Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SPA9OFWgfrnCYRef1ktltE-Abm4.roa
File: SPA9OFWgfrnCYRef1ktltE-Abm4.roa (raw, json)
Hash identifier: fJ7ZC72OQXEz7+45nj3k6ViZQ3+ZSFCoIAsADa+dsmU=
Subject key identifier: 48:F0:3D:38:55:A0:7E:B9:C2:61:17:9F:D6:4B:65:B4:4F:80:6E:6E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0198A9BF046A549C4C5F764375B1DF688BD4
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SPA9OFWgfrnCYRef1ktltE-Abm4.roa
Signing time: Thu 14 Aug 2025 18:02:04 +0000
ROA not before: Thu 14 Aug 2025 18:02:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 5.175.218.0/24 maxlen: 24
5.231.70.0/24 maxlen: 24
5.231.106.0/24 maxlen: 24
5.231.108.0/24 maxlen: 24
5.231.110.0/24 maxlen: 24
5.231.122.0/24 maxlen: 24
5.231.123.0/24 maxlen: 24
5.231.234.0/24 maxlen: 24
77.90.22.0/24 maxlen: 24
77.90.41.0/24 maxlen: 24
77.90.52.0/24 maxlen: 24
85.93.1.0/24 maxlen: 24
89.106.78.0/24 maxlen: 24
89.106.79.0/24 maxlen: 24
89.106.80.0/24 maxlen: 24
89.144.17.0/24 maxlen: 24
89.144.18.0/24 maxlen: 24
89.144.44.0/24 maxlen: 24
89.144.46.0/24 maxlen: 24
178.18.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 23:01:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a9:bf:04:6a:54:9c:4c:5f:76:43:75:b1:df:68:8b:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 14 18:02:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=48f03d3855a07eb9c261179fd64b65b44f806e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:18:69:39:ce:14:19:de:ea:98:32:b2:88:65:
c2:7c:da:07:39:fd:73:9f:a8:18:98:d2:e0:80:f5:
08:59:25:11:7e:c4:38:e5:8b:ca:a2:72:e5:6c:13:
15:f6:26:2c:34:c3:1b:82:c8:0f:03:a5:d5:aa:08:
f9:26:da:2c:e6:4d:e6:1d:bb:8e:dd:75:93:9c:04:
83:67:d8:28:45:c0:15:9f:08:03:b8:6a:ad:1a:16:
a9:a9:71:4e:bb:fc:b1:e7:ff:ce:90:9b:2b:0e:ad:
fd:44:29:8b:ba:b4:aa:83:13:70:17:bb:41:94:40:
6d:0c:08:31:f9:4d:17:f8:70:68:1a:8d:93:28:ca:
e6:24:36:64:84:ed:eb:48:07:14:25:22:2b:eb:7e:
5d:0e:b6:9f:61:1f:4a:78:04:91:dd:ac:81:24:eb:
65:e1:c9:7f:72:91:07:2e:9d:fd:30:25:b1:c8:62:
44:72:d6:b2:4c:cc:e4:09:47:b5:18:df:01:3d:55:
8f:0a:fd:59:6f:ff:a9:82:f3:bf:57:14:53:7b:e6:
67:e8:3b:f5:c6:35:18:a1:17:55:d8:4d:00:32:93:
a9:b6:10:43:39:13:b5:93:eb:55:0c:7f:46:9e:68:
42:0d:64:60:53:56:0c:07:a1:d3:c4:9c:f4:fb:64:
a4:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
48:F0:3D:38:55:A0:7E:B9:C2:61:17:9F:D6:4B:65:B4:4F:80:6E:6E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/SPA9OFWgfrnCYRef1ktltE-Abm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.218.0/24
5.231.70.0/24
5.231.106.0/24
5.231.108.0/24
5.231.110.0/24
5.231.122.0/23
5.231.234.0/24
77.90.22.0/24
77.90.41.0/24
77.90.52.0/24
85.93.1.0/24
89.106.78.0-89.106.80.255
89.144.17.0-89.144.18.255
89.144.44.0/24
89.144.46.0/24
178.18.147.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:cc:ec:58:15:72:52:48:f2:86:0e:8d:e7:38:45:5e:63:cd:
9a:06:de:79:fe:7e:2c:1f:07:f7:3d:45:aa:d7:ae:e0:49:b6:
41:ef:ba:3d:cf:0c:a5:da:34:f1:36:61:fe:15:5a:17:37:92:
e4:d9:33:2b:ce:87:27:ca:72:5e:80:1a:ba:b5:d5:d9:06:46:
fd:e9:22:30:28:9f:f0:99:90:f7:45:83:ee:72:76:e4:5d:2b:
d1:69:ec:fb:2b:d1:d6:82:77:69:ac:72:58:17:dd:2e:4b:9e:
3b:55:b8:e4:7d:4b:b3:50:69:45:d0:57:2a:f9:8c:e1:ac:e0:
71:5b:5b:c5:3c:8a:58:72:34:97:38:3e:28:0a:67:11:ff:aa:
3d:b9:a7:8e:df:51:b5:63:0a:16:6c:a3:7a:69:ec:98:2d:13:
26:5f:85:fe:ec:42:5f:ba:c9:ce:07:8e:85:98:cb:f3:24:b1:
fb:e1:2a:58:b5:b7:03:e4:2b:81:29:ea:cc:e4:2d:80:55:14:
f7:af:15:be:42:16:ab:d1:c1:27:ad:8a:e5:b7:c6:40:84:44:
01:55:b8:42:96:d5:cc:a2:a0:0e:c8:35:5f:4a:f5:3e:e0:63:
ea:6d:b3:e8:7a:ff:83:62:1d:59:15:c8:61:ca:95:32:8b:88:
40:76:07:f7
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZipvwRqVJxMX3ZDdbHfaIvUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwODE0MTgwMjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0OGYwM2QzODU1YTA3ZWI5YzI2MTE3OWZkNjRiNjViNDRmODA2ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxhhpOc4UGd7qmDKyiGXCfNoHOf1z
n6gYmNLggPUIWSURfsQ45YvKonLlbBMV9iYsNMMbgsgPA6XVqgj5Jtos5k3mHbuO
3XWTnASDZ9goRcAVnwgDuGqtGhapqXFOu/yx5//OkJsrDq39RCmLurSqgxNwF7tB
lEBtDAgx+U0X+HBoGo2TKMrmJDZkhO3rSAcUJSIr635dDrafYR9KeASR3ayBJOtl
4cl/cpEHLp39MCWxyGJEctayTMzkCUe1GN8BPVWPCv1Zb/+pgvO/VxRTe+Zn6Dv1
xjUYoRdV2E0AMpOpthBDORO1k+tVDH9GnmhCDWRgU1YMB6HTxJz0+2SkMwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFEjwPThVoH65wmEXn9ZLZbRPgG5uMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU1BBOU9GV2dmcm5DWVJlZjFrdGx0RS1BYm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAAWv2gME
AAXnRgMEAAXnagMEAAXnbAMEAAXnbgMEAQXnegMEAAXn6gMEAE1aFgMEAE1aKQME
AE1aNAMEAFVdATAMAwQBWWpOAwQAWWpQMAwDBABZkBEDBABZkBIDBABZkCwDBABZ
kC4DBACyEpMwDQYJKoZIhvcNAQELBQADggEBAKnM7FgVclJI8oYOjec4RV5jzZoG
3nn+fiwfB/c9RarXruBJtkHvuj3PDKXaNPE2Yf4VWhc3kuTZMyvOhyfKcl6AGrq1
1dkGRv3pIjAon/CZkPdFg+5yduRdK9Fp7Psr0daCd2msclgX3S5LnjtVuOR9S7NQ
aUXQVyr5jOGs4HFbW8U8ilhyNJc4PigKZxH/qj25p47fUbVjChZso3pp7JgtEyZf
hf7sQl+6yc4HjoWYy/MksfvhKli1twPkK4Ep6szkLYBVFPevFb5CFqvRwSetiuW3
xkCERAFVuEKW1cyioA7INV9K9T7gY+pts+h6/4NiHVkVyGHKlTKLiEB2B/c=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:50:17 2025 by rpki-client