Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4X-sy_5bwnr4Yb2PpseI4JPWn-Y.roa
File: 4X-sy_5bwnr4Yb2PpseI4JPWn-Y.roa (raw, json)
Hash identifier: OJZmgcrnPlVuHBKJ32Dxr4e1lgYdPPxzuOrh3b4Gmz4=
Subject key identifier: E1:7F:AC:CB:FE:5B:C2:7A:F8:61:BD:8F:A6:C7:88:E0:93:D6:9F:E6
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0198E1CCFFAB21DAC36063DA47AFE893E535
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4X-sy_5bwnr4Yb2PpseI4JPWn-Y.roa
Signing time: Mon 25 Aug 2025 15:16:05 +0000
ROA not before: Mon 25 Aug 2025 15:16:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.231.71.0/24 maxlen: 24
5.231.74.0/24 maxlen: 24
5.231.92.0/24 maxlen: 24
5.231.107.0/24 maxlen: 24
5.231.109.0/24 maxlen: 24
5.231.116.0/24 maxlen: 24
5.231.241.0/24 maxlen: 24
5.231.253.0/24 maxlen: 24
94.249.190.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
94.249.238.0/24 maxlen: 24
94.249.239.0/24 maxlen: 24
94.249.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:e1:cc:ff:ab:21:da:c3:60:63:da:47:af:e8:93:e5:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 25 15:16:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e17faccbfe5bc27af861bd8fa6c788e093d69fe6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:de:42:bf:af:07:35:56:05:a4:fe:ad:da:a2:
f4:ce:4f:fb:a4:ac:e5:2f:bb:39:9f:db:26:06:d9:
01:76:c1:c9:49:b3:b1:af:89:b0:b3:95:74:7f:e2:
de:d5:76:0d:2c:cf:05:54:e1:10:7b:93:ad:89:38:
04:b6:6f:b2:6c:7a:db:35:04:d2:a1:2e:2c:45:40:
2e:61:25:20:ea:f5:6e:fa:c1:9d:89:e8:3d:ea:3e:
7b:da:bc:be:d7:2e:e5:6c:7d:67:a3:ac:13:e8:13:
b4:01:a6:48:83:3d:fb:ce:51:1b:24:0c:ae:71:20:
c8:8f:94:86:b3:a8:2e:2e:8b:6a:f0:f5:4e:13:34:
8c:ab:46:89:75:3a:71:87:af:fd:0b:49:4f:05:28:
36:e0:51:a4:63:c0:15:71:77:10:8f:aa:84:c0:4d:
33:f1:90:6e:53:a2:d9:d4:c2:02:44:7a:9d:88:e3:
bb:9f:39:09:fd:c1:63:f9:92:8e:a2:8f:a2:ba:44:
12:e7:e7:17:b9:e1:14:35:1c:77:20:b0:85:9e:da:
0b:70:b0:0c:cc:8e:f9:71:bb:8c:1c:0d:ee:8f:11:
44:d3:aa:cb:9f:c5:a6:36:fb:2e:24:e0:83:fd:43:
d1:39:b3:52:5e:0f:19:ca:14:79:d5:a9:06:38:6f:
e9:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E1:7F:AC:CB:FE:5B:C2:7A:F8:61:BD:8F:A6:C7:88:E0:93:D6:9F:E6
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4X-sy_5bwnr4Yb2PpseI4JPWn-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.71.0/24
5.231.74.0/24
5.231.92.0/24
5.231.107.0/24
5.231.109.0/24
5.231.116.0/24
5.231.241.0/24
5.231.253.0/24
94.249.190.0/24
94.249.195.0/24
94.249.230.0/24
94.249.238.0/23
94.249.245.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:a1:e8:16:4e:05:c5:41:f6:98:7e:90:3d:d0:ca:ae:4d:88:
75:bd:f1:77:49:13:3b:8f:43:79:ff:96:ed:2d:83:fb:65:c1:
e9:4d:45:36:15:12:9c:10:4d:7c:ca:d7:e7:43:34:58:24:f7:
7e:c6:a1:85:b9:59:96:be:ad:ac:6a:e8:ff:6f:87:db:59:a7:
3d:de:ff:c3:ad:b7:dc:d1:09:b6:3e:51:84:67:88:82:b2:85:
f2:0e:33:ed:a0:ff:47:58:a9:b1:99:b9:f9:ff:10:a5:ff:7f:
67:59:98:9c:98:01:9b:d6:d1:a1:ef:1c:ab:6e:db:fe:63:63:
0a:f4:9a:89:46:99:7c:bd:91:77:2f:35:0e:06:6c:4b:0a:77:
ce:14:1e:2f:08:18:93:2a:c9:51:e1:ff:70:7d:5b:e0:d2:46:
69:b3:60:bf:18:61:d1:61:95:cd:9b:9f:4e:40:7b:78:75:11:
86:d5:f9:4e:1d:ef:f1:f7:e0:78:7a:af:03:56:d3:f0:7b:a1:
de:98:6b:94:f4:f6:1d:13:82:de:29:35:a6:da:94:54:df:64:
42:5a:0f:d7:ae:87:0a:8b:a0:d0:40:6b:bd:1f:3f:dc:06:ac:
8b:4c:ab:6b:e7:7f:4f:e2:4c:d2:0d:14:e3:0e:63:5e:ca:53:
cb:8a:79:31
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZjhzP+rIdrDYGPaR6/ok+U1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwODI1MTUxNjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMTdmYWNjYmZlNWJjMjdhZjg2MWJkOGZhNmM3ODhlMDkzZDY5ZmU2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArN5Cv68HNVYFpP6t2qL0zk/7pKzl
L7s5n9smBtkBdsHJSbOxr4mws5V0f+Le1XYNLM8FVOEQe5OtiTgEtm+ybHrbNQTS
oS4sRUAuYSUg6vVu+sGdieg96j572ry+1y7lbH1no6wT6BO0AaZIgz37zlEbJAyu
cSDIj5SGs6guLotq8PVOEzSMq0aJdTpxh6/9C0lPBSg24FGkY8AVcXcQj6qEwE0z
8ZBuU6LZ1MICRHqdiOO7nzkJ/cFj+ZKOoo+iukQS5+cXueEUNRx3ILCFntoLcLAM
zI75cbuMHA3ujxFE06rLn8WmNvsuJOCD/UPRObNSXg8ZyhR51akGOG/pawIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFOF/rMv+W8J6+GG9j6bHiOCT1p/mMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNFgtc3lfNWJ3bnI0WWIyUHBzZUk0SlBXbi1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABedHAwQA
BedKAwQABedcAwQABedrAwQABedtAwQABed0AwQABefxAwQABef9AwQAXvm+AwQA
XvnDAwQAXvnmAwQBXvnuAwQAXvn1MA0GCSqGSIb3DQEBCwUAA4IBAQCooegWTgXF
QfaYfpA90MquTYh1vfF3SRM7j0N5/5btLYP7ZcHpTUU2FRKcEE18ytfnQzRYJPd+
xqGFuVmWvq2sauj/b4fbWac93v/Drbfc0Qm2PlGEZ4iCsoXyDjPtoP9HWKmxmbn5
/xCl/39nWZicmAGb1tGh7xyrbtv+Y2MK9JqJRpl8vZF3LzUOBmxLCnfOFB4vCBiT
KslR4f9wfVvg0kZps2C/GGHRYZXNm59OQHt4dRGG1flOHe/x9+B4eq8DVtPwe6He
mGuU9PYdE4LeKTWm2pRU32RCWg/XrocKi6DQQGu9Hz/cBqyLTKtr539P4kzSDRTj
DmNeylPLinkx
-----END CERTIFICATE-----
Generated at Sat Sep 6 08:05:56 2025 by rpki-client