Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/HTKjluKoMYE3YnxNS8OX7g6z7cg.roa
File: HTKjluKoMYE3YnxNS8OX7g6z7cg.roa (raw, json)
Hash identifier: sAIqDaQKvUjEGEm5NaK3hjATSYMoprKa9F9LOvjEkOU=
Subject key identifier: 1D:32:A3:96:E2:A8:31:81:37:62:7C:4D:4B:C3:97:EE:0E:B3:ED:C8
Certificate issuer: /CN=ffe70693454bc33485dec69d219d0502654ac04a
Certificate serial: 019811D0BAB4C9E969142D6C079B1CB1DA89
Authority key identifier: FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/HTKjluKoMYE3YnxNS8OX7g6z7cg.roa
Signing time: Wed 16 Jul 2025 05:59:08 +0000
ROA not before: Wed 16 Jul 2025 05:59:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205847
IP address blocks: 5.181.56.0/24 maxlen: 24
5.181.57.0/24 maxlen: 24
5.181.58.0/23 maxlen: 23
5.181.58.0/24 maxlen: 24
5.181.59.0/24 maxlen: 24
2a0c:a740:100::/48 maxlen: 48
2a0c:a741::/38 maxlen: 38
2a0c:a741:1000::/38 maxlen: 38
2a0c:a741:2000::/38 maxlen: 38
2a0c:a741:3000::/38 maxlen: 38
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:11:d0:ba:b4:c9:e9:69:14:2d:6c:07:9b:1c:b1:da:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ffe70693454bc33485dec69d219d0502654ac04a
Validity
Not Before: Jul 16 05:59:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1d32a396e2a8318137627c4d4bc397ee0eb3edc8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:68:8c:bf:b9:5f:21:c6:71:c1:97:1e:3f:cc:
e4:1d:a1:8b:41:58:62:eb:58:fa:dc:ca:7a:77:7a:
4e:76:25:a7:63:5a:cf:5c:e8:a3:6a:da:85:2c:55:
4e:23:22:45:88:85:7e:ba:09:da:9e:6c:9c:60:d5:
b5:46:9c:06:44:33:00:10:3f:6a:74:7e:7a:92:23:
df:5e:90:e6:aa:78:0d:60:23:66:3f:72:46:a4:9f:
00:5c:f3:8d:7a:98:73:a6:f5:91:84:f9:00:02:4b:
d7:1d:f2:de:f1:ff:b3:11:25:0e:ae:2d:4b:9c:54:
ee:61:26:d1:71:83:86:31:78:67:98:39:0d:7f:7b:
63:92:64:25:27:a6:4f:af:9b:10:f0:8e:34:0a:b2:
e6:07:9b:89:7f:71:a3:01:57:6f:bf:d6:41:0b:49:
88:f6:7c:72:64:81:99:37:56:58:b6:df:6b:c3:d9:
db:16:fc:a6:61:59:bf:e2:83:d1:f6:06:35:54:b1:
f0:15:6b:7b:c4:b5:03:e7:83:eb:8f:17:56:49:24:
6b:ee:b1:18:54:3f:06:26:b1:ff:22:f7:67:9d:d0:
2c:91:a3:d9:19:90:05:93:be:5a:32:0e:05:fb:c5:
22:91:6f:cf:37:6f:d9:85:29:cb:90:b0:30:2a:09:
c3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:32:A3:96:E2:A8:31:81:37:62:7C:4D:4B:C3:97:EE:0E:B3:ED:C8
X509v3 Authority Key Identifier:
keyid:FF:E7:06:93:45:4B:C3:34:85:DE:C6:9D:21:9D:05:02:65:4A:C0:4A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_-cGk0VLwzSF3sadIZ0FAmVKwEo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/HTKjluKoMYE3YnxNS8OX7g6z7cg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9d/03e4f7-10f3-4114-a1e5-3502658ae6f5/1/_-cGk0VLwzSF3sadIZ0FAmVKwEo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.56.0/22
IPv6:
2a0c:a740:100::/48
2a0c:a741::/38
2a0c:a741:1000::/38
2a0c:a741:2000::/38
2a0c:a741:3000::/38
Signature Algorithm: sha256WithRSAEncryption
1f:8b:e5:18:ce:c9:4d:1e:b0:19:d2:fb:8f:4b:1f:47:e3:b8:
a0:4a:2b:1c:ad:9d:fe:f1:b0:30:be:d8:f1:4a:ef:a0:87:91:
72:f4:9c:ed:39:be:42:70:1c:e6:41:0f:0e:c4:f4:80:68:a7:
c8:c7:0f:8c:a6:98:29:29:34:05:60:ca:03:3f:c3:ee:76:44:
1c:c1:2b:3b:aa:48:c8:d8:f3:4d:21:8d:41:07:ff:f2:83:f0:
d1:88:1f:a1:3a:b6:36:1e:0b:46:c1:5f:4c:2e:fe:b0:fa:c9:
13:f7:32:b0:c9:38:9b:a1:81:33:be:58:23:61:15:d8:23:f8:
9a:6a:17:1f:c0:e6:2d:cd:cf:13:cf:29:51:39:ea:3e:38:72:
36:35:e5:be:dd:15:e2:60:e7:f6:d2:c7:f4:a1:3f:b8:43:15:
ab:29:84:8f:c3:d8:06:69:ef:da:23:29:44:93:6a:b6:c8:08:
13:ac:46:30:7c:ff:ec:11:d3:52:02:9e:84:9a:82:33:fe:17:
24:a5:f0:d9:e8:3b:e3:55:86:45:07:fa:7e:6c:30:2c:b4:f0:
78:30:d1:cb:bc:9a:e6:9c:31:62:ac:36:34:03:7c:54:3f:df:
65:f3:c8:15:c4:22:f4:6c:d1:58:b1:2a:72:ba:8c:e3:fe:23:
03:ff:87:1c
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZgR0Lq0yelpFC1sB5scsdqJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZmZTcwNjkzNDU0YmMzMzQ4NWRlYzY5ZDIxOWQwNTAyNjU0
YWMwNGEwHhcNMjUwNzE2MDU1OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZDMyYTM5NmUyYTgzMTgxMzc2MjdjNGQ0YmMzOTdlZTBlYjNlZGM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu2iMv7lfIcZxwZceP8zkHaGLQVhi
61j63Mp6d3pOdiWnY1rPXOijatqFLFVOIyJFiIV+ugnanmycYNW1RpwGRDMAED9q
dH56kiPfXpDmqngNYCNmP3JGpJ8AXPONephzpvWRhPkAAkvXHfLe8f+zESUOri1L
nFTuYSbRcYOGMXhnmDkNf3tjkmQlJ6ZPr5sQ8I40CrLmB5uJf3GjAVdvv9ZBC0mI
9nxyZIGZN1ZYtt9rw9nbFvymYVm/4oPR9gY1VLHwFWt7xLUD54PrjxdWSSRr7rEY
VD8GJrH/IvdnndAskaPZGZAFk75aMg4F+8UikW/PN2/ZhSnLkLAwKgnDSQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFB0yo5biqDGBN2J8TUvDl+4Os+3IMB8GA1UdIwQY
MBaAFP/nBpNFS8M0hd7GnSGdBQJlSsBKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUt
MzUwMjY1OGFlNmY1LzEvSFRLamx1S29NWUUzWW54TlM4T1g3ZzZ6N2NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZC8wM2U0ZjctMTBmMy00MTE0LWExZTUtMzUwMjY1OGFlNmY1
LzEvXy1jR2swVkx3elNGM3NhZElaMEZBbVZLd0VvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAMBAIAATAGAwQCBbU4MC8E
AgACMCkDBwAqDKdAAQADBgIqDKdBAAMGAioMp0EQAwYCKgynQSADBgIqDKdBMDAN
BgkqhkiG9w0BAQsFAAOCAQEAH4vlGM7JTR6wGdL7j0sfR+O4oEorHK2d/vGwML7Y
8UrvoIeRcvSc7Tm+QnAc5kEPDsT0gGinyMcPjKaYKSk0BWDKAz/D7nZEHMErO6pI
yNjzTSGNQQf/8oPw0YgfoTq2Nh4LRsFfTC7+sPrJE/cysMk4m6GBM75YI2EV2CP4
mmoXH8DmLc3PE88pUTnqPjhyNjXlvt0V4mDn9tLH9KE/uEMVqymEj8PYBmnv2iMp
RJNqtsgIE6xGMHz/7BHTUgKehJqCM/4XJKXw2eg741WGRQf6fmwwLLTweDDRy7ya
5pwxYqw2NAN8VD/fZfPIFcQi9GzRWLEqcrqM4/4jA/+HHA==
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:29:45 2025 by rpki-client