Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/5GNPm8h48A-gwMWqDZ4JoMYcVZc.roa
File: 5GNPm8h48A-gwMWqDZ4JoMYcVZc.roa (raw, json)
Hash identifier: 9ZBWY++nE/D6/RJTqjkk/4Q4ufkyFaszCX0qNKOcYVk=
Subject key identifier: E4:63:4F:9B:C8:78:F0:0F:A0:C0:C5:AA:0D:9E:09:A0:C6:1C:55:97
Certificate issuer: /CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Certificate serial: 0196E94D7771EBC4B815E8841F4486916485
Authority key identifier: 49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/5GNPm8h48A-gwMWqDZ4JoMYcVZc.roa
Signing time: Mon 19 May 2025 16:08:10 +0000
ROA not before: Mon 19 May 2025 16:08:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198904
IP address blocks: 5.32.184.0/21 maxlen: 21
5.32.184.0/22 maxlen: 22
5.32.184.0/24 maxlen: 24
5.32.185.0/24 maxlen: 24
5.32.186.0/24 maxlen: 24
5.32.187.0/24 maxlen: 24
5.32.188.0/22 maxlen: 22
5.32.188.0/24 maxlen: 24
5.32.189.0/24 maxlen: 24
5.32.190.0/24 maxlen: 24
5.32.191.0/24 maxlen: 24
2a01:6ec0::/32 maxlen: 32
2a01:6ec0::/36 maxlen: 36
2a01:6ec0::/48 maxlen: 48
2a01:6ec0:1000::/36 maxlen: 36
2a01:6ec0:2000::/36 maxlen: 36
2a01:6ec0:3000::/36 maxlen: 36
2a01:6ec0:4000::/36 maxlen: 36
2a01:6ec0:5000::/36 maxlen: 36
2a01:6ec0:6000::/36 maxlen: 36
2a01:6ec0:7000::/36 maxlen: 36
2a01:6ec0:8000::/36 maxlen: 36
2a01:6ec0:9000::/36 maxlen: 36
2a01:6ec0:a000::/36 maxlen: 36
2a01:6ec0:b000::/36 maxlen: 36
2a01:6ec0:c000::/36 maxlen: 36
2a01:6ec0:d000::/36 maxlen: 36
2a01:6ec0:e000::/36 maxlen: 36
2a01:6ec0:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.mft
rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 03:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:e9:4d:77:71:eb:c4:b8:15:e8:84:1f:44:86:91:64:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=49f093bb8e8ad11c4c834edfd2df54d41cb49f79
Validity
Not Before: May 19 16:08:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e4634f9bc878f00fa0c0c5aa0d9e09a0c61c5597
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:c6:06:48:32:fd:4a:56:6b:4c:76:2f:6a:bf:
32:58:3e:d7:31:3e:83:ca:41:41:df:a0:b1:ad:4f:
10:f4:c8:1d:5f:05:5f:1c:36:eb:d5:e1:8f:ca:30:
6f:7f:13:34:06:96:91:0a:4a:5f:43:a6:77:1c:84:
67:28:03:36:2f:89:fe:91:09:83:ff:97:b3:b4:55:
d6:51:1d:0f:46:f5:5d:3d:b6:d8:f9:ca:1b:40:53:
8c:28:aa:f7:0e:6d:91:c2:74:38:3d:32:cb:8b:63:
0a:99:54:fc:f7:91:8f:ba:47:16:ac:93:1d:9c:eb:
c1:f1:f6:d3:ec:91:26:ad:b4:6e:cf:81:03:4b:cc:
38:86:cc:34:e6:ad:01:63:71:37:1f:05:a4:c0:f9:
29:75:ae:b4:ca:75:14:86:2b:d8:1b:8d:14:c2:0f:
f6:75:d3:36:59:1b:32:d7:ea:8a:28:89:48:b9:4a:
1d:a0:24:3c:18:22:ab:10:a1:f4:03:61:ba:0c:41:
01:b9:87:64:37:17:7b:9b:bf:1d:13:c6:b1:ab:e4:
69:35:4f:3a:69:f3:50:f8:8c:9f:ec:b4:52:39:59:
00:bf:c1:28:4e:36:59:30:7b:df:a6:1d:99:db:67:
36:77:a5:62:6e:8e:34:dd:3c:d7:cd:43:1f:fd:c1:
d6:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:63:4F:9B:C8:78:F0:0F:A0:C0:C5:AA:0D:9E:09:A0:C6:1C:55:97
X509v3 Authority Key Identifier:
keyid:49:F0:93:BB:8E:8A:D1:1C:4C:83:4E:DF:D2:DF:54:D4:1C:B4:9F:79
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SfCTu46K0RxMg07f0t9U1By0n3k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/5GNPm8h48A-gwMWqDZ4JoMYcVZc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/4ffe92-00ce-4faa-885c-e9617d66a74b/1/SfCTu46K0RxMg07f0t9U1By0n3k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.32.184.0/21
IPv6:
2a01:6ec0::/32
Signature Algorithm: sha256WithRSAEncryption
7c:e6:48:5c:a9:1d:d0:6f:3c:a4:19:40:90:1d:98:2c:e2:e6:
2c:fb:3a:64:d0:ab:11:d3:17:12:dc:95:e8:a8:40:d3:fb:02:
22:57:ab:35:f9:bb:f3:41:58:1e:4b:2f:5a:a4:a8:6e:bd:78:
0c:0d:e8:49:86:89:d2:77:03:77:7b:a2:d3:fa:f0:ab:d6:eb:
63:82:e2:9d:7e:e9:49:be:18:9e:59:1c:1d:e1:81:1f:45:0e:
ae:90:e2:0b:8a:ab:13:ef:a3:e0:d6:9a:c6:d5:ca:c0:c2:b2:
90:c0:a0:1e:47:ff:31:75:5c:8f:31:32:9d:2e:f3:20:50:69:
dc:22:27:20:88:88:ac:4a:8b:90:fa:8a:b1:bc:f1:88:fe:3c:
9c:e7:b3:1b:61:04:7e:69:40:70:70:8b:e3:08:d9:f4:3b:16:
9c:4b:f8:08:dc:af:23:9f:31:8e:e0:c9:37:04:19:b6:e9:63:
21:40:74:ea:c4:9e:e9:ca:0b:d5:a4:50:1e:f5:de:e4:b1:ca:
37:27:91:c0:97:52:4a:a8:43:a5:cf:27:02:f2:f5:f1:86:96:
7a:bb:eb:91:ff:4d:29:bd:c2:e6:8d:87:62:75:6f:7f:4e:cc:
e5:1d:de:5c:d1:0c:5e:cb:2e:ec:50:fe:cc:26:2a:98:30:66:
25:36:78:7e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZbpTXdx68S4FeiEH0SGkWSFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ5ZjA5M2JiOGU4YWQxMWM0YzgzNGVkZmQyZGY1NGQ0MWNi
NDlmNzkwHhcNMjUwNTE5MTYwODEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDYzNGY5YmM4NzhmMDBmYTBjMGM1YWEwZDllMDlhMGM2MWM1NTk3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv8YGSDL9SlZrTHYvar8yWD7XMT6D
ykFB36CxrU8Q9MgdXwVfHDbr1eGPyjBvfxM0BpaRCkpfQ6Z3HIRnKAM2L4n+kQmD
/5eztFXWUR0PRvVdPbbY+cobQFOMKKr3Dm2RwnQ4PTLLi2MKmVT895GPukcWrJMd
nOvB8fbT7JEmrbRuz4EDS8w4hsw05q0BY3E3HwWkwPkpda60ynUUhivYG40Uwg/2
ddM2WRsy1+qKKIlIuUodoCQ8GCKrEKH0A2G6DEEBuYdkNxd7m78dE8axq+RpNU86
afNQ+Iyf7LRSOVkAv8EoTjZZMHvfph2Z22c2d6Vibo403TzXzUMf/cHW3QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFORjT5vIePAPoMDFqg2eCaDGHFWXMB8GA1UdIwQY
MBaAFEnwk7uOitEcTINO39LfVNQctJ95MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMt
ZTk2MTdkNjZhNzRiLzEvNUdOUG04aDQ4QS1nd01XcURaNEpvTVljVlpjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS80ZmZlOTItMDBjZS00ZmFhLTg4NWMtZTk2MTdkNjZhNzRi
LzEvU2ZDVHU0NkswUnhNZzA3ZjB0OVUxQnkwbjNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQDBSC4MA0E
AgACMAcDBQAqAW7AMA0GCSqGSIb3DQEBCwUAA4IBAQB85khcqR3QbzykGUCQHZgs
4uYs+zpk0KsR0xcS3JXoqEDT+wIiV6s1+bvzQVgeSy9apKhuvXgMDehJhonSdwN3
e6LT+vCr1utjguKdfulJvhieWRwd4YEfRQ6ukOILiqsT76Pg1prG1crAwrKQwKAe
R/8xdVyPMTKdLvMgUGncIicgiIisSouQ+oqxvPGI/jyc57MbYQR+aUBwcIvjCNn0
OxacS/gI3K8jnzGO4Mk3BBm26WMhQHTqxJ7pygvVpFAe9d7ksco3J5HAl1JKqEOl
zycC8vXxhpZ6u+uR/00pvcLmjYdidW9/TszlHd5c0Qxeyy7sUP7MJiqYMGYlNnh+
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:35:32 2025 by rpki-client