Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/FLevcbsODGjnw01H-idT9CbO2Tg.roa
File: FLevcbsODGjnw01H-idT9CbO2Tg.roa (raw, json)
Hash identifier: eH2yxOp/j+m3pB5EvB/1Z69zR1EsJ4NORmay4y3bu8M=
Subject key identifier: 14:B7:AF:71:BB:0E:0C:68:E7:C3:4D:47:FA:27:53:F4:26:CE:D9:38
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01982C3B131246BFFAF1D6A5C5C167099200
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/FLevcbsODGjnw01H-idT9CbO2Tg.roa
Signing time: Mon 21 Jul 2025 09:05:25 +0000
ROA not before: Mon 21 Jul 2025 09:05:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.16.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.72.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
146.103.89.0/24 maxlen: 24
146.103.90.0/24 maxlen: 24
146.103.91.0/24 maxlen: 24
146.103.92.0/24 maxlen: 24
146.103.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 18:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:3b:13:12:46:bf:fa:f1:d6:a5:c5:c1:67:09:92:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jul 21 09:05:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=14b7af71bb0e0c68e7c34d47fa2753f426ced938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:cf:64:c9:6f:27:34:87:0b:58:2a:45:27:13:
08:b7:25:54:41:05:52:0d:d4:d7:10:aa:69:9d:6f:
f4:54:bd:1b:09:85:41:6c:d8:f9:48:32:14:41:07:
61:76:91:55:4f:37:0d:1e:2e:80:59:47:ab:d6:6c:
22:e3:ca:0e:ab:a2:e5:80:44:b8:f4:c2:bb:f1:f6:
dc:57:8e:bd:07:75:b9:b4:bc:b6:e5:8e:de:61:33:
b0:c3:a4:75:6a:c2:06:4f:09:e2:55:a7:00:e1:3f:
56:4f:15:79:d6:4a:2d:de:67:ae:97:77:d7:34:76:
a6:6a:c6:3b:80:ff:80:73:14:4e:b6:1b:2d:c6:23:
4d:03:64:35:6a:81:7a:06:6e:b5:dd:6e:cf:9c:8b:
99:94:0f:05:67:d5:ef:ad:20:de:84:d7:ba:d4:1a:
dc:d2:83:fd:6f:91:2c:8f:a5:a2:f9:ce:77:44:90:
36:39:c9:05:3f:4a:45:fc:ba:b5:1c:c1:5d:da:b3:
b5:9f:b0:f0:20:1a:ff:af:38:0e:89:44:a1:d5:29:
e2:c6:99:fd:40:82:40:21:94:d5:b6:aa:20:dd:b5:
68:a3:6d:f5:62:d3:8c:58:b9:9e:95:92:3b:71:23:
33:55:a8:e2:af:2a:bf:7a:1a:47:8f:e5:f9:28:78:
cb:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
14:B7:AF:71:BB:0E:0C:68:E7:C3:4D:47:FA:27:53:F4:26:CE:D9:38
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/FLevcbsODGjnw01H-idT9CbO2Tg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0-140.150.16.255
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0-146.103.93.255
Signature Algorithm: sha256WithRSAEncryption
35:03:f5:82:72:5c:36:66:2e:50:63:d1:13:30:13:bc:27:75:
e7:e7:87:bc:55:a7:e0:36:6c:d7:09:33:aa:80:40:c1:b0:f4:
fe:12:f4:05:6a:5c:15:0f:91:62:86:6d:cf:8e:9d:3f:d0:dc:
cb:38:63:f3:29:97:8a:60:94:b0:16:6b:25:ba:06:4a:f2:15:
6f:a7:f3:e9:31:09:79:4d:81:66:84:88:58:1e:2e:2d:3c:bd:
23:97:76:ca:fe:be:21:ca:73:42:e1:a4:cb:1a:23:5b:df:4c:
b9:38:8c:8a:3a:a0:c7:44:c3:24:ca:66:1d:7c:90:ee:d4:ea:
f9:cc:c3:27:9d:92:2c:7c:fd:65:75:1e:03:fa:d6:5d:d6:d3:
2a:20:f5:b2:c4:b7:fd:b5:48:5f:8f:94:ba:95:2f:ff:d3:d8:
28:65:47:2f:20:7a:a6:1f:49:d8:7a:66:71:b1:d1:87:62:f0:
84:c5:4e:93:3d:74:cf:4f:2c:45:06:d9:4b:93:45:ce:c7:60:
71:32:5b:e9:f7:1f:97:22:a9:50:ff:4e:b5:01:86:b6:d2:f6:
2c:1e:24:f7:0c:e3:55:f2:37:d8:98:d9:a0:e5:d0:d2:0f:f2:
52:45:8a:2d:ab:51:d2:21:1b:fa:59:37:62:69:d4:1b:e4:12:
e9:05:21:a9
-----BEGIN CERTIFICATE-----
MIIFVzCCBD+gAwIBAgISAZgsOxMSRr/68dalxcFnCZIAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNzIxMDkwNTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNGI3YWY3MWJiMGUwYzY4ZTdjMzRkNDdmYTI3NTNmNDI2Y2VkOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAss9kyW8nNIcLWCpFJxMItyVUQQVS
DdTXEKppnW/0VL0bCYVBbNj5SDIUQQdhdpFVTzcNHi6AWUer1mwi48oOq6LlgES4
9MK78fbcV469B3W5tLy25Y7eYTOww6R1asIGTwniVacA4T9WTxV51kot3meul3fX
NHamasY7gP+AcxROthstxiNNA2Q1aoF6Bm613W7PnIuZlA8FZ9XvrSDehNe61Brc
0oP9b5Esj6Wi+c53RJA2OckFP0pF/Lq1HMFd2rO1n7DwIBr/rzgOiUSh1Snixpn9
QIJAIZTVtqog3bVoo231YtOMWLmelZI7cSMzVajiryq/ehpHj+X5KHjLvQIDAQAB
o4ICYzCCAl8wHQYDVR0OBBYEFBS3r3G7Dgxo58NNR/onU/Qmztk4MB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvRkxldmNic09ER2pudzAxSC1pZFQ5Q2JPMlRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHkGCCsGAQUFBwEHAQH/BGowaDBmBAIAATBgAwQDjJYAMAwD
BAGMlgoDBACMlgwwDAMEAYyWDgMEAIyWEDAMAwQBjJYSAwQAjJYmMAwDBAOMligD
BACMliwDBAGMli4wDAMEBpJnQAMEAJJnRDAMAwQAkmdHAwQBkmdcMA0GCSqGSIb3
DQEBCwUAA4IBAQA1A/WCclw2Zi5QY9ETMBO8J3Xn54e8VafgNmzXCTOqgEDBsPT+
EvQFalwVD5Fihm3Pjp0/0NzLOGPzKZeKYJSwFmslugZK8hVvp/PpMQl5TYFmhIhY
Hi4tPL0jl3bK/r4hynNC4aTLGiNb30y5OIyKOqDHRMMkymYdfJDu1Or5zMMnnZIs
fP1ldR4D+tZd1tMqIPWyxLf9tUhfj5S6lS//09goZUcvIHqmH0nYemZxsdGHYvCE
xU6TPXTPTyxFBtlLk0XOx2BxMlvp9x+XIqlQ/061AYa20vYsHiT3DONV8jfYmNmg
5dDSD/JSRYotq1HSIRv6WTdiadQb5BLpBSGp
-----END CERTIFICATE-----
Generated at Mon Jul 28 01:05:13 2025 by rpki-client