Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mi0e81ENlhZL1HAJyDt-APK3Xmw.roa
File: mi0e81ENlhZL1HAJyDt-APK3Xmw.roa (raw, json)
Hash identifier: 4UM/16Qhwo7dbwcVYtQMkDVKLWRlfgabJ7zfNMBK+dA=
Subject key identifier: 9A:2D:1E:F3:51:0D:96:16:4B:D4:70:09:C8:3B:7E:00:F2:B7:5E:6C
Certificate issuer: /CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Certificate serial: 019A005A736DB43FBDC00E928E8517FE15EC
Authority key identifier: 06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mi0e81ENlhZL1HAJyDt-APK3Xmw.roa
Signing time: Mon 20 Oct 2025 06:41:59 +0000
ROA not before: Mon 20 Oct 2025 06:41:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 45.155.241.0/24 maxlen: 24
194.143.210.0/24 maxlen: 24
194.143.217.0/24 maxlen: 24
194.143.218.0/24 maxlen: 24
194.143.222.0/24 maxlen: 24
194.143.223.0/24 maxlen: 24
195.114.192.0/24 maxlen: 24
195.114.195.0/24 maxlen: 24
195.114.202.0/24 maxlen: 24
195.114.203.0/24 maxlen: 24
195.114.205.0/24 maxlen: 24
213.220.2.0/24 maxlen: 24
213.220.4.0/24 maxlen: 24
213.220.6.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.mft
rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 14:12:02 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:5a:73:6d:b4:3f:bd:c0:0e:92:8e:85:17:fe:15:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0671dcc7a9ac7351c71e0bc2278cf45fd020ae2e
Validity
Not Before: Oct 20 06:41:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9a2d1ef3510d96164bd47009c83b7e00f2b75e6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:77:a4:4a:5c:81:51:53:3f:30:6a:ad:f4:
3c:5f:87:8f:c4:99:22:84:0b:5d:1b:52:0b:36:97:
ed:d4:de:fc:39:db:48:cb:6b:65:7d:5b:19:ac:49:
13:b5:fb:47:24:d9:1e:ca:9e:23:17:d7:5f:36:ad:
47:66:05:47:f9:03:c5:5f:db:86:a0:3b:77:b9:8f:
c6:23:5c:3f:ec:76:17:70:7a:46:8a:37:84:43:1e:
70:78:b0:09:ed:56:b7:8f:20:07:71:5b:5d:46:bb:
b0:1d:24:b1:41:a0:45:e6:b8:3a:a0:bc:fb:68:02:
0a:85:f7:ef:35:8a:bc:c7:32:5d:55:c8:7e:f2:64:
70:64:8d:78:2a:d0:06:c8:92:c0:9a:7d:1c:ae:22:
df:f4:22:df:1c:73:e9:91:7f:84:68:c4:b4:41:5d:
ed:94:14:6d:94:73:e0:00:a2:6a:9c:3e:bf:3b:a7:
77:1d:24:9f:2d:28:7d:82:f3:51:86:95:8a:2a:95:
b9:4d:1b:e4:38:f7:c1:fb:02:0b:bf:53:dc:de:4c:
87:71:67:ad:b4:f9:72:1b:82:e3:a3:0a:11:ff:91:
bf:0a:2c:a0:51:c3:63:fa:4a:43:5a:87:b6:ba:08:
d3:14:11:5a:76:89:7f:f0:f9:f3:f9:71:32:38:de:
c1:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9A:2D:1E:F3:51:0D:96:16:4B:D4:70:09:C8:3B:7E:00:F2:B7:5E:6C
X509v3 Authority Key Identifier:
keyid:06:71:DC:C7:A9:AC:73:51:C7:1E:0B:C2:27:8C:F4:5F:D0:20:AE:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BnHcx6msc1HHHgvCJ4z0X9Agri4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/mi0e81ENlhZL1HAJyDt-APK3Xmw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ea/1f9493-d468-4a7c-8c4b-1ddec4cce24c/1/BnHcx6msc1HHHgvCJ4z0X9Agri4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.241.0/24
194.143.210.0/24
194.143.217.0-194.143.218.255
194.143.222.0/23
195.114.192.0/24
195.114.195.0/24
195.114.202.0/23
195.114.205.0/24
213.220.2.0/24
213.220.4.0/24
213.220.6.0/24
Signature Algorithm: sha256WithRSAEncryption
48:50:ba:c4:af:12:f4:62:21:4a:5e:ad:b7:8b:5d:a3:fc:da:
8a:4f:be:91:ca:80:29:0a:59:65:5e:dd:fe:8d:c4:81:2e:ae:
e9:54:83:44:de:dc:22:79:a7:e2:6c:14:3d:a2:c8:d3:1a:6f:
e7:f0:b2:2e:2a:8f:41:36:7f:13:3e:cb:b4:bf:7e:2a:26:fa:
79:11:81:4e:a1:be:63:f8:c8:81:18:05:54:cd:83:91:24:28:
a4:ac:b9:9d:cd:02:61:1a:b5:3f:54:6c:6f:ed:27:f8:59:8f:
7f:08:71:83:70:3b:a5:c3:df:39:25:e4:60:1c:3d:f5:a8:09:
99:3b:81:33:0a:16:76:c2:bb:09:a0:4b:27:08:90:ae:39:76:
1a:0b:63:cd:8e:01:2c:cb:33:0b:70:60:12:c7:84:63:c5:ab:
1b:3e:14:30:b8:a7:77:f7:19:d0:8c:4b:34:76:2e:d9:11:23:
72:ac:a4:0d:0b:9f:cc:f8:0f:5e:3c:36:24:da:9e:a4:2c:77:
69:ba:17:fd:81:0c:d7:86:0e:ad:7b:c3:47:e0:16:2c:18:c7:
f8:95:28:dd:bd:30:6c:b1:67:b4:b9:9e:8a:b9:7c:dd:90:28:
73:d3:3c:d3:46:88:e0:ea:b9:19:51:a3:40:da:33:92:23:ad:
a4:03:2d:7f
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZoAWnNttD+9wA6SjoUX/hXsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NzFkY2M3YTlhYzczNTFjNzFlMGJjMjI3OGNmNDVmZDAy
MGFlMmUwHhcNMjUxMDIwMDY0MTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YTJkMWVmMzUxMGQ5NjE2NGJkNDcwMDljODNiN2UwMGYyYjc1ZTZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYh3pEpcgVFTPzBqrfQ8X4ePxJki
hAtdG1ILNpft1N78OdtIy2tlfVsZrEkTtftHJNkeyp4jF9dfNq1HZgVH+QPFX9uG
oDt3uY/GI1w/7HYXcHpGijeEQx5weLAJ7Va3jyAHcVtdRruwHSSxQaBF5rg6oLz7
aAIKhffvNYq8xzJdVch+8mRwZI14KtAGyJLAmn0criLf9CLfHHPpkX+EaMS0QV3t
lBRtlHPgAKJqnD6/O6d3HSSfLSh9gvNRhpWKKpW5TRvkOPfB+wILv1Pc3kyHcWet
tPlyG4LjowoR/5G/CiygUcNj+kpDWoe2ugjTFBFadol/8Pnz+XEyON7BTQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJotHvNRDZYWS9RwCcg7fgDyt15sMB8GA1UdIwQY
MBaAFAZx3MeprHNRxx4LwieM9F/QIK4uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGIt
MWRkZWM0Y2NlMjRjLzEvbWkwZTgxRU5saFpMMUhBSnlEdC1BUEszWG13LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYS8xZjk0OTMtZDQ2OC00YTdjLThjNGItMWRkZWM0Y2NlMjRj
LzEvQm5IY3g2bXNjMUhISGd2Q0o0ejBYOUFncmk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQALZvxAwQA
wo/SMAwDBADCj9kDBADCj9oDBAHCj94DBADDcsADBADDcsMDBAHDcsoDBADDcs0D
BADV3AIDBADV3AQDBADV3AYwDQYJKoZIhvcNAQELBQADggEBAEhQusSvEvRiIUpe
rbeLXaP82opPvpHKgCkKWWVe3f6NxIEurulUg0Te3CJ5p+JsFD2iyNMab+fwsi4q
j0E2fxM+y7S/fiom+nkRgU6hvmP4yIEYBVTNg5EkKKSsuZ3NAmEatT9UbG/tJ/hZ
j38IcYNwO6XD3zkl5GAcPfWoCZk7gTMKFnbCuwmgSycIkK45dhoLY82OASzLMwtw
YBLHhGPFqxs+FDC4p3f3GdCMSzR2LtkRI3KspA0Ln8z4D148NiTanqQsd2m6F/2B
DNeGDq17w0fgFiwYx/iVKN29MGyxZ7S5noq5fN2QKHPTPNNGiODquRlRo0DaM5Ij
raQDLX8=
-----END CERTIFICATE-----
Generated at Tue Oct 21 21:50:06 2025 by rpki-client