Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/n5VL-9G7-YZixQJP-BPKVSDqpR4.roa
File: n5VL-9G7-YZixQJP-BPKVSDqpR4.roa (raw, json)
Hash identifier: t+3M+svFb4/LG8WrDBM3x4yGiPVd0ez6gYqaJNLI3Wg=
Subject key identifier: 9F:95:4B:FB:D1:BB:F9:86:62:C5:02:4F:F8:13:CA:55:20:EA:A5:1E
Certificate issuer: /CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Certificate serial: 0197E5439BCE935DF8D79669AC72104C1B24
Authority key identifier: F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/n5VL-9G7-YZixQJP-BPKVSDqpR4.roa
Signing time: Mon 07 Jul 2025 14:21:42 +0000
ROA not before: Mon 07 Jul 2025 14:21:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49206
IP address blocks: 185.24.175.0/24 maxlen: 24
2a00:6fa0::/32 maxlen: 32
2a00:6fa0:3100::/40 maxlen: 40
2a00:6fa0:4200::/40 maxlen: 40
2a00:6fa0:ff00::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl
rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.mft
rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 17:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:43:9b:ce:93:5d:f8:d7:96:69:ac:72:10:4c:1b:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f42b084f9b9c98cfd90410b8305cc6cb46dcced8
Validity
Not Before: Jul 7 14:21:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f954bfbd1bbf98662c5024ff813ca5520eaa51e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:9f:45:5a:e1:da:5e:bf:fc:36:71:09:9d:91:
90:a5:c9:e2:e8:e8:86:3c:de:20:ab:12:bd:35:a4:
31:dc:a1:5c:e2:9d:9c:97:f5:fc:64:49:0a:59:c8:
81:98:ef:4f:97:29:be:c0:70:05:4a:c7:c0:7b:20:
ee:56:31:4f:51:0e:7e:06:93:a7:bf:8f:af:2f:56:
c4:ba:24:3b:52:a4:85:14:d1:79:02:a7:59:5d:b1:
9c:08:82:3c:52:05:ee:5a:36:15:36:90:dd:c5:a9:
3c:e2:7c:15:08:a2:0e:be:7c:9f:ba:30:e2:bc:ce:
1f:5f:c8:39:26:8b:9d:5f:9b:ab:e7:5b:f2:10:8c:
e2:e0:ed:74:25:bc:ae:ac:e4:01:80:76:6c:46:13:
15:f6:70:24:af:34:80:81:91:08:19:75:46:75:a0:
6b:11:75:8d:5e:b8:98:6d:f0:43:e8:2c:21:da:a3:
a7:75:c5:74:6c:e4:46:ad:48:35:c0:5d:71:b6:ee:
2b:82:b9:85:06:08:97:4d:51:ad:d7:79:28:c5:28:
d9:a6:08:19:26:1f:45:e4:ec:9b:2f:ae:16:40:db:
cc:8b:74:f4:66:d7:7c:e6:e7:46:3a:d2:a5:95:b5:
0a:ef:0d:3b:30:2b:52:5e:18:a3:f4:3b:a0:ff:e8:
6d:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:95:4B:FB:D1:BB:F9:86:62:C5:02:4F:F8:13:CA:55:20:EA:A5:1E
X509v3 Authority Key Identifier:
keyid:F4:2B:08:4F:9B:9C:98:CF:D9:04:10:B8:30:5C:C6:CB:46:DC:CE:D8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9CsIT5ucmM_ZBBC4MFzGy0bcztg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/n5VL-9G7-YZixQJP-BPKVSDqpR4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4a/f949a5-84ac-459d-b9a0-6a9cd94202ff/1/9CsIT5ucmM_ZBBC4MFzGy0bcztg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.175.0/24
IPv6:
2a00:6fa0::/32
Signature Algorithm: sha256WithRSAEncryption
45:a5:6a:c4:22:9b:2d:5d:f5:eb:9c:92:9c:ef:8d:fc:eb:99:
82:cd:c2:1f:f8:e8:28:f8:4f:01:f2:13:cd:09:2a:3c:d9:2b:
f3:b5:c5:2a:17:f2:d9:6f:b7:cf:ea:6e:e0:64:f4:5c:17:39:
53:a3:49:83:7c:e2:3b:fa:c0:1a:0a:3b:e8:8e:34:4a:01:48:
56:8b:9d:90:3b:b3:15:3b:8d:77:e8:6e:77:80:47:7a:48:dd:
00:7f:20:07:0c:b9:5e:09:59:94:d4:48:55:f4:1a:fc:ad:4f:
1a:4d:d3:81:ea:6b:7d:cb:1d:28:62:99:02:31:6e:cb:fb:76:
c4:52:6a:8f:a7:06:70:12:d1:ba:96:b8:ac:2e:d0:32:3c:f6:
81:88:3e:3a:65:76:9a:70:b3:9f:a1:0c:8e:e0:37:0d:0e:88:
4b:4c:fb:df:54:45:cf:a4:0a:e9:e3:c1:97:dd:08:5c:09:4d:
44:e7:50:5b:b6:2f:58:ac:dc:53:72:6b:11:b7:80:8c:ce:af:
b7:86:bf:d6:d9:a5:dc:05:6a:2f:14:40:1b:c6:bf:d9:ff:8d:
d2:22:19:dc:50:1e:02:ea:ea:06:4e:91:cc:c4:b8:cc:21:ab:
44:8a:ed:93:e5:1b:43:2f:43:61:d5:3f:9a:0e:ba:d0:e6:36:
d5:02:a9:7f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZflQ5vOk13415ZprHIQTBskMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0MmIwODRmOWI5Yzk4Y2ZkOTA0MTBiODMwNWNjNmNiNDZk
Y2NlZDgwHhcNMjUwNzA3MTQyMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Zjk1NGJmYmQxYmJmOTg2NjJjNTAyNGZmODEzY2E1NTIwZWFhNTFlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArp9FWuHaXr/8NnEJnZGQpcni6OiG
PN4gqxK9NaQx3KFc4p2cl/X8ZEkKWciBmO9Plym+wHAFSsfAeyDuVjFPUQ5+BpOn
v4+vL1bEuiQ7UqSFFNF5AqdZXbGcCII8UgXuWjYVNpDdxak84nwVCKIOvnyfujDi
vM4fX8g5JoudX5ur51vyEIzi4O10JbyurOQBgHZsRhMV9nAkrzSAgZEIGXVGdaBr
EXWNXriYbfBD6Cwh2qOndcV0bORGrUg1wF1xtu4rgrmFBgiXTVGt13koxSjZpggZ
Jh9F5OybL64WQNvMi3T0Ztd85udGOtKllbUK7w07MCtSXhij9Dug/+htHwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ+VS/vRu/mGYsUCT/gTylUg6qUeMB8GA1UdIwQY
MBaAFPQrCE+bnJjP2QQQuDBcxstG3M7YMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAt
NmE5Y2Q5NDIwMmZmLzEvbjVWTC05RzctWVppeFFKUC1CUEtWU0RxcFI0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80YS9mOTQ5YTUtODRhYy00NTlkLWI5YTAtNmE5Y2Q5NDIwMmZm
LzEvOUNzSVQ1dWNtTV9aQkJDNE1Gekd5MGJjenRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAuRivMA0E
AgACMAcDBQAqAG+gMA0GCSqGSIb3DQEBCwUAA4IBAQBFpWrEIpstXfXrnJKc7438
65mCzcIf+Ogo+E8B8hPNCSo82SvztcUqF/LZb7fP6m7gZPRcFzlTo0mDfOI7+sAa
CjvojjRKAUhWi52QO7MVO4136G53gEd6SN0AfyAHDLleCVmU1EhV9Br8rU8aTdOB
6mt9yx0oYpkCMW7L+3bEUmqPpwZwEtG6lrisLtAyPPaBiD46ZXaacLOfoQyO4DcN
DohLTPvfVEXPpArp48GX3QhcCU1E51Bbti9YrNxTcmsRt4CMzq+3hr/W2aXcBWov
FEAbxr/Z/43SIhncUB4C6uoGTpHMxLjMIatEiu2T5RtDL0Nh1T+aDrrQ5jbVAql/
-----END CERTIFICATE-----
Generated at Sun Jul 27 01:46:20 2025 by rpki-client