Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/AtXlOawZdjPmm3puVBv7GZMWlfQ.roa
File: AtXlOawZdjPmm3puVBv7GZMWlfQ.roa (raw, json)
Hash identifier: vVuVIrsjIYBLs2LghbKeETLKvGp7KVL3rCFnfZ3++Ng=
Subject key identifier: 02:D5:E5:39:AC:19:76:33:E6:9B:7A:6E:54:1B:FB:19:93:16:95:F4
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 01983C573671EF6888D6AB5E33F70A155C8F
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/AtXlOawZdjPmm3puVBv7GZMWlfQ.roa
Signing time: Thu 24 Jul 2025 12:10:05 +0000
ROA not before: Thu 24 Jul 2025 12:10:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 5.182.39.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 18:01:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3c:57:36:71:ef:68:88:d6:ab:5e:33:f7:0a:15:5c:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Jul 24 12:10:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=02d5e539ac197633e69b7a6e541bfb19931695f4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:45:51:51:43:e9:e8:17:a6:e1:54:86:d2:46:
20:9c:80:de:da:f6:10:6d:ec:e3:b9:c7:e2:b9:58:
8e:5a:d4:47:28:62:7d:fd:f3:00:ce:b7:da:d1:f0:
fe:7e:b0:a6:ef:68:c8:0e:ba:61:50:18:e7:6a:1a:
00:83:14:9c:df:4f:b0:a2:41:46:73:df:9b:0d:14:
8c:ce:2c:62:7a:fc:d1:c9:40:62:d4:3a:06:3b:86:
eb:88:5f:03:86:2c:ff:ed:8d:e7:a6:49:15:9a:04:
bd:96:66:96:38:c2:f1:b9:65:ba:1b:42:14:d7:b8:
6f:8b:ea:92:d0:02:17:47:7e:ca:15:31:cd:ee:15:
14:29:40:aa:aa:29:ae:9f:ac:a0:4d:04:15:95:44:
58:b5:e1:d7:f9:e9:e8:ba:98:75:0a:b4:da:89:c2:
57:47:20:ec:e5:09:79:37:e6:1b:4a:e9:52:69:80:
5b:a8:3f:f8:94:84:3e:f2:e4:fe:e3:38:09:b4:44:
e2:93:a7:eb:8c:27:cf:b0:e3:73:dd:65:e1:c5:c7:
de:4d:6c:0f:30:8d:d9:d6:47:71:db:6a:f3:b1:55:
a4:87:67:8d:90:ed:48:df:4e:c8:57:65:98:a1:4f:
46:d5:4c:c0:f3:ba:d9:85:b4:aa:fb:ac:3a:c6:43:
d8:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
02:D5:E5:39:AC:19:76:33:E6:9B:7A:6E:54:1B:FB:19:93:16:95:F4
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/AtXlOawZdjPmm3puVBv7GZMWlfQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.39.0/24
45.159.251.0/24
185.231.204.0/24
193.43.146.0/24
193.57.137.0/24
194.4.48.0/24
Signature Algorithm: sha256WithRSAEncryption
40:84:a8:f1:c1:0f:a3:1d:31:50:cc:ea:5e:c4:17:e0:fc:c8:
4c:9d:29:b7:a7:04:fe:ff:9d:ee:18:45:b7:2d:97:3d:a7:2a:
81:46:92:9a:2a:05:f3:92:a6:18:b5:5b:81:a4:a9:1a:24:a2:
4d:b4:9b:6e:2c:34:53:42:81:51:ca:08:f2:9a:36:66:dc:2f:
98:ee:d4:66:76:2d:8b:30:5b:56:ea:f1:73:4e:05:bb:cf:d0:
e0:b3:05:76:42:f2:d1:9c:56:f9:6a:fc:8f:1c:db:35:10:8a:
00:8c:84:b4:9e:89:a3:94:4b:af:b2:6a:5b:41:cb:5a:67:3a:
eb:78:58:d8:76:01:c0:8d:32:d2:03:41:e2:18:54:3c:c2:78:
e3:1c:ea:fc:2e:0d:3b:e1:cf:52:40:57:99:e6:cf:b6:c7:09:
71:f7:fd:23:06:c4:5a:88:95:da:44:5f:7f:4a:ac:9e:ed:03:
ea:61:d9:25:cc:bd:50:cc:a9:a1:d3:a5:af:94:9b:ed:2d:93:
1c:19:44:63:cc:db:7b:9a:45:af:cc:c7:65:63:e8:53:60:1c:
36:67:1b:21:d7:66:9e:29:58:1e:10:63:f0:15:4f:5c:ae:a2:
c9:77:4a:71:00:56:d7:06:27:a5:d1:95:fa:04:be:ce:ad:c1:
82:7f:44:e4
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZg8VzZx72iI1qteM/cKFVyPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwNzI0MTIxMDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMmQ1ZTUzOWFjMTk3NjMzZTY5YjdhNmU1NDFiZmIxOTkzMTY5NWY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArUVRUUPp6Bem4VSG0kYgnIDe2vYQ
bezjucfiuViOWtRHKGJ9/fMAzrfa0fD+frCm72jIDrphUBjnahoAgxSc30+wokFG
c9+bDRSMzixievzRyUBi1DoGO4briF8Dhiz/7Y3npkkVmgS9lmaWOMLxuWW6G0IU
17hvi+qS0AIXR37KFTHN7hUUKUCqqimun6ygTQQVlURYteHX+enouph1CrTaicJX
RyDs5Ql5N+YbSulSaYBbqD/4lIQ+8uT+4zgJtETik6frjCfPsONz3WXhxcfeTWwP
MI3Z1kdx22rzsVWkh2eNkO1I307IV2WYoU9G1UzA87rZhbSq+6w6xkPYpQIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFALV5TmsGXYz5pt6blQb+xmTFpX0MB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvQXRYbE9hd1pkalBtbTNwdVZCdjdHWk1XbGZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABbYnAwQA
LZ/7AwQAuefMAwQAwSuSAwQAwTmJAwQAwgQwMA0GCSqGSIb3DQEBCwUAA4IBAQBA
hKjxwQ+jHTFQzOpexBfg/MhMnSm3pwT+/53uGEW3LZc9pyqBRpKaKgXzkqYYtVuB
pKkaJKJNtJtuLDRTQoFRygjymjZm3C+Y7tRmdi2LMFtW6vFzTgW7z9DgswV2QvLR
nFb5avyPHNs1EIoAjIS0nomjlEuvsmpbQctaZzrreFjYdgHAjTLSA0HiGFQ8wnjj
HOr8Lg074c9SQFeZ5s+2xwlx9/0jBsRaiJXaRF9/Sqye7QPqYdklzL1QzKmh06Wv
lJvtLZMcGURjzNt7mkWvzMdlY+hTYBw2Zxsh12aeKVgeEGPwFU9crqLJd0pxAFbX
Biel0ZX6BL7OrcGCf0Tk
-----END CERTIFICATE-----
Generated at Sun Jul 27 02:21:16 2025 by rpki-client