Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/RaS1Do31InjbQCFGnTA-YqKnIe4.roa
File: RaS1Do31InjbQCFGnTA-YqKnIe4.roa (raw, json)
Hash identifier: 6QaZ0lK6HEZVx8vJm4K3nfnSTx8TNZ47FuFw64/BpII=
Subject key identifier: 45:A4:B5:0E:8D:F5:22:78:DB:40:21:46:9D:30:3E:62:A2:A7:21:EE
Certificate issuer: /CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Certificate serial: 019809C4CBDA6B1B0480622B001EF4D99D7A
Authority key identifier: EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/RaS1Do31InjbQCFGnTA-YqKnIe4.roa
Signing time: Mon 14 Jul 2025 16:29:08 +0000
ROA not before: Mon 14 Jul 2025 16:29:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24961
IP address blocks: 5.104.104.0/21 maxlen: 24
5.199.128.0/20 maxlen: 24
37.157.248.0/21 maxlen: 24
46.20.32.0/20 maxlen: 24
46.228.192.0/20 maxlen: 24
62.141.32.0/20 maxlen: 24
78.31.64.0/21 maxlen: 24
80.82.208.0/20 maxlen: 24
81.30.144.0/20 maxlen: 24
83.136.80.0/21 maxlen: 24
85.14.192.0/18 maxlen: 24
85.114.128.0/19 maxlen: 24
89.163.128.0/17 maxlen: 24
91.194.84.0/24 maxlen: 24
91.212.153.0/24 maxlen: 24
91.212.159.0/24 maxlen: 24
91.212.163.0/24 maxlen: 24
93.186.192.0/20 maxlen: 24
146.0.32.0/20 maxlen: 24
146.19.166.0/24 maxlen: 24
152.89.92.0/22 maxlen: 24
185.15.244.0/22 maxlen: 24
185.45.248.0/22 maxlen: 24
185.145.196.0/22 maxlen: 24
185.219.208.0/22 maxlen: 24
193.111.198.0/23 maxlen: 24
194.107.129.0/24 maxlen: 24
194.126.198.0/24 maxlen: 24
195.93.242.0/23 maxlen: 24
213.202.192.0/18 maxlen: 24
217.79.176.0/20 maxlen: 24
2001:4ba0::/32 maxlen: 32
2001:4ba1::/32 maxlen: 32
2001:4ba3::/32 maxlen: 32
2001:4ba4::/32 maxlen: 32
2001:4ba6::/32 maxlen: 32
2a00:c320::/32 maxlen: 48
2a01:480::/32 maxlen: 32
2a0a:db80:1000::/36 maxlen: 36
2a0a:db80:2000::/36 maxlen: 36
2a0a:db80:2000::/40 maxlen: 40
2a0a:db80:3000::/36 maxlen: 36
2a0a:db80:4000::/36 maxlen: 36
2a0a:db80:5000::/36 maxlen: 36
2a0a:db80:8000::/36 maxlen: 36
2a0a:db80:8000::/40 maxlen: 40
2a0a:db80:c000::/36 maxlen: 36
2a0c:6b00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.mft
rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:c4:cb:da:6b:1b:04:80:62:2b:00:1e:f4:d9:9d:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ec6b42021886d8eedbae90d9e6ab1de533c50d20
Validity
Not Before: Jul 14 16:29:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45a4b50e8df52278db4021469d303e62a2a721ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:b0:01:d6:a3:74:30:94:d7:3c:3e:8f:bd:90:
89:89:0d:06:f4:a2:42:48:c1:8a:e3:11:96:9a:0a:
b8:62:84:7c:90:b9:1b:ea:43:21:9f:a5:38:1f:a0:
dd:e6:d0:fe:23:c8:98:c2:23:b3:af:ed:b5:26:d5:
71:d8:21:16:b2:c2:cd:d8:16:e2:53:3b:40:57:b6:
ad:05:8b:7e:ee:49:fc:b0:d8:3e:1b:ad:51:25:a6:
85:2a:59:cf:92:dd:ea:8f:cd:8d:77:e4:cf:06:34:
85:7e:65:26:c9:11:d9:74:76:c2:79:4d:9d:c3:ce:
3e:fc:4c:29:87:5d:37:7e:f2:bd:82:3e:5b:7d:39:
8b:14:91:91:c8:75:d8:e4:ab:c0:91:42:c9:2c:ac:
78:42:98:ee:f6:44:83:eb:d0:33:41:29:6e:4f:cd:
66:d6:f2:29:a8:c4:5b:37:b1:b4:69:4f:30:70:f6:
fd:76:5a:99:4b:20:a7:e9:73:82:10:5f:22:b9:af:
a7:5b:91:28:18:b3:0f:91:d9:6b:39:3b:2f:54:12:
36:a2:87:80:71:60:ce:f9:02:a0:76:02:97:69:42:
a0:1a:89:dd:9c:6f:cc:5f:95:bd:98:08:21:51:20:
ce:87:d6:38:a1:88:70:00:ad:0e:43:c6:56:83:86:
36:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A4:B5:0E:8D:F5:22:78:DB:40:21:46:9D:30:3E:62:A2:A7:21:EE
X509v3 Authority Key Identifier:
keyid:EC:6B:42:02:18:86:D8:EE:DB:AE:90:D9:E6:AB:1D:E5:33:C5:0D:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7GtCAhiG2O7brpDZ5qsd5TPFDSA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/RaS1Do31InjbQCFGnTA-YqKnIe4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4c/26c3e1-6486-4e09-99a4-a6873b374e26/1/7GtCAhiG2O7brpDZ5qsd5TPFDSA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.104.0/21
5.199.128.0/20
37.157.248.0/21
46.20.32.0/20
46.228.192.0/20
62.141.32.0/20
78.31.64.0/21
80.82.208.0/20
81.30.144.0/20
83.136.80.0/21
85.14.192.0/18
85.114.128.0/19
89.163.128.0/17
91.194.84.0/24
91.212.153.0/24
91.212.159.0/24
91.212.163.0/24
93.186.192.0/20
146.0.32.0/20
146.19.166.0/24
152.89.92.0/22
185.15.244.0/22
185.45.248.0/22
185.145.196.0/22
185.219.208.0/22
193.111.198.0/23
194.107.129.0/24
194.126.198.0/24
195.93.242.0/23
213.202.192.0/18
217.79.176.0/20
IPv6:
2001:4ba0::/31
2001:4ba3::-2001:4ba4:ffff:ffff:ffff:ffff:ffff:ffff
2001:4ba6::/32
2a00:c320::/32
2a01:480::/32
2a0a:db80:1000::-2a0a:db80:5fff:ffff:ffff:ffff:ffff:ffff
2a0a:db80:8000::/36
2a0a:db80:c000::/36
2a0c:6b00::/32
Signature Algorithm: sha256WithRSAEncryption
83:77:1a:f5:d3:ac:05:5b:a0:e1:d6:33:b7:a2:9b:e9:07:73:
73:8c:d1:e8:f1:09:bc:46:59:49:d0:33:f5:e4:d8:ab:c0:06:
a6:a6:7d:ce:31:9f:40:f9:f3:49:15:7f:25:03:5b:04:44:db:
99:37:21:4f:95:28:57:32:33:a4:b4:12:69:61:4e:31:ff:f5:
9a:af:85:9d:d4:35:d4:d0:a7:03:ac:56:8f:be:23:f9:ef:3e:
ff:23:40:83:e7:43:bf:78:55:95:63:17:04:09:ed:a1:75:d4:
ab:24:a5:72:26:5f:87:dc:9b:a3:c7:30:6b:5a:73:5d:14:08:
e1:6b:31:6a:e5:e4:d2:c8:f4:ce:ba:ef:e4:53:3e:bc:8b:71:
c4:c9:0a:db:cd:c5:df:83:1f:23:6d:25:2c:dd:a2:e7:5f:66:
0a:5a:66:1d:e6:79:18:f5:14:7a:dc:72:25:84:1e:aa:0c:5b:
50:26:a5:22:d6:2d:bd:6f:df:5d:6f:f7:fe:a3:d1:80:8f:4f:
f8:6f:e4:bf:de:3d:c6:35:ec:ec:fc:4a:ab:cf:53:7a:4e:cd:
5f:7d:05:75:9d:d9:79:c6:b6:03:32:89:2a:8b:26:e2:7a:bc:
1e:d8:70:17:55:02:9d:80:11:bc:7e:86:0f:f6:cf:0c:b8:ca:
01:b0:18:e7
-----BEGIN CERTIFICATE-----
MIIGFjCCBP6gAwIBAgISAZgJxMvaaxsEgGIrAB702Z16MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVjNmI0MjAyMTg4NmQ4ZWVkYmFlOTBkOWU2YWIxZGU1MzNj
NTBkMjAwHhcNMjUwNzE0MTYyOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWE0YjUwZThkZjUyMjc4ZGI0MDIxNDY5ZDMwM2U2MmEyYTcyMWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtrAB1qN0MJTXPD6PvZCJiQ0G9KJC
SMGK4xGWmgq4YoR8kLkb6kMhn6U4H6Dd5tD+I8iYwiOzr+21JtVx2CEWssLN2Bbi
UztAV7atBYt+7kn8sNg+G61RJaaFKlnPkt3qj82Nd+TPBjSFfmUmyRHZdHbCeU2d
w84+/Ewph103fvK9gj5bfTmLFJGRyHXY5KvAkULJLKx4Qpju9kSD69AzQSluT81m
1vIpqMRbN7G0aU8wcPb9dlqZSyCn6XOCEF8iua+nW5EoGLMPkdlrOTsvVBI2ooeA
cWDO+QKgdgKXaUKgGondnG/MX5W9mAghUSDOh9Y4oYhwAK0OQ8ZWg4Y21QIDAQAB
o4IDIjCCAx4wHQYDVR0OBBYEFEWktQ6N9SJ420AhRp0wPmKipyHuMB8GA1UdIwQY
MBaAFOxrQgIYhtju266Q2earHeUzxQ0gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQt
YTY4NzNiMzc0ZTI2LzEvUmFTMURvMzFJbmpiUUNGR25UQS1ZcUtuSWU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yy8yNmMzZTEtNjQ4Ni00ZTA5LTk5YTQtYTY4NzNiMzc0ZTI2
LzEvN0d0Q0FoaUcyTzdicnBEWjVxc2Q1VFBGRFNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNgYIKwYBBQUHAQcBAf8EggElMIIBITCBwQQCAAEwgboD
BAMFaGgDBAQFx4ADBAMlnfgDBAQuFCADBAQu5MADBAQ+jSADBANOH0ADBARQUtAD
BARRHpADBANTiFADBAZVDsADBAVVcoADBAdZo4ADBABbwlQDBABb1JkDBABb1J8D
BABb1KMDBARdusADBASSACADBACSE6YDBAKYWVwDBAK5D/QDBAK5LfgDBAK5kcQD
BAK529ADBAHBb8YDBADCa4EDBADCfsYDBAHDXfIDBAbVysADBATZT7AwWwQCAAIw
VQMFASABS6AwDgMFACABS6MDBQAgAUukAwUAIAFLpgMFACoAwyADBQAqAQSAMBAD
BgQqCtuAEAMGBSoK24BAAwYEKgrbgIADBgQqCtuAwAMFACoMawAwDQYJKoZIhvcN
AQELBQADggEBAIN3GvXTrAVboOHWM7eim+kHc3OM0ejxCbxGWUnQM/Xk2KvABqam
fc4xn0D580kVfyUDWwRE25k3IU+VKFcyM6S0EmlhTjH/9ZqvhZ3UNdTQpwOsVo++
I/nvPv8jQIPnQ794VZVjFwQJ7aF11KskpXImX4fcm6PHMGtac10UCOFrMWrl5NLI
9M667+RTPryLccTJCtvNxd+DHyNtJSzdoudfZgpaZh3meRj1FHrcciWEHqoMW1Am
pSLWLb1v311v9/6j0YCPT/hv5L/ePcY17Oz8SqvPU3pOzV99BXWd2XnGtgMyiSqL
JuJ6vB7YcBdVAp2AEbx+hg/2zwy4ygGwGOc=
-----END CERTIFICATE-----
Generated at Wed Jul 23 11:40:13 2025 by rpki-client