Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/lHB6GUG9tuilyPUZ-PLVSWYnHoY.roa
File: lHB6GUG9tuilyPUZ-PLVSWYnHoY.roa (raw, json)
Hash identifier: Yz+D6XoxB1A0Y5z0UdLVnO5DkmnKnLGf5GEO6bsKFRk=
Subject key identifier: 94:70:7A:19:41:BD:B6:E8:A5:C8:F5:19:F8:F2:D5:49:66:27:1E:86
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0197E44518100A27A7499DF5EB0677782D91
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/lHB6GUG9tuilyPUZ-PLVSWYnHoY.roa
Signing time: Mon 07 Jul 2025 09:43:42 +0000
ROA not before: Mon 07 Jul 2025 09:43:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15723
IP address blocks: 5.178.4.0/22 maxlen: 22
5.178.4.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.9.0/24 maxlen: 24
5.178.10.0/24 maxlen: 24
5.178.11.0/24 maxlen: 24
5.178.12.0/22 maxlen: 22
5.178.12.0/24 maxlen: 24
5.178.13.0/24 maxlen: 24
5.178.14.0/24 maxlen: 24
5.178.15.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.100.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
62.217.128.0/19 maxlen: 19
62.217.128.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.130.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.132.0/24 maxlen: 24
62.217.133.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.135.0/24 maxlen: 24
62.217.136.0/24 maxlen: 24
62.217.137.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.139.0/24 maxlen: 24
62.217.140.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.143.0/24 maxlen: 24
62.217.144.0/24 maxlen: 24
62.217.145.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.150.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.152.0/24 maxlen: 24
62.217.153.0/24 maxlen: 24
62.217.154.0/24 maxlen: 24
62.217.155.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
109.205.208.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
188.64.8.0/24 maxlen: 24
188.64.9.0/24 maxlen: 24
188.64.10.0/24 maxlen: 24
188.64.11.0/24 maxlen: 24
188.64.12.0/22 maxlen: 22
188.64.12.0/24 maxlen: 24
188.64.13.0/24 maxlen: 24
188.64.14.0/24 maxlen: 24
188.64.15.0/24 maxlen: 24
2a00:48c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:45:18:10:0a:27:a7:49:9d:f5:eb:06:77:78:2d:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Jul 7 09:43:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=94707a1941bdb6e8a5c8f519f8f2d54966271e86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:9c:67:25:57:e4:a0:29:bd:10:15:9d:d2:a5:
03:78:00:10:88:32:3f:9e:c0:c3:7d:66:fb:b9:7e:
63:96:9d:68:00:6b:89:d2:01:2d:05:4d:c4:9f:87:
0c:79:d4:86:b3:db:cc:98:99:0a:68:7d:da:83:72:
4e:b6:bb:bf:f2:d8:2d:61:fc:7a:0f:22:ea:9f:b8:
f3:e0:a8:7a:f7:0c:09:25:aa:97:9b:ce:b5:09:b3:
84:a8:b2:2c:4e:1b:42:9e:f6:49:0f:27:f7:15:f3:
b3:ae:1a:48:a3:01:1b:32:fa:12:32:ab:3e:0d:29:
ee:84:b0:e5:02:f4:98:d9:f9:50:c8:85:a0:a8:a6:
70:b7:25:60:8b:e8:cd:ad:01:e3:a3:92:7e:ec:4c:
45:72:77:5a:d4:28:75:70:68:da:f4:ec:a1:1a:35:
d0:29:8b:04:9b:ae:e0:43:9d:95:be:7f:34:fa:ac:
0f:0a:a7:10:7b:8c:9d:56:bf:78:b2:80:b9:87:c0:
71:69:59:fe:6b:1b:74:4d:eb:d0:5a:69:8e:12:93:
83:1f:2f:93:26:7e:e2:08:33:c4:ae:30:a7:89:b2:
ac:c1:d7:1c:ce:17:14:72:97:ba:b3:b8:e8:4c:29:
a1:cb:92:bf:60:7e:ea:ef:ee:14:8c:47:f1:30:fc:
e1:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:70:7A:19:41:BD:B6:E8:A5:C8:F5:19:F8:F2:D5:49:66:27:1E:86
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/lHB6GUG9tuilyPUZ-PLVSWYnHoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
5.178.9.0-5.178.15.255
46.23.100.0/22
62.217.128.0/19
88.151.199.0/24
109.205.208.0/24
185.81.217.0/24
188.64.8.0/21
IPv6:
2a00:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
76:2e:49:55:80:54:7c:8d:f0:42:af:c5:0e:1c:b7:a0:d2:f1:
1b:59:71:aa:68:09:3b:40:49:9c:3a:f0:1f:8a:ca:ef:84:a1:
f5:9e:28:61:ca:25:27:32:93:1c:7b:f3:07:5c:ca:4e:9c:ea:
12:c6:49:a9:e5:2b:a7:09:52:2f:4e:49:c0:b9:46:24:5d:ab:
e6:e4:da:ae:f5:02:7c:04:88:f1:46:0a:ca:0e:48:d1:33:84:
8a:01:e4:9e:5c:41:fa:8c:0b:36:08:7b:83:04:6f:5c:2c:d8:
27:5c:5c:82:d3:6e:00:f7:cb:8e:fe:4a:11:35:a8:69:16:19:
15:a0:8a:83:66:eb:b5:ba:e2:59:b7:31:8d:ee:47:34:66:73:
02:75:37:ef:91:79:24:26:9c:1e:53:c3:66:d5:bf:05:09:29:
6f:c0:3c:0e:5b:37:2b:4e:6e:6f:04:1a:08:de:61:65:a7:2b:
f8:c8:11:80:ad:1f:3f:39:02:67:2c:ca:34:45:d0:b5:b4:70:
45:f8:89:45:5e:4a:66:5c:ee:59:d7:b4:14:c3:e3:e5:00:4b:
a1:ab:1f:21:1b:a8:ad:d9:74:3a:c1:91:aa:3a:99:86:7f:63:
e6:00:1a:e6:92:c2:c9:db:d6:ac:e0:04:78:6f:b0:67:16:ae:
5e:fd:27:29
-----BEGIN CERTIFICATE-----
MIIFPjCCBCagAwIBAgISAZfkRRgQCienSZ316wZ3eC2RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwNzA3MDk0MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDcwN2ExOTQxYmRiNmU4YTVjOGY1MTlmOGYyZDU0OTY2MjcxZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyJxnJVfkoCm9EBWd0qUDeAAQiDI/
nsDDfWb7uX5jlp1oAGuJ0gEtBU3En4cMedSGs9vMmJkKaH3ag3JOtru/8tgtYfx6
DyLqn7jz4Kh69wwJJaqXm861CbOEqLIsThtCnvZJDyf3FfOzrhpIowEbMvoSMqs+
DSnuhLDlAvSY2flQyIWgqKZwtyVgi+jNrQHjo5J+7ExFcnda1Ch1cGja9OyhGjXQ
KYsEm67gQ52Vvn80+qwPCqcQe4ydVr94soC5h8BxaVn+axt0TevQWmmOEpODHy+T
Jn7iCDPErjCnibKswdcczhcUcpe6s7joTCmhy5K/YH7q7+4UjEfxMPzhSwIDAQAB
o4ICSjCCAkYwHQYDVR0OBBYEFJRwehlBvbbopcj1Gfjy1UlmJx6GMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvbEhCNkdVRzl0dWlseVBVWi1QTFZTV1luSG9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGAGCCsGAQUFBwEHAQH/BFEwTzA+BAIAATA4AwQCBbIEMAwD
BAAFsgkDBAQFsgADBAIuF2QDBAU+2YADBABYl8cDBABtzdADBAC5UdkDBAO8QAgw
DQQCAAIwBwMFACoASMAwDQYJKoZIhvcNAQELBQADggEBAHYuSVWAVHyN8EKvxQ4c
t6DS8RtZcapoCTtASZw68B+Kyu+EofWeKGHKJScykxx78wdcyk6c6hLGSanlK6cJ
Ui9OScC5RiRdq+bk2q71AnwEiPFGCsoOSNEzhIoB5J5cQfqMCzYIe4MEb1ws2Cdc
XILTbgD3y47+ShE1qGkWGRWgioNm67W64lm3MY3uRzRmcwJ1N++ReSQmnB5Tw2bV
vwUJKW/APA5bNytObm8EGgjeYWWnK/jIEYCtHz85AmcsyjRF0LW0cEX4iUVeSmZc
7lnXtBTD4+UAS6GrHyEbqK3ZdDrBkao6mYZ/Y+YAGuaSwsnb1qzgBHhvsGcWrl79
Jyk=
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:27:30 2025 by rpki-client