Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/E5lP18ybHMTHTnPo0M0LIgPaYUo.roa
File: E5lP18ybHMTHTnPo0M0LIgPaYUo.roa (raw, json)
Hash identifier: YCZh/ekLx0cpTY4qWcdCoc57O+gA2agdNfcO7UjD4OY=
Subject key identifier: 13:99:4F:D7:CC:9B:1C:C4:C7:4E:73:E8:D0:CD:0B:22:03:DA:61:4A
Certificate issuer: /CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Certificate serial: 0198F03FB7FF5F0974B2012B2C68EE014CE6
Authority key identifier: C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/E5lP18ybHMTHTnPo0M0LIgPaYUo.roa
Signing time: Thu 28 Aug 2025 10:36:04 +0000
ROA not before: Thu 28 Aug 2025 10:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212598
IP address blocks: 185.254.29.0/24 maxlen: 24
185.254.236.0/24 maxlen: 24
185.254.239.0/24 maxlen: 24
193.35.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f0:3f:b7:ff:5f:09:74:b2:01:2b:2c:68:ee:01:4c:e6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c616c4195152effedbf7b3afee2aa72e19090e4d
Validity
Not Before: Aug 28 10:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=13994fd7cc9b1cc4c74e73e8d0cd0b2203da614a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:a7:53:5a:38:eb:db:03:dc:66:87:48:dc:2b:
64:82:af:33:ff:b1:5e:56:b4:0e:9d:d0:35:f7:3d:
b3:84:44:5d:1a:e9:b2:f9:82:c9:50:5d:bc:cf:68:
cd:5c:bd:e1:27:af:6b:1b:f5:46:b3:12:24:57:ee:
ae:46:d3:45:af:02:92:ef:4f:7e:db:e8:32:42:f9:
50:a4:47:56:c8:aa:41:ad:03:97:73:28:30:8d:34:
e5:1d:54:22:96:5e:01:72:9a:7d:61:92:de:38:81:
1d:cc:08:55:1e:71:d3:c8:c3:30:85:04:9b:62:f2:
5b:d9:7d:7a:82:a0:9e:6b:cd:63:ab:85:9a:48:18:
94:e7:fb:2c:a2:14:ed:1b:dd:d1:88:b9:6b:04:5e:
f4:2d:6d:ef:e5:90:4d:9a:13:c7:90:ef:68:72:51:
82:e9:44:89:7c:6b:09:15:59:db:e6:5a:19:6a:20:
48:f1:ea:a8:99:95:17:60:28:79:0e:b6:2a:22:f5:
a6:06:bd:60:75:8a:74:5f:72:c3:9e:0e:f7:8a:3d:
a6:5f:9f:ab:a3:55:0b:89:2d:7c:65:9b:53:db:f5:
7a:76:41:32:45:4b:3d:ce:25:ae:26:af:0b:30:59:
f8:b1:c6:24:37:10:54:be:95:e3:41:b8:52:7f:02:
84:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:99:4F:D7:CC:9B:1C:C4:C7:4E:73:E8:D0:CD:0B:22:03:DA:61:4A
X509v3 Authority Key Identifier:
keyid:C6:16:C4:19:51:52:EF:FE:DB:F7:B3:AF:EE:2A:A7:2E:19:09:0E:4D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xhbEGVFS7_7b97Ov7iqnLhkJDk0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/E5lP18ybHMTHTnPo0M0LIgPaYUo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/47/ad6521-d3a9-4b13-be69-39fdb986f059/1/xhbEGVFS7_7b97Ov7iqnLhkJDk0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.254.29.0/24
185.254.236.0/24
185.254.239.0/24
193.35.152.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:ae:7d:b8:ae:16:e1:9f:39:b8:93:ff:fb:1c:89:7d:a9:8a:
e3:24:19:c9:03:6d:86:89:01:f2:cf:ac:65:45:dd:a8:b0:f3:
ac:9a:84:4f:71:1f:1b:e4:25:d8:c4:7b:00:21:05:5d:e0:0a:
4d:35:c9:da:43:97:cc:7e:a5:9b:f2:30:b9:52:eb:6e:62:c1:
74:6a:4e:2d:86:fd:f2:71:63:90:31:22:dd:92:e5:ba:7c:82:
c4:e0:95:2a:6d:27:4e:32:b8:f0:b6:ca:50:63:8d:8e:71:77:
f3:6d:68:55:22:d4:73:95:f1:83:f8:91:7e:1d:b8:30:16:32:
40:f3:fd:e8:bd:73:8c:e5:22:13:e4:34:94:0c:18:3e:c7:38:
cd:c7:d5:eb:29:9b:c3:9b:8f:d9:64:d7:67:8f:3d:3e:81:67:
f3:dd:96:39:4b:d1:5a:5c:db:50:98:60:02:83:93:51:f9:95:
d6:b1:c6:34:12:4e:7e:be:2d:8d:1a:52:ca:cb:9d:75:7a:92:
7f:19:15:92:dd:8f:14:e1:c4:ed:c6:86:29:0c:db:d2:49:35:
9a:8f:ad:2d:f9:fc:a8:1b:47:e6:35:f0:69:8a:3d:7d:ed:e7:
a7:22:6e:27:0a:cd:87:4c:b8:10:0a:c9:ca:54:ad:5c:1f:cf:
0c:06:43:a6
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZjwP7f/Xwl0sgErLGjuAUzmMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2MTZjNDE5NTE1MmVmZmVkYmY3YjNhZmVlMmFhNzJlMTkw
OTBlNGQwHhcNMjUwODI4MTAzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzk5NGZkN2NjOWIxY2M0Yzc0ZTczZThkMGNkMGIyMjAzZGE2MTRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwadTWjjr2wPcZodI3Ctkgq8z/7Fe
VrQOndA19z2zhERdGumy+YLJUF28z2jNXL3hJ69rG/VGsxIkV+6uRtNFrwKS709+
2+gyQvlQpEdWyKpBrQOXcygwjTTlHVQill4Bcpp9YZLeOIEdzAhVHnHTyMMwhQSb
YvJb2X16gqCea81jq4WaSBiU5/ssohTtG93RiLlrBF70LW3v5ZBNmhPHkO9oclGC
6USJfGsJFVnb5loZaiBI8eqomZUXYCh5DrYqIvWmBr1gdYp0X3LDng73ij2mX5+r
o1ULiS18ZZtT2/V6dkEyRUs9ziWuJq8LMFn4scYkNxBUvpXjQbhSfwKEswIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFBOZT9fMmxzEx05z6NDNCyID2mFKMB8GA1UdIwQY
MBaAFMYWxBlRUu/+2/ezr+4qpy4ZCQ5NMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjkt
MzlmZGI5ODZmMDU5LzEvRTVsUDE4eWJITVRIVG5QbzBNMExJZ1BhWVVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ny9hZDY1MjEtZDNhOS00YjEzLWJlNjktMzlmZGI5ODZmMDU5
LzEveGhiRUdWRlM3XzdiOTdPdjdpcW5MaGtKRGswLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAuf4dAwQA
uf7sAwQAuf7vAwQAwSOYMA0GCSqGSIb3DQEBCwUAA4IBAQA/rn24rhbhnzm4k//7
HIl9qYrjJBnJA22GiQHyz6xlRd2osPOsmoRPcR8b5CXYxHsAIQVd4ApNNcnaQ5fM
fqWb8jC5UutuYsF0ak4thv3ycWOQMSLdkuW6fILE4JUqbSdOMrjwtspQY42OcXfz
bWhVItRzlfGD+JF+HbgwFjJA8/3ovXOM5SIT5DSUDBg+xzjNx9XrKZvDm4/ZZNdn
jz0+gWfz3ZY5S9FaXNtQmGACg5NR+ZXWscY0Ek5+vi2NGlLKy511epJ/GRWS3Y8U
4cTtxoYpDNvSSTWaj60t+fyoG0fmNfBpij197eenIm4nCs2HTLgQCsnKVK1cH88M
BkOm
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:22:25 2025 by rpki-client