Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4GHSc2sTzYjwp7FmFJ79GvpRifk.roa
File: 4GHSc2sTzYjwp7FmFJ79GvpRifk.roa (raw, json)
Hash identifier: V4WVfI8eLs+B9fYVhKDB2orbEFd06brfjL3YHXfF+EE=
Subject key identifier: E0:61:D2:73:6B:13:CD:88:F0:A7:B1:66:14:9E:FD:1A:FA:51:89:F9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0198D51CB449FA7EE280ADECEC484A016731
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4GHSc2sTzYjwp7FmFJ79GvpRifk.roa
Signing time: Sat 23 Aug 2025 04:08:04 +0000
ROA not before: Sat 23 Aug 2025 04:08:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19318
IP address blocks: 5.175.194.0/24 maxlen: 24
5.231.117.0/24 maxlen: 24
5.231.118.0/24 maxlen: 24
5.231.119.0/24 maxlen: 24
5.231.120.0/24 maxlen: 24
5.231.121.0/24 maxlen: 24
5.231.203.0/24 maxlen: 24
5.231.242.0/24 maxlen: 24
5.231.243.0/24 maxlen: 24
5.231.244.0/24 maxlen: 24
5.231.245.0/24 maxlen: 24
5.231.246.0/24 maxlen: 24
5.231.247.0/24 maxlen: 24
5.231.248.0/24 maxlen: 24
89.106.72.0/24 maxlen: 24
89.106.73.0/24 maxlen: 24
89.144.53.0/24 maxlen: 24
89.144.54.0/24 maxlen: 24
94.249.178.0/24 maxlen: 24
94.249.179.0/24 maxlen: 24
94.249.180.0/24 maxlen: 24
94.249.181.0/24 maxlen: 24
94.249.182.0/24 maxlen: 24
94.249.184.0/24 maxlen: 24
94.249.185.0/24 maxlen: 24
94.249.186.0/24 maxlen: 24
94.249.187.0/24 maxlen: 24
94.249.188.0/24 maxlen: 24
94.249.198.0/24 maxlen: 24
94.249.199.0/24 maxlen: 24
94.249.200.0/24 maxlen: 24
94.249.201.0/24 maxlen: 24
94.249.202.0/24 maxlen: 24
94.249.203.0/24 maxlen: 24
94.249.204.0/24 maxlen: 24
94.249.205.0/24 maxlen: 24
94.249.206.0/24 maxlen: 24
94.249.225.0/24 maxlen: 24
94.249.226.0/24 maxlen: 24
94.249.227.0/24 maxlen: 24
178.18.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:1c:b4:49:fa:7e:e2:80:ad:ec:ec:48:4a:01:67:31
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 23 04:08:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e061d2736b13cd88f0a7b166149efd1afa5189f9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dd:08:e3:d7:c3:db:97:d5:8e:e3:e0:83:83:
21:91:46:1c:1c:7e:1e:d9:9f:06:a5:90:95:ab:16:
10:22:4c:3c:62:aa:27:3c:a1:2b:15:82:fa:7e:5b:
8c:af:0c:a7:32:3e:00:f4:25:72:b4:3d:33:36:64:
e0:9f:62:55:f8:1d:58:09:9a:e4:32:c1:3c:01:74:
44:a9:2f:84:0d:d2:c6:83:b7:dc:88:9b:c0:ca:c8:
12:2e:66:d1:01:6e:c9:62:76:20:3d:51:60:c1:12:
b1:67:2d:1d:d9:74:4b:0c:54:0e:9c:a0:1c:75:6c:
d9:65:38:ec:45:f2:87:49:13:59:f6:b1:be:6e:6d:
ae:0b:79:7c:fd:dd:20:d9:15:5c:1c:9c:16:16:b5:
75:75:6f:19:1a:e8:a6:7a:f3:28:96:67:2f:09:44:
39:a1:ab:4d:f5:74:f6:89:0b:b4:f2:e1:66:6d:ec:
59:73:39:1b:e8:c7:e4:2e:05:7d:bc:cd:fb:14:58:
86:33:62:db:ff:6a:db:d9:dc:9e:c3:88:f8:c7:e9:
a7:90:38:50:a7:24:a9:96:aa:03:27:2f:a4:a7:5b:
f4:4f:06:58:60:bc:9e:41:15:13:fe:91:4d:47:80:
96:3c:81:d2:70:16:b8:6a:82:2d:df:7d:8e:2f:4a:
49:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E0:61:D2:73:6B:13:CD:88:F0:A7:B1:66:14:9E:FD:1A:FA:51:89:F9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/4GHSc2sTzYjwp7FmFJ79GvpRifk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.194.0/24
5.231.117.0-5.231.121.255
5.231.203.0/24
5.231.242.0-5.231.248.255
89.106.72.0/23
89.144.53.0-89.144.54.255
94.249.178.0-94.249.182.255
94.249.184.0-94.249.188.255
94.249.198.0-94.249.206.255
94.249.225.0-94.249.227.255
178.18.149.0/24
Signature Algorithm: sha256WithRSAEncryption
d5:a7:af:8f:9b:eb:2b:e4:58:d9:30:50:1d:57:6a:23:30:95:
98:db:a8:b5:00:95:1f:84:bb:8c:be:ce:80:69:1b:3b:7e:e0:
fe:c6:9d:47:1a:df:dc:30:d3:77:d9:dd:dd:09:eb:58:fe:de:
67:06:0b:44:51:23:29:79:6f:64:e4:82:10:6c:dc:1e:81:84:
44:96:06:c6:1e:29:be:ee:5c:9e:1d:4c:20:8b:db:96:7b:1c:
f8:07:61:da:c7:7d:6e:0b:60:45:0e:83:a4:25:69:44:dd:8d:
6c:07:90:85:1c:73:48:71:2a:3a:c0:cc:a8:19:dd:3c:80:16:
ee:b1:e2:19:64:88:85:db:61:c4:0a:9f:20:83:18:3b:47:a1:
cb:bd:b2:7a:48:17:39:28:27:dd:23:be:78:4d:61:6b:23:67:
b4:2a:4c:ad:42:80:ce:93:6f:88:06:2c:9a:ac:36:6f:8e:f4:
d8:df:a0:bd:06:30:b0:d9:1a:0c:3c:e3:fb:13:95:fd:a5:8c:
ab:53:8d:02:47:4c:01:64:81:e5:c8:e6:07:90:76:32:12:46:
2e:ae:bf:20:92:e8:b3:00:6f:a0:77:93:dd:0c:c8:32:66:8b:
ab:7e:87:49:99:0e:8a:e4:0b:d6:ac:1b:35:d5:b9:a9:ed:7f:
de:4e:c5:0c
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZjVHLRJ+n7igK3s7EhKAWcxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwODIzMDQwODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMDYxZDI3MzZiMTNjZDg4ZjBhN2IxNjYxNDllZmQxYWZhNTE4OWY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtd0I49fD25fVjuPgg4MhkUYcHH4e
2Z8GpZCVqxYQIkw8YqonPKErFYL6fluMrwynMj4A9CVytD0zNmTgn2JV+B1YCZrk
MsE8AXREqS+EDdLGg7fciJvAysgSLmbRAW7JYnYgPVFgwRKxZy0d2XRLDFQOnKAc
dWzZZTjsRfKHSRNZ9rG+bm2uC3l8/d0g2RVcHJwWFrV1dW8ZGuimevMolmcvCUQ5
oatN9XT2iQu08uFmbexZczkb6MfkLgV9vM37FFiGM2Lb/2rb2dyew4j4x+mnkDhQ
pySplqoDJy+kp1v0TwZYYLyeQRUT/pFNR4CWPIHScBa4aoIt332OL0pJdwIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFOBh0nNrE82I8KexZhSe/Rr6UYn5MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvNEdIU2Myc1R6WWp3cDdGbUZKNzlHdnBSaWZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAAWv
wjAMAwQABed1AwQBBed4AwQABefLMAwDBAEF5/IDBAAF5/gDBAFZakgwDAMEAFmQ
NQMEAFmQNjAMAwQBXvmyAwQAXvm2MAwDBANe+bgDBABe+bwwDAMEAV75xgMEAF75
zjAMAwQAXvnhAwQCXvngAwQAshKVMA0GCSqGSIb3DQEBCwUAA4IBAQDVp6+Pm+sr
5FjZMFAdV2ojMJWY26i1AJUfhLuMvs6AaRs7fuD+xp1HGt/cMNN32d3dCetY/t5n
BgtEUSMpeW9k5IIQbNwegYRElgbGHim+7lyeHUwgi9uWexz4B2Hax31uC2BFDoOk
JWlE3Y1sB5CFHHNIcSo6wMyoGd08gBbuseIZZIiF22HECp8ggxg7R6HLvbJ6SBc5
KCfdI754TWFrI2e0KkytQoDOk2+IBiyarDZvjvTY36C9BjCw2RoMPOP7E5X9pYyr
U40CR0wBZIHlyOYHkHYyEkYurr8gkuizAG+gd5PdDMgyZourfodJmQ6K5AvWrBs1
1bmp7X/eTsUM
-----END CERTIFICATE-----
Generated at Sat Aug 23 21:57:22 2025 by rpki-client