Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/1OnAxERvwCdnk__Rn-ReVSlbcoM.roa
File: 1OnAxERvwCdnk__Rn-ReVSlbcoM.roa (raw, json)
Hash identifier: aqwsdMgIbP4mFzFG0p4x2dQgO0GnM+i3JMeyA55YC7E=
Subject key identifier: D4:E9:C0:C4:44:6F:C0:27:67:93:FF:D1:9F:E4:5E:55:29:5B:72:83
Certificate issuer: /CN=df3b1d2773a03d317a7703193d2f45429a94ba9f
Certificate serial: 0198837B23A2654B5E7907CC74A03E854871
Authority key identifier: DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/1OnAxERvwCdnk__Rn-ReVSlbcoM.roa
Signing time: Thu 07 Aug 2025 07:42:22 +0000
ROA not before: Thu 07 Aug 2025 07:42:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47764
IP address blocks: 5.61.16.0/21 maxlen: 21
5.101.40.0/22 maxlen: 22
45.136.20.0/22 maxlen: 22
83.222.28.0/22 maxlen: 22
87.242.112.0/22 maxlen: 22
185.16.148.0/22 maxlen: 22
185.16.244.0/22 maxlen: 22
185.16.244.0/23 maxlen: 23
185.16.246.0/24 maxlen: 24
185.16.247.0/24 maxlen: 24
185.100.104.0/22 maxlen: 22
185.226.52.0/22 maxlen: 22
193.203.40.0/22 maxlen: 22
217.20.144.0/20 maxlen: 20
217.174.188.0/22 maxlen: 22
2a00:b4c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.mft
rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:83:7b:23:a2:65:4b:5e:79:07:cc:74:a0:3e:85:48:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=df3b1d2773a03d317a7703193d2f45429a94ba9f
Validity
Not Before: Aug 7 07:42:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4e9c0c4446fc0276793ffd19fe45e55295b7283
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:fd:19:75:a0:74:32:ee:0a:2c:b0:4d:d9:92:
fe:f5:b0:1d:56:52:d0:ac:3e:34:eb:99:28:fa:59:
7e:7e:e4:ad:23:0d:d5:c7:2a:d1:4d:cd:fb:43:e5:
c9:b1:82:66:a6:7e:be:0c:de:41:18:32:69:97:96:
b3:9e:82:3f:91:18:d2:32:72:f0:70:6e:6b:25:c7:
b7:47:dc:1a:0b:00:c5:11:e7:37:43:be:5e:56:6b:
85:88:1c:38:67:37:a4:ea:cb:80:eb:c1:c7:3c:cb:
56:9d:9d:81:bc:86:59:c0:04:3d:81:9b:ce:79:06:
fc:d3:38:f1:a4:d5:c6:96:dc:fa:e9:6e:5d:59:db:
b7:9e:10:9a:fe:cd:b7:3e:88:63:a2:35:d2:a4:5c:
02:cc:12:d3:87:c1:47:a1:90:29:ac:39:31:09:dd:
db:14:f4:2b:4c:c4:50:6b:5f:bc:e5:b4:8d:10:a1:
78:05:9e:9f:20:45:e6:e0:4e:b8:88:c1:9f:75:10:
d0:64:d1:45:10:51:76:c1:54:ce:20:dd:bf:b0:cd:
49:f7:52:2a:d4:88:4b:ca:c7:78:d3:f1:51:f4:e4:
15:30:51:8b:b7:83:44:9d:b7:60:5d:81:5a:20:c5:
29:a6:7e:bb:4d:53:43:71:14:b6:4e:fe:ad:80:01:
a2:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:E9:C0:C4:44:6F:C0:27:67:93:FF:D1:9F:E4:5E:55:29:5B:72:83
X509v3 Authority Key Identifier:
keyid:DF:3B:1D:27:73:A0:3D:31:7A:77:03:19:3D:2F:45:42:9A:94:BA:9F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3zsdJ3OgPTF6dwMZPS9FQpqUup8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/1OnAxERvwCdnk__Rn-ReVSlbcoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/52d088-6989-4e89-8777-526dcb2a23bd/1/3zsdJ3OgPTF6dwMZPS9FQpqUup8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.16.0/21
5.101.40.0/22
45.136.20.0/22
83.222.28.0/22
87.242.112.0/22
185.16.148.0/22
185.16.244.0/22
185.100.104.0/22
185.226.52.0/22
193.203.40.0/22
217.20.144.0/20
217.174.188.0/22
IPv6:
2a00:b4c0::/32
Signature Algorithm: sha256WithRSAEncryption
a4:fb:9b:b7:d2:78:f2:47:1a:d7:4f:96:a2:40:df:58:a7:eb:
2d:61:3e:52:fc:09:a6:8c:ed:83:e4:11:bf:19:98:33:71:1f:
ce:58:d1:42:c4:31:3a:58:e2:c1:ca:23:50:18:3f:3a:a4:6f:
b4:9f:49:14:26:0b:0a:a2:7a:a6:28:11:d1:7e:17:a4:04:c5:
6a:15:dd:59:b1:67:5c:97:2f:b8:e7:fa:90:43:f0:e8:9f:00:
f2:ff:c1:67:ff:f4:39:b3:2f:83:26:ff:38:b9:3b:db:d9:ad:
3c:5c:11:09:63:51:81:70:71:66:2e:80:e6:86:9d:9c:af:1e:
3a:81:5d:8c:a3:f2:79:21:81:6f:a7:e7:67:31:b2:72:8a:ea:
f9:b0:6d:da:b2:1d:8f:c6:37:52:2f:37:21:ff:0d:20:78:82:
45:b5:7d:44:61:50:ae:b8:55:8a:80:77:a5:01:b2:77:78:ab:
bb:7a:e2:dc:0a:d6:2d:4d:46:df:c3:3a:1e:3b:a3:b4:cd:58:
9b:cd:2c:17:2c:db:85:90:f0:d4:89:c7:82:4d:6e:f1:ef:0b:
81:5a:94:78:0a:01:1f:39:6e:d6:f4:ad:ee:67:78:80:c5:74:
05:65:d8:ea:a1:0a:83:7e:b6:14:09:f1:2f:6b:48:6f:5e:10:
b6:ae:f8:f3
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZiDeyOiZUteeQfMdKA+hUhxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRmM2IxZDI3NzNhMDNkMzE3YTc3MDMxOTNkMmY0NTQyOWE5
NGJhOWYwHhcNMjUwODA3MDc0MjIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGU5YzBjNDQ0NmZjMDI3Njc5M2ZmZDE5ZmU0NWU1NTI5NWI3MjgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoP0ZdaB0Mu4KLLBN2ZL+9bAdVlLQ
rD4065ko+ll+fuStIw3VxyrRTc37Q+XJsYJmpn6+DN5BGDJpl5aznoI/kRjSMnLw
cG5rJce3R9waCwDFEec3Q75eVmuFiBw4Zzek6suA68HHPMtWnZ2BvIZZwAQ9gZvO
eQb80zjxpNXGltz66W5dWdu3nhCa/s23PohjojXSpFwCzBLTh8FHoZAprDkxCd3b
FPQrTMRQa1+85bSNEKF4BZ6fIEXm4E64iMGfdRDQZNFFEFF2wVTOIN2/sM1J91Iq
1IhLysd40/FR9OQVMFGLt4NEnbdgXYFaIMUppn67TVNDcRS2Tv6tgAGiNQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFNTpwMREb8AnZ5P/0Z/kXlUpW3KDMB8GA1UdIwQY
MBaAFN87HSdzoD0xencDGT0vRUKalLqfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3Nzct
NTI2ZGNiMmEyM2JkLzEvMU9uQXhFUnZ3Q2Rua19fUm4tUmVWU2xiY29NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi81MmQwODgtNjk4OS00ZTg5LTg3NzctNTI2ZGNiMmEyM2Jk
LzEvM3pzZEozT2dQVEY2ZHdNWlBTOUZRcHFVdXA4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQDBT0QAwQC
BWUoAwQCLYgUAwQCU94cAwQCV/JwAwQCuRCUAwQCuRD0AwQCuWRoAwQCueI0AwQC
wcsoAwQE2RSQAwQC2a68MA0EAgACMAcDBQAqALTAMA0GCSqGSIb3DQEBCwUAA4IB
AQCk+5u30njyRxrXT5aiQN9Yp+stYT5S/AmmjO2D5BG/GZgzcR/OWNFCxDE6WOLB
yiNQGD86pG+0n0kUJgsKonqmKBHRfhekBMVqFd1ZsWdcly+45/qQQ/DonwDy/8Fn
//Q5sy+DJv84uTvb2a08XBEJY1GBcHFmLoDmhp2crx46gV2Mo/J5IYFvp+dnMbJy
iur5sG3ash2PxjdSLzch/w0geIJFtX1EYVCuuFWKgHelAbJ3eKu7euLcCtYtTUbf
wzoeO6O0zVibzSwXLNuFkPDUiceCTW7x7wuBWpR4CgEfOW7W9K3uZ3iAxXQFZdjq
oQqDfrYUCfEva0hvXhC2rvjz
-----END CERTIFICATE-----
Generated at Sun Aug 24 00:20:41 2025 by rpki-client