Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/S-G_dbIhIfyciWMeJ4Xikt2V0PA.roa
File: S-G_dbIhIfyciWMeJ4Xikt2V0PA.roa (raw, json)
Hash identifier: AyVT0BIvnYHoTRwIRLkHdIA6fb+l4qQoJ5RCeXEh0iM=
Subject key identifier: 4B:E1:BF:75:B2:21:21:FC:9C:89:63:1E:27:85:E2:92:DD:95:D0:F0
Certificate issuer: /CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Certificate serial: 0198CDB0F9E920F0F34D95974FB35E2821D8
Authority key identifier: 11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/S-G_dbIhIfyciWMeJ4Xikt2V0PA.roa
Signing time: Thu 21 Aug 2025 17:33:04 +0000
ROA not before: Thu 21 Aug 2025 17:33:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 5.182.37.0/24 maxlen: 24
5.182.38.0/24 maxlen: 24
5.182.39.0/24 maxlen: 24
45.67.34.0/24 maxlen: 24
45.84.0.0/24 maxlen: 24
45.159.249.0/24 maxlen: 24
45.159.251.0/24 maxlen: 24
141.98.169.0/24 maxlen: 24
185.231.204.0/24 maxlen: 24
185.231.206.0/24 maxlen: 24
193.43.146.0/24 maxlen: 24
193.57.137.0/24 maxlen: 24
194.4.48.0/24 maxlen: 24
194.116.172.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.mft
rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cd:b0:f9:e9:20:f0:f3:4d:95:97:4f:b3:5e:28:21:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=11a010f87a049b6e21abed9b40983b04f3f1c7e8
Validity
Not Before: Aug 21 17:33:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4be1bf75b22121fc9c89631e2785e292dd95d0f0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:6b:c8:40:61:71:12:71:84:11:d1:08:eb:f6:
96:b4:02:2a:82:c8:c9:1d:cc:02:6b:38:ad:d1:29:
32:fc:04:31:ad:c5:07:f4:aa:3c:e7:35:15:4f:05:
0c:f3:16:79:34:4c:d3:bd:7a:0c:a9:f9:59:f9:29:
3a:21:8c:4f:3f:ed:1a:c2:52:9f:4f:cc:c5:04:0a:
a4:9b:1c:85:12:8a:68:5b:82:90:45:fa:9a:be:dc:
34:19:f3:98:50:56:68:ca:c2:df:42:78:5a:a6:27:
b8:5b:27:fc:b7:1e:d3:0e:86:31:62:d4:14:de:bb:
47:5c:69:a8:20:ab:58:15:31:5e:42:e2:87:44:70:
51:6d:a3:d5:45:c4:6e:5f:bd:91:b9:ec:3c:ac:11:
77:48:d1:98:74:be:4d:c1:65:9c:50:72:db:76:db:
5b:69:2e:c6:72:46:a4:d5:49:9f:c8:81:a3:85:25:
b1:26:52:4e:57:48:28:3a:63:29:91:a7:d2:86:7e:
55:25:dc:cb:12:e3:99:2b:74:91:98:e1:cc:48:58:
13:5c:13:93:3a:dd:df:33:68:c7:ed:9f:13:70:9b:
38:f7:a1:8d:63:c3:56:22:1d:7d:62:74:cd:92:b6:
d4:0b:94:65:df:c8:43:f2:f3:c5:72:c5:d6:5b:cd:
1f:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:E1:BF:75:B2:21:21:FC:9C:89:63:1E:27:85:E2:92:DD:95:D0:F0
X509v3 Authority Key Identifier:
keyid:11:A0:10:F8:7A:04:9B:6E:21:AB:ED:9B:40:98:3B:04:F3:F1:C7:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EaAQ-HoEm24hq-2bQJg7BPPxx-g.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/S-G_dbIhIfyciWMeJ4Xikt2V0PA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4b/f25d7c-6677-4fdb-898e-ee7465754ff6/1/EaAQ-HoEm24hq-2bQJg7BPPxx-g.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.37.0-5.182.39.255
45.67.34.0/24
45.84.0.0/24
45.159.249.0/24
45.159.251.0/24
141.98.169.0/24
185.231.204.0/24
185.231.206.0/24
193.43.146.0/24
193.57.137.0/24
194.4.48.0/24
194.116.172.0/24
Signature Algorithm: sha256WithRSAEncryption
d4:1e:e7:83:18:11:21:0e:dc:66:86:59:84:17:ca:d2:a3:c8:
be:d5:20:25:24:36:65:19:49:89:29:2f:4b:87:63:10:4f:89:
cd:ed:47:7b:e3:db:d9:8f:fa:62:e1:96:07:8f:26:25:66:5a:
75:33:16:07:09:b3:0f:7e:e8:cb:81:a3:a8:d3:4b:15:8b:4f:
8e:ee:7f:61:0d:05:65:64:c0:55:e8:c4:1e:80:23:27:e5:29:
77:9f:d8:30:93:62:4a:83:39:6b:48:81:01:da:e1:c9:31:fa:
4a:1a:e4:2a:ac:73:fd:e8:2c:e2:36:06:ce:58:40:fb:f5:51:
49:f8:e9:fb:07:6d:55:8f:51:df:0c:8c:d5:a8:0f:3e:7a:d2:
f3:7b:5f:40:27:63:d3:89:91:36:30:a7:e3:74:0f:0f:d8:d6:
18:fd:69:cd:b8:da:13:fc:5d:64:d7:84:5c:d9:ec:3c:71:a3:
6a:f0:86:23:0f:86:cc:ab:33:f6:c0:ec:c9:ec:c5:1d:fe:9e:
c1:fb:bf:46:8d:72:dc:45:01:cb:c0:77:70:bc:03:c8:20:af:
ea:9a:54:4d:d4:d0:cf:2c:55:ce:06:42:74:b8:ff:9d:5a:f5:
1c:83:5f:19:01:c5:19:34:c1:58:e6:df:46:12:81:1e:b8:3f:
4d:c4:94:2a
-----BEGIN CERTIFICATE-----
MIIFRzCCBC+gAwIBAgISAZjNsPnpIPDzTZWXT7NeKCHYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExYTAxMGY4N2EwNDliNmUyMWFiZWQ5YjQwOTgzYjA0ZjNm
MWM3ZTgwHhcNMjUwODIxMTczMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmUxYmY3NWIyMjEyMWZjOWM4OTYzMWUyNzg1ZTI5MmRkOTVkMGYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0mvIQGFxEnGEEdEI6/aWtAIqgsjJ
HcwCazit0Sky/AQxrcUH9Ko85zUVTwUM8xZ5NEzTvXoMqflZ+Sk6IYxPP+0awlKf
T8zFBAqkmxyFEopoW4KQRfqavtw0GfOYUFZoysLfQnhapie4Wyf8tx7TDoYxYtQU
3rtHXGmoIKtYFTFeQuKHRHBRbaPVRcRuX72Ruew8rBF3SNGYdL5NwWWcUHLbdttb
aS7Gckak1UmfyIGjhSWxJlJOV0goOmMpkafShn5VJdzLEuOZK3SRmOHMSFgTXBOT
Ot3fM2jH7Z8TcJs496GNY8NWIh19YnTNkrbUC5Rl38hD8vPFcsXWW80fBwIDAQAB
o4ICUzCCAk8wHQYDVR0OBBYEFEvhv3WyISH8nIljHieF4pLdldDwMB8GA1UdIwQY
MBaAFBGgEPh6BJtuIavtm0CYOwTz8cfoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUt
ZWU3NDY1NzU0ZmY2LzEvUy1HX2RiSWhJZnljaVdNZUo0WGlrdDJWMFBBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Yi9mMjVkN2MtNjY3Ny00ZmRiLTg5OGUtZWU3NDY1NzU0ZmY2
LzEvRWFBUS1Ib0VtMjRocS0yYlFKZzdCUFB4eC1nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGkGCCsGAQUFBwEHAQH/BFowWDBWBAIAATBQMAwDBAAFtiUD
BAMFtiADBAAtQyIDBAAtVAADBAAtn/kDBAAtn/sDBACNYqkDBAC558wDBAC5584D
BADBK5IDBADBOYkDBADCBDADBADCdKwwDQYJKoZIhvcNAQELBQADggEBANQe54MY
ESEO3GaGWYQXytKjyL7VICUkNmUZSYkpL0uHYxBPic3tR3vj29mP+mLhlgePJiVm
WnUzFgcJsw9+6MuBo6jTSxWLT47uf2ENBWVkwFXoxB6AIyflKXef2DCTYkqDOWtI
gQHa4ckx+koa5Cqsc/3oLOI2Bs5YQPv1UUn46fsHbVWPUd8MjNWoDz560vN7X0An
Y9OJkTYwp+N0Dw/Y1hj9ac242hP8XWTXhFzZ7Dxxo2rwhiMPhsyrM/bA7MnsxR3+
nsH7v0aNctxFAcvAd3C8A8ggr+qaVE3U0M8sVc4GQnS4/51a9RyDXxkBxRk0wVjm
30YSgR64P03ElCo=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:27:10 2025 by rpki-client