Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/1nTilngq5zKfxySkCHJrq8OR1XU.roa
File: 1nTilngq5zKfxySkCHJrq8OR1XU.roa (raw, json)
Hash identifier: y45CVCg+/5IMVJj56+xE6RjgsUstntNITWZKP3ozGos=
Subject key identifier: D6:74:E2:96:78:2A:E7:32:9F:C7:24:A4:08:72:6B:AB:C3:91:D5:75
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 01983299A15C54B0A773E3AC82C015732E45
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/1nTilngq5zKfxySkCHJrq8OR1XU.roa
Signing time: Tue 22 Jul 2025 14:46:25 +0000
ROA not before: Tue 22 Jul 2025 14:46:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211522
IP address blocks: 5.252.118.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
91.103.252.0/24 maxlen: 24
91.103.253.0/24 maxlen: 24
94.142.138.0/24 maxlen: 24
185.17.0.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
185.217.197.0/24 maxlen: 24
185.229.65.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:32:99:a1:5c:54:b0:a7:73:e3:ac:82:c0:15:73:2e:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 22 14:46:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d674e296782ae7329fc724a408726babc391d575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:9d:5a:fe:58:d6:b3:6d:53:25:e2:e6:04:0c:
92:52:4c:57:7a:a3:4f:ae:7e:34:bc:36:07:86:d1:
f4:05:79:f9:3c:00:40:28:ee:d6:07:9e:84:b6:1e:
f0:36:5d:43:9c:35:71:e8:9e:4d:54:48:a1:19:4c:
36:0e:b1:42:78:4c:a8:fe:4d:eb:46:7b:8a:11:dc:
19:be:65:24:1f:d0:1a:ec:6a:9c:19:9c:71:0a:1c:
cf:82:8a:51:c9:9a:75:26:b4:07:9d:0b:41:77:ce:
73:50:ac:91:22:db:44:bd:de:84:32:9d:2c:16:5d:
16:47:bd:d0:21:b6:23:ae:4d:e3:55:01:32:3b:d4:
e2:33:cf:ac:5d:14:96:4a:75:a3:2f:8f:bc:67:bb:
f8:39:34:1b:ed:0c:9a:3c:15:f8:14:e9:22:00:78:
d2:ac:5e:d1:91:88:c7:62:4e:8b:68:b9:ae:98:62:
da:3d:98:0f:d3:5c:c6:75:a1:fe:89:63:64:04:a4:
8e:c3:be:62:ec:fd:e3:bf:93:b2:73:10:1c:38:a8:
2d:41:6e:23:98:2a:8d:64:4b:04:09:70:69:39:eb:
8e:9d:bc:48:66:1c:c7:88:8a:29:e2:13:04:7f:e7:
c6:44:2e:70:4b:a1:2a:76:ea:f0:cc:8d:c0:62:b5:
7e:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:74:E2:96:78:2A:E7:32:9F:C7:24:A4:08:72:6B:AB:C3:91:D5:75
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/1nTilngq5zKfxySkCHJrq8OR1XU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.138.74.0/24
45.142.122.0/24
91.103.252.0/23
94.142.138.0/24
185.17.0.0/24
185.106.93.0-185.106.94.255
185.112.83.0/24
185.125.230.0/24
185.174.136.0/23
185.217.197.0/24
185.229.65.0-185.229.66.255
194.67.201.0/24
Signature Algorithm: sha256WithRSAEncryption
69:98:71:c9:33:66:84:a5:ab:ce:d0:36:2c:7f:8b:89:f3:8d:
c2:47:56:67:e7:21:53:84:5b:3f:50:3d:ab:f1:e9:27:cc:5e:
46:7d:38:5c:91:0d:fe:a7:53:b0:ab:5d:86:51:88:e5:86:00:
8d:b8:9d:53:60:40:25:d7:07:98:8a:26:44:d0:a5:24:ff:3c:
e7:8b:1e:35:d3:2b:b1:6e:1c:33:6d:0e:ea:fa:62:0a:82:aa:
65:98:30:d5:e0:ca:97:d0:36:13:ca:1b:25:74:73:58:fb:a0:
cb:22:e2:ab:0b:54:91:eb:85:7d:54:4b:78:2e:33:e9:59:69:
c4:0d:73:58:62:be:98:14:16:59:41:69:49:6b:ba:ee:20:fd:
eb:01:98:11:88:17:a1:75:7f:62:95:24:26:15:a1:95:7f:95:
bd:89:ca:80:e9:fe:b6:76:c1:3f:b6:67:c5:0c:b4:48:b0:7b:
31:db:b8:22:18:14:b3:0d:73:d6:33:46:e3:a5:31:98:2f:80:
31:4e:ae:ff:be:e7:35:93:24:54:f9:df:e4:5d:84:92:9a:2e:
0b:f6:71:af:7c:39:bd:61:d5:0d:27:ee:2e:f8:51:4b:13:c5:
e9:8e:77:f2:0c:08:89:47:93:8a:5a:b6:be:1c:bf:e9:60:2d:
f4:72:b7:70
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZgymaFcVLCnc+OsgsAVcy5FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzIyMTQ0NjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNjc0ZTI5Njc4MmFlNzMyOWZjNzI0YTQwODcyNmJhYmMzOTFkNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn51a/ljWs21TJeLmBAySUkxXeqNP
rn40vDYHhtH0BXn5PABAKO7WB56Eth7wNl1DnDVx6J5NVEihGUw2DrFCeEyo/k3r
RnuKEdwZvmUkH9Aa7GqcGZxxChzPgopRyZp1JrQHnQtBd85zUKyRIttEvd6EMp0s
Fl0WR73QIbYjrk3jVQEyO9TiM8+sXRSWSnWjL4+8Z7v4OTQb7QyaPBX4FOkiAHjS
rF7RkYjHYk6LaLmumGLaPZgP01zGdaH+iWNkBKSOw75i7P3jv5OycxAcOKgtQW4j
mCqNZEsECXBpOeuOnbxIZhzHiIop4hMEf+fGRC5wS6EqdurwzI3AYrV+WQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFNZ04pZ4Kucyn8ckpAhya6vDkdV1MB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvMW5UaWxuZ3E1ektmeHlTa0NISnJxOE9SMVhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQABfx2AwQA
LYpKAwQALY56AwQBW2f8AwQAXo6KAwQAuREAMAwDBAC5al0DBAC5al4DBAC5cFMD
BAC5feYDBAG5rogDBAC52cUwDAMEALnlQQMEALnlQgMEAMJDyTANBgkqhkiG9w0B
AQsFAAOCAQEAaZhxyTNmhKWrztA2LH+LifONwkdWZ+chU4RbP1A9q/HpJ8xeRn04
XJEN/qdTsKtdhlGI5YYAjbidU2BAJdcHmIomRNClJP8854seNdMrsW4cM20O6vpi
CoKqZZgw1eDKl9A2E8obJXRzWPugyyLiqwtUkeuFfVRLeC4z6VlpxA1zWGK+mBQW
WUFpSWu67iD96wGYEYgXoXV/YpUkJhWhlX+VvYnKgOn+tnbBP7ZnxQy0SLB7Mdu4
IhgUsw1z1jNG46UxmC+AMU6u/77nNZMkVPnf5F2EkpouC/Zxr3w5vWHVDSfuLvhR
SxPF6Y538gwIiUeTilq2vhy/6WAt9HK3cA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:29:48 2025 by rpki-client