Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ihuVfIZiKoCUqlRgbxe1hkhkOfg.roa
File: ihuVfIZiKoCUqlRgbxe1hkhkOfg.roa (raw, json)
Hash identifier: yUB6Y4sr8ES8Ky6M6fLnd2Qt8k7kmJzxctcPYJ8AS3w=
Subject key identifier: 8A:1B:95:7C:86:62:2A:80:94:AA:54:60:6F:17:B5:86:48:64:39:F8
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019A0C1AEF1C57D44E8AAACB0819ECDBFF03
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ihuVfIZiKoCUqlRgbxe1hkhkOfg.roa
Signing time: Wed 22 Oct 2025 13:28:03 +0000
ROA not before: Wed 22 Oct 2025 13:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.233.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.34.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.217.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.230.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0c:1a:ef:1c:57:d4:4e:8a:aa:cb:08:19:ec:db:ff:03
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Oct 22 13:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a1b957c86622a8094aa54606f17b586486439f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8e:42:36:f4:66:7e:22:92:22:02:c3:13:f9:f0:
16:e9:67:cc:34:2a:22:18:13:00:11:36:4a:7f:55:
77:01:19:7d:5e:09:b2:44:c1:49:1a:0c:76:0d:1a:
34:2e:36:11:79:46:21:a5:7c:2e:d9:36:e1:27:94:
5d:52:0d:6b:81:86:a6:61:cd:da:5a:c8:01:1a:0b:
60:2f:ad:f5:9e:32:85:a4:a5:0a:bb:3d:e3:0d:5d:
80:f2:43:cd:ad:06:d2:5b:00:a6:05:7d:3b:b7:2d:
d4:40:ff:2b:78:51:16:5a:f2:e8:af:4c:cb:c2:7a:
5d:ed:ac:8d:2c:fa:08:0f:d8:2c:d3:88:96:79:68:
ae:f0:90:5d:c9:a5:6d:60:74:00:1f:b5:18:66:73:
e8:28:53:92:dc:71:97:fa:b7:ae:e6:98:87:e9:52:
49:88:1e:a3:1d:64:13:43:cc:42:fb:08:69:e0:2e:
39:c6:7d:49:0a:ce:c5:9b:f4:9c:7d:e7:9a:0c:41:
0d:0e:16:22:69:9f:a0:7e:ac:c1:07:4d:bd:ae:b7:
22:86:29:82:05:5d:17:d0:99:b2:d8:e9:8b:18:83:
6d:20:43:10:9d:44:17:b5:f3:c4:bf:2c:79:ad:61:
72:25:17:b5:ba:47:6b:54:5e:c2:fc:db:52:60:51:
c3:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:1B:95:7C:86:62:2A:80:94:AA:54:60:6F:17:B5:86:48:64:39:F8
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ihuVfIZiKoCUqlRgbxe1hkhkOfg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.233.0-45.141.234.255
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0-91.92.35.255
91.92.40.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.207.0/24
93.152.210.0/23
93.152.214.0-93.152.218.255
93.152.221.0-93.152.224.255
93.152.226.0/23
93.152.230.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:a7:57:33:62:43:ad:c5:6e:86:9d:cb:82:80:11:46:00:40:
c6:10:77:11:64:e8:94:1f:8b:11:d1:24:e2:9d:35:24:34:86:
87:5e:5d:20:9e:f4:57:d5:85:19:5c:1f:1b:aa:03:f8:d1:64:
2e:78:62:b0:92:73:93:f3:21:52:f3:ee:6f:03:0d:ea:96:c5:
f7:a3:d4:ce:5b:3f:64:8a:25:28:d0:6c:7e:8d:db:fc:a7:fa:
54:f4:04:77:65:8a:b9:62:fb:b2:0b:ba:df:a5:94:c0:61:26:
2b:71:b4:d1:12:14:53:86:fd:25:ae:38:da:e9:74:0a:82:ee:
6f:a6:5c:07:25:50:89:4d:32:26:fc:94:5f:43:90:6d:18:7e:
27:f8:30:d3:1e:d2:da:78:c7:3c:74:bd:c0:34:c0:f1:2d:02:
fb:18:43:96:eb:d9:ff:21:0f:65:eb:e1:7c:63:84:78:a1:d1:
c3:bf:d2:18:b0:df:c5:58:e2:04:a7:92:4c:67:ec:1a:e9:8b:
ec:02:ed:96:da:f1:bb:d0:f5:91:66:fa:64:a2:75:2f:f7:86:
72:24:5d:8e:95:3a:47:c8:ec:5a:49:52:03:3c:5d:d6:c7:d6:
59:1d:d2:75:1d:1c:4c:0d:77:c9:65:89:08:e8:60:56:26:db:
d4:0f:80:60
-----BEGIN CERTIFICATE-----
MIIFxjCCBK6gAwIBAgISAZoMGu8cV9ROiqrLCBns2/8DMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUxMDIyMTMyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTFiOTU3Yzg2NjIyYTgwOTRhYTU0NjA2ZjE3YjU4NjQ4NjQzOWY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjkI29GZ+IpIiAsMT+fAW6WfMNCoi
GBMAETZKf1V3ARl9XgmyRMFJGgx2DRo0LjYReUYhpXwu2TbhJ5RdUg1rgYamYc3a
WsgBGgtgL631njKFpKUKuz3jDV2A8kPNrQbSWwCmBX07ty3UQP8reFEWWvLor0zL
wnpd7ayNLPoID9gs04iWeWiu8JBdyaVtYHQAH7UYZnPoKFOS3HGX+reu5piH6VJJ
iB6jHWQTQ8xC+whp4C45xn1JCs7Fm/ScfeeaDEENDhYiaZ+gfqzBB029rrcihimC
BV0X0Jmy2OmLGINtIEMQnUQXtfPEvyx5rWFyJRe1ukdrVF7C/NtSYFHDVwIDAQAB
o4IC0jCCAs4wHQYDVR0OBBYEFIoblXyGYiqAlKpUYG8XtYZIZDn4MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvaWh1VmZJWmlLb0NVcWxSZ2J4ZTFoa2hrT2ZnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHnBggrBgEFBQcBBwEB/wSB1zCB1DCB0QQCAAEwgcowDAME
AC2N6QMEAC2N6gMEAU6fgAMEAE6fgwMEAk6fiDAMAwQATp+VAwQATp+WAwQDTp+Y
MAwDBABbXCEDBAJbXCAwDAMEA1tcKAMEAFtcLjAMAwQAW1wxAwQBW1w0AwQAXZjP
AwQBXZjSMAwDBAFdmNYDBABdmNowDAMEAF2Y3QMEAF2Y4AMEAV2Y4gMEAF2Y5gME
AV4aHAMEAl4aTDAMAwQAXhpZAwQAXhpaAwQAXr7DAwQBuWD8AwQAuWD/AwQA1GZp
AwQA1GZrMA0GCSqGSIb3DQEBCwUAA4IBAQCpp1czYkOtxW6GncuCgBFGAEDGEHcR
ZOiUH4sR0STinTUkNIaHXl0gnvRX1YUZXB8bqgP40WQueGKwknOT8yFS8+5vAw3q
lsX3o9TOWz9kiiUo0Gx+jdv8p/pU9AR3ZYq5YvuyC7rfpZTAYSYrcbTREhRThv0l
rjja6XQKgu5vplwHJVCJTTIm/JRfQ5BtGH4n+DDTHtLaeMc8dL3ANMDxLQL7GEOW
69n/IQ9l6+F8Y4R4odHDv9IYsN/FWOIEp5JMZ+wa6YvsAu2W2vG70PWRZvpkonUv
94ZyJF2OlTpHyOxaSVIDPF3Wx9ZZHdJ1HRxMDXfJZYkI6GBWJtvUD4Bg
-----END CERTIFICATE-----
Generated at Fri Oct 24 18:20:14 2025 by rpki-client