Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/9NUELL6yZT3A5t1F9cR_zvedUhE.roa
File: 9NUELL6yZT3A5t1F9cR_zvedUhE.roa (raw, json)
Hash identifier: 188N5/nGuCagsNh+KvGmioYUlM3snimTJMCGn4DVe7s=
Subject key identifier: F4:D5:04:2C:BE:B2:65:3D:C0:E6:DD:45:F5:C4:7F:CE:F7:9D:52:11
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B627FBCD8AE3E25274BC305E501CA7
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/9NUELL6yZT3A5t1F9cR_zvedUhE.roa
Signing time: Mon 14 Jul 2025 16:13:09 +0000
ROA not before: Mon 14 Jul 2025 16:13:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210644
IP address blocks: 5.252.118.0/24 maxlen: 24
45.138.74.0/24 maxlen: 24
45.142.122.0/24 maxlen: 24
91.103.252.0/23 maxlen: 23
94.142.138.0/24 maxlen: 24
185.106.93.0/24 maxlen: 24
185.106.94.0/24 maxlen: 24
185.112.83.0/24 maxlen: 24
185.125.230.0/24 maxlen: 24
185.174.136.0/24 maxlen: 24
185.174.137.0/24 maxlen: 24
185.217.197.0/24 maxlen: 24
185.229.65.0/24 maxlen: 24
185.229.66.0/24 maxlen: 24
194.67.201.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 20:26:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b6:27:fb:cd:8a:e3:e2:52:74:bc:30:5e:50:1c:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:13:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f4d5042cbeb2653dc0e6dd45f5c47fcef79d5211
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:d1:5e:43:e0:7a:3d:9c:51:82:99:d1:f3:1b:
c7:eb:27:80:33:4f:fe:da:d6:8b:f8:d6:49:b3:55:
5f:21:aa:ad:8b:26:1b:d9:13:dc:e5:1d:05:7a:e2:
f2:88:14:17:b3:5b:a2:49:83:06:9c:17:6e:69:70:
b5:77:26:1b:fc:31:84:fa:13:71:c4:e8:21:90:15:
f2:1f:f0:ce:4a:23:ad:19:70:d9:c1:bb:42:a3:8f:
7d:5d:93:72:1e:95:94:a9:98:ee:3d:df:b5:f3:87:
a2:6b:04:34:07:6c:a5:7c:2d:3d:2f:65:f1:1c:8f:
85:74:54:a8:70:a1:32:3f:dc:ac:56:02:6c:15:a2:
42:d6:37:1a:66:c7:03:d5:db:ef:24:6a:de:71:41:
b8:25:b1:85:2c:b0:9d:bf:bf:06:83:27:0a:c8:93:
0f:21:7d:3c:34:a0:14:3e:23:bc:f0:ab:37:c7:12:
1e:37:fb:c2:48:f6:36:7a:38:f0:ed:90:dd:a6:d8:
d2:a3:6c:91:62:8f:1e:97:bc:ea:06:e3:15:40:49:
bd:17:5c:b3:b3:2b:ce:8b:5e:55:07:eb:5c:60:6a:
df:33:1c:f2:52:ce:5f:3d:fd:c4:d8:9d:12:db:90:
a9:55:3c:72:20:e2:72:51:63:60:2b:d7:eb:8a:68:
bf:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F4:D5:04:2C:BE:B2:65:3D:C0:E6:DD:45:F5:C4:7F:CE:F7:9D:52:11
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/9NUELL6yZT3A5t1F9cR_zvedUhE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.252.118.0/24
45.138.74.0/24
45.142.122.0/24
91.103.252.0/23
94.142.138.0/24
185.106.93.0-185.106.94.255
185.112.83.0/24
185.125.230.0/24
185.174.136.0/23
185.217.197.0/24
185.229.65.0-185.229.66.255
194.67.201.0/24
Signature Algorithm: sha256WithRSAEncryption
96:65:1e:5f:84:26:5a:5a:18:87:f6:4b:ba:1b:f9:98:e6:fb:
51:d3:7c:ba:58:b9:1b:42:01:f3:ec:ad:1d:83:4b:06:a3:47:
b3:bc:de:f8:83:71:3f:18:b3:ed:07:3c:a2:7a:76:be:14:d8:
e5:b0:58:fb:97:9b:ee:31:bf:53:5f:f7:f2:c1:c8:93:fd:42:
ac:1d:5a:95:74:86:16:e5:f0:7c:a0:7b:13:40:c7:bd:f6:a8:
30:4b:ef:ed:a5:66:95:0d:d0:e4:f6:0e:b4:60:0e:01:bc:52:
9d:b5:ef:fd:c1:6d:e0:22:82:87:a4:44:e2:62:58:bd:29:30:
05:da:bc:ea:48:51:8d:83:8e:2c:44:72:19:5c:9a:f7:9f:e9:
0f:09:46:89:a5:a3:17:cc:9d:40:80:2d:f7:e4:e3:66:18:a4:
9d:18:24:72:2e:0a:1c:3c:cc:a3:a8:92:73:b1:3f:1f:4e:80:
b4:d7:76:27:4d:37:60:8c:2d:2f:19:06:9b:23:d8:9f:cd:4c:
5d:e9:08:9c:7f:5f:f1:b7:be:51:dd:6c:e4:da:a2:96:c6:98:
58:51:27:d6:ea:f3:58:53:55:45:8c:68:70:e4:6e:13:3b:5c:
46:75:d6:2a:83:93:eb:ac:4e:f7:e0:92:17:05:4d:77:72:8f:
41:66:de:0c
-----BEGIN CERTIFICATE-----
MIIFTzCCBDegAwIBAgISAZgJtif7zYrj4lJ0vDBeUBynMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMzA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmNGQ1MDQyY2JlYjI2NTNkYzBlNmRkNDVmNWM0N2ZjZWY3OWQ1MjExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4dFeQ+B6PZxRgpnR8xvH6yeAM0/+
2taL+NZJs1VfIaqtiyYb2RPc5R0FeuLyiBQXs1uiSYMGnBduaXC1dyYb/DGE+hNx
xOghkBXyH/DOSiOtGXDZwbtCo499XZNyHpWUqZjuPd+184eiawQ0B2ylfC09L2Xx
HI+FdFSocKEyP9ysVgJsFaJC1jcaZscD1dvvJGrecUG4JbGFLLCdv78GgycKyJMP
IX08NKAUPiO88Ks3xxIeN/vCSPY2ejjw7ZDdptjSo2yRYo8el7zqBuMVQEm9F1yz
syvOi15VB+tcYGrfMxzyUs5fPf3E2J0S25CpVTxyIOJyUWNgK9frimi/owIDAQAB
o4ICWzCCAlcwHQYDVR0OBBYEFPTVBCy+smU9wObdRfXEf873nVIRMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvOU5VRUxMNnlaVDNBNXQxRjljUl96dmVkVWhFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHEGCCsGAQUFBwEHAQH/BGIwYDBeBAIAATBYAwQABfx2AwQA
LYpKAwQALY56AwQBW2f8AwQAXo6KMAwDBAC5al0DBAC5al4DBAC5cFMDBAC5feYD
BAG5rogDBAC52cUwDAMEALnlQQMEALnlQgMEAMJDyTANBgkqhkiG9w0BAQsFAAOC
AQEAlmUeX4QmWloYh/ZLuhv5mOb7UdN8uli5G0IB8+ytHYNLBqNHs7ze+INxPxiz
7Qc8onp2vhTY5bBY+5eb7jG/U1/38sHIk/1CrB1alXSGFuXwfKB7E0DHvfaoMEvv
7aVmlQ3Q5PYOtGAOAbxSnbXv/cFt4CKCh6RE4mJYvSkwBdq86khRjYOOLERyGVya
95/pDwlGiaWjF8ydQIAt9+TjZhiknRgkci4KHDzMo6iSc7E/H06AtNd2J003YIwt
LxkGmyPYn81MXekInH9f8be+Ud1s5NqilsaYWFEn1urzWFNVRYxocORuEztcRnXW
KoOT66xO9+CSFwVNd3KPQWbeDA==
-----END CERTIFICATE-----
Generated at Tue Jul 22 05:09:24 2025 by rpki-client