Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kHq4q2Xdla5mRgG4ShRT6sB9QXQ.roa
File: kHq4q2Xdla5mRgG4ShRT6sB9QXQ.roa (raw, json)
Hash identifier: I070bpbALbpAWwTC+TSxnRxlta52vvmhjVX2VUH+wQ8=
Subject key identifier: 90:7A:B8:AB:65:DD:95:AE:66:46:01:B8:4A:14:53:EA:C0:7D:41:74
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0198D519F4DAF07EF3280CA5C30117D90B85
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kHq4q2Xdla5mRgG4ShRT6sB9QXQ.roa
Signing time: Sat 23 Aug 2025 04:05:04 +0000
ROA not before: Sat 23 Aug 2025 04:05:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211066
IP address blocks: 5.83.128.0/24 maxlen: 24
5.83.131.0/24 maxlen: 24
5.83.132.0/24 maxlen: 24
5.83.134.0/24 maxlen: 24
5.83.138.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.175.192.0/24 maxlen: 24
5.175.224.0/24 maxlen: 24
5.231.61.0/24 maxlen: 24
5.231.79.0/24 maxlen: 24
5.231.80.0/24 maxlen: 24
5.231.94.0/24 maxlen: 24
77.90.27.0/24 maxlen: 24
85.93.5.0/24 maxlen: 24
89.106.75.0/24 maxlen: 24
89.106.76.0/24 maxlen: 24
89.144.25.0/24 maxlen: 24
89.144.31.0/24 maxlen: 24
89.144.60.0/24 maxlen: 24
89.144.61.0/24 maxlen: 24
94.103.170.0/24 maxlen: 24
94.103.171.0/24 maxlen: 24
94.103.174.0/24 maxlen: 24
94.249.148.0/24 maxlen: 24
94.249.158.0/24 maxlen: 24
94.249.168.0/24 maxlen: 24
94.249.169.0/24 maxlen: 24
94.249.170.0/24 maxlen: 24
94.249.172.0/24 maxlen: 24
94.249.173.0/24 maxlen: 24
94.249.174.0/24 maxlen: 24
94.249.176.0/24 maxlen: 24
94.249.177.0/24 maxlen: 24
94.249.183.0/24 maxlen: 24
94.249.189.0/24 maxlen: 24
94.249.229.0/24 maxlen: 24
94.249.250.0/24 maxlen: 24
94.249.251.0/24 maxlen: 24
94.249.252.0/24 maxlen: 24
95.215.33.0/24 maxlen: 24
178.18.144.0/24 maxlen: 24
185.13.159.0/24 maxlen: 24
185.47.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d5:19:f4:da:f0:7e:f3:28:0c:a5:c3:01:17:d9:0b:85
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 23 04:05:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=907ab8ab65dd95ae664601b84a1453eac07d4174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:32:f1:28:2c:7d:a7:fd:00:a5:9c:e2:58:5b:
a5:cc:60:a4:e3:cd:84:6a:14:e7:08:8e:d3:f6:b8:
ac:37:6d:29:b8:36:9b:9b:b6:ea:a3:d6:97:7d:98:
e2:26:ac:15:03:4c:87:48:16:9c:b8:cd:6c:08:c2:
8d:72:1a:29:2d:44:ae:39:57:2e:67:ec:54:66:9c:
9c:ec:81:63:3f:da:5b:da:37:55:db:da:5d:33:3d:
69:e2:8c:bc:9e:82:35:b4:1f:0d:51:b4:5b:d5:62:
35:f9:7e:6c:63:b6:57:08:4f:16:97:65:eb:c5:21:
fd:31:2c:08:b6:5b:21:82:ea:cc:9b:12:20:c1:c3:
5f:0c:e1:d2:0d:3e:ce:15:ea:94:98:11:d1:7d:21:
60:ea:ae:d8:ae:57:a5:77:fc:e9:69:53:f7:31:c4:
44:07:a8:54:4b:23:0f:84:52:39:3a:54:78:3b:5b:
44:57:64:75:f3:a5:80:fc:13:03:03:6f:da:38:62:
71:07:ee:39:a4:cd:f3:45:86:6a:3f:d8:26:f0:12:
0d:a1:7c:cb:37:1f:ed:71:61:b9:61:6b:f6:1a:67:
58:8a:26:17:0d:61:d6:76:cf:d5:4c:c1:f9:43:b2:
ce:a5:5d:6f:38:03:c4:e7:8b:de:f0:9e:21:7a:89:
a6:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:7A:B8:AB:65:DD:95:AE:66:46:01:B8:4A:14:53:EA:C0:7D:41:74
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/kHq4q2Xdla5mRgG4ShRT6sB9QXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.128.0/24
5.83.131.0-5.83.132.255
5.83.134.0/24
5.83.138.0/24
5.175.140.0/24
5.175.192.0/24
5.175.224.0/24
5.231.61.0/24
5.231.79.0-5.231.80.255
5.231.94.0/24
77.90.27.0/24
85.93.5.0/24
89.106.75.0-89.106.76.255
89.144.25.0/24
89.144.31.0/24
89.144.60.0/23
94.103.170.0/23
94.103.174.0/24
94.249.148.0/24
94.249.158.0/24
94.249.168.0-94.249.170.255
94.249.172.0-94.249.174.255
94.249.176.0/23
94.249.183.0/24
94.249.189.0/24
94.249.229.0/24
94.249.250.0-94.249.252.255
95.215.33.0/24
178.18.144.0/24
185.13.159.0/24
185.47.142.0/24
Signature Algorithm: sha256WithRSAEncryption
01:af:71:09:c2:30:14:54:b4:59:c7:c9:71:c1:6e:da:9c:cd:
33:f3:56:4c:a4:d2:8c:ff:10:b3:9f:a1:7c:59:1e:c4:94:e5:
0d:71:08:82:e7:ba:01:a3:78:57:f4:87:d6:fb:1a:7f:96:0d:
ea:55:c8:5a:c1:2f:53:10:f8:04:ec:97:01:5a:1f:b7:1d:1d:
48:1d:99:92:5c:25:f6:c9:bf:b5:9c:c3:38:24:b6:c0:f1:7d:
d4:71:27:70:c0:59:3b:4b:a6:34:33:14:d9:4e:7f:a6:51:ff:
b6:8e:0c:b3:ef:38:8a:93:7b:cf:41:37:cc:d0:34:67:9a:ab:
7b:30:2b:6e:da:9b:94:25:42:33:72:82:36:42:b2:0b:81:b8:
ae:d4:20:9a:e9:a5:5f:e9:67:bb:cb:fa:77:6e:f7:46:8b:1f:
ef:bd:04:f5:15:f0:3e:ea:e2:78:7e:da:c5:68:cd:90:6d:c3:
61:69:1f:22:40:43:a7:d5:bf:d4:30:70:10:2c:2d:83:f0:5f:
be:f8:bb:3b:84:79:46:c0:31:6d:7e:dc:b2:ae:cc:0f:08:cf:
00:39:2e:42:44:2f:3b:f9:03:a4:81:cb:90:d3:4a:aa:59:d6:
50:62:26:22:ed:f0:08:7b:30:6b:1a:46:e7:ff:81:8a:13:45:
37:62:a1:19
-----BEGIN CERTIFICATE-----
MIIF5zCCBM+gAwIBAgISAZjVGfTa8H7zKAylwwEX2QuFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwODIzMDQwNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MDdhYjhhYjY1ZGQ5NWFlNjY0NjAxYjg0YTE0NTNlYWMwN2Q0MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjzLxKCx9p/0ApZziWFulzGCk482E
ahTnCI7T9risN20puDabm7bqo9aXfZjiJqwVA0yHSBacuM1sCMKNchopLUSuOVcu
Z+xUZpyc7IFjP9pb2jdV29pdMz1p4oy8noI1tB8NUbRb1WI1+X5sY7ZXCE8Wl2Xr
xSH9MSwItlshgurMmxIgwcNfDOHSDT7OFeqUmBHRfSFg6q7Yrleld/zpaVP3McRE
B6hUSyMPhFI5OlR4O1tEV2R186WA/BMDA2/aOGJxB+45pM3zRYZqP9gm8BINoXzL
Nx/tcWG5YWv2GmdYiiYXDWHWds/VTMH5Q7LOpV1vOAPE54ve8J4heommnwIDAQAB
o4IC8zCCAu8wHQYDVR0OBBYEFJB6uKtl3ZWuZkYBuEoUU+rAfUF0MB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEva0hxNHEyWGRsYTVtUmdHNFNoUlQ2c0I5UVhRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBBwYIKwYBBQUHAQcBAf8EgfcwgfQwgfEEAgABMIHqAwQA
BVOAMAwDBAAFU4MDBAAFU4QDBAAFU4YDBAAFU4oDBAAFr4wDBAAFr8ADBAAFr+AD
BAAF5z0wDAMEAAXnTwMEAAXnUAMEAAXnXgMEAE1aGwMEAFVdBTAMAwQAWWpLAwQA
WWpMAwQAWZAZAwQAWZAfAwQBWZA8AwQBXmeqAwQAXmeuAwQAXvmUAwQAXvmeMAwD
BANe+agDBABe+aowDAMEAl75rAMEAF75rgMEAV75sAMEAF75twMEAF75vQMEAF75
5TAMAwQBXvn6AwQAXvn8AwQAX9chAwQAshKQAwQAuQ2fAwQAuS+OMA0GCSqGSIb3
DQEBCwUAA4IBAQABr3EJwjAUVLRZx8lxwW7anM0z81ZMpNKM/xCzn6F8WR7ElOUN
cQiC57oBo3hX9IfW+xp/lg3qVchawS9TEPgE7JcBWh+3HR1IHZmSXCX2yb+1nMM4
JLbA8X3UcSdwwFk7S6Y0MxTZTn+mUf+2jgyz7ziKk3vPQTfM0DRnmqt7MCtu2puU
JUIzcoI2QrILgbiu1CCa6aVf6We7y/p3bvdGix/vvQT1FfA+6uJ4ftrFaM2QbcNh
aR8iQEOn1b/UMHAQLC2D8F+++Ls7hHlGwDFtftyyrswPCM8AOS5CRC87+QOkgcuQ
00qqWdZQYiYi7fAIezBrGkbn/4GKE0U3YqEZ
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:10:50 2025 by rpki-client