Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/PHQmVIOcdZjObRR1bnqaj4cEBeM.roa
File: PHQmVIOcdZjObRR1bnqaj4cEBeM.roa (raw, json)
Hash identifier: 5IKtO4KnNNXaPnyyNNQmdrLLMfQppiexYT6O1Fz+b9Y=
Subject key identifier: 3C:74:26:54:83:9C:75:98:CE:6D:14:75:6E:7A:9A:8F:87:04:05:E3
Certificate issuer: /CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Certificate serial: 0198BA0EBAF459076CF1900550781D012349
Authority key identifier: 97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/PHQmVIOcdZjObRR1bnqaj4cEBeM.roa
Signing time: Sun 17 Aug 2025 22:03:04 +0000
ROA not before: Sun 17 Aug 2025 22:03:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6424
IP address blocks: 5.183.96.0/24 maxlen: 24
103.243.124.0/22 maxlen: 24
146.19.95.0/24 maxlen: 24
146.19.249.0/24 maxlen: 24
185.112.251.0/24 maxlen: 24
185.162.183.0/24 maxlen: 24
185.166.144.0/24 maxlen: 24
188.93.192.0/21 maxlen: 24
188.93.196.0/24 maxlen: 24
188.93.198.0/24 maxlen: 24
188.93.199.0/24 maxlen: 24
193.107.13.0/24 maxlen: 24
193.109.184.0/21 maxlen: 24
193.109.184.0/24 maxlen: 24
193.163.151.0/24 maxlen: 24
212.52.23.0/24 maxlen: 24
2001:b18::/32 maxlen: 48
2001:b18:a::/48 maxlen: 48
2001:b18:b::/48 maxlen: 48
2001:b18:1000::/48 maxlen: 48
2001:b18:1001::/48 maxlen: 48
2001:b18:1002::/48 maxlen: 48
2001:b18:1008::/48 maxlen: 48
2001:b18:1012::/48 maxlen: 48
2001:b18:1016::/48 maxlen: 48
2001:b18:1018::/48 maxlen: 48
2001:b18:1020::/48 maxlen: 48
2001:b18:1031::/48 maxlen: 48
2a0b:e740::/29 maxlen: 29
2a0d:82c0::/29 maxlen: 48
2a0d:82c0::/32 maxlen: 32
2a0d:82c7:d::/48 maxlen: 48
2a0e:5f00::/29 maxlen: 48
2a0e:5f00::/32 maxlen: 32
2a0f:7700::/29 maxlen: 29
2a0f:8900::/29 maxlen: 29
2a0f:d300::/29 maxlen: 29
2a10:ee40::/29 maxlen: 29
2a11:c00::/29 maxlen: 29
2a12:c1c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.mft
rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ba:0e:ba:f4:59:07:6c:f1:90:05:50:78:1d:01:23:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=979f5ca8c33f134c3c157d48b9c2ae4e91b630bf
Validity
Not Before: Aug 17 22:03:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c742654839c7598ce6d14756e7a9a8f870405e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:1b:2b:53:88:68:41:63:8b:c2:e7:99:d5:6b:
80:fa:df:4d:be:61:8b:37:ec:77:e1:ac:e9:8f:fa:
de:19:dc:32:dd:7c:20:fe:03:14:3b:10:2a:06:67:
34:4b:cd:32:9f:41:82:30:0b:7a:b1:1a:57:a9:4b:
55:74:51:6d:66:8b:6f:4d:e2:9a:ad:87:c7:66:3d:
ca:30:e3:8b:c5:f8:eb:a0:b1:1c:f9:c9:f8:27:0d:
b4:2f:1b:14:65:d7:9f:2d:c0:ce:f1:93:66:3f:ec:
bf:51:10:71:a9:2f:53:81:55:12:3c:a1:1a:7a:ad:
91:3c:29:33:bf:96:70:b8:eb:88:95:1c:c6:aa:1f:
01:d1:26:3d:12:01:9c:b1:46:0c:0b:fc:a9:ed:07:
79:c8:79:ca:29:57:66:e8:1e:45:77:6b:3b:98:34:
01:3e:f8:4a:63:5c:e6:85:b5:fa:6b:c2:78:d0:44:
9b:25:4b:95:23:e4:2f:f6:4f:a1:97:93:5d:b3:f4:
99:bc:34:2f:e8:5e:ac:a2:15:07:b2:0f:2d:85:80:
52:b8:03:7a:ec:60:e4:09:cb:3c:3a:9b:92:3b:9d:
1a:d5:b2:4b:2b:b2:4d:d9:ca:88:28:5c:54:14:46:
69:e1:6f:d3:5a:4c:a0:98:f3:c0:df:e1:a2:9c:48:
e1:47
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:74:26:54:83:9C:75:98:CE:6D:14:75:6E:7A:9A:8F:87:04:05:E3
X509v3 Authority Key Identifier:
keyid:97:9F:5C:A8:C3:3F:13:4C:3C:15:7D:48:B9:C2:AE:4E:91:B6:30:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/l59cqMM_E0w8FX1IucKuTpG2ML8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/PHQmVIOcdZjObRR1bnqaj4cEBeM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/23/f65610-59f6-4ad6-a9d8-1470ac364dd2/1/l59cqMM_E0w8FX1IucKuTpG2ML8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.96.0/24
103.243.124.0/22
146.19.95.0/24
146.19.249.0/24
185.112.251.0/24
185.162.183.0/24
185.166.144.0/24
188.93.192.0/21
193.107.13.0/24
193.109.184.0/21
193.163.151.0/24
212.52.23.0/24
IPv6:
2001:b18::/32
2a0b:e740::/29
2a0d:82c0::/29
2a0e:5f00::/29
2a0f:7700::/29
2a0f:8900::/29
2a0f:d300::/29
2a10:ee40::/29
2a11:c00::/29
2a12:c1c0::/29
Signature Algorithm: sha256WithRSAEncryption
7a:8a:32:d1:bd:45:f9:a4:fc:b5:14:52:2e:84:b2:9b:d3:3f:
6b:de:39:af:e7:9a:62:fd:a4:74:d2:4b:d7:b7:b1:02:f7:9f:
8c:09:50:b3:15:f2:b0:af:24:0f:79:f5:cb:3b:6a:e8:b3:13:
46:76:0f:82:01:78:31:39:53:61:08:f6:0d:7f:49:ca:1e:00:
a4:0a:b7:36:1e:ad:bf:81:d1:18:9c:13:2a:32:14:98:f5:59:
59:1b:50:e9:f5:92:e1:bc:94:e3:62:1e:75:22:6a:af:25:ac:
55:fe:9e:d2:f0:5b:49:5f:37:f5:a3:72:cf:cc:47:a8:c7:13:
77:a9:c8:21:48:92:9f:c4:b8:e7:a7:7d:42:e7:38:a4:e4:d4:
12:29:92:1d:7c:05:18:71:ae:de:82:fa:57:81:fc:ac:08:0c:
ec:89:74:15:d1:ba:e5:f7:f8:94:4a:3f:fb:9e:f2:8f:8a:58:
c9:35:0b:96:76:1f:11:5d:73:56:d2:10:9d:cf:11:7c:2a:8a:
3a:45:9b:11:61:13:26:1d:3f:b2:02:7c:ca:48:2f:78:82:0e:
27:23:6d:74:21:0f:9e:ac:ed:1a:d2:fc:6a:55:a4:48:9a:e9:
c7:6e:44:46:06:da:55:41:d3:76:85:d9:b0:c4:3e:0f:26:66:
42:58:d3:7e
-----BEGIN CERTIFICATE-----
MIIFkDCCBHigAwIBAgISAZi6Drr0WQds8ZAFUHgdASNJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk3OWY1Y2E4YzMzZjEzNGMzYzE1N2Q0OGI5YzJhZTRlOTFi
NjMwYmYwHhcNMjUwODE3MjIwMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzc0MjY1NDgzOWM3NTk4Y2U2ZDE0NzU2ZTdhOWE4Zjg3MDQwNWUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthsrU4hoQWOLwueZ1WuA+t9NvmGL
N+x34azpj/reGdwy3Xwg/gMUOxAqBmc0S80yn0GCMAt6sRpXqUtVdFFtZotvTeKa
rYfHZj3KMOOLxfjroLEc+cn4Jw20LxsUZdefLcDO8ZNmP+y/URBxqS9TgVUSPKEa
eq2RPCkzv5ZwuOuIlRzGqh8B0SY9EgGcsUYMC/yp7Qd5yHnKKVdm6B5Fd2s7mDQB
PvhKY1zmhbX6a8J40ESbJUuVI+Qv9k+hl5Nds/SZvDQv6F6sohUHsg8thYBSuAN6
7GDkCcs8OpuSO50a1bJLK7JN2cqIKFxUFEZp4W/TWkygmPPA3+GinEjhRwIDAQAB
o4ICnDCCApgwHQYDVR0OBBYEFDx0JlSDnHWYzm0UdW56mo+HBAXjMB8GA1UdIwQY
MBaAFJefXKjDPxNMPBV9SLnCrk6RtjC/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgt
MTQ3MGFjMzY0ZGQyLzEvUEhRbVZJT2NkWmpPYlJSMWJucWFqNGNFQmVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMy9mNjU2MTAtNTlmNi00YWQ2LWE5ZDgtMTQ3MGFjMzY0ZGQy
LzEvbDU5Y3FNTV9FMHc4RlgxSXVjS3VUcEcyTUw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGxBggrBgEFBQcBBwEB/wSBoTCBnjBOBAIAATBIAwQABbdg
AwQCZ/N8AwQAkhNfAwQAkhP5AwQAuXD7AwQAuaK3AwQAuaaQAwQDvF3AAwQAwWsN
AwQDwW24AwQAwaOXAwQA1DQXMEwEAgACMEYDBQAgAQsYAwUDKgvnQAMFAyoNgsAD
BQMqDl8AAwUDKg93AAMFAyoPiQADBQMqD9MAAwUDKhDuQAMFAyoRDAADBQMqEsHA
MA0GCSqGSIb3DQEBCwUAA4IBAQB6ijLRvUX5pPy1FFIuhLKb0z9r3jmv55pi/aR0
0kvXt7EC95+MCVCzFfKwryQPefXLO2rosxNGdg+CAXgxOVNhCPYNf0nKHgCkCrc2
Hq2/gdEYnBMqMhSY9VlZG1Dp9ZLhvJTjYh51ImqvJaxV/p7S8FtJXzf1o3LPzEeo
xxN3qcghSJKfxLjnp31C5zik5NQSKZIdfAUYca7egvpXgfysCAzsiXQV0brl9/iU
Sj/7nvKPiljJNQuWdh8RXXNW0hCdzxF8Koo6RZsRYRMmHT+yAnzKSC94gg4nI210
IQ+erO0a0vxqVaRImunHbkRGBtpVQdN2hdmwxD4PJmZCWNN+
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:06:37 2025 by rpki-client