Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/PHGv-iP3-GV5PUVRHcEuKvBjePw.roa
File: PHGv-iP3-GV5PUVRHcEuKvBjePw.roa (raw, json)
Hash identifier: 7jlPPnbCBHtnfInB0g3T4zwfv1LlUHpXKaShvtDGxfY=
Subject key identifier: 3C:71:AF:FA:23:F7:F8:65:79:3D:45:51:1D:C1:2E:2A:F0:63:78:FC
Certificate issuer: /CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Certificate serial: 0198F6F03D52F4C349129665518DADE6B1C4
Authority key identifier: AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/PHGv-iP3-GV5PUVRHcEuKvBjePw.roa
Signing time: Fri 29 Aug 2025 17:46:36 +0000
ROA not before: Fri 29 Aug 2025 17:46:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6205
IP address blocks: 5.250.240.0/24 maxlen: 24
5.250.241.0/24 maxlen: 24
5.250.242.0/24 maxlen: 24
5.250.243.0/24 maxlen: 24
5.250.244.0/24 maxlen: 24
5.250.245.0/24 maxlen: 24
5.250.246.0/24 maxlen: 24
5.250.247.0/24 maxlen: 24
5.250.248.0/24 maxlen: 24
5.250.249.0/24 maxlen: 24
5.250.250.0/24 maxlen: 24
5.250.251.0/24 maxlen: 24
5.250.252.0/24 maxlen: 24
185.67.122.0/24 maxlen: 24
185.67.123.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f6:f0:3d:52:f4:c3:49:12:96:65:51:8d:ad:e6:b1:c4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab1d0e7e818baf9a7afb9866124292a61aafb8ca
Validity
Not Before: Aug 29 17:46:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c71affa23f7f865793d45511dc12e2af06378fc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:ea:fa:31:ec:11:79:a1:26:fa:21:cb:6c:ef:
a1:aa:35:37:72:be:b4:89:b3:8e:9e:4f:f0:db:21:
30:9d:72:b6:ab:eb:0d:36:08:00:15:78:8d:d2:bb:
c7:88:bc:57:f0:be:86:5d:db:af:bd:37:35:6f:64:
a6:dd:b3:48:23:b8:0d:d6:8b:d1:a6:6d:f9:7e:ac:
64:9b:19:b2:f5:72:bf:f8:83:e7:fe:95:09:af:ea:
36:1f:5e:4d:b6:3f:19:cb:75:b8:d6:6f:eb:88:0d:
74:cd:4e:fb:d5:0c:eb:30:36:10:0d:f8:bb:67:59:
d1:56:b8:cc:3b:6f:c1:55:53:b1:91:ff:c8:ea:b1:
39:52:90:9c:2b:79:62:81:03:1c:3e:1f:6d:35:f7:
af:79:67:0f:96:4f:dc:bf:ed:22:23:c2:c5:89:b1:
b2:38:d7:05:94:5a:65:d4:66:32:e9:89:b5:2f:26:
1d:aa:80:36:74:36:a6:ad:56:bf:28:9e:d9:8b:b9:
2f:d4:6d:a3:07:90:cd:c6:7d:04:3c:d8:cd:ea:45:
66:c4:94:75:c2:19:dd:7c:8f:e5:79:7c:1f:2b:e3:
d3:4a:2b:71:b5:dc:9c:13:60:5c:7c:cf:58:1d:d4:
eb:a7:60:0b:74:7b:ba:09:61:02:84:5a:52:28:8e:
a6:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:71:AF:FA:23:F7:F8:65:79:3D:45:51:1D:C1:2E:2A:F0:63:78:FC
X509v3 Authority Key Identifier:
keyid:AB:1D:0E:7E:81:8B:AF:9A:7A:FB:98:66:12:42:92:A6:1A:AF:B8:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qx0OfoGLr5p6-5hmEkKSphqvuMo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/PHGv-iP3-GV5PUVRHcEuKvBjePw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/124c35-9523-43b7-b7eb-ea59264f9083/1/qx0OfoGLr5p6-5hmEkKSphqvuMo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.250.240.0-5.250.252.255
185.67.122.0/23
Signature Algorithm: sha256WithRSAEncryption
20:2a:75:fd:0a:e0:cc:77:fc:08:a9:87:f7:4e:f5:d1:49:cb:
ed:82:7b:72:7f:50:30:02:f4:42:50:9e:97:ec:66:fa:99:c9:
b3:05:78:0c:e4:f4:fb:24:79:39:a1:72:0a:70:cd:83:e6:2f:
92:34:af:b9:05:b4:58:f1:cb:9a:0f:0f:fb:28:e0:72:11:71:
86:f8:a8:22:01:5d:a4:b4:49:83:35:87:94:f2:30:41:e8:36:
1d:6a:6d:42:04:09:06:9f:c5:cd:4a:2a:99:c9:88:a7:3b:aa:
54:5f:b9:b4:0b:c3:d3:1a:4b:28:8e:37:a7:db:a7:6a:30:f7:
cf:c5:f2:16:35:e9:4a:ec:2c:18:7e:90:fa:a9:a9:00:14:ab:
75:9d:fe:81:08:a1:7e:8a:4a:45:51:ce:07:7e:3d:2d:8b:e7:
6f:f4:1c:4a:98:4d:5c:8e:a4:26:9c:5b:39:d5:73:40:00:e8:
13:75:84:fa:78:01:13:dc:92:dc:2b:a8:70:e2:9d:ae:29:19:
2f:e1:26:5c:a0:7c:03:55:69:be:f7:c5:e9:61:18:6a:e9:db:
3e:3f:99:bc:3d:64:6e:de:a9:d7:db:02:b6:18:51:a7:db:aa:
fd:9e:46:32:1f:54:46:9a:87:67:7f:f9:d5:2b:bf:15:65:d5:
0e:c7:59:61
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZj28D1S9MNJEpZlUY2t5rHEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMWQwZTdlODE4YmFmOWE3YWZiOTg2NjEyNDI5MmE2MWFh
ZmI4Y2EwHhcNMjUwODI5MTc0NjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzcxYWZmYTIzZjdmODY1NzkzZDQ1NTExZGMxMmUyYWYwNjM3OGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAter6MewReaEm+iHLbO+hqjU3cr60
ibOOnk/w2yEwnXK2q+sNNggAFXiN0rvHiLxX8L6GXduvvTc1b2Sm3bNII7gN1ovR
pm35fqxkmxmy9XK/+IPn/pUJr+o2H15Ntj8Zy3W41m/riA10zU771QzrMDYQDfi7
Z1nRVrjMO2/BVVOxkf/I6rE5UpCcK3ligQMcPh9tNfeveWcPlk/cv+0iI8LFibGy
ONcFlFpl1GYy6Ym1LyYdqoA2dDamrVa/KJ7Zi7kv1G2jB5DNxn0EPNjN6kVmxJR1
whndfI/leXwfK+PTSitxtdycE2BcfM9YHdTrp2ALdHu6CWEChFpSKI6mRwIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFDxxr/oj9/hleT1FUR3BLirwY3j8MB8GA1UdIwQY
MBaAFKsdDn6Bi6+aevuYZhJCkqYar7jKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWIt
ZWE1OTI2NGY5MDgzLzEvUEhHdi1pUDMtR1Y1UFVWUkhjRXVLdkJqZVB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8xMjRjMzUtOTUyMy00M2I3LWI3ZWItZWE1OTI2NGY5MDgz
LzEvcXgwT2ZvR0xyNXA2LTVobUVrS1NwaHF2dU1vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAQF+vAD
BAAF+vwDBAG5Q3owDQYJKoZIhvcNAQELBQADggEBACAqdf0K4Mx3/Aiph/dO9dFJ
y+2Ce3J/UDAC9EJQnpfsZvqZybMFeAzk9PskeTmhcgpwzYPmL5I0r7kFtFjxy5oP
D/so4HIRcYb4qCIBXaS0SYM1h5TyMEHoNh1qbUIECQafxc1KKpnJiKc7qlRfubQL
w9MaSyiON6fbp2ow98/F8hY16UrsLBh+kPqpqQAUq3Wd/oEIoX6KSkVRzgd+PS2L
52/0HEqYTVyOpCacWznVc0AA6BN1hPp4ARPcktwrqHDina4pGS/hJlygfANVab73
xelhGGrp2z4/mbw9ZG7eqdfbArYYUafbqv2eRjIfVEaah2d/+dUrvxVl1Q7HWWE=
-----END CERTIFICATE-----
Generated at Mon Sep 8 06:11:39 2025 by rpki-client