Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1eRGvbyDYbrM1RUC_WufHBKnjCs.roa
File: 1eRGvbyDYbrM1RUC_WufHBKnjCs.roa (raw, json)
Hash identifier: zmZnvmvyUGUizyZhcKP1AhEib8Ejosa3oXcCB+a6HuQ=
Subject key identifier: D5:E4:46:BD:BC:83:61:BA:CC:D5:15:02:FD:6B:9F:1C:12:A7:8C:2B
Certificate issuer: /CN=618478f198fe569010c3df6219142f530c4f5e56
Certificate serial: 0199BEF0B5EE4FA1849B2A856C34F80A843A
Authority key identifier: 61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1eRGvbyDYbrM1RUC_WufHBKnjCs.roa
Signing time: Tue 07 Oct 2025 13:51:10 +0000
ROA not before: Tue 07 Oct 2025 13:51:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 45.147.194.0/24 maxlen: 24
91.224.22.0/24 maxlen: 24
193.33.48.0/24 maxlen: 24
193.238.134.0/24 maxlen: 24
193.238.135.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:be:f0:b5:ee:4f:a1:84:9b:2a:85:6c:34:f8:0a:84:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618478f198fe569010c3df6219142f530c4f5e56
Validity
Not Before: Oct 7 13:51:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5e446bdbc8361baccd51502fd6b9f1c12a78c2b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:94:56:2f:2f:ec:7f:96:a6:b8:aa:96:00:c5:
ee:a2:b5:8e:6c:c0:dd:e0:01:bd:8f:06:87:f2:37:
1f:ce:15:cc:1a:0d:50:14:e8:ba:97:ca:38:0a:71:
83:14:99:48:fb:77:47:98:c1:19:a8:d8:c1:a9:72:
d3:b4:f4:49:7a:9f:1f:7e:c8:f7:6f:43:9e:f8:27:
44:cc:15:29:98:05:d7:3f:41:26:c8:33:86:65:f5:
29:46:6e:ba:c5:34:88:dd:23:bd:9c:22:d1:0d:0f:
6b:02:87:24:7b:20:c3:6f:4f:92:70:7d:24:5e:5d:
58:43:36:c6:e7:f8:52:b0:e1:4d:9e:b8:e4:c9:0e:
d4:6d:e0:78:14:dd:63:20:06:ec:23:11:15:b7:b1:
18:80:76:e6:1b:af:f2:23:3e:8c:4e:cd:ba:2d:e4:
ac:3f:7f:3b:8f:9c:41:c4:a5:45:56:f0:57:d3:8d:
c3:e3:d3:d0:6c:0c:47:76:fb:dd:2b:e2:f1:32:4a:
89:81:67:f4:38:a5:85:d4:b4:d0:98:9f:ca:71:fc:
cf:1c:b1:59:6d:8a:96:52:db:1b:25:b9:d3:44:b7:
0e:71:b4:da:bf:b1:4e:5f:10:3d:93:8d:5f:ee:98:
1f:66:6f:e8:9b:51:d3:1b:63:ed:7e:8f:cf:89:b2:
f2:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:E4:46:BD:BC:83:61:BA:CC:D5:15:02:FD:6B:9F:1C:12:A7:8C:2B
X509v3 Authority Key Identifier:
keyid:61:84:78:F1:98:FE:56:90:10:C3:DF:62:19:14:2F:53:0C:4F:5E:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYR48Zj-VpAQw99iGRQvUwxPXlY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/1eRGvbyDYbrM1RUC_WufHBKnjCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e0/53c7b8-5e4b-49fd-8c91-ba98f1122121/1/YYR48Zj-VpAQw99iGRQvUwxPXlY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.147.194.0/24
91.224.22.0/24
193.33.48.0/24
193.238.134.0/23
Signature Algorithm: sha256WithRSAEncryption
78:16:17:ba:da:6b:36:52:b2:4a:c0:b6:06:dd:a1:49:19:cf:
86:fb:5b:60:26:cd:73:42:3a:63:ff:5e:2d:a3:a7:09:bf:b9:
7e:57:79:41:dd:77:c4:35:da:3f:75:7b:de:ed:57:91:fb:c3:
48:2f:14:7c:a5:ec:cc:51:4c:82:67:75:55:20:6b:0e:29:16:
5b:7d:51:f1:a4:46:af:1c:24:3a:65:2d:2e:cd:ab:ac:19:12:
a5:b8:3a:b3:3a:de:06:f6:d7:8a:d8:18:3f:30:4b:83:4c:fb:
be:1c:9d:b2:ac:fd:dd:d2:aa:ac:d2:1c:53:69:5f:c3:66:4a:
45:d7:4e:2f:8c:80:d6:96:3d:9a:50:b5:32:08:fc:e2:1a:62:
1f:27:9d:a5:76:f8:a9:1a:73:76:df:4d:b8:b9:87:b2:ba:f4:
e9:03:bb:92:88:18:fb:31:fe:89:6a:c0:80:6e:fb:0b:f3:e8:
c3:c4:e0:72:df:5e:1f:3a:d5:9c:d8:e7:ec:3d:05:43:6b:1e:
16:c0:8d:5a:c9:fc:0c:50:4c:5b:22:d2:cf:2a:de:70:2f:1a:
24:b2:d2:6d:2d:d1:17:c5:a5:30:b2:a9:0c:30:c8:c6:97:f4:
45:c0:c9:36:3b:48:7e:ca:10:73:1a:bd:e1:87:6b:de:4e:44:
71:21:96:4b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZm+8LXuT6GEmyqFbDT4CoQ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxODQ3OGYxOThmZTU2OTAxMGMzZGY2MjE5MTQyZjUzMGM0
ZjVlNTYwHhcNMjUxMDA3MTM1MTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNWU0NDZiZGJjODM2MWJhY2NkNTE1MDJmZDZiOWYxYzEyYTc4YzJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8JRWLy/sf5amuKqWAMXuorWObMDd
4AG9jwaH8jcfzhXMGg1QFOi6l8o4CnGDFJlI+3dHmMEZqNjBqXLTtPRJep8ffsj3
b0Oe+CdEzBUpmAXXP0EmyDOGZfUpRm66xTSI3SO9nCLRDQ9rAockeyDDb0+ScH0k
Xl1YQzbG5/hSsOFNnrjkyQ7UbeB4FN1jIAbsIxEVt7EYgHbmG6/yIz6MTs26LeSs
P387j5xBxKVFVvBX043D49PQbAxHdvvdK+LxMkqJgWf0OKWF1LTQmJ/KcfzPHLFZ
bYqWUtsbJbnTRLcOcbTav7FOXxA9k41f7pgfZm/om1HTG2Ptfo/PibLyZQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFNXkRr28g2G6zNUVAv1rnxwSp4wrMB8GA1UdIwQY
MBaAFGGEePGY/laQEMPfYhkUL1MMT15WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEt
YmE5OGYxMTIyMTIxLzEvMWVSR3ZieURZYnJNMVJVQ19XdWZIQktuakNzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lMC81M2M3YjgtNWU0Yi00OWZkLThjOTEtYmE5OGYxMTIyMTIx
LzEvWVlSNDhaai1WcEFRdzk5aUdSUXZVd3hQWGxZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQALZPCAwQA
W+AWAwQAwSEwAwQBwe6GMA0GCSqGSIb3DQEBCwUAA4IBAQB4Fhe62ms2UrJKwLYG
3aFJGc+G+1tgJs1zQjpj/14to6cJv7l+V3lB3XfENdo/dXve7VeR+8NILxR8pezM
UUyCZ3VVIGsOKRZbfVHxpEavHCQ6ZS0uzausGRKluDqzOt4G9teK2Bg/MEuDTPu+
HJ2yrP3d0qqs0hxTaV/DZkpF104vjIDWlj2aULUyCPziGmIfJ52ldvipGnN23024
uYeyuvTpA7uSiBj7Mf6JasCAbvsL8+jDxOBy314fOtWc2OfsPQVDax4WwI1ayfwM
UExbItLPKt5wLxokstJtLdEXxaUwsqkMMMjGl/RFwMk2O0h+yhBzGr3hh2veTkRx
IZZL
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:45:44 2025 by rpki-client