Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/n75oYsvunp6jHjfL-ssHC4CS13Q.roa
File: n75oYsvunp6jHjfL-ssHC4CS13Q.roa (raw, json)
Hash identifier: 9gvfvSNJUcTeYb3d+ehtt3dMtnfULK46WMr4TAUtaE8=
Subject key identifier: 9F:BE:68:62:CB:EE:9E:9E:A3:1E:37:CB:FA:CB:07:0B:80:92:D7:74
Certificate issuer: /CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Certificate serial: 0198A88A7AD539B903C08F3899BD5E66FF26
Authority key identifier: D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/n75oYsvunp6jHjfL-ssHC4CS13Q.roa
Signing time: Thu 14 Aug 2025 12:25:04 +0000
ROA not before: Thu 14 Aug 2025 12:25:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5405
IP address blocks: 5.183.211.0/24 maxlen: 24
45.153.81.0/24 maxlen: 24
45.153.82.0/23 maxlen: 23
94.103.180.0/24 maxlen: 24
185.134.66.0/24 maxlen: 24
185.134.67.0/24 maxlen: 24
2a11:4140::/29 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 03:02:14 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:8a:7a:d5:39:b9:03:c0:8f:38:99:bd:5e:66:ff:26
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d5b6a5ca37ead31fd2a350b0b412d77d95320928
Validity
Not Before: Aug 14 12:25:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9fbe6862cbee9e9ea31e37cbfacb070b8092d774
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:15:d9:1c:74:49:3e:de:97:ff:0a:31:a6:f1:
4e:00:c5:a7:07:85:66:9a:90:39:3c:7a:0b:67:8e:
66:ad:1e:84:14:a0:1b:a9:a8:67:3b:ac:3e:3c:42:
98:df:eb:7d:97:de:91:7a:b9:ec:a4:ba:63:fc:40:
66:af:9a:65:b1:c6:bd:d3:a7:58:a8:ad:19:40:4a:
e9:36:b8:5d:c3:a3:5a:9e:ae:22:1b:10:40:7f:a1:
8f:b4:b8:52:ac:cc:a8:fd:c2:82:2f:83:98:4c:b0:
9b:d5:cb:ef:4d:ea:ab:32:2f:19:ce:0d:6c:5b:08:
fc:40:22:c6:0e:42:bb:bf:98:49:0a:2a:48:49:86:
e9:62:9d:7a:c2:9c:23:f0:80:d2:16:a6:13:5d:a9:
ce:9b:4e:3c:37:00:81:23:e5:44:29:eb:65:3e:3f:
ac:71:6f:79:ae:c3:ed:aa:4e:3f:bf:5c:ed:45:71:
0f:49:bd:93:3a:a1:3a:1c:e0:52:c5:88:e3:20:58:
22:97:01:d9:70:45:3c:70:fc:60:3a:d7:5c:10:25:
c6:fe:9b:5d:c4:fe:e6:2d:24:31:d4:2d:77:3f:81:
8d:23:74:2b:2e:ee:87:be:ca:29:e2:ec:08:23:48:
4c:f8:e0:e0:d2:15:23:e5:92:ea:e1:65:d0:b2:56:
4e:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:BE:68:62:CB:EE:9E:9E:A3:1E:37:CB:FA:CB:07:0B:80:92:D7:74
X509v3 Authority Key Identifier:
keyid:D5:B6:A5:CA:37:EA:D3:1F:D2:A3:50:B0:B4:12:D7:7D:95:32:09:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1balyjfq0x_So1CwtBLXfZUyCSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/n75oYsvunp6jHjfL-ssHC4CS13Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/3fa93f-a34f-41cf-8875-d4e882083e4f/1/1balyjfq0x_So1CwtBLXfZUyCSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.211.0/24
45.153.81.0-45.153.83.255
94.103.180.0/24
185.134.66.0/23
IPv6:
2a11:4140::/29
Signature Algorithm: sha256WithRSAEncryption
95:87:54:b7:6a:ee:a6:e9:dc:e6:23:74:0b:60:68:67:36:bb:
de:40:15:29:8e:15:ad:a2:a0:6f:66:50:11:2e:81:c9:ba:34:
6f:aa:01:88:1d:2c:92:51:1c:f7:65:79:11:35:96:44:a0:5d:
f1:42:b7:64:cf:e7:74:c4:92:35:0a:fc:d2:78:ff:c2:9c:b6:
be:6c:4c:be:b3:c3:2c:37:cc:31:92:25:96:e2:94:4a:c3:5f:
66:21:4a:65:76:c9:4a:8f:93:84:16:68:5c:d7:26:16:50:10:
52:1a:2c:a4:c7:de:c3:34:19:14:d9:cb:d0:dc:9a:5b:1a:89:
b6:2a:16:40:05:db:ce:d5:f3:67:d7:fd:f7:33:66:9e:16:91:
b0:b3:c5:e6:6f:1e:f5:93:52:b5:6a:c9:a3:31:62:43:65:fc:
9b:73:c9:59:22:e1:6f:89:bd:f9:20:cd:66:96:d2:c2:7f:43:
62:2f:17:43:6e:1a:28:c8:17:11:ed:e9:aa:18:f1:7c:a2:bb:
1c:ed:43:76:4d:5c:2d:cc:ab:81:aa:76:cf:33:db:9f:9a:d5:
07:64:d1:50:42:cf:56:23:a8:0f:77:55:d3:e9:36:f1:e3:44:
9d:d0:9f:e7:35:c0:6f:84:7b:fc:64:d9:6e:5d:0f:c0:c7:6e:
95:08:b0:de
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZioinrVObkDwI84mb1eZv8mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ1YjZhNWNhMzdlYWQzMWZkMmEzNTBiMGI0MTJkNzdkOTUz
MjA5MjgwHhcNMjUwODE0MTIyNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZmJlNjg2MmNiZWU5ZTllYTMxZTM3Y2JmYWNiMDcwYjgwOTJkNzc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1hXZHHRJPt6X/woxpvFOAMWnB4Vm
mpA5PHoLZ45mrR6EFKAbqahnO6w+PEKY3+t9l96RernspLpj/EBmr5plsca906dY
qK0ZQErpNrhdw6Nanq4iGxBAf6GPtLhSrMyo/cKCL4OYTLCb1cvvTeqrMi8Zzg1s
Wwj8QCLGDkK7v5hJCipISYbpYp16wpwj8IDSFqYTXanOm048NwCBI+VEKetlPj+s
cW95rsPtqk4/v1ztRXEPSb2TOqE6HOBSxYjjIFgilwHZcEU8cPxgOtdcECXG/ptd
xP7mLSQx1C13P4GNI3QrLu6Hvsop4uwII0hM+ODg0hUj5ZLq4WXQslZOCwIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFJ++aGLL7p6eox43y/rLBwuAktd0MB8GA1UdIwQY
MBaAFNW2pco36tMf0qNQsLQS132VMgkoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUt
ZDRlODgyMDgzZTRmLzEvbjc1b1lzdnVucDZqSGpmTC1zc0hDNENTMTNRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi8zZmE5M2YtYTM0Zi00MWNmLTg4NzUtZDRlODgyMDgzZTRm
LzEvMWJhbHlqZnEweF9TbzFDd3RCTFhmWlV5Q1NnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAmBAIAATAgAwQABbfTMAwD
BAAtmVEDBAItmVADBABeZ7QDBAG5hkIwDQQCAAIwBwMFAyoRQUAwDQYJKoZIhvcN
AQELBQADggEBAJWHVLdq7qbp3OYjdAtgaGc2u95AFSmOFa2ioG9mUBEugcm6NG+q
AYgdLJJRHPdleRE1lkSgXfFCt2TP53TEkjUK/NJ4/8Kctr5sTL6zwyw3zDGSJZbi
lErDX2YhSmV2yUqPk4QWaFzXJhZQEFIaLKTH3sM0GRTZy9DcmlsaibYqFkAF287V
82fX/fczZp4WkbCzxeZvHvWTUrVqyaMxYkNl/JtzyVki4W+JvfkgzWaW0sJ/Q2Iv
F0NuGijIFxHt6aoY8XyiuxztQ3ZNXC3Mq4Gqds8z25+a1Qdk0VBCz1YjqA93VdPp
NvHjRJ3Qn+c1wG+Ee/xk2W5dD8DHbpUIsN4=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:55:31 2025 by rpki-client