Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/5RKzYYqhL3oKCJRewL9NQlha8YY.roa
File: 5RKzYYqhL3oKCJRewL9NQlha8YY.roa (raw, json)
Hash identifier: G5InDowN/2/xf7/t/A+otG1kRZ2u5R+12fwWnuC2D7w=
Subject key identifier: E5:12:B3:61:8A:A1:2F:7A:0A:08:94:5E:C0:BF:4D:42:58:5A:F1:86
Certificate issuer: /CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Certificate serial: 0197CA101B4E3EFACF8C2ACD2BAD4F6FBA0C
Authority key identifier: DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/5RKzYYqhL3oKCJRewL9NQlha8YY.roa
Signing time: Wed 02 Jul 2025 07:35:42 +0000
ROA not before: Wed 02 Jul 2025 07:35:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210423
IP address blocks: 84.232.35.0/24 maxlen: 24
84.232.36.0/23 maxlen: 23
84.232.36.0/24 maxlen: 24
84.232.37.0/24 maxlen: 24
84.232.88.0/23 maxlen: 24
84.236.226.0/23 maxlen: 24
84.236.234.0/23 maxlen: 23
88.148.100.0/23 maxlen: 24
88.148.100.0/24 maxlen: 24
88.148.101.0/24 maxlen: 24
94.24.46.0/23 maxlen: 23
95.178.112.0/22 maxlen: 22
95.178.112.0/23 maxlen: 23
95.178.114.0/23 maxlen: 23
217.61.80.0/24 maxlen: 24
217.61.81.0/24 maxlen: 24
217.61.82.0/24 maxlen: 24
217.61.83.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.mft
rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 21:50:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:10:1b:4e:3e:fa:cf:8c:2a:cd:2b:ad:4f:6f:ba:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=daaf17b0015dbb7cd992f26cdff01c4e2620b73e
Validity
Not Before: Jul 2 07:35:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e512b3618aa12f7a0a08945ec0bf4d42585af186
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:82:e2:48:e8:cb:2d:d2:a4:49:b5:b7:c2:63:55:
9e:70:f8:fe:58:ff:ea:eb:fc:05:57:56:73:b9:97:
31:36:2f:58:50:90:8f:4c:29:87:37:90:27:b5:25:
6c:33:38:3e:05:ce:ed:d0:8c:1b:73:16:e1:eb:5d:
66:a2:2b:11:b9:8e:ee:df:1d:f8:82:e2:18:de:2a:
52:77:c9:30:39:1d:61:94:a3:aa:d2:af:28:1c:72:
2f:59:07:63:3a:5d:a9:2c:89:6e:f5:3e:cf:b2:4e:
3a:41:2e:12:04:7c:0c:3a:11:36:8c:05:c4:71:9b:
4e:72:85:14:85:57:28:a1:04:4e:95:52:ea:e3:7d:
c7:bf:ed:6b:0c:26:84:76:01:9c:d5:44:7a:0f:48:
ab:be:64:14:c8:fe:ec:3b:bb:81:ec:32:55:42:4d:
08:0d:9e:cc:b2:15:85:f4:d0:52:cf:ec:70:d4:9b:
91:49:48:4e:25:44:67:e6:d8:dd:21:87:71:2d:61:
0f:f0:33:c5:6f:21:fa:9c:66:b3:37:7b:40:5b:7a:
c9:cc:34:8e:ea:f9:5a:0d:6f:40:d2:b0:bd:33:f2:
63:16:3d:e3:41:41:a0:fb:aa:17:72:b5:23:5d:b3:
a4:36:94:e4:bb:a3:05:24:f0:ee:14:5d:c8:30:36:
6c:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:12:B3:61:8A:A1:2F:7A:0A:08:94:5E:C0:BF:4D:42:58:5A:F1:86
X509v3 Authority Key Identifier:
keyid:DA:AF:17:B0:01:5D:BB:7C:D9:92:F2:6C:DF:F0:1C:4E:26:20:B7:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2q8XsAFdu3zZkvJs3_AcTiYgtz4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/5RKzYYqhL3oKCJRewL9NQlha8YY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/45/c8973c-3cfa-4604-8110-cf06d1983ba1/1/2q8XsAFdu3zZkvJs3_AcTiYgtz4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.232.35.0-84.232.37.255
84.232.88.0/23
84.236.226.0/23
84.236.234.0/23
88.148.100.0/23
94.24.46.0/23
95.178.112.0/22
217.61.80.0/22
Signature Algorithm: sha256WithRSAEncryption
21:c3:16:6b:a5:08:09:ce:b5:04:29:db:41:2e:eb:02:d5:d6:
be:e1:f2:9f:df:95:16:bb:d6:72:d1:52:ae:d6:1c:9b:61:fe:
47:35:d9:a4:97:c6:e9:c4:1f:57:1f:ac:55:df:0b:62:38:c2:
c6:7c:54:2c:f4:a1:1d:f5:55:7c:50:2a:19:9e:29:86:67:2f:
6e:56:0a:70:95:6b:af:be:bf:30:67:e9:ff:7e:21:97:d6:6c:
61:f0:fd:f0:ae:92:b3:6d:27:e0:ad:ab:67:fc:c6:bb:fd:dc:
9e:c8:99:8f:02:ff:b9:a8:ae:2b:ec:d3:aa:42:91:ae:44:59:
62:da:d5:db:41:40:6f:75:b3:98:df:1f:7f:39:97:c5:db:67:
df:39:8d:aa:21:75:c8:30:da:9f:c2:47:5d:76:92:bb:b7:ed:
53:b5:2f:38:95:ee:85:fa:68:8a:f6:cb:7c:5a:48:56:3a:57:
4a:92:d6:63:c6:79:3c:50:ad:9c:7f:4f:8f:75:1a:01:da:1c:
6c:b3:5f:5e:b8:6b:4a:ea:12:c1:50:b5:88:db:48:91:bf:a3:
30:8b:a9:d3:47:0c:8c:6e:17:24:59:12:74:f5:55:d5:3d:f9:
24:e9:3e:70:77:05:44:48:10:fb:5b:96:18:e5:cf:c2:bf:a9:
7f:f8:99:73
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZfKEBtOPvrPjCrNK61Pb7oMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYWYxN2IwMDE1ZGJiN2NkOTkyZjI2Y2RmZjAxYzRlMjYy
MGI3M2UwHhcNMjUwNzAyMDczNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTEyYjM2MThhYTEyZjdhMGEwODk0NWVjMGJmNGQ0MjU4NWFmMTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAguJI6Mst0qRJtbfCY1WecPj+WP/q
6/wFV1ZzuZcxNi9YUJCPTCmHN5AntSVsMzg+Bc7t0Iwbcxbh611moisRuY7u3x34
guIY3ipSd8kwOR1hlKOq0q8oHHIvWQdjOl2pLIlu9T7Psk46QS4SBHwMOhE2jAXE
cZtOcoUUhVcooQROlVLq433Hv+1rDCaEdgGc1UR6D0irvmQUyP7sO7uB7DJVQk0I
DZ7MshWF9NBSz+xw1JuRSUhOJURn5tjdIYdxLWEP8DPFbyH6nGazN3tAW3rJzDSO
6vlaDW9A0rC9M/JjFj3jQUGg+6oXcrUjXbOkNpTku6MFJPDuFF3IMDZsCQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFOUSs2GKoS96CgiUXsC/TUJYWvGGMB8GA1UdIwQY
MBaAFNqvF7ABXbt82ZLybN/wHE4mILc+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAt
Y2YwNmQxOTgzYmExLzEvNVJLellZcWhMM29LQ0pSZXdMOU5RbGhhOFlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NS9jODk3M2MtM2NmYS00NjA0LTgxMTAtY2YwNmQxOTgzYmEx
LzEvMnE4WHNBRmR1M3paa3ZKczNfQWNUaVlndHo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBABU6CMD
BAFU6CQDBAFU6FgDBAFU7OIDBAFU7OoDBAFYlGQDBAFeGC4DBAJfsnADBALZPVAw
DQYJKoZIhvcNAQELBQADggEBACHDFmulCAnOtQQp20Eu6wLV1r7h8p/flRa71nLR
Uq7WHJth/kc12aSXxunEH1cfrFXfC2I4wsZ8VCz0oR31VXxQKhmeKYZnL25WCnCV
a6++vzBn6f9+IZfWbGHw/fCukrNtJ+Ctq2f8xrv93J7ImY8C/7morivs06pCka5E
WWLa1dtBQG91s5jfH385l8XbZ985jaohdcgw2p/CR112kru37VO1LziV7oX6aIr2
y3xaSFY6V0qS1mPGeTxQrZx/T491GgHaHGyzX164a0rqEsFQtYjbSJG/ozCLqdNH
DIxuFyRZEnT1VdU9+STpPnB3BURIEPtblhjlz8K/qX/4mXM=
-----END CERTIFICATE-----
Generated at Sat Jul 26 05:31:23 2025 by rpki-client