Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/fkWXTHq2E6Jnf2_haPSS7hnjCx4.roa
File: fkWXTHq2E6Jnf2_haPSS7hnjCx4.roa (raw, json)
Hash identifier: pYTGlBwjOQioVv0/xdzKKIoai0HlanMgjMqJ2OKFumg=
Subject key identifier: 7E:45:97:4C:7A:B6:13:A2:67:7F:6F:E1:68:F4:92:EE:19:E3:0B:1E
Certificate issuer: /CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Certificate serial: 01980E45721CEF1AEE5E852BDBA6E043815D
Authority key identifier: D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/fkWXTHq2E6Jnf2_haPSS7hnjCx4.roa
Signing time: Tue 15 Jul 2025 13:28:08 +0000
ROA not before: Tue 15 Jul 2025 13:28:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5405
IP address blocks: 5.183.211.0/24 maxlen: 24
94.103.180.0/24 maxlen: 24
185.134.66.0/24 maxlen: 24
185.134.67.0/24 maxlen: 24
2a11:4140::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 19:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:45:72:1c:ef:1a:ee:5e:85:2b:db:a6:e0:43:81:5d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Validity
Not Before: Jul 15 13:28:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e45974c7ab613a2677f6fe168f492ee19e30b1e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:d9:97:35:58:52:21:25:28:d3:9f:d8:20:b7:
62:3e:44:75:f2:9a:56:e7:77:7e:b9:1a:9c:af:52:
c4:94:2d:3c:f0:11:d6:ad:d0:25:9f:e2:7b:b9:2f:
fa:35:2c:28:4d:c0:23:e9:7b:82:3f:ec:a3:86:4d:
89:8b:0e:bf:40:d9:30:27:93:0c:cf:1c:58:38:28:
4d:a0:ab:45:d6:6b:fd:d5:5e:2c:c1:32:b4:df:b7:
f9:25:e2:03:6d:fb:9d:ff:4d:af:62:ff:e8:4d:06:
96:96:d2:95:b3:aa:f9:fe:c9:56:3a:5d:fe:6b:db:
c3:57:fa:44:d8:be:24:c7:72:13:00:63:7c:fc:f2:
ad:8a:49:4f:87:5f:ef:9b:bd:20:bb:80:46:7e:80:
a0:6e:0d:e7:d6:32:b6:e8:7a:47:71:62:a2:df:15:
21:17:3c:81:03:e9:92:49:9d:51:e3:df:e9:d7:04:
7f:db:95:79:87:1e:be:dd:cf:a5:aa:b4:69:51:b4:
96:72:64:fb:e9:89:d7:23:c0:7f:58:e3:b9:12:34:
52:f1:e6:41:e4:47:9c:d4:2b:ba:4c:d1:c2:7a:75:
93:b0:f5:62:ca:2a:ef:22:23:7e:53:f5:85:55:6a:
6b:8e:8e:28:e8:72:fd:5d:d2:0b:68:41:82:5b:a1:
7e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:45:97:4C:7A:B6:13:A2:67:7F:6F:E1:68:F4:92:EE:19:E3:0B:1E
X509v3 Authority Key Identifier:
keyid:D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/fkWXTHq2E6Jnf2_haPSS7hnjCx4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.211.0/24
94.103.180.0/24
185.134.66.0/23
IPv6:
2a11:4140::/29
Signature Algorithm: sha256WithRSAEncryption
26:64:9c:33:36:03:ae:a2:16:5d:3d:aa:b5:09:3d:fc:cc:19:
10:0f:cf:20:18:8b:83:3d:41:a1:d1:d0:ae:1c:4e:55:0b:f8:
d2:be:7a:4c:af:12:2c:f6:07:bb:fa:b4:7a:6d:54:43:44:aa:
26:03:28:ac:77:a2:82:45:40:34:f3:e5:d1:37:e1:b3:72:c7:
95:a9:03:02:46:4c:d9:71:03:83:ef:e4:34:70:1e:c4:5c:24:
a6:55:df:76:8f:e3:97:fc:87:ee:72:10:b9:cc:6e:75:d8:51:
68:78:20:74:8f:05:8f:fe:57:2b:eb:b8:cb:57:4a:29:48:72:
23:d7:40:1e:7f:e4:f7:bb:8e:74:08:73:9d:3a:05:ca:a8:35:
48:54:b1:28:bf:7a:d6:25:2f:d5:0d:b9:f9:28:e1:45:40:2e:
9c:85:88:f5:07:20:f5:f9:98:db:24:51:ca:3c:d0:d2:5e:00:
aa:4b:c6:60:89:9f:34:25:e0:ca:97:e5:04:2e:5a:43:65:58:
1f:51:cd:d1:72:17:9f:72:13:6a:c9:4c:36:18:80:73:28:10:
75:7b:a0:fc:7b:63:7b:24:4b:05:11:ce:df:e4:ff:f3:51:a4:
aa:90:fc:9b:10:a3:d5:28:a5:92:30:9e:7e:52:37:1f:15:49:
1d:46:0b:cf
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZgORXIc7xruXoUr26bgQ4FdMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjZhNWNhMzdlYWQzMWZkMmEzNTBiMGI0MTJkNzdkOTUz
MjA5MjgwHhcNMjUwNzE1MTMyODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTQ1OTc0YzdhYjYxM2EyNjc3ZjZmZTE2OGY0OTJlZTE5ZTMwYjFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArtmXNVhSISUo05/YILdiPkR18ppW
53d+uRqcr1LElC088BHWrdAln+J7uS/6NSwoTcAj6XuCP+yjhk2Jiw6/QNkwJ5MM
zxxYOChNoKtF1mv91V4swTK037f5JeIDbfud/02vYv/oTQaWltKVs6r5/slWOl3+
a9vDV/pE2L4kx3ITAGN8/PKtiklPh1/vm70gu4BGfoCgbg3n1jK26HpHcWKi3xUh
FzyBA+mSSZ1R49/p1wR/25V5hx6+3c+lqrRpUbSWcmT76YnXI8B/WOO5EjRS8eZB
5Eec1Cu6TNHCenWTsPViyirvIiN+U/WFVWprjo4o6HL9XdILaEGCW6F+eQIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFH5Fl0x6thOiZ39v4Wj0ku4Z4wseMB8GA1UdIwQY
MBaAFNW2pco36tMf0qNQsLQS132VMgkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUt
ZDRlODgyMDgzZTRmLzEvZmtXWFRIcTJFNkpuZjJfaGFQU1M3aG5qQ3g0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUtZDRlODgyMDgzZTRm
LzEvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQABbfTAwQA
Xme0AwQBuYZCMA0EAgACMAcDBQMqEUFAMA0GCSqGSIb3DQEBCwUAA4IBAQAmZJwz
NgOuohZdPaq1CT38zBkQD88gGIuDPUGh0dCuHE5VC/jSvnpMrxIs9ge7+rR6bVRD
RKomAyisd6KCRUA08+XRN+GzcseVqQMCRkzZcQOD7+Q0cB7EXCSmVd92j+OX/Ifu
chC5zG512FFoeCB0jwWP/lcr67jLV0opSHIj10Aef+T3u450CHOdOgXKqDVIVLEo
v3rWJS/VDbn5KOFFQC6chYj1ByD1+ZjbJFHKPNDSXgCqS8ZgiZ80JeDKl+UELlpD
ZVgfUc3RchefchNqyUw2GIBzKBB1e6D8e2N7JEsFEc7f5P/zUaSqkPybEKPVKKWS
MJ5+UjcfFUkdRgvP
-----END CERTIFICATE-----
Generated at Sun Jul 27 04:52:18 2025 by rpki-client