Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLeTX2mDyZywGxWENlzbh31YjEk.roa
File: tLeTX2mDyZywGxWENlzbh31YjEk.roa (raw, json)
Hash identifier: oJWFgj144bSQKh5Erjef6SB52VX9Hcmd1SlOzzWkJpU=
Subject key identifier: B4:B7:93:5F:69:83:C9:9C:B0:1B:15:84:36:5C:DB:87:7D:58:8C:49
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01981E069A06A3560E45BD87E0764F61642A
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLeTX2mDyZywGxWENlzbh31YjEk.roa
Signing time: Fri 18 Jul 2025 14:53:25 +0000
ROA not before: Fri 18 Jul 2025 14:53:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.182.185.0/24 maxlen: 24
5.182.196.0/24 maxlen: 24
5.182.197.0/24 maxlen: 24
78.31.205.0/24 maxlen: 24
79.98.183.0/24 maxlen: 24
92.249.29.0/24 maxlen: 24
94.154.171.0/24 maxlen: 24
94.154.178.0/24 maxlen: 24
103.130.176.0/24 maxlen: 24
103.130.177.0/24 maxlen: 24
103.210.13.0/24 maxlen: 24
103.210.14.0/24 maxlen: 24
103.210.15.0/24 maxlen: 24
103.216.198.0/24 maxlen: 24
104.232.36.0/24 maxlen: 24
147.78.207.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.138.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.190.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.198.89.0/24 maxlen: 24
185.198.90.0/24 maxlen: 24
185.198.91.0/24 maxlen: 24
185.201.42.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.153.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
185.253.120.0/24 maxlen: 24
185.253.121.0/24 maxlen: 24
192.145.70.0/24 maxlen: 24
212.60.13.0/24 maxlen: 24
2a0a:8f40:3::/48 maxlen: 48
2a0a:8f40:7::/48 maxlen: 48
2a0a:8f40:8::/48 maxlen: 48
2a0a:8f40:9::/48 maxlen: 48
2a0a:8f40:a::/48 maxlen: 48
2a0a:8f40:b::/48 maxlen: 48
2a0a:8f40:c::/48 maxlen: 48
2a0a:8f40:1c::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 02:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:1e:06:9a:06:a3:56:0e:45:bd:87:e0:76:4f:61:64:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Jul 18 14:53:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b4b7935f6983c99cb01b1584365cdb877d588c49
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:30:08:3a:4d:73:fb:eb:0b:72:8e:48:fc:ed:
18:5f:dd:f4:d5:03:45:d6:32:7b:0f:ba:ec:eb:f1:
b0:cc:ce:ff:db:16:e6:64:f8:5f:69:67:87:05:7d:
22:89:41:e6:35:c5:46:13:c2:5f:ad:f4:fd:c0:a0:
72:04:a3:3c:17:1b:8c:60:90:12:57:d6:ea:1e:fb:
56:b0:f5:65:60:e0:c4:74:b2:10:4c:9f:4d:0d:1f:
a3:d8:11:23:4e:e1:e6:f6:17:98:74:53:34:eb:8a:
2c:56:76:3a:22:29:73:9d:79:91:83:33:d6:df:ed:
00:d3:43:f4:fe:99:ab:a3:86:c8:14:eb:98:35:d0:
f1:fa:8f:8a:31:34:1c:86:ff:3e:fa:72:05:a0:41:
0c:c6:53:0b:88:bd:28:27:d6:e3:c7:fe:82:2a:dc:
ae:97:63:9d:0d:cf:6b:4e:3b:ce:b0:c7:81:a8:5a:
7e:e1:3d:ff:03:fe:68:f7:15:a6:0b:e2:31:be:22:
59:81:a0:6e:c5:70:e0:a3:4d:d4:28:83:d6:a3:0b:
9e:4d:20:09:27:16:55:03:d4:08:af:80:d7:40:85:
12:43:78:fb:bd:86:c6:9e:d1:14:d2:b9:a1:b5:c8:
04:85:a9:99:f9:9b:5d:40:04:0e:76:da:98:4f:94:
57:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B4:B7:93:5F:69:83:C9:9C:B0:1B:15:84:36:5C:DB:87:7D:58:8C:49
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/tLeTX2mDyZywGxWENlzbh31YjEk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.185.0/24
5.182.196.0/23
78.31.205.0/24
79.98.183.0/24
92.249.29.0/24
94.154.171.0/24
94.154.178.0/24
103.130.176.0/23
103.210.13.0-103.210.15.255
103.216.198.0/24
104.232.36.0/24
147.78.207.0/24
162.218.93.0/24
185.52.138.0/23
185.161.190.0/24
185.187.214.0/23
185.198.89.0-185.198.91.255
185.201.42.0/24
185.208.152.0-185.208.154.255
185.230.121.0/24
185.253.120.0/23
192.145.70.0/24
212.60.13.0/24
IPv6:
2a0a:8f40:3::/48
2a0a:8f40:7::-2a0a:8f40:c:ffff:ffff:ffff:ffff:ffff
2a0a:8f40:1c::/48
Signature Algorithm: sha256WithRSAEncryption
87:57:92:1d:36:13:de:7c:94:31:01:33:47:d8:e0:3e:1f:be:
d2:86:b8:95:1c:ef:36:f0:8d:58:2d:40:86:30:a6:0e:d2:f7:
e2:69:87:a9:f4:29:89:92:bd:1b:3f:a3:bb:8c:6f:74:16:e3:
34:69:8f:e5:7f:86:5d:8a:7a:d4:8c:f7:61:8d:8c:20:32:8b:
a7:e8:a9:26:83:74:81:e6:ed:16:15:72:39:9b:fc:1a:a1:19:
4c:86:d3:bc:4c:49:cb:72:d6:f9:6b:be:17:35:a6:fb:a6:6a:
a3:f9:f5:8f:fb:ed:86:86:a4:56:47:ff:fd:95:dd:04:d9:84:
d6:f2:6b:61:c2:1e:1e:2b:5e:07:19:21:95:15:ac:35:85:f7:
2b:74:fd:c8:cd:08:07:92:57:b2:d1:06:99:cc:8d:11:87:2f:
e3:e2:c4:76:45:6b:da:66:42:08:bf:93:07:6c:96:13:c3:11:
2c:2c:15:6b:36:82:54:8b:91:03:46:ee:36:91:4e:aa:a9:ca:
bd:22:30:cf:b3:ca:12:62:97:19:be:83:9e:5a:1f:2b:9c:79:
44:51:55:8b:1e:af:69:23:1f:71:2f:66:ba:96:24:93:23:8a:
5c:a0:91:f6:4e:d8:0b:35:2d:10:6a:c9:33:36:3e:ae:bf:42:
b0:94:0e:16
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZgeBpoGo1YORb2H4HZPYWQqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwNzE4MTQ1MzI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNGI3OTM1ZjY5ODNjOTljYjAxYjE1ODQzNjVjZGI4NzdkNTg4YzQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArDAIOk1z++sLco5I/O0YX9301QNF
1jJ7D7rs6/GwzM7/2xbmZPhfaWeHBX0iiUHmNcVGE8JfrfT9wKByBKM8FxuMYJAS
V9bqHvtWsPVlYODEdLIQTJ9NDR+j2BEjTuHm9heYdFM064osVnY6IilznXmRgzPW
3+0A00P0/pmro4bIFOuYNdDx+o+KMTQchv8++nIFoEEMxlMLiL0oJ9bjx/6CKtyu
l2OdDc9rTjvOsMeBqFp+4T3/A/5o9xWmC+IxviJZgaBuxXDgo03UKIPWowueTSAJ
JxZVA9QIr4DXQIUSQ3j7vYbGntEU0rmhtcgEhamZ+ZtdQAQOdtqYT5RXTQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFLS3k19pg8mcsBsVhDZc24d9WIxJMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvdExlVFgybUR5Wnl3R3hXRU5semJoMzFZakVrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBqQQCAAEwgaIDBAAF
trkDBAEFtsQDBABOH80DBABPYrcDBABc+R0DBABemqsDBABemrIDBAFngrAwDAME
AGfSDQMEBGfSAAMEAGfYxgMEAGjoJAMEAJNOzwMEAKLaXQMEAbk0igMEALmhvgME
Abm71jAMAwQAucZZAwQCucZYAwQAuckqMAwDBAO50JgDBAC50JoDBAC55nkDBAG5
/XgDBADAkUYDBADUPA0wLAQCAAIwJgMHACoKj0AAAzASAwcAKgqPQAAHAwcAKgqP
QAAMAwcAKgqPQAAcMA0GCSqGSIb3DQEBCwUAA4IBAQCHV5IdNhPefJQxATNH2OA+
H77ShriVHO828I1YLUCGMKYO0vfiaYep9CmJkr0bP6O7jG90FuM0aY/lf4ZdinrU
jPdhjYwgMoun6Kkmg3SB5u0WFXI5m/waoRlMhtO8TEnLctb5a74XNab7pmqj+fWP
++2GhqRWR//9ld0E2YTW8mthwh4eK14HGSGVFaw1hfcrdP3IzQgHkley0QaZzI0R
hy/j4sR2RWvaZkIIv5MHbJYTwxEsLBVrNoJUi5EDRu42kU6qqcq9IjDPs8oSYpcZ
voOeWh8rnHlEUVWLHq9pIx9xL2a6liSTI4pcoJH2TtgLNS0QaskzNj6uv0KwlA4W
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:19:04 2025 by rpki-client