Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/lReJgbEl6ZGpxC1oXNpgchcsuUU.roa
File: lReJgbEl6ZGpxC1oXNpgchcsuUU.roa (raw, json)
Hash identifier: ju4SXMpDeMhKqzMFDCpltVvN/atldEeAdGL+HegT2Mo=
Subject key identifier: 95:17:89:81:B1:25:E9:91:A9:C4:2D:68:5C:DA:60:72:17:2C:B9:45
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 019735A642BA521B8EF83D38598E6C0413D3
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/lReJgbEl6ZGpxC1oXNpgchcsuUU.roa
Signing time: Tue 03 Jun 2025 11:56:17 +0000
ROA not before: Tue 03 Jun 2025 11:56:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41564
IP address blocks: 5.153.236.0/24 maxlen: 24
5.153.239.0/24 maxlen: 24
5.157.8.0/24 maxlen: 24
5.157.13.0/24 maxlen: 24
5.157.14.0/24 maxlen: 24
5.157.17.0/24 maxlen: 24
5.157.22.0/24 maxlen: 24
5.157.27.0/24 maxlen: 24
5.157.41.0/24 maxlen: 24
5.157.42.0/24 maxlen: 24
5.157.45.0/24 maxlen: 24
5.157.56.0/24 maxlen: 24
5.157.58.0/24 maxlen: 24
5.157.59.0/24 maxlen: 24
5.157.60.0/24 maxlen: 24
5.157.61.0/24 maxlen: 24
5.157.62.0/24 maxlen: 24
5.157.63.0/24 maxlen: 24
23.92.127.0/24 maxlen: 24
104.160.2.0/24 maxlen: 24
104.160.6.0/24 maxlen: 24
151.237.186.0/24 maxlen: 24
192.40.88.0/24 maxlen: 24
2a02:5740::/48 maxlen: 48
2a02:5740:1::/48 maxlen: 48
2a02:5740:11::/48 maxlen: 48
2a02:5740:18::/48 maxlen: 48
2a02:5740:21::/48 maxlen: 48
2a02:5740:22::/48 maxlen: 48
2a02:5741:6::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:35:a6:42:ba:52:1b:8e:f8:3d:38:59:8e:6c:04:13:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jun 3 11:56:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=95178981b125e991a9c42d685cda6072172cb945
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:c3:71:90:76:2d:07:18:d8:f3:21:21:a2:be:
d1:e5:e7:fb:bc:36:b8:57:6f:b6:5e:93:fe:82:4d:
2e:b3:06:b9:df:ab:ca:ee:39:97:10:a8:4e:89:20:
ed:69:fe:b3:32:de:a9:e1:be:20:ed:63:04:ef:52:
9b:5a:14:b9:a1:b8:5a:2a:e3:6a:ba:ea:68:0e:af:
7a:7f:de:77:0b:29:73:80:27:53:39:69:eb:88:12:
9a:d2:09:ee:2f:cb:3d:1c:b8:25:41:d4:1f:2b:74:
66:8c:66:67:ad:cb:88:3e:6b:ae:77:21:ec:2f:84:
e0:37:34:f6:8d:41:89:46:1a:ff:1a:76:68:10:0d:
6c:a5:b0:6b:fa:cf:cf:38:66:a0:e6:e2:49:c4:4b:
e9:32:dc:2a:c5:6f:0e:d2:0a:26:a6:4b:c1:99:1f:
b8:79:63:73:ca:5c:54:c4:cc:87:23:ba:62:59:5a:
be:6a:09:dc:5f:cc:43:87:c5:35:aa:89:79:1f:66:
e9:ba:c9:02:a4:eb:8c:6a:ab:aa:13:18:4c:a4:d9:
83:ab:b9:be:d5:43:fd:9f:44:2f:2c:3a:b1:b7:af:
ae:50:6d:de:44:21:7f:66:de:84:52:03:6c:ad:06:
89:f6:4c:a5:22:9d:cf:c2:7b:5d:37:72:e3:0c:56:
fb:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
95:17:89:81:B1:25:E9:91:A9:C4:2D:68:5C:DA:60:72:17:2C:B9:45
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/lReJgbEl6ZGpxC1oXNpgchcsuUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.153.236.0/24
5.153.239.0/24
5.157.8.0/24
5.157.13.0-5.157.14.255
5.157.17.0/24
5.157.22.0/24
5.157.27.0/24
5.157.41.0-5.157.42.255
5.157.45.0/24
5.157.56.0/24
5.157.58.0-5.157.63.255
23.92.127.0/24
104.160.2.0/24
104.160.6.0/24
151.237.186.0/24
192.40.88.0/24
IPv6:
2a02:5740::/47
2a02:5740:11::/48
2a02:5740:18::/48
2a02:5740:21::-2a02:5740:22:ffff:ffff:ffff:ffff:ffff
2a02:5741:6::/48
Signature Algorithm: sha256WithRSAEncryption
52:9c:7c:8c:2d:a9:dc:b4:18:46:fc:ee:7e:d0:71:61:1d:13:
33:5c:ef:a0:d9:42:ad:aa:8b:fc:4b:51:1e:9f:3f:08:e0:4f:
93:a3:be:46:b6:19:7c:ba:4d:6b:b3:5c:99:29:38:e3:a5:17:
10:56:31:59:2e:7f:3d:50:16:ec:55:1e:cf:bf:65:1f:62:09:
69:0e:c6:15:76:7c:9d:61:b4:19:e0:c1:b3:56:b1:40:c5:8a:
be:96:48:bb:26:ad:f6:b7:6c:33:d8:93:88:ca:e5:a7:b7:bf:
b1:31:5b:44:4b:ae:6c:be:41:2b:66:c8:ab:0a:a8:99:e5:32:
ec:78:8d:70:04:09:4a:6d:24:64:29:85:11:ae:8a:57:87:43:
51:68:ae:c6:b1:b7:f3:1b:1c:70:b8:ea:cd:90:68:b3:92:69:
f2:50:ce:05:0c:4e:96:58:8a:d2:53:25:ef:3e:93:ad:c2:47:
c9:3c:62:45:70:26:cb:f8:55:ee:c6:ec:34:97:fc:b5:ed:dd:
92:7d:cf:b1:ee:61:63:1a:45:65:d5:c6:7a:d1:f2:cc:35:f4:
43:41:41:0a:d0:8b:10:40:ca:ac:7b:90:f1:25:49:13:62:66:
43:27:ec:6b:f8:eb:6f:24:54:97:68:e8:c2:51:de:d9:0b:50:
24:ab:d2:ae
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZc1pkK6UhuO+D04WY5sBBPTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwNjAzMTE1NjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NTE3ODk4MWIxMjVlOTkxYTljNDJkNjg1Y2RhNjA3MjE3MmNiOTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqsNxkHYtBxjY8yEhor7R5ef7vDa4
V2+2XpP+gk0uswa536vK7jmXEKhOiSDtaf6zMt6p4b4g7WME71KbWhS5obhaKuNq
uupoDq96f953CylzgCdTOWnriBKa0gnuL8s9HLglQdQfK3RmjGZnrcuIPmuudyHs
L4TgNzT2jUGJRhr/GnZoEA1spbBr+s/POGag5uJJxEvpMtwqxW8O0gompkvBmR+4
eWNzylxUxMyHI7piWVq+agncX8xDh8U1qol5H2bpuskCpOuMaquqExhMpNmDq7m+
1UP9n0QvLDqxt6+uUG3eRCF/Zt6EUgNsrQaJ9kylIp3PwntdN3LjDFb7UQIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFJUXiYGxJemRqcQtaFzaYHIXLLlFMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvbFJlSmdiRWw2WkdweEMxb1hOcGdjaGNzdVVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDB+BAIAATB4AwQABZns
AwQABZnvAwQABZ0IMAwDBAAFnQ0DBAAFnQ4DBAAFnREDBAAFnRYDBAAFnRswDAME
AAWdKQMEAAWdKgMEAAWdLQMEAAWdODAMAwQBBZ06AwQGBZ0AAwQAF1x/AwQAaKAC
AwQAaKAGAwQAl+26AwQAwChYMD4EAgACMDgDBwEqAldAAAADBwAqAldAABEDBwAq
AldAABgwEgMHACoCV0AAIQMHACoCV0AAIgMHACoCV0EABjANBgkqhkiG9w0BAQsF
AAOCAQEAUpx8jC2p3LQYRvzuftBxYR0TM1zvoNlCraqL/EtRHp8/COBPk6O+RrYZ
fLpNa7NcmSk446UXEFYxWS5/PVAW7FUez79lH2IJaQ7GFXZ8nWG0GeDBs1axQMWK
vpZIuyat9rdsM9iTiMrlp7e/sTFbREuubL5BK2bIqwqomeUy7HiNcAQJSm0kZCmF
Ea6KV4dDUWiuxrG38xsccLjqzZBos5Jp8lDOBQxOlliK0lMl7z6TrcJHyTxiRXAm
y/hV7sbsNJf8te3dkn3Pse5hYxpFZdXGetHyzDX0Q0FBCtCLEEDKrHuQ8SVJE2Jm
Qyfsa/jrbyRUl2jowlHe2QtQJKvSrg==
-----END CERTIFICATE-----
Generated at Sun Jun 8 01:45:36 2025 by rpki-client