Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/D6qbKl2IR5AXgNzHmk68-1eyUqU.roa
File: D6qbKl2IR5AXgNzHmk68-1eyUqU.roa (raw, json)
Hash identifier: lut3bO6x8UE6zyJLcePSQ/XINz1+55mMhjfOKx8dKJU=
Subject key identifier: 0F:AA:9B:2A:5D:88:47:90:17:80:DC:C7:9A:4E:BC:FB:57:B2:52:A5
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 01971B73AB638D1F8F435E088A9E43414285
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/D6qbKl2IR5AXgNzHmk68-1eyUqU.roa
Signing time: Thu 29 May 2025 09:50:54 +0000
ROA not before: Thu 29 May 2025 09:50:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
146.103.89.0/24 maxlen: 24
146.103.90.0/24 maxlen: 24
146.103.91.0/24 maxlen: 24
146.103.92.0/24 maxlen: 24
146.103.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 22:50:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1b:73:ab:63:8d:1f:8f:43:5e:08:8a:9e:43:41:42:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: May 29 09:50:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0faa9b2a5d8847901780dcc79a4ebcfb57b252a5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:05:07:08:65:56:90:92:cb:2d:5a:a1:ac:71:
41:60:04:22:50:f6:d4:c7:97:46:72:25:6d:bd:04:
ad:13:41:e5:bb:97:ea:a2:70:a1:d5:e0:30:51:2c:
6e:97:be:53:dc:62:43:20:57:28:8a:a4:ab:96:80:
ce:55:42:20:11:2d:73:b2:1f:97:eb:6a:98:2e:7d:
59:b2:f6:21:c9:ee:e4:fa:78:3e:a4:88:db:42:c2:
a2:4b:3f:ed:40:24:db:b0:82:1c:b7:cb:49:8b:71:
ad:e8:fd:96:83:b2:9e:74:9f:be:1b:36:32:fa:14:
98:58:a3:cd:4d:4c:45:f0:dd:c3:0a:70:6a:a9:14:
d2:b3:33:5d:82:d5:8a:3e:73:90:04:3c:e4:72:6e:
ec:49:25:cb:2c:59:73:bd:dd:f4:06:c9:9d:19:19:
4d:39:0c:fc:4e:41:3f:aa:42:34:8a:70:48:49:88:
9a:a5:97:ea:42:db:86:6f:b1:38:38:f2:73:ce:b2:
a6:c0:6b:3a:cd:60:6a:ef:cd:3f:53:8f:db:19:9c:
be:7b:51:85:b7:18:9e:35:46:31:46:99:b6:39:4e:
b7:43:af:66:81:91:7b:5b:b4:d1:87:15:02:cf:2a:
8f:9d:51:f3:e7:05:4a:75:ff:dc:ae:74:8e:d7:3c:
00:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:AA:9B:2A:5D:88:47:90:17:80:DC:C7:9A:4E:BC:FB:57:B2:52:A5
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/D6qbKl2IR5AXgNzHmk68-1eyUqU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0/21
140.150.10.0-140.150.12.255
140.150.14.0/23
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0/24
146.103.73.0-146.103.93.255
Signature Algorithm: sha256WithRSAEncryption
5d:62:4c:80:46:2a:55:d1:2a:5b:26:ca:c2:a0:39:7e:b9:5e:
5d:f7:0d:bc:04:33:bb:67:21:cc:11:62:bf:fb:77:a8:86:83:
53:36:26:77:31:60:5b:72:ef:b1:98:5c:34:b5:cf:48:45:e5:
11:32:6a:db:41:3e:d3:e2:0f:66:71:a1:26:1c:bc:2c:8f:92:
53:d6:5b:d0:32:9a:b0:eb:b7:f4:e6:73:51:d2:91:f3:e6:b6:
86:6a:a3:21:77:c7:86:bc:11:86:57:97:5d:2b:1c:d7:37:1d:
d1:24:d9:82:56:fb:b9:74:fb:69:54:c1:d6:51:f1:c7:d4:cf:
d0:a3:37:86:cd:2c:75:d5:02:a1:7c:74:17:3b:43:ed:a6:1d:
16:0f:13:a7:4d:21:ca:ba:e1:f3:18:e8:06:06:8d:c3:23:27:
05:c9:e7:69:d0:69:25:d1:35:ff:0d:1b:39:f8:14:e7:02:90:
b8:ac:9c:c0:be:25:20:22:f3:5c:d4:af:eb:ea:8d:f4:9a:d3:
24:34:b0:06:06:82:5f:fa:52:ca:f1:b7:ee:85:9b:f9:6c:b1:
81:19:6b:f5:e1:51:a3:09:e1:4c:8d:f1:b0:7a:f9:7f:be:b6:
e9:d7:70:68:71:6e:27:d7:9e:12:3e:59:09:26:7c:82:3b:6e:
55:b1:9c:33
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZcbc6tjjR+PQ14Iip5DQUKFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNTI5MDk1MDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZmFhOWIyYTVkODg0NzkwMTc4MGRjYzc5YTRlYmNmYjU3YjI1MmE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgUHCGVWkJLLLVqhrHFBYAQiUPbU
x5dGciVtvQStE0Hlu5fqonCh1eAwUSxul75T3GJDIFcoiqSrloDOVUIgES1zsh+X
62qYLn1ZsvYhye7k+ng+pIjbQsKiSz/tQCTbsIIct8tJi3Gt6P2Wg7KedJ++GzYy
+hSYWKPNTUxF8N3DCnBqqRTSszNdgtWKPnOQBDzkcm7sSSXLLFlzvd30BsmdGRlN
OQz8TkE/qkI0inBISYiapZfqQtuGb7E4OPJzzrKmwGs6zWBq780/U4/bGZy+e1GF
txieNUYxRpm2OU63Q69mgZF7W7TRhxUCzyqPnVHz5wVKdf/crnSO1zwAYwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFA+qmypdiEeQF4Dcx5pOvPtXslKlMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvRDZxYktsMklSNUFYZ056SG1rNjgtMWV5VXFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQDjJYAMAwD
BAGMlgoDBACMlgwDBAGMlg4wDAMEAYyWEgMEAIyWJjAMAwQDjJYoAwQAjJYsAwQB
jJYuMAwDBAaSZ0ADBACSZ0QDBACSZ0cwDAMEAJJnSQMEAZJnXDANBgkqhkiG9w0B
AQsFAAOCAQEAXWJMgEYqVdEqWybKwqA5frleXfcNvAQzu2chzBFiv/t3qIaDUzYm
dzFgW3LvsZhcNLXPSEXlETJq20E+0+IPZnGhJhy8LI+SU9Zb0DKasOu39OZzUdKR
8+a2hmqjIXfHhrwRhleXXSsc1zcd0STZglb7uXT7aVTB1lHxx9TP0KM3hs0sddUC
oXx0FztD7aYdFg8Tp00hyrrh8xjoBgaNwyMnBcnnadBpJdE1/w0bOfgU5wKQuKyc
wL4lICLzXNSv6+qN9JrTJDSwBgaCX/pSyvG37oWb+WyxgRlr9eFRownhTI3xsHr5
f7626ddwaHFuJ9eeEj5ZCSZ8gjtuVbGcMw==
-----END CERTIFICATE-----
Generated at Sat Jun 7 04:03:16 2025 by rpki-client