Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/imCTNCJgVxYeciJvP6ipENl7py8.roa
File: imCTNCJgVxYeciJvP6ipENl7py8.roa (raw, json)
Hash identifier: rdVYTu6RFyj8L+XnvGMbyDsbWmx6BQPC5LcCVkqIAt0=
Subject key identifier: 8A:60:93:34:22:60:57:16:1E:72:22:6F:3F:A8:A9:10:D9:7B:A7:2F
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197FFF8414A7F65C58C1C8FA3D12EB64E67
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/imCTNCJgVxYeciJvP6ipENl7py8.roa
Signing time: Sat 12 Jul 2025 18:49:09 +0000
ROA not before: Sat 12 Jul 2025 18:49:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 5.175.194.0/24 maxlen: 24
5.231.106.0/24 maxlen: 24
5.231.107.0/24 maxlen: 24
5.231.108.0/24 maxlen: 24
5.231.109.0/24 maxlen: 24
5.231.110.0/24 maxlen: 24
5.231.117.0/24 maxlen: 24
5.231.118.0/24 maxlen: 24
5.231.119.0/24 maxlen: 24
5.231.120.0/24 maxlen: 24
5.231.121.0/24 maxlen: 24
5.231.122.0/24 maxlen: 24
5.231.123.0/24 maxlen: 24
5.231.241.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
5.231.243.0/24 maxlen: 24
5.231.244.0/24 maxlen: 24
5.231.245.0/24 maxlen: 24
5.231.246.0/24 maxlen: 24
5.231.247.0/24 maxlen: 24
5.231.248.0/24 maxlen: 24
89.106.72.0/24 maxlen: 24
89.106.73.0/24 maxlen: 24
89.144.53.0/24 maxlen: 24
89.144.54.0/24 maxlen: 24
89.144.55.0/24 maxlen: 24
94.103.166.0/24 maxlen: 24
94.249.198.0/24 maxlen: 24
94.249.199.0/24 maxlen: 24
94.249.200.0/24 maxlen: 24
94.249.201.0/24 maxlen: 24
94.249.202.0/24 maxlen: 24
94.249.203.0/24 maxlen: 24
94.249.204.0/24 maxlen: 24
94.249.205.0/24 maxlen: 24
94.249.206.0/24 maxlen: 24
94.249.225.0/24 maxlen: 24
94.249.226.0/24 maxlen: 24
94.249.227.0/24 maxlen: 24
94.249.228.0/24 maxlen: 24
178.18.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ff:f8:41:4a:7f:65:c5:8c:1c:8f:a3:d1:2e:b6:4e:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 12 18:49:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a609334226057161e72226f3fa8a910d97ba72f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:4a:37:1e:b1:d0:b5:cf:f9:3f:f0:5f:66:d0:
30:0d:44:df:df:72:00:5c:0d:5a:6b:1f:af:b6:14:
ba:a2:53:56:ef:da:b5:a0:fb:7c:73:37:da:7c:84:
a7:54:8f:e4:6f:50:ae:be:c5:23:bc:2e:4c:a9:6d:
f2:d8:26:32:1b:56:1d:01:33:29:de:d6:0e:ce:13:
c2:01:13:e2:b0:89:ee:9c:d7:e7:f1:86:24:e0:48:
0a:af:19:f6:8e:55:cb:1e:64:34:29:6e:06:c5:28:
ce:36:0c:48:24:9a:62:cf:bc:8c:94:17:e8:52:fa:
b6:d9:1f:89:9a:33:4b:2f:82:2f:83:eb:55:ce:6b:
b0:d8:ae:57:ea:d0:ac:f1:4b:e2:d8:2b:85:8f:a7:
2b:20:91:ba:15:55:14:6a:ad:36:34:33:31:e3:49:
cb:82:7e:f1:d6:ae:10:4b:66:24:e5:b2:5c:34:d2:
8c:e2:7d:94:f2:10:04:ae:b5:40:8f:60:9b:92:ec:
68:41:b3:18:49:c9:b8:49:37:0f:b1:24:43:bd:bd:
e7:fc:11:c3:ec:6a:03:c4:7b:ae:96:4f:a9:7d:fe:
ce:66:3e:24:0f:99:17:07:2d:26:61:a2:b5:a4:68:
54:3c:ac:d5:66:88:26:b9:31:d8:df:82:13:1a:15:
3d:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:60:93:34:22:60:57:16:1E:72:22:6F:3F:A8:A9:10:D9:7B:A7:2F
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/imCTNCJgVxYeciJvP6ipENl7py8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.194.0/24
5.231.106.0-5.231.110.255
5.231.117.0-5.231.123.255
5.231.241.0-5.231.248.255
89.106.72.0/23
89.144.53.0-89.144.55.255
94.103.166.0/24
94.249.198.0-94.249.206.255
94.249.225.0-94.249.228.255
178.18.149.0/24
Signature Algorithm: sha256WithRSAEncryption
c0:e7:1d:32:2d:fb:73:3e:55:c0:e5:ca:fc:53:f9:55:54:3a:
52:a2:2b:25:19:6b:e0:35:79:1d:ea:64:2d:6f:bf:a3:4d:aa:
d6:ba:d0:48:52:4f:67:6c:68:74:ad:0c:09:ab:c1:02:2a:1a:
7e:88:5f:7e:c8:8c:b3:48:13:a9:be:dd:22:13:39:2a:b6:76:
73:be:a2:a6:82:79:e2:db:b8:73:3c:ed:4a:95:18:85:52:ae:
6a:a5:2e:24:33:3d:8a:f8:7f:37:53:50:02:a4:65:aa:77:0f:
47:95:a8:e5:e0:60:57:98:e3:fd:de:01:2c:00:11:37:1c:e8:
4d:90:50:e8:5a:80:f9:b9:ed:ae:4f:92:73:e0:d8:c8:a7:b3:
b6:32:97:e5:f0:fd:4c:d6:eb:c8:cc:86:3b:8e:0c:98:d9:1e:
67:25:bc:3a:48:50:cd:1d:a2:d9:b5:5d:6c:5a:6f:6d:ba:75:
10:43:fa:54:3a:0e:fe:18:ec:77:64:0e:a2:39:89:71:97:15:
44:bd:8f:65:06:43:f4:d6:f7:66:cd:bb:0e:84:e2:af:a0:cc:
f5:5b:2d:3c:ea:15:98:89:e9:05:ff:86:9d:93:50:c6:03:d3:
4f:e8:60:35:13:2c:98:2c:b8:f2:cf:9e:30:11:3b:7f:33:4a:
1a:ff:3b:c6
-----BEGIN CERTIFICATE-----
MIIFZDCCBEygAwIBAgISAZf/+EFKf2XFjByPo9Eutk5nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNzEyMTg0OTA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTYwOTMzNDIyNjA1NzE2MWU3MjIyNmYzZmE4YTkxMGQ5N2JhNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsko3HrHQtc/5P/BfZtAwDUTf33IA
XA1aax+vthS6olNW79q1oPt8czfafISnVI/kb1CuvsUjvC5MqW3y2CYyG1YdATMp
3tYOzhPCARPisInunNfn8YYk4EgKrxn2jlXLHmQ0KW4GxSjONgxIJJpiz7yMlBfo
Uvq22R+JmjNLL4Ivg+tVzmuw2K5X6tCs8Uvi2CuFj6crIJG6FVUUaq02NDMx40nL
gn7x1q4QS2Yk5bJcNNKM4n2U8hAErrVAj2CbkuxoQbMYScm4STcPsSRDvb3n/BHD
7GoDxHuulk+pff7OZj4kD5kXBy0mYaK1pGhUPKzVZogmuTHY34ITGhU9CQIDAQAB
o4ICcDCCAmwwHQYDVR0OBBYEFIpgkzQiYFcWHnIibz+oqRDZe6cvMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvaW1DVE5DSmdWeFllY2lKdlA2aXBFTmw3cHk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGFBggrBgEFBQcBBwEB/wR2MHQwcgQCAAEwbAMEAAWvwjAM
AwQBBedqAwQABeduMAwDBAAF53UDBAIF53gwDAMEAAXn8QMEAAXn+AMEAVlqSDAM
AwQAWZA1AwQDWZAwAwQAXmemMAwDBAFe+cYDBABe+c4wDAMEAF754QMEAF755AME
ALISlTANBgkqhkiG9w0BAQsFAAOCAQEAwOcdMi37cz5VwOXK/FP5VVQ6UqIrJRlr
4DV5HepkLW+/o02q1rrQSFJPZ2xodK0MCavBAioafohffsiMs0gTqb7dIhM5KrZ2
c76ipoJ54tu4czztSpUYhVKuaqUuJDM9ivh/N1NQAqRlqncPR5Wo5eBgV5jj/d4B
LAARNxzoTZBQ6FqA+bntrk+Sc+DYyKeztjKX5fD9TNbryMyGO44MmNkeZyW8OkhQ
zR2i2bVdbFpvbbp1EEP6VDoO/hjsd2QOojmJcZcVRL2PZQZD9Nb3Zs27DoTir6DM
9VstPOoVmInpBf+GnZNQxgPTT+hgNRMsmCy48s+eMBE7fzNKGv87xg==
-----END CERTIFICATE-----
Generated at Mon Jul 21 08:05:11 2025 by rpki-client