Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Y0DqaSnej6SIicBwXcTSk1lLVmY.roa
File: Y0DqaSnej6SIicBwXcTSk1lLVmY.roa (raw, json)
Hash identifier: vgzo2F+cH6Z/HPxN2T0OWAN432h4SVeT+VKfGOWnjm0=
Subject key identifier: 63:40:EA:69:29:DE:8F:A4:88:89:C0:70:5D:C4:D2:93:59:4B:56:66
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0199120299E72B699D5DD298E5357C6F3D45
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Y0DqaSnej6SIicBwXcTSk1lLVmY.roa
Signing time: Wed 03 Sep 2025 23:56:24 +0000
ROA not before: Wed 03 Sep 2025 23:56:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 5.182.184.0/24 maxlen: 24
45.67.146.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
162.218.93.0/24 maxlen: 24
185.52.136.0/24 maxlen: 24
185.52.139.0/24 maxlen: 24
185.161.191.0/24 maxlen: 24
185.187.214.0/24 maxlen: 24
185.187.215.0/24 maxlen: 24
185.205.206.0/24 maxlen: 24
185.208.152.0/24 maxlen: 24
185.208.154.0/24 maxlen: 24
185.230.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 19:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:12:02:99:e7:2b:69:9d:5d:d2:98:e5:35:7c:6f:3d:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Sep 3 23:56:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6340ea6929de8fa48889c0705dc4d293594b5666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:2f:75:88:ec:6c:05:70:4f:23:c7:e8:74:f0:
e2:0b:14:de:97:82:74:c0:7a:13:10:2a:8d:50:ae:
ab:13:09:69:1a:05:52:46:b3:08:eb:9c:c7:85:9d:
1e:24:bf:46:2c:7a:a7:6d:ce:33:8d:96:70:74:02:
b4:4b:cc:06:b9:c7:1e:e4:10:ed:f7:17:e0:a5:82:
ec:4c:58:b0:a4:ea:dc:3e:5b:b2:4f:cb:5a:0d:1e:
be:3b:f0:53:84:5c:6d:d2:5e:a9:83:e5:58:03:d9:
a5:77:4e:b5:06:ba:ce:72:8c:19:7e:bd:03:19:47:
db:4f:71:1c:81:e6:56:86:9c:85:4c:54:98:7e:4f:
73:2c:fe:82:ff:73:5c:9d:16:b6:02:cf:85:ba:05:
e0:b0:f2:a7:e2:65:25:46:0c:69:5c:69:78:69:45:
b5:94:9a:23:d2:c9:3c:1c:83:c9:82:fc:e9:35:2e:
6a:7f:8b:90:6f:fb:a3:e4:03:1a:09:e3:03:57:28:
ce:9c:cc:d9:b1:4f:5f:78:ee:10:76:39:53:42:e6:
0f:de:93:d1:4b:62:1c:6d:db:ff:62:05:36:c8:a3:
20:27:7a:f6:74:1c:fb:46:c4:2d:f9:84:8f:8f:88:
a7:6a:bc:13:25:55:61:8f:01:c4:3f:40:e7:bf:89:
43:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:40:EA:69:29:DE:8F:A4:88:89:C0:70:5D:C4:D2:93:59:4B:56:66
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/Y0DqaSnej6SIicBwXcTSk1lLVmY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.184.0/24
45.67.146.0/24
78.31.206.0/24
162.218.89.0/24
162.218.93.0/24
185.52.136.0/24
185.52.139.0/24
185.161.191.0/24
185.187.214.0/23
185.205.206.0/24
185.208.152.0/24
185.208.154.0/24
185.230.121.0/24
Signature Algorithm: sha256WithRSAEncryption
15:5d:59:a2:2b:d5:7a:96:29:d0:6a:4c:e3:16:8b:a4:8a:f3:
eb:6e:29:f1:cf:a8:5c:8c:48:83:19:ae:2e:17:a9:b1:fd:e2:
90:57:c8:86:8d:01:c4:cb:32:6f:3f:44:28:04:1c:8b:c4:1e:
98:81:bb:10:4e:af:35:df:5a:43:6c:27:45:36:32:fd:4e:ea:
c6:09:2c:48:1d:76:f4:31:51:84:fd:90:b4:66:a8:fc:be:83:
a8:6c:93:7d:f8:42:eb:5a:d0:d9:1e:d7:ac:4c:96:cc:56:de:
d1:0a:c6:ae:c7:9f:11:15:c1:3b:d1:8f:e3:3e:c2:c5:49:6f:
9e:8a:5e:9b:8a:5e:b3:28:0d:55:c8:b4:70:ad:54:42:88:e7:
e4:aa:d9:71:4b:7b:d4:d0:4b:1c:08:0e:a0:4c:03:b1:8f:d1:
b3:a3:ca:44:63:e1:d6:c6:e0:00:47:b5:44:0b:58:db:7c:9b:
28:d9:39:bd:99:73:0b:a6:58:08:94:43:aa:71:2a:5e:a0:40:
6c:17:de:5d:d8:81:c6:e5:80:57:a1:4a:91:92:db:d2:03:b0:
00:33:4f:c2:d8:c5:8a:6c:58:cf:12:61:48:68:72:92:bb:22:
3c:8f:1d:9d:e0:df:84:a7:cd:d6:f2:da:77:d5:8a:1d:33:95:
f0:53:2b:df
-----BEGIN CERTIFICATE-----
MIIFRTCCBC2gAwIBAgISAZkSApnnK2mdXdKY5TV8bz1FMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwOTAzMjM1NjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzQwZWE2OTI5ZGU4ZmE0ODg4OWMwNzA1ZGM0ZDI5MzU5NGI1NjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsy91iOxsBXBPI8fodPDiCxTel4J0
wHoTECqNUK6rEwlpGgVSRrMI65zHhZ0eJL9GLHqnbc4zjZZwdAK0S8wGucce5BDt
9xfgpYLsTFiwpOrcPluyT8taDR6+O/BThFxt0l6pg+VYA9mld061BrrOcowZfr0D
GUfbT3EcgeZWhpyFTFSYfk9zLP6C/3NcnRa2As+FugXgsPKn4mUlRgxpXGl4aUW1
lJoj0sk8HIPJgvzpNS5qf4uQb/uj5AMaCeMDVyjOnMzZsU9feO4QdjlTQuYP3pPR
S2Icbdv/YgU2yKMgJ3r2dBz7RsQt+YSPj4inarwTJVVhjwHEP0Dnv4lD/wIDAQAB
o4ICUTCCAk0wHQYDVR0OBBYEFGNA6mkp3o+kiInAcF3E0pNZS1ZmMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvWTBEcWFTbmVqNlNJaWNCd1hjVFNrMWxMVm1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGcGCCsGAQUFBwEHAQH/BFgwVjBUBAIAATBOAwQABba4AwQA
LUOSAwQATh/OAwQAotpZAwQAotpdAwQAuTSIAwQAuTSLAwQAuaG/AwQBubvWAwQA
uc3OAwQAudCYAwQAudCaAwQAueZ5MA0GCSqGSIb3DQEBCwUAA4IBAQAVXVmiK9V6
linQakzjFoukivPrbinxz6hcjEiDGa4uF6mx/eKQV8iGjQHEyzJvP0QoBByLxB6Y
gbsQTq8131pDbCdFNjL9TurGCSxIHXb0MVGE/ZC0Zqj8voOobJN9+ELrWtDZHtes
TJbMVt7RCsaux58RFcE70Y/jPsLFSW+eil6bil6zKA1VyLRwrVRCiOfkqtlxS3vU
0EscCA6gTAOxj9Gzo8pEY+HWxuAAR7VEC1jbfJso2Tm9mXMLplgIlEOqcSpeoEBs
F95d2IHG5YBXoUqRktvSA7AAM0/C2MWKbFjPEmFIaHKSuyI8jx2d4N+Ep83W8tp3
1YodM5XwUyvf
-----END CERTIFICATE-----
Generated at Sat Sep 6 04:38:13 2025 by rpki-client