfZBMcZX5Vmhi1PZQsHM9N7afQwnsa7pGONs7TocWsZdYZa94UMHNMyZ
9HHAB2rg/5q6vVmJtai2/dLi
-----END CERTIFICATE-----
Generated at Sat Nov 15 23:03:34 2025 by rpki-client