Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5r9vRpGVuYtXkpY_gxNOwp72FRM.roa
File: 5r9vRpGVuYtXkpY_gxNOwp72FRM.roa (raw, json)
Hash identifier: p2/UqV+zSZG9CO8DgUFhrhtPDwWS+PrqkaZ4I6cJraI=
Subject key identifier: E6:BF:6F:46:91:95:B9:8B:57:92:96:3F:83:13:4E:C2:9E:F6:15:13
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0197F2D66E5A3EC4B3529FB70E2E01854F55
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5r9vRpGVuYtXkpY_gxNOwp72FRM.roa
Signing time: Thu 10 Jul 2025 05:37:08 +0000
ROA not before: Thu 10 Jul 2025 05:37:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7015
IP address blocks: 5.182.192.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
31.132.53.0/24 maxlen: 24
36.255.213.0/24 maxlen: 24
45.248.52.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
94.154.182.0/24 maxlen: 24
103.130.178.0/24 maxlen: 24
103.210.12.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
162.218.90.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 20:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f2:d6:6e:5a:3e:c4:b3:52:9f:b7:0e:2e:01:85:4f:55
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 10 05:37:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e6bf6f469195b98b5792963f83134ec29ef61513
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f1:2a:50:d1:53:34:4b:70:1f:04:88:41:a8:
9f:be:72:df:d2:27:04:d9:06:46:36:a1:f1:45:ea:
2b:e3:6c:0c:83:28:78:7e:e6:21:73:da:37:63:74:
82:0f:8a:83:95:fe:54:f0:b2:46:20:a1:94:e0:9a:
3f:3b:80:e4:fb:c8:ae:10:2f:8c:99:04:03:4f:99:
08:fa:d3:97:4b:3b:d1:dd:a8:96:bc:d5:cb:db:6c:
52:97:a0:bb:97:93:73:e8:e6:f4:13:7a:b2:ae:32:
30:c9:1d:33:dc:34:46:5b:ab:58:af:f1:2c:81:ef:
62:92:69:7b:5a:15:5f:e5:db:6c:cb:42:eb:00:7e:
34:29:6d:22:1d:b5:c6:32:81:3b:15:38:d5:ef:da:
eb:94:f9:a4:fc:e9:41:a6:6c:98:83:e3:7f:3a:3f:
9b:35:22:d4:15:fa:ba:26:4d:e8:e8:25:b6:4f:84:
5a:0e:91:7a:f1:60:e8:14:1e:0e:7b:96:61:81:0d:
3e:be:64:cf:63:98:5d:27:dd:b1:a7:27:78:ff:84:
9c:91:ce:18:55:bd:eb:7a:bf:58:2c:05:f0:8b:91:
65:14:a9:20:be:50:48:57:6e:d5:39:85:4a:5a:2c:
24:cb:21:25:3a:fe:88:96:e0:02:b1:1b:77:b0:9e:
39:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:BF:6F:46:91:95:B9:8B:57:92:96:3F:83:13:4E:C2:9E:F6:15:13
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/5r9vRpGVuYtXkpY_gxNOwp72FRM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.192.0/24
31.132.52.0/23
36.255.213.0/24
45.248.52.0/24
92.249.31.0/24
94.154.182.0/24
103.130.178.0/24
103.210.12.0/24
147.78.205.0-147.78.206.255
162.218.90.0/24
185.187.212.0/24
185.205.205.0/24
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
14:f1:11:6b:16:fa:8b:1e:fb:8c:3f:e7:f6:ec:b5:1f:36:e5:
57:11:18:ce:20:1a:bd:c0:49:c1:58:bc:0b:f7:4a:3c:d1:81:
ce:07:b0:a0:7a:04:09:f4:15:21:e3:ca:42:c1:ed:41:61:5f:
ec:54:a5:d1:cb:f0:f9:43:1f:f9:21:c8:d0:cd:41:ab:7a:61:
74:4c:7e:22:a0:d6:c2:9f:36:4b:44:af:7e:55:94:b4:72:13:
5d:73:7b:68:41:f9:da:a8:4b:43:c8:24:03:21:9e:08:03:b7:
2e:96:f6:fd:f2:55:c9:ca:27:80:1a:12:f8:c1:39:11:71:3f:
3d:23:63:68:c2:ec:63:32:0d:9c:26:f4:2b:76:86:58:9e:2d:
03:84:ec:43:91:0b:0f:b9:46:34:ab:c0:17:c1:8f:88:6a:fb:
3a:6c:b9:87:89:3e:b2:fa:b6:4c:cd:c8:a7:57:ce:10:31:8c:
3d:7a:7e:e2:f5:4e:5b:61:9a:ba:dc:39:80:0d:94:a5:31:d5:
1d:c7:52:10:b8:bb:34:68:a4:4a:64:a6:9d:41:50:91:d1:9b:
be:95:b9:93:de:8a:9d:62:60:9a:f3:6f:47:3c:06:df:85:85:
e8:f1:15:77:65:e6:b1:28:df:4d:8a:a9:98:fe:24:f1:06:9e:
82:60:2a:33
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZfy1m5aPsSzUp+3Di4BhU9VMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNzEwMDUzNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNmJmNmY0NjkxOTViOThiNTc5Mjk2M2Y4MzEzNGVjMjllZjYxNTEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPEqUNFTNEtwHwSIQaifvnLf0icE
2QZGNqHxReor42wMgyh4fuYhc9o3Y3SCD4qDlf5U8LJGIKGU4Jo/O4Dk+8iuEC+M
mQQDT5kI+tOXSzvR3aiWvNXL22xSl6C7l5Nz6Ob0E3qyrjIwyR0z3DRGW6tYr/Es
ge9ikml7WhVf5dtsy0LrAH40KW0iHbXGMoE7FTjV79rrlPmk/OlBpmyYg+N/Oj+b
NSLUFfq6Jk3o6CW2T4RaDpF68WDoFB4Oe5ZhgQ0+vmTPY5hdJ92xpyd4/4Sckc4Y
Vb3rer9YLAXwi5FlFKkgvlBIV27VOYVKWiwkyyElOv6IluACsRt3sJ45EQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOa/b0aRlbmLV5KWP4MTTsKe9hUTMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNXI5dlJwR1Z1WXRYa3BZX2d4Tk93cDcyRlJNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQABbbAAwQB
H4Q0AwQAJP/VAwQALfg0AwQAXPkfAwQAXpq2AwQAZ4KyAwQAZ9IMMAwDBACTTs0D
BACTTs4DBACi2loDBAC5u9QDBAC5zc0DBADUPA8DBADZxakwDQYJKoZIhvcNAQEL
BQADggEBABTxEWsW+ose+4w/5/bstR825VcRGM4gGr3AScFYvAv3SjzRgc4HsKB6
BAn0FSHjykLB7UFhX+xUpdHL8PlDH/khyNDNQat6YXRMfiKg1sKfNktEr35VlLRy
E11ze2hB+dqoS0PIJAMhnggDty6W9v3yVcnKJ4AaEvjBORFxPz0jY2jC7GMyDZwm
9Ct2hlieLQOE7EORCw+5RjSrwBfBj4hq+zpsuYeJPrL6tkzNyKdXzhAxjD16fuL1
TlthmrrcOYANlKUx1R3HUhC4uzRopEpkpp1BUJHRm76VuZPeip1iYJrzb0c8Bt+F
hejxFXdl5rEo302KqZj+JPEGnoJgKjM=
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:05:32 2025 by rpki-client