Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Sm4Jf1fytXsOu2FHmxDYpot7y-0.roa
File: Sm4Jf1fytXsOu2FHmxDYpot7y-0.roa (raw, json)
Hash identifier: e9VxwNKX+72XeQldeEsRtRRH7oC8/8HPOJayvI+kha4=
Subject key identifier: 4A:6E:09:7F:57:F2:B5:7B:0E:BB:61:47:9B:10:D8:A6:8B:7B:CB:ED
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0199B846F0CB061644A16F191C586924FBB0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Sm4Jf1fytXsOu2FHmxDYpot7y-0.roa
Signing time: Mon 06 Oct 2025 06:48:00 +0000
ROA not before: Mon 06 Oct 2025 06:48:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48314
IP address blocks: 5.175.233.0/24 maxlen: 24
77.90.0.0/24 maxlen: 24
77.90.2.0/24 maxlen: 24
77.90.8.0/24 maxlen: 24
77.90.13.0/24 maxlen: 24
77.90.18.0/24 maxlen: 24
77.90.51.0/24 maxlen: 24
94.249.189.0/24 maxlen: 24
94.249.193.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:46:f0:cb:06:16:44:a1:6f:19:1c:58:69:24:fb:b0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 6 06:48:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4a6e097f57f2b57b0ebb61479b10d8a68b7bcbed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:22:71:70:fc:7f:c4:39:1e:04:3a:ee:e4:06:
45:44:3e:2e:da:6c:ea:a2:e5:2b:54:c6:60:72:42:
2f:86:cc:7d:31:34:1c:29:8f:93:f4:10:61:f9:b9:
3c:ea:bc:31:2f:fd:a6:08:6c:b9:f4:a8:97:06:8b:
b8:2e:17:93:c4:1e:9b:29:c2:fb:04:ff:bd:22:63:
6f:61:97:eb:39:82:20:a8:09:84:21:67:77:c2:a8:
35:2a:3c:af:f2:45:88:a1:2b:c7:e7:57:4d:35:f6:
8f:01:19:d1:75:48:eb:fa:15:90:f4:96:47:41:d1:
5f:65:f6:32:92:07:43:65:69:f9:d7:70:aa:89:48:
5a:ed:e3:62:a0:86:3e:c1:ba:ac:f8:1f:13:8c:b4:
e3:a7:a5:40:f7:d8:ef:bd:25:81:5b:13:4a:e6:64:
ed:45:1b:d2:d0:10:fd:ad:39:66:31:be:f8:a9:ec:
e8:86:60:c2:84:22:62:85:11:cd:06:ef:74:f9:72:
44:af:a2:43:15:f9:9d:33:e6:85:33:e9:79:23:e3:
b1:5f:39:84:cf:8a:10:ba:42:47:37:df:cf:7e:5c:
09:de:42:d3:0d:a9:12:61:f1:78:93:a4:d2:f3:1c:
d3:d1:15:95:2a:ad:05:68:4c:59:0b:7f:7c:41:be:
d4:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:6E:09:7F:57:F2:B5:7B:0E:BB:61:47:9B:10:D8:A6:8B:7B:CB:ED
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/Sm4Jf1fytXsOu2FHmxDYpot7y-0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.233.0/24
77.90.0.0/24
77.90.2.0/24
77.90.8.0/24
77.90.13.0/24
77.90.18.0/24
77.90.51.0/24
94.249.189.0/24
94.249.193.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:76:c4:de:59:22:d6:91:d7:4d:19:f8:1a:50:a4:60:49:88:
04:3a:ab:96:f5:24:a1:54:e0:a2:44:72:c2:9a:51:a0:24:6d:
12:fc:fe:e8:e1:22:76:0c:9b:8c:be:dd:c1:b1:99:87:b7:52:
5a:ba:21:0a:56:84:e8:09:b2:f1:b3:e4:a5:63:e9:f6:c0:7a:
4c:35:c8:2b:a4:45:1b:50:02:99:81:e4:f6:ce:71:1e:5e:80:
50:8e:0c:d3:88:4c:54:6f:f3:4f:6a:10:fb:53:ce:61:f6:a3:
96:12:6d:ea:8d:d3:7d:d3:a2:db:f8:42:e3:ef:e0:07:0c:26:
10:d0:95:98:6b:92:b4:39:5e:3d:ed:8b:c7:21:45:63:57:0e:
5b:6a:73:22:5d:d3:72:0d:aa:03:cd:6b:f6:a9:1d:48:c7:f1:
65:3b:21:70:26:71:07:af:81:44:c0:c3:00:56:f5:54:7b:00:
d6:5c:4f:38:6c:d2:25:b2:e9:dd:67:e9:6c:0a:5c:1f:96:78:
10:cd:9d:b3:18:38:13:f8:54:bc:83:0d:0d:80:01:1b:22:c8:
a0:05:fd:a6:da:72:9e:ff:8f:1c:3b:9a:8b:69:70:e8:52:86:
8c:7b:59:e5:57:be:d7:0c:d0:4b:d6:c3:48:25:e3:9c:d6:7b:
61:18:5b:51
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZm4RvDLBhZEoW8ZHFhpJPuwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDA2MDY0ODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YTZlMDk3ZjU3ZjJiNTdiMGViYjYxNDc5YjEwZDhhNjhiN2JjYmVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxSJxcPx/xDkeBDru5AZFRD4u2mzq
ouUrVMZgckIvhsx9MTQcKY+T9BBh+bk86rwxL/2mCGy59KiXBou4LheTxB6bKcL7
BP+9ImNvYZfrOYIgqAmEIWd3wqg1Kjyv8kWIoSvH51dNNfaPARnRdUjr+hWQ9JZH
QdFfZfYykgdDZWn513CqiUha7eNioIY+wbqs+B8TjLTjp6VA99jvvSWBWxNK5mTt
RRvS0BD9rTlmMb74qezohmDChCJihRHNBu90+XJEr6JDFfmdM+aFM+l5I+OxXzmE
z4oQukJHN9/PflwJ3kLTDakSYfF4k6TS8xzT0RWVKq0FaExZC398Qb7UzwIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEpuCX9X8rV7DrthR5sQ2KaLe8vtMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU200SmYxZnl0WHNPdTJGSG14RFlwb3Q3eS0wLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABa/pAwQA
TVoAAwQATVoCAwQATVoIAwQATVoNAwQATVoSAwQATVozAwQAXvm9AwQAXvnBMA0G
CSqGSIb3DQEBCwUAA4IBAQBcdsTeWSLWkddNGfgaUKRgSYgEOquW9SShVOCiRHLC
mlGgJG0S/P7o4SJ2DJuMvt3BsZmHt1JauiEKVoToCbLxs+SlY+n2wHpMNcgrpEUb
UAKZgeT2znEeXoBQjgzTiExUb/NPahD7U85h9qOWEm3qjdN906Lb+ELj7+AHDCYQ
0JWYa5K0OV497YvHIUVjVw5banMiXdNyDaoDzWv2qR1Ix/FlOyFwJnEHr4FEwMMA
VvVUewDWXE84bNIlsundZ+lsClwflngQzZ2zGDgT+FS8gw0NgAEbIsigBf2m2nKe
/48cO5qLaXDoUoaMe1nlV77XDNBL1sNIJeOc1nthGFtR
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:27:00 2025 by rpki-client