Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/5PNzaEI7oz83vRzv5xWFHVbQOkU.roa
File: 5PNzaEI7oz83vRzv5xWFHVbQOkU.roa (raw, json)
Hash identifier: o3Sdhd++277gQ6w1iXaVRXMbMe7DONJXX2OSptb2WQ4=
Subject key identifier: E4:F3:73:68:42:3B:A3:3F:37:BD:1C:EF:E7:15:85:1D:56:D0:3A:45
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0196F7D8EB8D37E44B8C9DEAB2CF1443BEF2
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/5PNzaEI7oz83vRzv5xWFHVbQOkU.roa
Signing time: Thu 22 May 2025 11:55:10 +0000
ROA not before: Thu 22 May 2025 11:55:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 31.210.48.0/24 maxlen: 24
31.210.50.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.145.0/24 maxlen: 24
77.92.146.0/24 maxlen: 24
78.135.66.0/24 maxlen: 24
78.135.72.0/24 maxlen: 24
78.135.92.0/24 maxlen: 24
78.135.93.0/24 maxlen: 24
78.135.100.0/24 maxlen: 24
78.135.104.0/24 maxlen: 24
185.17.139.0/24 maxlen: 24
188.132.129.0/24 maxlen: 24
188.132.130.0/24 maxlen: 24
188.132.153.0/24 maxlen: 24
188.132.165.0/24 maxlen: 24
188.132.168.0/24 maxlen: 24
188.132.183.0/24 maxlen: 24
188.132.184.0/24 maxlen: 24
188.132.185.0/24 maxlen: 24
188.132.186.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.199.0/24 maxlen: 24
188.132.201.0/24 maxlen: 24
188.132.202.0/24 maxlen: 24
188.132.209.0/24 maxlen: 24
188.132.234.0/24 maxlen: 24
188.132.235.0/24 maxlen: 24
212.68.58.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f7:d8:eb:8d:37:e4:4b:8c:9d:ea:b2:cf:14:43:be:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: May 22 11:55:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4f37368423ba33f37bd1cefe715851d56d03a45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:80:3d:d7:81:ea:87:8b:77:83:2a:60:2b:94:
77:9f:d4:22:5f:75:2f:86:a4:be:54:10:66:1d:4a:
76:29:17:d1:1e:83:8f:ee:ac:06:f0:fa:48:32:82:
c3:72:e6:b3:80:58:51:54:f2:d9:cc:04:7f:5d:e0:
54:29:8c:cf:cb:c5:f0:1f:b6:cf:85:dd:df:e3:de:
98:92:db:74:4c:99:29:c7:4a:74:bf:76:f3:e5:18:
4e:5b:42:a0:2c:1d:a1:10:7b:bc:57:c6:e2:e0:7a:
0e:90:6b:7f:e2:3e:31:77:c9:66:09:7c:72:1a:9b:
36:fa:7d:b4:a7:c5:5d:4d:9f:e6:73:05:d8:06:32:
c6:84:19:59:77:97:4b:1a:c9:66:3e:ed:87:35:36:
00:fc:3e:34:e2:80:7c:ff:13:ce:76:43:fc:cc:4f:
cf:31:4f:0b:96:04:6b:70:e8:5d:d8:23:b7:3a:1a:
13:9c:f2:d1:69:d7:73:29:81:0d:17:a9:86:85:6a:
d9:bc:cc:be:c4:8f:26:42:68:2b:ed:c1:10:de:fa:
46:fa:69:3f:12:50:9d:67:bb:d8:b6:de:aa:9b:3c:
8f:32:3b:80:a0:f0:b9:e1:75:44:00:ea:a5:1a:47:
73:67:2d:58:ba:63:cb:3d:6e:4f:c0:78:bb:10:20:
04:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:F3:73:68:42:3B:A3:3F:37:BD:1C:EF:E7:15:85:1D:56:D0:3A:45
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/5PNzaEI7oz83vRzv5xWFHVbQOkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.48.0/24
31.210.50.0/24
77.92.143.0/24
77.92.145.0-77.92.146.255
78.135.66.0/24
78.135.72.0/24
78.135.92.0/23
78.135.100.0/24
78.135.104.0/24
185.17.139.0/24
188.132.129.0-188.132.130.255
188.132.153.0/24
188.132.165.0/24
188.132.168.0/24
188.132.183.0-188.132.186.255
188.132.189.0/24
188.132.199.0/24
188.132.201.0-188.132.202.255
188.132.209.0/24
188.132.234.0/23
212.68.58.0/24
212.68.60.0/24
Signature Algorithm: sha256WithRSAEncryption
3a:df:6d:20:03:f7:ea:e9:bd:1b:65:8b:26:f7:4b:62:fb:3c:
a9:42:86:53:06:54:7c:be:47:b1:5e:e5:79:c4:66:5c:e1:fb:
8a:6e:85:9f:d1:0b:c1:f2:ab:12:f3:6c:e2:aa:8b:e5:36:83:
5c:26:9e:1c:b9:59:41:f6:22:ac:c0:7f:ff:07:5a:11:87:86:
6d:e1:4a:b8:3e:a6:eb:fa:0f:d3:1c:03:d6:6c:f4:2f:cc:04:
d0:b8:99:1c:f0:c7:17:ec:c2:ff:9b:29:e0:d2:28:27:61:72:
11:f5:8d:71:dd:a8:64:eb:5b:45:45:48:0b:7d:f3:11:7b:31:
81:31:0a:48:3a:d9:f3:03:09:1a:d2:af:35:dd:dd:e0:5e:40:
08:d6:6b:83:15:3a:20:e1:43:86:0b:3c:e9:c2:aa:44:97:3c:
bf:ce:b3:82:e3:e2:9e:9b:ed:13:d6:f0:63:87:03:36:29:53:
bb:f9:5c:73:e5:0e:75:b8:40:28:1d:51:25:07:de:c7:f4:cb:
5f:71:ee:a8:eb:ed:11:fb:76:fc:4a:5d:cf:f3:c1:70:33:be:
14:59:27:88:18:8e:26:9a:75:8e:73:9f:e0:e6:12:99:6e:e3:
5d:c3:d0:43:f5:6a:39:0a:4f:42:20:d0:7b:7b:43:26:7c:56:
1d:49:a7:10
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZb32OuNN+RLjJ3qss8UQ77yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwNTIyMTE1NTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNGYzNzM2ODQyM2JhMzNmMzdiZDFjZWZlNzE1ODUxZDU2ZDAzYTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx4A914Hqh4t3gypgK5R3n9QiX3Uv
hqS+VBBmHUp2KRfRHoOP7qwG8PpIMoLDcuazgFhRVPLZzAR/XeBUKYzPy8XwH7bP
hd3f496Yktt0TJkpx0p0v3bz5RhOW0KgLB2hEHu8V8bi4HoOkGt/4j4xd8lmCXxy
Gps2+n20p8VdTZ/mcwXYBjLGhBlZd5dLGslmPu2HNTYA/D404oB8/xPOdkP8zE/P
MU8LlgRrcOhd2CO3OhoTnPLRaddzKYENF6mGhWrZvMy+xI8mQmgr7cEQ3vpG+mk/
ElCdZ7vYtt6qmzyPMjuAoPC54XVEAOqlGkdzZy1YumPLPW5PwHi7ECAEewIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFOTzc2hCO6M/N70c7+cVhR1W0DpFMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvNVBOemFFSTdvejgzdlJ6djV4V0ZIVmJRT2tVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAf
0jADBAAf0jIDBABNXI8wDAMEAE1ckQMEAE1ckgMEAE6HQgMEAE6HSAMEAU6HXAME
AE6HZAMEAE6HaAMEALkRizAMAwQAvISBAwQAvISCAwQAvISZAwQAvISlAwQAvISo
MAwDBAC8hLcDBAC8hLoDBAC8hL0DBAC8hMcwDAMEALyEyQMEALyEygMEALyE0QME
AbyE6gMEANREOgMEANREPDANBgkqhkiG9w0BAQsFAAOCAQEAOt9tIAP36um9G2WL
JvdLYvs8qUKGUwZUfL5HsV7lecRmXOH7im6Fn9ELwfKrEvNs4qqL5TaDXCaeHLlZ
QfYirMB//wdaEYeGbeFKuD6m6/oP0xwD1mz0L8wE0LiZHPDHF+zC/5sp4NIoJ2Fy
EfWNcd2oZOtbRUVIC33zEXsxgTEKSDrZ8wMJGtKvNd3d4F5ACNZrgxU6IOFDhgs8
6cKqRJc8v86zguPinpvtE9bwY4cDNilTu/lcc+UOdbhAKB1RJQfex/TLX3HuqOvt
Eft2/Epdz/PBcDO+FFkniBiOJpp1jnOf4OYSmW7jXcPQQ/VqOQpPQiDQe3tDJnxW
HUmnEA==
-----END CERTIFICATE-----
Generated at Sat Jun 7 05:03:37 2025 by rpki-client