Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5UACvO3P4ZFX2s4_RCaB3kk4Tlk.roa
File: 5UACvO3P4ZFX2s4_RCaB3kk4Tlk.roa (raw, json)
Hash identifier: VYkVTz1qdtJZlsqZUtgmFghhoRIR2dqwUeK4mmwiz34=
Subject key identifier: E5:40:02:BC:ED:CF:E1:91:57:DA:CE:3F:44:26:81:DE:49:38:4E:59
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01981CFE03EB31222092C2B719BA10352D9E
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5UACvO3P4ZFX2s4_RCaB3kk4Tlk.roa
Signing time: Fri 18 Jul 2025 10:04:25 +0000
ROA not before: Fri 18 Jul 2025 10:04:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7018
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
45.150.168.0/22 maxlen: 22
45.151.196.0/22 maxlen: 22
89.40.161.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.71.0/24 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.75.0/24 maxlen: 24
91.242.123.0/24 maxlen: 24
91.242.124.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
91.242.127.0/24 maxlen: 24
185.40.105.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
193.31.104.0/22 maxlen: 22
194.50.200.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.104.0/24 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.109.0/24 maxlen: 24
195.138.110.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.113.0/24 maxlen: 24
195.138.115.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
195.138.124.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1c:fe:03:eb:31:22:20:92:c2:b7:19:ba:10:35:2d:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 18 10:04:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e54002bcedcfe19157dace3f442681de49384e59
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f4:04:2c:fe:72:77:93:66:6a:6d:a3:2b:66:3a:
c8:70:14:7d:f4:b3:d0:3a:7d:05:0a:d3:7c:5e:ad:
c4:b0:7b:bf:85:05:47:79:78:51:b2:b9:d8:f7:18:
40:b3:1f:c3:ec:37:92:a2:7a:8e:cf:5a:56:dd:54:
ea:25:12:82:0c:f7:f2:1a:17:87:a9:3d:3b:e1:19:
0d:01:04:63:e9:55:11:47:57:59:57:11:22:72:0a:
8d:e5:df:7d:9d:30:57:9d:19:48:33:22:d0:23:ea:
da:c2:b3:b3:3f:d5:7b:4f:27:21:e1:5b:d6:b1:08:
db:ba:0b:9d:78:dd:5a:4f:e5:bd:be:ac:b2:8e:48:
98:78:07:72:ca:df:29:98:b9:f0:19:df:e7:d4:bb:
c3:b2:c2:79:75:4c:03:e7:c2:27:fa:46:9f:c5:00:
3c:24:33:c5:af:f3:15:86:20:fe:ec:75:88:ab:92:
52:8b:d2:3c:19:46:3d:d1:c3:36:97:74:c3:b8:9e:
af:91:61:4a:a4:97:9e:dd:8f:1c:e5:bd:ef:d8:e4:
1c:97:72:0c:49:85:3a:98:42:97:21:07:21:04:cc:
f1:66:e8:f0:9c:21:fc:bb:a7:d9:11:7f:36:a4:e8:
30:9d:09:b2:ce:48:d0:58:01:73:a9:5f:7b:4d:a8:
4e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:40:02:BC:ED:CF:E1:91:57:DA:CE:3F:44:26:81:DE:49:38:4E:59
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/5UACvO3P4ZFX2s4_RCaB3kk4Tlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
45.150.168.0/22
45.151.196.0/22
89.40.161.0/24
91.242.70.0-91.242.73.255
91.242.75.0/24
91.242.123.0-91.242.124.255
91.242.126.0/23
185.40.105.0/24
185.180.145.0/24
193.31.104.0/22
194.50.200.0/24
195.138.103.0-195.138.107.255
195.138.109.0-195.138.111.255
195.138.113.0/24
195.138.115.0-195.138.116.255
195.138.118.0/24
195.138.120.0/24
195.138.124.0/22
Signature Algorithm: sha256WithRSAEncryption
04:83:60:10:4d:8b:f2:6d:37:88:03:e8:88:88:8c:f2:bd:2e:
cf:bd:8f:d8:cd:87:40:79:ce:ab:31:a7:1a:63:bc:11:8a:98:
8f:16:2d:59:20:78:7c:92:f9:d8:c1:23:42:84:23:83:64:6f:
b3:0b:1f:4c:32:e9:dc:a2:ba:73:91:65:75:eb:f3:57:23:28:
6c:49:99:32:a4:b5:27:5a:e8:23:29:2f:27:60:8e:cb:bb:a2:
df:72:6a:20:b3:27:c9:64:b5:da:21:b4:65:86:a4:6e:57:6d:
5c:71:af:f4:2b:6d:07:72:dd:61:b1:d5:af:e7:a4:58:ff:3e:
00:28:82:53:aa:f7:6d:66:5d:dd:d2:a3:86:db:39:03:ce:a6:
21:89:15:18:0e:6d:9a:a4:46:17:9a:5e:b8:8a:98:6c:b8:19:
73:66:96:14:8e:33:03:5b:7d:ae:e0:e1:b8:af:83:ea:78:8f:
75:43:93:9b:d9:84:87:4f:5a:6f:67:64:ad:e3:a7:d0:8a:58:
fd:9f:2b:43:6a:86:95:00:f9:67:17:85:47:d9:c1:11:00:e6:
32:36:6c:92:95:7f:b7:1c:98:48:5b:43:54:80:8e:70:cd:3a:
d4:cc:2a:33:8e:37:8d:ed:dd:a6:a7:f9:4a:c4:26:73:5d:a5:
b2:99:17:68
-----BEGIN CERTIFICATE-----
MIIFnDCCBISgAwIBAgISAZgc/gPrMSIgksK3GboQNS2eMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNzE4MTAwNDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTQwMDJiY2VkY2ZlMTkxNTdkYWNlM2Y0NDI2ODFkZTQ5Mzg0ZTU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9AQs/nJ3k2ZqbaMrZjrIcBR99LPQ
On0FCtN8Xq3EsHu/hQVHeXhRsrnY9xhAsx/D7DeSonqOz1pW3VTqJRKCDPfyGheH
qT074RkNAQRj6VURR1dZVxEicgqN5d99nTBXnRlIMyLQI+rawrOzP9V7Tych4VvW
sQjbugudeN1aT+W9vqyyjkiYeAdyyt8pmLnwGd/n1LvDssJ5dUwD58In+kafxQA8
JDPFr/MVhiD+7HWIq5JSi9I8GUY90cM2l3TDuJ6vkWFKpJee3Y8c5b3v2OQcl3IM
SYU6mEKXIQchBMzxZujwnCH8u6fZEX82pOgwnQmyzkjQWAFzqV97TahOSwIDAQAB
o4ICqDCCAqQwHQYDVR0OBBYEFOVAArztz+GRV9rOP0Qmgd5JOE5ZMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvNVVBQ3ZPM1A0WkZYMnM0X1JDYUIza2s0VGxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG9BggrBgEFBQcBBwEB/wSBrTCBqjCBpwQCAAEwgaADBAIF
thwDBAAtQ3UDBAItlqgDBAItl8QDBABZKKEwDAMEAVvyRgMEAVvySAMEAFvySzAM
AwQAW/J7AwQAW/J8AwQBW/J+AwQAuShpAwQAubSRAwQCwR9oAwQAwjLIMAwDBADD
imcDBALDimgwDAMEAMOKbQMEBMOKYAMEAMOKcTAMAwQAw4pzAwQAw4p0AwQAw4p2
AwQAw4p4AwQCw4p8MA0GCSqGSIb3DQEBCwUAA4IBAQAEg2AQTYvybTeIA+iIiIzy
vS7PvY/YzYdAec6rMacaY7wRipiPFi1ZIHh8kvnYwSNChCODZG+zCx9MMuncorpz
kWV16/NXIyhsSZkypLUnWugjKS8nYI7Lu6LfcmogsyfJZLXaIbRlhqRuV21cca/0
K20Hct1hsdWv56RY/z4AKIJTqvdtZl3d0qOG2zkDzqYhiRUYDm2apEYXml64iphs
uBlzZpYUjjMDW32u4OG4r4PqeI91Q5Ob2YSHT1pvZ2St46fQilj9nytDaoaVAPln
F4VH2cERAOYyNmySlX+3HJhIW0NUgI5wzTrUzCozjjeN7d2mp/lKxCZzXaWymRdo
-----END CERTIFICATE-----
Generated at Sun Jul 20 12:30:07 2025 by rpki-client