Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/01eXiS4taTiu1Rh6N594DmUoVRs.roa
File: 01eXiS4taTiu1Rh6N594DmUoVRs.roa (raw, json)
Hash identifier: dUUWBUjVA8IJ2TUdI1Uyz7HhkZ5PhpCwqXRaX8Jk8iQ=
Subject key identifier: D3:57:97:89:2E:2D:69:38:AE:D5:18:7A:37:9F:78:0E:65:28:55:1B
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197AF958C3A4D24BFCFABDF107EA2DF50C8
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/01eXiS4taTiu1Rh6N594DmUoVRs.roa
Signing time: Fri 27 Jun 2025 04:11:42 +0000
ROA not before: Fri 27 Jun 2025 04:11:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.231.70.0/24 maxlen: 24
5.231.115.0/24 maxlen: 24
5.231.203.0/24 maxlen: 24
5.231.234.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
85.93.1.0/24 maxlen: 24
89.144.14.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 04:11:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:af:95:8c:3a:4d:24:bf:cf:ab:df:10:7e:a2:df:50:c8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 27 04:11:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d35797892e2d6938aed5187a379f780e6528551b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:47:2a:97:1c:2c:10:8d:74:6f:1a:a9:03:10:
ea:99:97:ac:2e:8b:15:4e:dc:5c:06:72:1c:90:80:
3b:44:df:4b:b5:c9:62:cc:ff:37:2d:40:bc:e7:15:
74:2f:c0:e0:9c:13:7c:c4:05:ec:c6:d6:7e:e6:dd:
b2:96:f5:16:d8:cb:e3:00:b6:e5:e2:7b:36:05:58:
6a:50:2b:3d:2d:30:ec:1c:98:f7:52:0b:42:8a:a7:
6d:9f:08:50:e4:49:33:01:9b:ae:2f:99:58:cb:94:
69:56:47:db:a1:20:ba:78:3c:9c:6a:82:1d:44:cd:
5c:b5:7e:bc:d4:38:81:b5:bb:60:59:f2:b9:a3:76:
5a:23:0e:a4:48:3d:b3:8a:3e:f1:51:78:dc:88:f9:
53:fa:fc:bc:04:28:06:1c:10:51:40:ae:b1:12:22:
fe:7e:fb:d3:86:9d:f4:12:20:da:48:84:71:21:01:
b6:30:de:49:73:4a:81:46:e3:a9:cc:06:3d:f5:73:
63:73:e0:3c:a4:3f:8a:87:c3:27:51:5b:2e:88:92:
c3:54:1c:c3:ff:3f:80:86:94:cb:83:3f:cb:d1:50:
84:5f:2e:c5:e7:1c:05:6d:16:25:fe:21:43:88:0e:
18:94:8c:04:36:5b:0d:6b:ff:ee:01:c0:26:42:57:
ad:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:57:97:89:2E:2D:69:38:AE:D5:18:7A:37:9F:78:0E:65:28:55:1B
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/01eXiS4taTiu1Rh6N594DmUoVRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.70.0/24
5.231.115.0/24
5.231.203.0/24
5.231.234.0/24
77.90.22.0/24
77.90.41.0/24
77.90.52.0/24
85.93.1.0/24
89.144.14.0/24
89.144.17.0-89.144.18.255
178.18.147.0/24
185.13.159.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:7b:70:44:9b:3c:6d:bb:23:54:c9:9f:65:43:be:93:aa:f4:
38:61:1d:8f:63:8f:f5:d8:af:fe:93:b4:60:e3:02:50:5a:df:
5c:09:a3:32:e2:35:04:ef:27:b0:41:7c:c5:11:af:53:07:bc:
31:0f:26:36:1e:75:37:01:d5:21:6a:77:8e:dd:b3:e0:0a:22:
b7:c0:db:99:25:3c:50:82:cb:31:f7:cd:bd:1f:70:4c:20:aa:
9d:c7:09:40:ed:d7:17:0a:a4:ce:ec:86:5b:dd:4d:d3:6f:47:
ca:7d:d8:ec:dc:46:c1:df:ac:cd:21:ea:c8:9c:9c:09:ec:c3:
30:dc:4e:b5:f2:43:3e:6c:29:c8:90:ae:62:19:9c:cd:cd:b5:
4e:7d:bb:d6:33:ea:d0:e9:05:1f:d3:b4:a4:b1:17:66:f7:01:
0b:a4:01:c2:b0:5a:b9:3f:49:00:73:d9:28:3a:73:4b:89:db:
e3:28:8f:57:55:51:d7:ed:01:47:18:4e:92:f2:8a:5e:9e:5f:
90:ae:07:db:de:83:91:37:b6:dc:53:69:18:8e:be:1f:a6:4f:
99:04:1c:36:80:6e:e6:1e:a9:05:b3:da:fa:9c:59:39:23:e6:
7c:f6:95:17:fe:4b:24:75:94:68:19:06:da:89:32:d7:62:fb:
4d:f8:50:de
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZevlYw6TSS/z6vfEH6i31DIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjI3MDQxMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU3OTc4OTJlMmQ2OTM4YWVkNTE4N2EzNzlmNzgwZTY1Mjg1NTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvkcqlxwsEI10bxqpAxDqmZesLosV
TtxcBnIckIA7RN9LtclizP83LUC85xV0L8DgnBN8xAXsxtZ+5t2ylvUW2MvjALbl
4ns2BVhqUCs9LTDsHJj3UgtCiqdtnwhQ5EkzAZuuL5lYy5RpVkfboSC6eDycaoId
RM1ctX681DiBtbtgWfK5o3ZaIw6kSD2zij7xUXjciPlT+vy8BCgGHBBRQK6xEiL+
fvvThp30EiDaSIRxIQG2MN5Jc0qBRuOpzAY99XNjc+A8pD+Kh8MnUVsuiJLDVBzD
/z+AhpTLgz/L0VCEXy7F5xwFbRYl/iFDiA4YlIwENlsNa//uAcAmQletGQIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFNNXl4kuLWk4rtUYejefeA5lKFUbMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMDFlWGlTNHRhVGl1MVJoNk41OTREbVVvVlJzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQAwQABedGAwQA
BedzAwQABefLAwQABefqAwQATVoWAwQATVopAwQATVo0AwQAVV0BAwQAWZAOMAwD
BABZkBEDBABZkBIDBACyEpMDBAC5DZ8wDQYJKoZIhvcNAQELBQADggEBAEp7cESb
PG27I1TJn2VDvpOq9DhhHY9jj/XYr/6TtGDjAlBa31wJozLiNQTvJ7BBfMURr1MH
vDEPJjYedTcB1SFqd47ds+AKIrfA25klPFCCyzH3zb0fcEwgqp3HCUDt1xcKpM7s
hlvdTdNvR8p92OzcRsHfrM0h6sicnAnswzDcTrXyQz5sKciQrmIZnM3NtU59u9Yz
6tDpBR/TtKSxF2b3AQukAcKwWrk/SQBz2Sg6c0uJ2+Moj1dVUdftAUcYTpLyil6e
X5CuB9veg5E3ttxTaRiOvh+mT5kEHDaAbuYeqQWz2vqcWTkj5nz2lRf+SyR1lGgZ
BtqJMtdi+034UN4=
-----END CERTIFICATE-----
Generated at Tue Jul 1 11:06:36 2025 by rpki-client