Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kH9x5e15uNu3Hi0HlH71FU-0VZ0.roa
File: kH9x5e15uNu3Hi0HlH71FU-0VZ0.roa (raw, json)
Hash identifier: gsHuneIYK5bdfx2/yfzk+fbcqkj4jZmt2L+OWeWWLNM=
Subject key identifier: 90:7F:71:E5:ED:79:B8:DB:B7:1E:2D:07:94:7E:F5:15:4F:B4:55:9D
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0197B4BA1300A886EC3430CFF71D1A43B7C0
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kH9x5e15uNu3Hi0HlH71FU-0VZ0.roa
Signing time: Sat 28 Jun 2025 04:09:42 +0000
ROA not before: Sat 28 Jun 2025 04:09:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44486
IP address blocks: 5.83.145.0/24 maxlen: 24
77.90.3.0/24 maxlen: 24
77.90.28.0/24 maxlen: 24
89.106.78.0/24 maxlen: 24
89.106.79.0/24 maxlen: 24
89.106.80.0/24 maxlen: 24
89.106.81.0/24 maxlen: 24
89.106.82.0/24 maxlen: 24
89.106.83.0/24 maxlen: 24
89.106.84.0/24 maxlen: 24
89.106.85.0/24 maxlen: 24
89.106.86.0/24 maxlen: 24
89.106.87.0/24 maxlen: 24
89.106.92.0/24 maxlen: 24
89.106.93.0/24 maxlen: 24
89.106.95.0/24 maxlen: 24
89.144.33.0/24 maxlen: 24
89.144.42.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 02:31:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b4:ba:13:00:a8:86:ec:34:30:cf:f7:1d:1a:43:b7:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 28 04:09:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=907f71e5ed79b8dbb71e2d07947ef5154fb4559d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:f2:7e:c0:82:1d:59:66:41:54:1f:50:48:ab:
60:a5:2d:51:07:ab:fd:09:68:98:1d:93:8e:5f:4c:
9e:4e:b7:1b:ea:4f:37:ec:e4:10:ed:d3:eb:1d:29:
f9:2a:f6:d3:8f:69:35:f2:09:39:a2:78:85:f9:ff:
5f:c7:7b:a5:95:cd:2f:46:31:88:d3:19:8d:ec:1d:
70:e4:7c:2b:06:f7:2f:0b:08:30:9c:46:0c:d8:37:
3b:fd:57:ce:97:d1:a2:d4:ec:b2:12:54:be:94:5a:
9d:bb:51:d1:c4:16:42:9a:5b:72:1d:65:7e:29:91:
43:05:d8:fd:6e:bb:81:0a:a9:93:10:88:c2:16:dd:
13:43:f1:cd:fd:67:2f:4e:6c:7d:2e:b6:78:97:0b:
36:8e:fd:0c:99:83:df:9c:8d:cd:69:cd:1e:ce:1c:
93:88:be:a9:4d:c2:93:26:88:c1:41:f1:56:30:6e:
e1:8f:fd:58:78:bc:10:fb:0e:23:43:dc:c5:e2:36:
3a:35:90:a6:8a:38:af:8b:76:fc:66:ac:4d:cd:58:
a5:20:ae:14:62:e2:3a:a1:12:5f:b2:6c:55:36:73:
bd:39:d3:e9:a7:9f:04:ae:77:29:c4:0a:2c:42:9a:
4f:13:64:0e:59:50:fe:b7:c5:86:e8:ba:1e:74:52:
8d:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7F:71:E5:ED:79:B8:DB:B7:1E:2D:07:94:7E:F5:15:4F:B4:55:9D
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kH9x5e15uNu3Hi0HlH71FU-0VZ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.145.0/24
77.90.3.0/24
77.90.28.0/24
89.106.78.0-89.106.87.255
89.106.92.0/23
89.106.95.0/24
89.144.33.0/24
89.144.42.0/24
Signature Algorithm: sha256WithRSAEncryption
cf:04:49:c4:71:eb:9e:bc:42:c3:96:dd:db:03:8f:2e:1b:b9:
fe:e2:93:9f:e4:d3:7f:57:ec:a5:22:51:c1:15:35:47:dc:f2:
23:6e:61:68:54:68:ad:95:8b:3d:70:1d:0f:74:c5:d3:dd:f1:
10:a7:c6:f8:77:22:40:3c:1f:72:d7:f8:c7:67:1e:95:a7:1c:
67:cb:bc:bd:5b:18:fe:88:4e:7c:66:58:6b:14:1f:36:88:e7:
89:19:e1:70:98:2f:c0:a1:e1:e2:e5:25:3f:86:7d:b5:9f:be:
e8:72:d3:ca:de:63:e0:d3:5e:9c:d2:37:fb:65:4a:c3:06:79:
d5:3d:c0:80:47:25:b9:d9:10:b9:5f:1a:98:52:44:7d:b7:30:
11:38:dd:a6:41:ec:21:99:e4:c9:26:b7:51:ea:f2:27:3c:d3:
1d:39:e7:4a:a3:a1:86:fa:1a:a6:0e:b0:bf:5c:e6:1d:2f:64:
4c:45:4a:cf:8e:09:7d:b0:51:ca:a8:87:c8:d4:45:cd:12:a7:
e5:d0:c0:ac:4e:c2:e5:52:40:8b:af:57:69:ce:68:98:77:99:
4e:d7:a5:c6:5e:49:e0:f6:7b:55:e7:08:be:e6:ef:bd:c6:61:
ea:48:ec:42:35:df:c1:31:41:13:37:b8:75:73:ac:b1:54:e9:
58:e4:71:50
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZe0uhMAqIbsNDDP9x0aQ7fAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjI4MDQwOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdmNzFlNWVkNzliOGRiYjcxZTJkMDc5NDdlZjUxNTRmYjQ1NTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw/J+wIIdWWZBVB9QSKtgpS1RB6v9
CWiYHZOOX0yeTrcb6k837OQQ7dPrHSn5KvbTj2k18gk5oniF+f9fx3ullc0vRjGI
0xmN7B1w5HwrBvcvCwgwnEYM2Dc7/VfOl9Gi1OyyElS+lFqdu1HRxBZCmltyHWV+
KZFDBdj9bruBCqmTEIjCFt0TQ/HN/WcvTmx9LrZ4lws2jv0MmYPfnI3Nac0ezhyT
iL6pTcKTJojBQfFWMG7hj/1YeLwQ+w4jQ9zF4jY6NZCmijivi3b8ZqxNzVilIK4U
YuI6oRJfsmxVNnO9OdPpp58ErncpxAosQppPE2QOWVD+t8WG6LoedFKNFwIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFJB/ceXtebjbtx4tB5R+9RVPtFWdMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEva0g5eDVlMTV1TnUzSGkwSGxINzFGVS0wVlowLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQABVORAwQA
TVoDAwQATVocMAwDBAFZak4DBANZalADBAFZalwDBABZal8DBABZkCEDBABZkCow
DQYJKoZIhvcNAQELBQADggEBAM8EScRx6568QsOW3dsDjy4buf7ik5/k039X7KUi
UcEVNUfc8iNuYWhUaK2Viz1wHQ90xdPd8RCnxvh3IkA8H3LX+MdnHpWnHGfLvL1b
GP6ITnxmWGsUHzaI54kZ4XCYL8Ch4eLlJT+GfbWfvuhy08reY+DTXpzSN/tlSsMG
edU9wIBHJbnZELlfGphSRH23MBE43aZB7CGZ5Mkmt1Hq8ic80x0550qjoYb6GqYO
sL9c5h0vZExFSs+OCX2wUcqoh8jURc0Sp+XQwKxOwuVSQIuvV2nOaJh3mU7XpcZe
SeD2e1XnCL7m773GYepI7EI138ExQRM3uHVzrLFU6VjkcVA=
-----END CERTIFICATE-----
Generated at Sun Jun 29 11:12:57 2025 by rpki-client