Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/CDcE_vqm19Y_w1U_nUrldF-Ugs0.roa
File: CDcE_vqm19Y_w1U_nUrldF-Ugs0.roa (raw, json)
Hash identifier: xI3BVyx2LWN6Xd4vh4ettZDFc5P8efBg+uxBmnTHoxk=
Subject key identifier: 08:37:04:FE:FA:A6:D7:D6:3F:C3:55:3F:9D:4A:E5:74:5F:94:82:CD
Certificate issuer: /CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Certificate serial: 01973F0A70A49896809626459BCB7D184478
Authority key identifier: 6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/CDcE_vqm19Y_w1U_nUrldF-Ugs0.roa
Signing time: Thu 05 Jun 2025 07:42:18 +0000
ROA not before: Thu 05 Jun 2025 07:42:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207743
IP address blocks: 5.154.252.0/23 maxlen: 23
5.154.254.0/23 maxlen: 23
5.157.129.0/24 maxlen: 24
5.157.130.0/23 maxlen: 23
37.35.40.0/23 maxlen: 23
37.35.42.0/23 maxlen: 23
178.157.72.0/22 maxlen: 24
178.157.102.0/23 maxlen: 23
188.74.140.0/22 maxlen: 22
188.74.168.0/23 maxlen: 23
188.74.182.0/23 maxlen: 23
188.74.210.0/23 maxlen: 23
188.74.240.0/22 maxlen: 24
188.119.156.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:0a:70:a4:98:96:80:96:26:45:9b:cb:7d:18:44:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6b233d75508b4e85cccf44349a7cb703198d1d26
Validity
Not Before: Jun 5 07:42:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=083704fefaa6d7d63fc3553f9d4ae5745f9482cd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:be:e3:e4:fc:e6:13:6e:57:a2:dd:48:03:38:
1b:ef:26:f9:c9:d8:e2:67:f4:cc:7a:a8:1c:07:19:
75:fd:89:31:ea:b5:69:d0:50:6f:39:ff:7e:c0:7c:
16:63:85:43:53:1e:01:e5:30:68:0f:f5:f4:13:f3:
cc:d0:07:1f:b0:e4:2c:5f:8a:2f:da:52:cb:f8:a8:
ca:0b:55:f6:1b:5a:09:47:9c:6e:19:04:6f:d0:f3:
52:b2:8c:85:b9:d0:d6:da:ac:77:a5:12:ef:67:68:
21:93:2a:20:19:f6:b5:4f:c6:64:8d:33:18:d1:d6:
4a:e3:45:0d:8d:2c:ff:37:a0:57:b4:43:3e:58:91:
0b:3d:5a:1e:57:88:30:37:b9:38:bb:b4:d7:f6:2e:
bc:d9:c7:ad:01:a5:f2:f6:e7:1a:75:28:1a:04:d3:
88:e9:f9:c4:19:b2:0a:35:b6:66:a4:b7:19:62:f2:
15:c4:1b:ab:e5:d1:8f:50:9d:94:b6:13:55:ef:8e:
ee:bc:00:e0:25:9f:cc:f9:60:2d:ce:96:95:01:f3:
fc:06:2c:ca:89:15:a7:13:55:92:92:e5:21:fc:48:
64:c3:c8:d0:72:e6:a1:df:e5:d8:e6:3b:dc:ce:38:
31:97:46:6c:31:c2:4c:64:d0:ba:f6:a7:31:52:6a:
8e:ad
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
08:37:04:FE:FA:A6:D7:D6:3F:C3:55:3F:9D:4A:E5:74:5F:94:82:CD
X509v3 Authority Key Identifier:
keyid:6B:23:3D:75:50:8B:4E:85:CC:CF:44:34:9A:7C:B7:03:19:8D:1D:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ayM9dVCLToXMz0Q0mny3AxmNHSY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/CDcE_vqm19Y_w1U_nUrldF-Ugs0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/9d9192-273c-4ca9-b2ba-fa9cb51cd0f1/1/ayM9dVCLToXMz0Q0mny3AxmNHSY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.252.0/22
5.157.129.0-5.157.131.255
37.35.40.0/22
178.157.72.0/22
178.157.102.0/23
188.74.140.0/22
188.74.168.0/23
188.74.182.0/23
188.74.210.0/23
188.74.240.0/22
188.119.156.0/23
Signature Algorithm: sha256WithRSAEncryption
1c:71:86:ef:36:2a:e6:83:1a:71:c9:eb:64:40:d8:81:48:38:
74:75:6d:89:4e:c6:88:91:1e:d8:4a:08:2f:6d:81:cb:f6:64:
d1:be:c2:ec:9a:e8:90:5b:2e:be:62:72:3b:36:2d:65:fd:85:
04:2c:46:3b:09:08:9d:a0:bb:07:b6:3e:20:14:db:48:5d:d6:
cd:8c:c0:c0:29:b4:5a:cc:86:8e:78:cc:d1:ac:04:5f:08:4c:
84:0b:e4:52:a7:33:a5:21:f7:30:c2:c6:8b:65:5d:da:5a:70:
94:69:05:72:87:be:26:64:c3:7c:03:bd:9f:48:50:06:37:3b:
d5:4b:f5:85:51:b4:26:51:01:ee:9e:79:ef:05:88:2f:96:cd:
6f:6f:51:52:2c:36:2b:4a:61:53:eb:33:58:26:78:bd:96:33:
53:b6:ac:e5:75:9a:22:6a:75:8c:f5:95:ab:87:9b:1b:aa:bc:
9d:8e:8d:f1:e4:21:20:03:3f:b9:19:90:93:89:b4:6a:66:a2:
29:3c:d0:f1:82:87:df:b6:42:eb:06:4e:2e:6b:83:78:6c:29:
61:09:46:f7:88:76:c3:95:60:56:fb:bd:a4:4f:ad:94:de:f6:
4d:4e:93:62:a0:a4:98:69:6f:27:b8:6a:bb:05:b6:24:ba:29:
5b:89:8b:8e
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZc/CnCkmJaAliZFm8t9GER4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZiMjMzZDc1NTA4YjRlODVjY2NmNDQzNDlhN2NiNzAzMTk4
ZDFkMjYwHhcNMjUwNjA1MDc0MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwODM3MDRmZWZhYTZkN2Q2M2ZjMzU1M2Y5ZDRhZTU3NDVmOTQ4MmNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkL7j5PzmE25Xot1IAzgb7yb5ydji
Z/TMeqgcBxl1/Ykx6rVp0FBvOf9+wHwWY4VDUx4B5TBoD/X0E/PM0AcfsOQsX4ov
2lLL+KjKC1X2G1oJR5xuGQRv0PNSsoyFudDW2qx3pRLvZ2ghkyogGfa1T8ZkjTMY
0dZK40UNjSz/N6BXtEM+WJELPVoeV4gwN7k4u7TX9i682cetAaXy9ucadSgaBNOI
6fnEGbIKNbZmpLcZYvIVxBur5dGPUJ2UthNV747uvADgJZ/M+WAtzpaVAfP8BizK
iRWnE1WSkuUh/Ehkw8jQcuah3+XY5jvczjgxl0ZsMcJMZNC69qcxUmqOrQIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFAg3BP76ptfWP8NVP51K5XRflILNMB8GA1UdIwQY
MBaAFGsjPXVQi06FzM9ENJp8twMZjR0mMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEt
ZmE5Y2I1MWNkMGYxLzEvQ0RjRV92cW0xOVlfdzFVX25VcmxkRi1VZ3MwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC85ZDkxOTItMjczYy00Y2E5LWIyYmEtZmE5Y2I1MWNkMGYx
LzEvYXlNOWRWQ0xUb1hNejBRMG1ueTNBeG1OSFNZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQCBZr8MAwD
BAAFnYEDBAIFnYADBAIlIygDBAKynUgDBAGynWYDBAK8SowDBAG8SqgDBAG8SrYD
BAG8StIDBAK8SvADBAG8d5wwDQYJKoZIhvcNAQELBQADggEBABxxhu82KuaDGnHJ
62RA2IFIOHR1bYlOxoiRHthKCC9tgcv2ZNG+wuya6JBbLr5icjs2LWX9hQQsRjsJ
CJ2guwe2PiAU20hd1s2MwMAptFrMho54zNGsBF8ITIQL5FKnM6Uh9zDCxotlXdpa
cJRpBXKHviZkw3wDvZ9IUAY3O9VL9YVRtCZRAe6eee8FiC+WzW9vUVIsNitKYVPr
M1gmeL2WM1O2rOV1miJqdYz1lauHmxuqvJ2OjfHkISADP7kZkJOJtGpmoik80PGC
h9+2QusGTi5rg3hsKWEJRveIdsOVYFb7vaRPrZTe9k1Ok2KgpJhpbye4arsFtiS6
KVuJi44=
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:32:35 2025 by rpki-client