Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/S5Vx_PwhrUdn6uSPv9B8Pl8fWZ4.roa
File: S5Vx_PwhrUdn6uSPv9B8Pl8fWZ4.roa (raw, json)
Hash identifier: XmpSvZLR/cpO3PqSr4aJClVLTWeNmz7xYTDZX7wuFYc=
Subject key identifier: 4B:95:71:FC:FC:21:AD:47:67:EA:E4:8F:BF:D0:7C:3E:5F:1F:59:9E
Certificate issuer: /CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Certificate serial: 019914ECE7CA326E0400EC0ABE073EEBB584
Authority key identifier: 29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/S5Vx_PwhrUdn6uSPv9B8Pl8fWZ4.roa
Signing time: Thu 04 Sep 2025 13:31:34 +0000
ROA not before: Thu 04 Sep 2025 13:31:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31898
IP address blocks: 85.239.153.0/24 maxlen: 24
85.239.159.0/24 maxlen: 24
92.62.250.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.mft
rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:01:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:ec:e7:ca:32:6e:04:00:ec:0a:be:07:3e:eb:b5:84
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=29d2daff1c5bb61a0ac8b3caead4b8a1fa284d0f
Validity
Not Before: Sep 4 13:31:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b9571fcfc21ad4767eae48fbfd07c3e5f1f599e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:73:5f:77:6b:5a:24:ee:9e:d3:65:e3:85:a4:
90:fe:27:44:49:e7:89:41:10:99:28:58:f5:4b:fd:
1b:3a:63:80:cd:cf:f1:61:43:02:96:90:cf:33:be:
ee:39:82:fe:fb:7a:7f:3c:55:08:ca:6a:71:d3:4a:
74:04:3f:20:4e:a1:a2:5c:7e:68:e2:42:f5:3f:ae:
8e:ca:5d:a4:ba:06:80:19:74:46:22:1d:1a:ea:3a:
b3:cd:98:0f:53:18:c4:a4:ea:2a:8c:a3:37:4f:b9:
a2:91:f6:d2:a4:6c:5a:bb:42:48:c3:0e:db:58:67:
80:ee:ba:ad:b4:9c:4f:7e:11:dc:c2:50:8b:57:a0:
c4:c3:27:a7:f7:5d:aa:ae:13:4a:7b:66:9c:14:0c:
bd:0f:90:c3:09:5f:3d:00:ed:fc:29:31:24:2c:6d:
5e:15:0d:d6:df:8d:03:60:ae:7a:cf:bf:60:96:6f:
a7:5e:78:88:c5:eb:13:b0:51:1a:94:32:9c:b1:5a:
aa:48:c2:e0:97:37:ef:92:2e:6d:ad:d9:49:43:29:
41:da:7a:a9:0d:03:82:9d:54:59:4b:e0:c3:54:28:
31:b2:51:34:ee:6a:29:45:cf:ae:e0:46:0a:ce:44:
60:8a:f9:7d:5a:5f:86:0f:28:b7:31:96:89:83:9b:
be:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:95:71:FC:FC:21:AD:47:67:EA:E4:8F:BF:D0:7C:3E:5F:1F:59:9E
X509v3 Authority Key Identifier:
keyid:29:D2:DA:FF:1C:5B:B6:1A:0A:C8:B3:CA:EA:D4:B8:A1:FA:28:4D:0F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KdLa_xxbthoKyLPK6tS4ofooTQ8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/S5Vx_PwhrUdn6uSPv9B8Pl8fWZ4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/07/e5ea98-9601-4add-a7f8-4f57d9cf5caa/1/KdLa_xxbthoKyLPK6tS4ofooTQ8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.239.153.0/24
85.239.159.0/24
92.62.250.0/24
Signature Algorithm: sha256WithRSAEncryption
72:a6:6c:3a:0e:f0:b8:1c:55:fe:5b:7b:95:ff:b4:82:af:e9:
9a:6d:ef:a2:2f:64:13:aa:cb:89:a0:2f:65:a9:b1:4e:7a:c5:
70:a3:99:28:f1:83:3c:ee:52:45:02:46:ae:18:d6:c7:02:9c:
ca:75:ae:d2:09:16:52:14:bf:4c:bb:45:d8:7b:b3:69:c4:91:
97:c2:22:4a:85:4f:be:08:28:fa:dd:fd:7f:a2:7f:c8:95:b0:
10:78:cc:01:f4:61:a3:cf:71:85:2c:94:2f:c9:f2:66:94:1e:
d6:68:02:a5:7a:ad:cb:49:47:14:93:63:38:7c:6a:7d:03:44:
b6:d8:2b:27:0e:86:47:2a:6d:89:ed:e1:76:97:1e:5e:92:f2:
82:18:22:47:48:06:a8:3b:d5:e8:3a:dd:4f:45:f0:89:30:d5:
8f:10:2e:ba:8d:b3:f7:fc:f8:ac:58:88:af:9c:ed:b6:ed:a0:
62:1d:19:1a:c9:15:63:54:ef:59:2b:e8:f5:90:5e:c1:23:86:
9b:08:11:7f:bf:f4:c6:23:4e:46:75:b8:2e:a1:15:af:c2:5c:
3b:2e:1a:20:3f:26:20:85:fc:af:04:9a:c8:31:43:cb:49:32:
d0:4d:37:98:f8:12:c0:7d:a7:36:85:b2:11:e3:d1:bf:97:af:
36:d9:89:d3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkU7OfKMm4EAOwKvgc+67WEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5ZDJkYWZmMWM1YmI2MWEwYWM4YjNjYWVhZDRiOGExZmEy
ODRkMGYwHhcNMjUwOTA0MTMzMTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjk1NzFmY2ZjMjFhZDQ3NjdlYWU0OGZiZmQwN2MzZTVmMWY1OTllMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwXNfd2taJO6e02XjhaSQ/idESeeJ
QRCZKFj1S/0bOmOAzc/xYUMClpDPM77uOYL++3p/PFUIympx00p0BD8gTqGiXH5o
4kL1P66Oyl2kugaAGXRGIh0a6jqzzZgPUxjEpOoqjKM3T7mikfbSpGxau0JIww7b
WGeA7rqttJxPfhHcwlCLV6DEwyen912qrhNKe2acFAy9D5DDCV89AO38KTEkLG1e
FQ3W340DYK56z79glm+nXniIxesTsFEalDKcsVqqSMLglzfvki5trdlJQylB2nqp
DQOCnVRZS+DDVCgxslE07mopRc+u4EYKzkRgivl9Wl+GDyi3MZaJg5u+RwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFEuVcfz8Ia1HZ+rkj7/QfD5fH1meMB8GA1UdIwQY
MBaAFCnS2v8cW7YaCsizyurUuKH6KE0PMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3Zjgt
NGY1N2Q5Y2Y1Y2FhLzEvUzVWeF9Qd2hyVWRuNnVTUHY5QjhQbDhmV1o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNy9lNWVhOTgtOTYwMS00YWRkLWE3ZjgtNGY1N2Q5Y2Y1Y2Fh
LzEvS2RMYV94eGJ0aG9LeUxQSzZ0UzRvZm9vVFE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAVe+ZAwQA
Ve+fAwQAXD76MA0GCSqGSIb3DQEBCwUAA4IBAQBypmw6DvC4HFX+W3uV/7SCr+ma
be+iL2QTqsuJoC9lqbFOesVwo5ko8YM87lJFAkauGNbHApzKda7SCRZSFL9Mu0XY
e7NpxJGXwiJKhU++CCj63f1/on/IlbAQeMwB9GGjz3GFLJQvyfJmlB7WaAKleq3L
SUcUk2M4fGp9A0S22CsnDoZHKm2J7eF2lx5ekvKCGCJHSAaoO9XoOt1PRfCJMNWP
EC66jbP3/PisWIivnO227aBiHRkayRVjVO9ZK+j1kF7BI4abCBF/v/TGI05Gdbgu
oRWvwlw7LhogPyYghfyvBJrIMUPLSTLQTTeY+BLAfac2hbIR49G/l6822YnT
-----END CERTIFICATE-----
Generated at Sat Sep 6 17:09:25 2025 by rpki-client