Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/j3rP9aBAAFx9Oa-zskJ_4NI30kU.roa
File: j3rP9aBAAFx9Oa-zskJ_4NI30kU.roa (raw, json)
Hash identifier: AifBem/jHqCSEautocNlw624ircJQkhdhRhkcQFuj9Q=
Subject key identifier: 8F:7A:CF:F5:A0:40:00:5C:7D:39:AF:B3:B2:42:7F:E0:D2:37:D2:45
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 0198A8A5F2F668524496059C5F14E7FB8832
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/j3rP9aBAAFx9Oa-zskJ_4NI30kU.roa
Signing time: Thu 14 Aug 2025 12:55:04 +0000
ROA not before: Thu 14 Aug 2025 12:55:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28964
IP address blocks: 5.172.32.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.73.0/24 maxlen: 24
89.23.91.0/24 maxlen: 24
89.23.95.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.242.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
185.157.45.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 20:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:a5:f2:f6:68:52:44:96:05:9c:5f:14:e7:fb:88:32
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Aug 14 12:55:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f7acff5a040005c7d39afb3b2427fe0d237d245
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:76:3f:da:a4:2e:0a:e9:eb:5f:ea:5d:1a:5e:
df:42:bb:d9:62:d6:90:82:37:a3:01:81:84:c0:89:
8d:07:7e:04:f9:4c:09:93:1a:79:37:54:76:35:82:
76:3d:cf:0d:ee:78:0d:94:eb:0d:d5:b5:ac:47:71:
0a:24:6b:ee:ef:ba:ca:7c:ad:c3:6a:33:c9:a8:a6:
27:6b:77:bf:4c:16:5f:f7:45:f7:a9:6c:e5:d1:be:
b5:9a:52:57:64:ef:a4:06:fb:f6:1f:f0:04:8f:d6:
36:9a:18:a9:43:46:8d:e8:fa:a6:97:79:5a:da:a5:
fd:bf:5f:4c:13:76:39:fe:53:b7:54:97:8b:c8:bb:
b4:b5:2d:d0:ad:bc:31:a9:60:b7:a7:f2:f7:b5:d0:
52:6e:17:47:1c:08:94:4d:04:b5:71:d7:5f:b1:27:
6b:ae:01:58:c2:67:ef:15:84:83:6d:83:c8:29:7b:
74:1d:43:e3:ec:9a:f6:82:5c:66:44:a2:0f:3d:4f:
3d:04:d2:ca:b7:a5:2b:1f:fb:b3:77:ff:fe:e9:06:
83:c3:cd:f2:7a:38:28:1b:28:65:a1:f3:de:3e:4d:
51:05:65:f9:98:14:f5:fb:46:f2:43:2b:25:89:01:
17:20:52:4b:bc:bc:9b:6a:f7:eb:21:79:69:85:58:
87:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:7A:CF:F5:A0:40:00:5C:7D:39:AF:B3:B2:42:7F:E0:D2:37:D2:45
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/j3rP9aBAAFx9Oa-zskJ_4NI30kU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.73.0/24
89.23.91.0/24
89.23.95.0/24
109.111.241.0-109.111.242.255
109.111.251.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.185.0/24
185.157.45.0/24
185.157.47.0/24
Signature Algorithm: sha256WithRSAEncryption
2c:14:19:62:37:5a:02:e4:ab:d1:d1:69:f2:8b:02:54:5e:e6:
ab:56:54:ce:59:c2:82:8f:79:d8:c0:fe:27:d9:3e:8d:ca:b8:
1a:28:c8:d1:44:bc:23:88:5f:a8:9f:f6:7f:52:f4:bc:5b:8a:
99:b9:bf:8c:1a:81:d9:ad:70:43:6a:e9:b9:b8:65:59:70:e6:
6f:20:54:74:13:47:f3:6f:a8:cc:6a:59:94:71:bc:97:02:9c:
71:06:1e:fc:70:2a:b3:7c:47:b0:25:c6:8a:70:17:38:77:1b:
48:bd:38:40:c7:65:d5:41:4b:25:34:85:52:aa:bd:7e:8b:2f:
e4:4f:bb:1f:c3:d8:a0:f3:91:37:2a:ea:1e:e2:8a:a3:03:8f:
39:c4:b2:f7:d5:d1:46:a1:e0:41:88:1e:67:0c:30:20:63:f1:
86:f0:27:04:f0:48:f1:7d:3f:6f:75:1c:76:e1:c7:4d:b7:a8:
75:1b:c6:e3:dd:f0:9f:24:be:3a:81:8d:9c:63:4f:b6:4c:a3:
81:a9:8b:13:4b:ad:f3:2f:34:e7:9f:b8:b8:18:99:2a:26:a7:
f2:21:48:6a:e6:68:1e:37:04:fd:d7:ed:d8:99:a5:5a:3c:ba:
ed:7d:c5:e9:48:11:94:cf:99:98:24:a6:e1:11:92:f6:29:95:
b4:55:2b:1b
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZiopfL2aFJElgWcXxTn+4gyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwODE0MTI1NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjdhY2ZmNWEwNDAwMDVjN2QzOWFmYjNiMjQyN2ZlMGQyMzdkMjQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnHY/2qQuCunrX+pdGl7fQrvZYtaQ
gjejAYGEwImNB34E+UwJkxp5N1R2NYJ2Pc8N7ngNlOsN1bWsR3EKJGvu77rKfK3D
ajPJqKYna3e/TBZf90X3qWzl0b61mlJXZO+kBvv2H/AEj9Y2mhipQ0aN6Pqml3la
2qX9v19ME3Y5/lO3VJeLyLu0tS3QrbwxqWC3p/L3tdBSbhdHHAiUTQS1cddfsSdr
rgFYwmfvFYSDbYPIKXt0HUPj7Jr2glxmRKIPPU89BNLKt6UrH/uzd//+6QaDw83y
ejgoGyhlofPePk1RBWX5mBT1+0byQysliQEXIFJLvLybavfrIXlphViHoQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFI96z/WgQABcfTmvs7JCf+DSN9JFMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvajNyUDlhQkFBRng5T2EtenNrSl80TkkzMGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAAWsIAME
AFkXQAMEAFkXSQMEAFkXWwMEAFkXXzAMAwQAbW/xAwQAbW/yAwQAbW/7MAwDBAWy
/qADBACy/qIDBACy/qQDBAGy/qYwDAMEALL+rQMEALL+rgMEALL+sgMEALL+uQME
ALmdLQMEALmdLzANBgkqhkiG9w0BAQsFAAOCAQEALBQZYjdaAuSr0dFp8osCVF7m
q1ZUzlnCgo952MD+J9k+jcq4GijI0US8I4hfqJ/2f1L0vFuKmbm/jBqB2a1wQ2rp
ubhlWXDmbyBUdBNH82+ozGpZlHG8lwKccQYe/HAqs3xHsCXGinAXOHcbSL04QMdl
1UFLJTSFUqq9fosv5E+7H8PYoPORNyrqHuKKowOPOcSy99XRRqHgQYgeZwwwIGPx
hvAnBPBI8X0/b3UcduHHTbeodRvG493wnyS+OoGNnGNPtkyjgamLE0ut8y8055+4
uBiZKian8iFIauZoHjcE/dft2JmlWjy67X3F6UgRlM+ZmCSm4RGS9imVtFUrGw==
-----END CERTIFICATE-----
Generated at Sun Aug 24 07:02:21 2025 by rpki-client