Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5gsmmIimNjb6jSLMzMGOJw8StGQ.roa
File: 5gsmmIimNjb6jSLMzMGOJw8StGQ.roa (raw, json)
Hash identifier: 8CpfLCyL604RZTrQb/hZEV5owcSIsCRv2NWIuw64zsw=
Subject key identifier: E6:0B:26:98:88:A6:36:36:FA:8D:22:CC:CC:C1:8E:27:0F:12:B4:64
Certificate issuer: /CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Certificate serial: 0199E2EF02C877DA829EA8961878B78FB361
Authority key identifier: 35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5gsmmIimNjb6jSLMzMGOJw8StGQ.roa
Signing time: Tue 14 Oct 2025 13:35:38 +0000
ROA not before: Tue 14 Oct 2025 13:35:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 216127
IP address blocks: 195.58.38.0/24 maxlen: 24
195.58.39.0/24 maxlen: 24
195.133.64.0/24 maxlen: 24
195.133.65.0/24 maxlen: 24
212.193.4.0/24 maxlen: 24
212.193.5.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e2:ef:02:c8:77:da:82:9e:a8:96:18:78:b7:8f:b3:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=35690f5e32d5c86af1e1349dfd4e8ceeb70e1ac7
Validity
Not Before: Oct 14 13:35:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e60b269888a63636fa8d22ccccc18e270f12b464
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:6e:c3:92:17:5b:6b:ea:6f:82:a1:94:e0:94:
3a:2e:e5:43:a5:1a:55:92:f3:87:e8:25:0d:e0:bc:
40:25:f5:8e:9e:6a:b3:28:2e:90:93:58:4d:db:c4:
7b:f9:ea:25:85:91:3b:2d:b0:ac:ba:b3:c2:99:45:
a2:ad:e6:6d:32:56:0d:5c:3b:c1:5b:17:c1:93:39:
cc:8f:72:91:b2:1e:52:38:60:34:93:5a:53:3a:5c:
91:9e:e4:90:18:1b:51:70:de:6f:cb:92:52:99:23:
8a:b6:9f:6c:20:b8:d0:38:c3:11:d9:43:4a:60:46:
1b:25:76:d2:69:76:d5:cf:34:d3:10:de:23:d7:b7:
dd:d4:cf:1e:33:b9:d0:c2:f1:03:41:4b:80:a8:63:
f0:fb:b6:c9:7e:30:55:ec:79:fd:9a:77:13:c8:50:
36:73:fd:06:1b:4c:72:69:39:31:96:74:b6:ca:60:
ca:8f:ed:6d:e8:71:79:c6:e1:e8:06:60:0b:8d:45:
66:4c:ef:e3:ea:33:b6:56:7a:c0:4d:d3:82:df:e0:
84:70:eb:53:6a:6a:88:34:fb:fc:61:46:09:e4:c7:
cb:16:15:b8:57:5d:16:c1:26:d3:fa:de:88:73:df:
54:fc:49:15:f3:91:a1:e9:71:93:05:a0:c1:46:10:
91:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E6:0B:26:98:88:A6:36:36:FA:8D:22:CC:CC:C1:8E:27:0F:12:B4:64
X509v3 Authority Key Identifier:
keyid:35:69:0F:5E:32:D5:C8:6A:F1:E1:34:9D:FD:4E:8C:EE:B7:0E:1A:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NWkPXjLVyGrx4TSd_U6M7rcOGsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/5gsmmIimNjb6jSLMzMGOJw8StGQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/e1447a-8f18-4a80-a422-5a42428f1143/1/NWkPXjLVyGrx4TSd_U6M7rcOGsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.58.38.0/23
195.133.64.0/23
212.193.4.0/23
Signature Algorithm: sha256WithRSAEncryption
69:4b:67:81:54:2a:90:36:78:1c:5c:fe:62:76:e2:0f:7f:39:
ee:23:15:f5:61:3c:5e:1f:a6:24:f6:90:31:1e:38:0f:e6:b6:
e9:15:e9:a9:14:e4:ae:db:a0:f3:4c:f1:02:12:f6:c9:94:0f:
95:97:d0:f6:7c:95:e9:e3:e4:23:f5:a5:30:2a:4b:9c:8e:7f:
93:b1:2c:8b:16:4c:26:9b:f5:3f:2f:c4:2f:3b:b1:be:05:86:
51:cc:df:88:ea:c2:8e:36:08:38:6a:ab:27:e5:69:07:c5:7d:
43:14:8e:27:27:f8:ed:e3:9c:ea:3a:8b:5c:28:34:e2:1d:64:
96:7e:b1:0b:3f:1f:d0:11:99:63:21:d4:fa:7b:27:dc:6a:e3:
27:90:e6:fd:81:e5:33:0f:3a:08:3f:a9:45:da:1c:ed:c7:92:
84:3c:52:06:20:b0:ff:2e:a1:d9:d6:98:d4:a9:77:09:f4:5e:
78:9a:24:2b:9a:5b:1d:97:ae:5c:5a:3f:83:45:4e:97:70:57:
31:6f:55:6a:7f:65:d6:fa:6a:13:8b:7c:66:1b:a4:e0:7b:c5:
c3:19:67:b1:9e:e8:0c:93:8f:f5:d6:e1:f8:6a:4b:38:92:51:
f0:a3:26:4e:37:4b:4a:30:70:77:9e:64:71:f6:73:d1:4d:c2:
42:be:82:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZni7wLId9qCnqiWGHi3j7NhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1NjkwZjVlMzJkNWM4NmFmMWUxMzQ5ZGZkNGU4Y2VlYjcw
ZTFhYzcwHhcNMjUxMDE0MTMzNTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNjBiMjY5ODg4YTYzNjM2ZmE4ZDIyY2NjY2MxOGUyNzBmMTJiNDY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuG7Dkhdba+pvgqGU4JQ6LuVDpRpV
kvOH6CUN4LxAJfWOnmqzKC6Qk1hN28R7+eolhZE7LbCsurPCmUWireZtMlYNXDvB
WxfBkznMj3KRsh5SOGA0k1pTOlyRnuSQGBtRcN5vy5JSmSOKtp9sILjQOMMR2UNK
YEYbJXbSaXbVzzTTEN4j17fd1M8eM7nQwvEDQUuAqGPw+7bJfjBV7Hn9mncTyFA2
c/0GG0xyaTkxlnS2ymDKj+1t6HF5xuHoBmALjUVmTO/j6jO2VnrATdOC3+CEcOtT
amqINPv8YUYJ5MfLFhW4V10WwSbT+t6Ic99U/EkV85Gh6XGTBaDBRhCR6QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFOYLJpiIpjY2+o0izMzBjicPErRkMB8GA1UdIwQY
MBaAFDVpD14y1chq8eE0nf1OjO63DhrHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjIt
NWE0MjQyOGYxMTQzLzEvNWdzbW1JaW1OamI2alNMTXpNR09KdzhTdEdRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC9lMTQ0N2EtOGYxOC00YTgwLWE0MjItNWE0MjQyOGYxMTQz
LzEvTldrUFhqTFZ5R3J4NFRTZF9VNk03cmNPR3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBwzomAwQB
w4VAAwQB1MEEMA0GCSqGSIb3DQEBCwUAA4IBAQBpS2eBVCqQNngcXP5iduIPfznu
IxX1YTxeH6Yk9pAxHjgP5rbpFempFOSu26DzTPECEvbJlA+Vl9D2fJXp4+Qj9aUw
Kkucjn+TsSyLFkwmm/U/L8QvO7G+BYZRzN+I6sKONgg4aqsn5WkHxX1DFI4nJ/jt
45zqOotcKDTiHWSWfrELPx/QEZljIdT6eyfcauMnkOb9geUzDzoIP6lF2hztx5KE
PFIGILD/LqHZ1pjUqXcJ9F54miQrmlsdl65cWj+DRU6XcFcxb1Vqf2XW+moTi3xm
G6Tge8XDGWexnugMk4/11uH4aks4klHwoyZON0tKMHB3nmRx9nPRTcJCvoIx
-----END CERTIFICATE-----
Generated at Sun Oct 19 23:14:56 2025 by rpki-client