Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/e0P4zqHajvo1XtAyySozyOucDY0.roa
File: e0P4zqHajvo1XtAyySozyOucDY0.roa (raw, json)
Hash identifier: uBYNOSzSg+Z80PXiuAGXfKeocd8WYWEry+iBGwq/1mk=
Subject key identifier: 7B:43:F8:CE:A1:DA:8E:FA:35:5E:D0:32:C9:2A:33:C8:EB:9C:0D:8D
Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Certificate serial: 019815E4B3115FD501F4B8CE5192B2CD1E0F
Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/e0P4zqHajvo1XtAyySozyOucDY0.roa
Signing time: Thu 17 Jul 2025 00:59:26 +0000
ROA not before: Thu 17 Jul 2025 00:59:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3188
IP address blocks: 5.2.80.0/24 maxlen: 24
5.2.81.0/24 maxlen: 24
5.2.82.0/24 maxlen: 24
5.2.83.0/24 maxlen: 24
5.2.84.0/24 maxlen: 24
5.2.85.0/24 maxlen: 24
5.2.86.0/24 maxlen: 24
5.2.87.0/24 maxlen: 24
185.8.32.0/24 maxlen: 24
185.8.33.0/24 maxlen: 24
185.8.34.0/24 maxlen: 24
185.8.35.0/24 maxlen: 24
185.8.128.0/24 maxlen: 24
185.8.129.0/24 maxlen: 24
185.8.130.0/24 maxlen: 24
185.8.131.0/24 maxlen: 24
185.67.121.0/24 maxlen: 24
185.150.128.0/24 maxlen: 24
185.150.129.0/24 maxlen: 24
185.150.130.0/24 maxlen: 24
185.150.131.0/24 maxlen: 24
193.31.118.0/24 maxlen: 24
2a02:d9c0::/29 maxlen: 29
2a04:b600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 30 Jul 2025 14:07:27 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:15:e4:b3:11:5f:d5:01:f4:b8:ce:51:92:b2:cd:1e:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Validity
Not Before: Jul 17 00:59:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b43f8cea1da8efa355ed032c92a33c8eb9c0d8d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:c4:ab:41:ba:3d:a7:89:5f:5a:f1:a4:c6:5d:
b6:49:39:e5:b0:3b:25:df:df:9c:f8:e4:00:d6:3e:
6d:44:02:65:82:ef:79:2d:88:69:81:69:93:7b:c1:
5d:3c:55:80:af:f1:49:98:8c:59:8d:44:e9:d8:da:
28:c5:01:7d:15:e7:76:74:bb:9e:6f:b8:71:53:55:
8c:bc:66:aa:df:d1:e6:89:8f:76:dd:ec:bb:d8:65:
a3:c3:8a:5c:62:8c:9f:cc:de:1c:e6:46:05:ec:0c:
9e:b9:61:f0:37:e3:8d:75:73:28:81:75:0b:45:ba:
86:58:d1:e6:9d:ed:8b:bf:3a:5c:d8:44:30:6e:10:
e3:54:09:05:88:ef:10:1e:19:35:56:3c:e0:90:50:
dd:b5:64:39:89:36:3c:50:0f:82:1d:eb:00:ef:e5:
37:2e:f2:6f:2d:36:f5:8c:a6:c4:73:29:65:94:7b:
c2:d4:9f:be:5c:de:bd:54:0b:1b:fd:a8:98:ac:23:
d6:67:40:a3:51:30:5d:12:70:c4:0b:dc:10:f1:62:
cc:a9:7f:a9:b3:bb:3f:5e:a4:04:79:d3:b2:bf:78:
d7:90:f4:62:55:4a:c4:38:55:91:e9:8c:90:fd:4f:
2e:64:68:b4:57:a1:5e:c6:a5:b3:80:e3:9b:19:38:
21:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:43:F8:CE:A1:DA:8E:FA:35:5E:D0:32:C9:2A:33:C8:EB:9C:0D:8D
X509v3 Authority Key Identifier:
keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/e0P4zqHajvo1XtAyySozyOucDY0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.80.0/21
185.8.32.0/22
185.8.128.0/22
185.67.121.0/24
185.150.128.0/22
193.31.118.0/24
IPv6:
2a02:d9c0::/29
2a04:b600::/29
Signature Algorithm: sha256WithRSAEncryption
4b:db:3c:d9:07:3b:95:27:cc:1c:80:c7:2e:0b:d3:a8:c1:02:
0b:c9:78:62:9e:b2:f4:e7:c1:88:a4:ad:6b:e7:f4:f2:ac:cc:
c2:55:98:b7:03:cb:65:be:4d:d4:a8:5d:6a:fd:71:c1:10:e5:
02:71:02:f1:ea:8c:28:10:89:18:16:ea:cb:3c:13:ea:65:ab:
5d:81:63:cd:db:be:f9:93:5a:75:55:0e:93:32:d0:ea:c4:ee:
e2:e0:bc:09:f7:ea:2c:63:af:90:e7:0c:05:fc:6b:95:2a:34:
93:1f:17:31:64:01:ee:f0:ca:cb:ff:34:39:69:bf:a5:3c:e4:
54:f2:50:be:ea:1e:8c:c2:7f:4b:6d:7e:cb:ff:83:b5:29:8b:
27:05:7d:48:84:74:5d:31:f4:7e:8e:0c:5b:a5:c0:e2:af:c2:
58:c0:03:51:26:70:3a:aa:2f:40:94:16:de:52:8f:fe:8e:7b:
94:6f:68:8d:85:a9:2c:a1:d3:f9:60:93:e3:cc:0f:14:d4:aa:
de:62:72:c5:e0:e7:d7:af:e8:1c:a4:47:44:42:22:dc:f1:a1:
1e:5a:c9:a1:86:94:0d:71:a8:d8:91:f9:98:83:2f:0a:ae:f4:
ca:11:11:07:af:f4:a2:08:d4:33:94:14:00:3c:14:00:56:54:
8f:5a:1f:e4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZgV5LMRX9UB9LjOUZKyzR4PMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj
MjY0MzAwHhcNMjUwNzE3MDA1OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjQzZjhjZWExZGE4ZWZhMzU1ZWQwMzJjOTJhMzNjOGViOWMwZDhkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAusSrQbo9p4lfWvGkxl22STnlsDsl
39+c+OQA1j5tRAJlgu95LYhpgWmTe8FdPFWAr/FJmIxZjUTp2NooxQF9Fed2dLue
b7hxU1WMvGaq39HmiY923ey72GWjw4pcYoyfzN4c5kYF7AyeuWHwN+ONdXMogXUL
RbqGWNHmne2Lvzpc2EQwbhDjVAkFiO8QHhk1VjzgkFDdtWQ5iTY8UA+CHesA7+U3
LvJvLTb1jKbEcylllHvC1J++XN69VAsb/aiYrCPWZ0CjUTBdEnDEC9wQ8WLMqX+p
s7s/XqQEedOyv3jXkPRiVUrEOFWR6YyQ/U8uZGi0V6FexqWzgOObGTghXwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFHtD+M6h2o76NV7QMskqM8jrnA2NMB8GA1UdIwQY
MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt
ZmY2MGUyMThlZDQxLzEvZTBQNHpxSGFqdm8xWHRBeXlTb3p5T3VjRFkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx
LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDBQJQAwQC
uQggAwQCuQiAAwQAuUN5AwQCuZaAAwQAwR92MBQEAgACMA4DBQMqAtnAAwUDKgS2
ADANBgkqhkiG9w0BAQsFAAOCAQEAS9s82Qc7lSfMHIDHLgvTqMECC8l4Yp6y9OfB
iKSta+f08qzMwlWYtwPLZb5N1Khdav1xwRDlAnEC8eqMKBCJGBbqyzwT6mWrXYFj
zdu++ZNadVUOkzLQ6sTu4uC8CffqLGOvkOcMBfxrlSo0kx8XMWQB7vDKy/80OWm/
pTzkVPJQvuoejMJ/S21+y/+DtSmLJwV9SIR0XTH0fo4MW6XA4q/CWMADUSZwOqov
QJQW3lKP/o57lG9ojYWpLKHT+WCT48wPFNSq3mJyxeDn16/oHKRHREIi3PGhHlrJ
oYaUDXGo2JH5mIMvCq70yhERB6/0ogjUM5QUADwUAFZUj1of5A==
-----END CERTIFICATE-----
Generated at Tue Jul 29 19:03:25 2025 by rpki-client