Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/4CU6pYnLKkVawgc84xMcvdiOfc0.roa
File: 4CU6pYnLKkVawgc84xMcvdiOfc0.roa (raw, json)
Hash identifier: I1uFfuY4QPVPp8rBpUvi3C1YmHjHktusOlU6fhj2vVY=
Subject key identifier: E0:25:3A:A5:89:CB:2A:45:5A:C2:07:3C:E3:13:1C:BD:D8:8E:7D:CD
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0198EAAD53A10867B7E8325D5FE3D3A8277B
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/4CU6pYnLKkVawgc84xMcvdiOfc0.roa
Signing time: Wed 27 Aug 2025 08:38:04 +0000
ROA not before: Wed 27 Aug 2025 08:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.89.55.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
193.57.139.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 17:17:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:ad:53:a1:08:67:b7:e8:32:5d:5f:e3:d3:a8:27:7b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Aug 27 08:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e0253aa589cb2a455ac2073ce3131cbdd88e7dcd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:ea:e7:44:e3:22:c3:8c:c3:2d:7b:f1:e9:14:
57:72:95:5a:96:a4:b4:a6:93:e5:92:28:b5:27:2f:
64:4c:96:3d:69:06:b1:ce:95:f7:de:a4:1e:e0:10:
ae:aa:52:b7:2e:83:fb:22:9b:38:de:aa:0b:d0:5d:
1f:b3:26:7c:3f:b0:f5:38:36:b8:e3:ef:a4:b9:05:
b4:62:ca:83:28:4b:f5:fd:53:4a:7f:b4:47:f8:32:
11:ed:e0:a8:4a:bf:f4:b1:e4:1b:cc:83:3f:d9:63:
3a:6e:dd:57:8b:5f:01:b6:bd:dc:8a:93:7b:5e:6e:
36:a2:6a:58:d5:9f:e3:17:8c:4c:a7:ca:bf:62:db:
29:15:0f:c3:44:fe:ff:d2:4d:de:ca:18:32:e7:2d:
13:b6:53:bc:ed:8c:9c:1a:30:5f:ac:a6:ce:29:96:
18:e3:3f:ff:07:86:b5:18:d0:ed:6f:4d:65:ef:a6:
ab:5e:f0:27:34:10:5f:83:97:67:c4:88:20:29:ce:
39:b8:c0:c8:24:40:a2:ac:83:53:5f:9c:e0:77:04:
07:97:97:0c:b7:c9:a7:84:ac:eb:85:fd:66:5e:38:
a8:8b:a6:f5:68:e7:88:aa:82:1a:5c:5d:e0:b7:1b:
eb:4e:9a:6a:ac:95:e0:e2:39:c4:42:90:02:e4:72:
f2:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:25:3A:A5:89:CB:2A:45:5A:C2:07:3C:E3:13:1C:BD:D8:8E:7D:CD
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/4CU6pYnLKkVawgc84xMcvdiOfc0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.37.0-5.182.39.255
45.67.34.0/24
45.84.0.0/24
45.89.55.0/24
45.159.249.0/24
45.159.251.0/24
141.98.169.0/24
185.231.204.0/24
185.231.206.0/24
193.43.146.0/24
193.57.137.0/24
193.57.139.0/24
194.4.48.0/24
194.116.172.0/24
Signature Algorithm: sha256WithRSAEncryption
11:d6:2e:2f:20:c4:cd:32:7e:82:d5:c8:92:d2:3b:3b:91:dc:
15:24:d6:1d:fb:43:23:96:d3:bd:c1:3f:a7:45:68:11:4c:b4:
09:ce:60:0b:a5:0c:7a:97:7b:ad:77:69:79:87:8a:5e:aa:fb:
7e:52:a3:0f:aa:b6:b3:1f:be:f1:bf:3c:5d:91:c2:d9:74:d4:
d0:e0:80:4a:cf:68:96:f7:0d:1e:9d:25:67:fc:d9:48:d9:92:
10:e7:71:c9:67:9b:42:66:43:0f:e7:29:f9:4d:37:82:3e:e8:
e0:09:d4:3d:4e:0e:79:de:21:56:a6:18:8b:d2:6c:00:e8:e7:
6d:1b:fb:dd:51:a3:e3:29:e9:12:3a:e5:f1:d4:41:39:e3:fd:
52:e1:39:8b:c4:4a:73:9b:80:cc:38:c3:fb:47:74:ec:6c:b5:
45:90:d9:de:a6:3d:1b:ce:84:de:3f:a9:ae:8f:8e:3a:75:b8:
84:8e:10:72:d3:bc:04:b0:6b:f8:8b:f8:b7:ea:22:79:da:de:
be:88:19:12:ab:6b:7d:59:13:6e:98:d7:7a:c8:9b:37:3a:b7:
05:a3:d1:93:1e:81:b5:78:dd:ac:53:27:2e:a9:29:48:f5:5f:
55:fb:cb:3d:1a:65:af:30:47:32:79:bd:81:f2:e3:5f:df:bb:
4d:ea:eb:10
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZjqrVOhCGe36DJdX+PTqCd7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwODI3MDgzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDI1M2FhNTg5Y2IyYTQ1NWFjMjA3M2NlMzEzMWNiZGQ4OGU3ZGNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuurnROMiw4zDLXvx6RRXcpValqS0
ppPlkii1Jy9kTJY9aQaxzpX33qQe4BCuqlK3LoP7Ips43qoL0F0fsyZ8P7D1ODa4
4++kuQW0YsqDKEv1/VNKf7RH+DIR7eCoSr/0seQbzIM/2WM6bt1Xi18Btr3cipN7
Xm42ompY1Z/jF4xMp8q/YtspFQ/DRP7/0k3eyhgy5y0TtlO87YycGjBfrKbOKZYY
4z//B4a1GNDtb01l76arXvAnNBBfg5dnxIggKc45uMDIJECirINTX5zgdwQHl5cM
t8mnhKzrhf1mXjioi6b1aOeIqoIaXF3gtxvrTppqrJXg4jnEQpAC5HLyvQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFOAlOqWJyypFWsIHPOMTHL3Yjn3NMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvNENVNnBZbkxLa1Zhd2djODR4TWN2ZGlPZmMwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcMAwDBAAFtiUD
BAMFtiADBAAtQyIDBAAtVAADBAAtWTcDBAAtn/kDBAAtn/sDBACNYqkDBAC558wD
BAC5584DBADBK5IDBADBOYkDBADBOYsDBADCBDADBADCdKwwDQYJKoZIhvcNAQEL
BQADggEBABHWLi8gxM0yfoLVyJLSOzuR3BUk1h37QyOW073BP6dFaBFMtAnOYAul
DHqXe613aXmHil6q+35Sow+qtrMfvvG/PF2Rwtl01NDggErPaJb3DR6dJWf82UjZ
khDncclnm0JmQw/nKflNN4I+6OAJ1D1ODnneIVamGIvSbADo520b+91Ro+Mp6RI6
5fHUQTnj/VLhOYvESnObgMw4w/tHdOxstUWQ2d6mPRvOhN4/qa6Pjjp1uISOEHLT
vASwa/iL+LfqInna3r6IGRKra31ZE26Y13rImzc6twWj0ZMegbV43axTJy6pKUj1
X1X7yz0aZa8wRzJ5vYHy41/fu03q6xA=
-----END CERTIFICATE-----
Generated at Fri Sep 5 22:14:39 2025 by rpki-client