Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/b1CA5r7KforuhTMwFyQEdQXtFg0.roa
File: b1CA5r7KforuhTMwFyQEdQXtFg0.roa (raw, json)
Hash identifier: /sCtJVvcy9/zMZdU963H1KU1tkn/lGiUH4SIeeLoE9A=
Subject key identifier: 6F:50:80:E6:BE:CA:7E:8A:EE:85:33:30:17:24:04:75:05:ED:16:0D
Certificate issuer: /CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Certificate serial: 019A6DC1306DDFD9378BE4246E1959C04054
Authority key identifier: BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/b1CA5r7KforuhTMwFyQEdQXtFg0.roa
Signing time: Mon 10 Nov 2025 12:32:48 +0000
ROA not before: Mon 10 Nov 2025 12:32:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9155
IP address blocks: 62.150.10.0/24 maxlen: 24
62.150.155.0/24 maxlen: 24
62.150.175.0/24 maxlen: 24
62.150.181.0/24 maxlen: 24
62.150.182.0/24 maxlen: 24
78.154.192.0/18 maxlen: 18
78.154.192.0/20 maxlen: 20
78.154.192.0/24 maxlen: 24
78.154.193.0/24 maxlen: 24
78.154.194.0/24 maxlen: 24
78.154.195.0/24 maxlen: 24
78.154.196.0/24 maxlen: 24
78.154.197.0/24 maxlen: 24
78.154.198.0/24 maxlen: 24
78.154.199.0/24 maxlen: 24
78.154.200.0/24 maxlen: 24
78.154.201.0/24 maxlen: 24
78.154.202.0/24 maxlen: 24
78.154.203.0/24 maxlen: 24
78.154.204.0/24 maxlen: 24
78.154.205.0/24 maxlen: 24
78.154.206.0/24 maxlen: 24
78.154.207.0/24 maxlen: 24
78.154.208.0/20 maxlen: 20
78.154.208.0/24 maxlen: 24
78.154.209.0/24 maxlen: 24
78.154.210.0/24 maxlen: 24
78.154.211.0/24 maxlen: 24
78.154.212.0/24 maxlen: 24
78.154.213.0/24 maxlen: 24
78.154.214.0/24 maxlen: 24
78.154.215.0/24 maxlen: 24
78.154.216.0/24 maxlen: 24
78.154.217.0/24 maxlen: 24
78.154.218.0/24 maxlen: 24
78.154.219.0/24 maxlen: 24
78.154.220.0/24 maxlen: 24
78.154.221.0/24 maxlen: 24
78.154.222.0/24 maxlen: 24
78.154.223.0/24 maxlen: 24
78.154.224.0/20 maxlen: 20
78.154.224.0/24 maxlen: 24
78.154.225.0/24 maxlen: 24
78.154.226.0/24 maxlen: 24
78.154.227.0/24 maxlen: 24
78.154.228.0/24 maxlen: 24
78.154.229.0/24 maxlen: 24
78.154.230.0/24 maxlen: 24
78.154.231.0/24 maxlen: 24
78.154.232.0/24 maxlen: 24
78.154.233.0/24 maxlen: 24
78.154.234.0/24 maxlen: 24
78.154.235.0/24 maxlen: 24
78.154.236.0/24 maxlen: 24
78.154.237.0/24 maxlen: 24
78.154.238.0/24 maxlen: 24
78.154.239.0/24 maxlen: 24
78.154.240.0/20 maxlen: 20
78.154.240.0/24 maxlen: 24
78.154.241.0/24 maxlen: 24
78.154.242.0/24 maxlen: 24
78.154.243.0/24 maxlen: 24
78.154.244.0/24 maxlen: 24
78.154.245.0/24 maxlen: 24
78.154.246.0/24 maxlen: 24
78.154.247.0/24 maxlen: 24
78.154.248.0/24 maxlen: 24
78.154.249.0/24 maxlen: 24
78.154.250.0/24 maxlen: 24
78.154.251.0/24 maxlen: 24
78.154.252.0/24 maxlen: 24
78.154.253.0/24 maxlen: 24
78.154.254.0/24 maxlen: 24
78.154.255.0/24 maxlen: 24
195.39.161.0/24 maxlen: 24
195.39.180.0/24 maxlen: 24
195.39.181.0/24 maxlen: 24
195.39.182.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.mft
rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 06:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:6d:c1:30:6d:df:d9:37:8b:e4:24:6e:19:59:c0:40:54
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bc443f7aae47e0ab38bcf8d536cca60350d17270
Validity
Not Before: Nov 10 12:32:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6f5080e6beca7e8aee8533301724047505ed160d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:ab:ae:82:53:9a:5a:1a:8e:86:67:b2:81:8f:
bd:40:6f:8d:80:dd:2a:db:19:40:24:85:dd:ae:0c:
c3:58:49:df:da:54:83:b5:8b:b6:a2:79:8a:a8:56:
3c:ea:bc:75:00:a4:18:7a:5c:67:ea:af:96:27:9d:
d8:7e:61:0f:26:e1:0b:f2:46:b9:c1:8c:4a:f3:f7:
83:5c:fb:a5:4e:66:a6:3c:a3:d0:22:db:3c:49:8e:
7c:9d:f2:49:58:7a:81:20:45:be:90:4c:f9:43:33:
40:e9:8e:8c:b5:61:fc:c6:bd:9d:a4:e9:b1:f3:57:
06:fb:dd:b4:ae:30:e6:f9:0b:26:d1:05:65:a0:c2:
5a:a1:dc:e7:64:31:f0:4e:10:42:6a:30:0a:6d:f7:
c2:af:cf:4c:1d:15:53:a7:0a:52:fd:37:5f:71:1b:
3c:d6:cb:c0:69:a9:f7:d3:b6:d9:e4:8f:51:7f:1c:
de:a9:4f:24:f7:9d:ba:5c:fa:fe:8e:3d:32:32:77:
34:8d:e8:ea:3d:f9:9b:7a:5c:74:e7:04:a0:80:77:
28:33:52:57:e8:0e:25:a4:87:17:7e:cb:ce:68:de:
28:6f:86:f2:45:9f:d8:3e:3e:05:52:64:eb:67:80:
eb:3c:9e:b7:3d:be:a7:b9:32:9f:3d:b3:ab:1c:2a:
3a:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:50:80:E6:BE:CA:7E:8A:EE:85:33:30:17:24:04:75:05:ED:16:0D
X509v3 Authority Key Identifier:
keyid:BC:44:3F:7A:AE:47:E0:AB:38:BC:F8:D5:36:CC:A6:03:50:D1:72:70
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/b1CA5r7KforuhTMwFyQEdQXtFg0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/75b68b-fa56-44b7-bfba-5034f19953a3/1/vEQ_eq5H4Ks4vPjVNsymA1DRcnA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.150.10.0/24
62.150.155.0/24
62.150.175.0/24
62.150.181.0-62.150.182.255
78.154.192.0/18
195.39.161.0/24
195.39.180.0-195.39.182.255
Signature Algorithm: sha256WithRSAEncryption
aa:bb:37:b6:dc:6b:a1:12:fc:4e:6e:ec:30:0a:d1:8e:8a:69:
d7:6f:07:80:3d:7c:a8:4f:05:6d:2d:98:92:1e:bc:64:20:57:
4e:8a:33:f0:88:df:75:73:54:7c:f2:92:e1:56:98:47:db:79:
dd:01:be:36:15:d0:8d:58:e3:f1:b9:d6:30:66:a2:1e:8a:07:
b0:9a:6e:03:de:fe:36:e0:bd:93:60:bf:8e:ba:91:73:c0:ec:
72:92:40:45:e6:64:14:1f:b8:27:67:ff:76:e7:9f:82:b6:02:
9c:8d:2d:53:ce:6c:d4:b8:4b:04:e5:50:00:c9:0a:81:c6:1e:
fe:81:5b:16:67:de:13:d4:45:ce:d3:61:69:b7:73:57:07:9e:
6f:0e:36:a8:e0:9c:d3:65:22:c8:47:d5:9c:e0:f8:d7:19:36:
c6:9a:4b:aa:1f:d9:52:8c:91:f1:62:56:08:ac:3c:d7:a8:3c:
de:50:47:ce:9a:64:49:ac:7b:c1:00:d3:40:e1:e8:d4:0b:90:
7b:fb:31:e3:8f:bf:52:e3:d3:05:e6:1f:49:de:7b:3d:12:fe:
9c:5f:64:aa:27:14:33:34:fa:df:55:0f:60:db:66:64:d0:6b:
cc:a8:f6:87:ae:63:7b:bd:91:ec:47:03:76:71:58:d1:04:fd:
13:e6:b6:1f
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZptwTBt39k3i+QkbhlZwEBUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJjNDQzZjdhYWU0N2UwYWIzOGJjZjhkNTM2Y2NhNjAzNTBk
MTcyNzAwHhcNMjUxMTEwMTIzMjQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZjUwODBlNmJlY2E3ZThhZWU4NTMzMzAxNzI0MDQ3NTA1ZWQxNjBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnquuglOaWhqOhmeygY+9QG+NgN0q
2xlAJIXdrgzDWEnf2lSDtYu2onmKqFY86rx1AKQYelxn6q+WJ53YfmEPJuEL8ka5
wYxK8/eDXPulTmamPKPQIts8SY58nfJJWHqBIEW+kEz5QzNA6Y6MtWH8xr2dpOmx
81cG+920rjDm+Qsm0QVloMJaodznZDHwThBCajAKbffCr89MHRVTpwpS/TdfcRs8
1svAaan307bZ5I9RfxzeqU8k9526XPr+jj0yMnc0jejqPfmbelx05wSggHcoM1JX
6A4lpIcXfsvOaN4ob4byRZ/YPj4FUmTrZ4DrPJ63Pb6nuTKfPbOrHCo62QIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFG9QgOa+yn6K7oUzMBckBHUF7RYNMB8GA1UdIwQY
MBaAFLxEP3quR+CrOLz41TbMpgNQ0XJwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEt
NTAzNGYxOTk1M2EzLzEvYjFDQTVyN0tmb3J1aFRNd0Z5UUVkUVh0RmcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC83NWI2OGItZmE1Ni00NGI3LWJmYmEtNTAzNGYxOTk1M2Ez
LzEvdkVRX2VxNUg0S3M0dlBqVk5zeW1BMURSY25BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQAPpYKAwQA
PpabAwQAPpavMAwDBAA+lrUDBAA+lrYDBAZOmsADBADDJ6EwDAMEAsMntAMEAMMn
tjANBgkqhkiG9w0BAQsFAAOCAQEAqrs3ttxroRL8Tm7sMArRjopp128HgD18qE8F
bS2Ykh68ZCBXTooz8IjfdXNUfPKS4VaYR9t53QG+NhXQjVjj8bnWMGaiHooHsJpu
A97+NuC9k2C/jrqRc8DscpJAReZkFB+4J2f/duefgrYCnI0tU85s1LhLBOVQAMkK
gcYe/oFbFmfeE9RFztNhabdzVweebw42qOCc02UiyEfVnOD41xk2xppLqh/ZUoyR
8WJWCKw816g83lBHzppkSax7wQDTQOHo1AuQe/sx44+/UuPTBeYfSd57PRL+nF9k
qicUMzT631UPYNtmZNBrzKj2h65je72R7EcDdnFY0QT9E+a2Hw==
-----END CERTIFICATE-----
Generated at Tue Nov 11 14:22:07 2025 by rpki-client