Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/4a23f5-7d84-44ab-8f33-583a60820e8c/1/5-Vfz-IQSTvzUAtK9wGd7zEsU_U.roa
File: 5-Vfz-IQSTvzUAtK9wGd7zEsU_U.roa (raw, json)
Hash identifier: vXYBCiKDNQPitPz23Jn0ySE4Ex9vAmhZFSyQDy8eAqo=
Subject key identifier: E7:E5:5F:CF:E2:10:49:3B:F3:50:0B:4A:F7:01:9D:EF:31:2C:53:F5
Certificate issuer: /CN=134dbf4c13aba17a04c0b2f245b6f5890c805163
Certificate serial: 0198D11FE1426BD8E15A4D9A7B1852505D0D
Authority key identifier: 13:4D:BF:4C:13:AB:A1:7A:04:C0:B2:F2:45:B6:F5:89:0C:80:51:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/E02_TBOroXoEwLLyRbb1iQyAUWM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/4a23f5-7d84-44ab-8f33-583a60820e8c/1/5-Vfz-IQSTvzUAtK9wGd7zEsU_U.roa
Signing time: Fri 22 Aug 2025 09:33:04 +0000
ROA not before: Fri 22 Aug 2025 09:33:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198352
IP address blocks: 151.237.160.0/21 maxlen: 21
193.37.108.0/22 maxlen: 22
195.246.116.0/23 maxlen: 23
2a01:a0c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/4a23f5-7d84-44ab-8f33-583a60820e8c/1/E02_TBOroXoEwLLyRbb1iQyAUWM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/4a23f5-7d84-44ab-8f33-583a60820e8c/1/E02_TBOroXoEwLLyRbb1iQyAUWM.mft
rsync://rpki.ripe.net/repository/DEFAULT/E02_TBOroXoEwLLyRbb1iQyAUWM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d1:1f:e1:42:6b:d8:e1:5a:4d:9a:7b:18:52:50:5d:0d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=134dbf4c13aba17a04c0b2f245b6f5890c805163
Validity
Not Before: Aug 22 09:33:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e7e55fcfe210493bf3500b4af7019def312c53f5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:d0:eb:0e:59:0b:b8:e6:21:f2:af:0c:80:f9:
d1:d1:0d:11:a6:0c:8f:7e:f8:be:ee:9f:68:d7:9b:
45:00:e4:b5:36:ee:a0:9c:da:14:fc:7a:c4:9d:da:
f4:40:0c:da:e0:a2:c2:a2:86:3e:2e:5e:ba:f1:52:
7e:ea:f1:7c:34:9c:a5:1a:2b:16:bf:87:37:a0:fd:
e4:47:9e:ac:62:ce:43:4c:d8:15:91:2e:0b:b0:3f:
86:39:3d:c8:6f:51:f7:82:8e:65:04:71:6a:dd:d5:
33:f9:b7:22:0a:1a:e7:da:82:2c:04:12:55:f5:1a:
da:13:1b:45:32:40:09:fd:48:b4:fc:87:91:25:67:
3b:c5:c0:44:8c:70:2c:bd:33:37:91:d7:54:cf:2b:
03:37:74:f6:5f:bd:8d:40:01:9d:f2:35:68:7b:e4:
56:15:8c:aa:9b:0f:c5:9b:17:86:ae:3a:4d:3c:44:
47:e1:2e:02:2e:33:d7:a6:dc:16:78:06:46:bd:a1:
06:56:09:0f:f9:18:b2:5f:10:94:be:7b:f0:75:4c:
4e:c1:b4:db:6f:6e:28:ce:94:3b:df:81:0f:ce:bf:
0d:d7:be:34:12:ce:9a:fc:09:f5:93:9b:56:d0:73:
ff:21:46:f1:21:7c:e7:97:cd:58:41:28:a5:7a:8f:
fc:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E7:E5:5F:CF:E2:10:49:3B:F3:50:0B:4A:F7:01:9D:EF:31:2C:53:F5
X509v3 Authority Key Identifier:
keyid:13:4D:BF:4C:13:AB:A1:7A:04:C0:B2:F2:45:B6:F5:89:0C:80:51:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/E02_TBOroXoEwLLyRbb1iQyAUWM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4a23f5-7d84-44ab-8f33-583a60820e8c/1/5-Vfz-IQSTvzUAtK9wGd7zEsU_U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/4a23f5-7d84-44ab-8f33-583a60820e8c/1/E02_TBOroXoEwLLyRbb1iQyAUWM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.237.160.0/21
193.37.108.0/22
195.246.116.0/23
IPv6:
2a01:a0c0::/32
Signature Algorithm: sha256WithRSAEncryption
3c:40:81:bf:57:9d:e2:00:a6:7e:d3:79:4d:00:64:56:4e:80:
7b:92:63:24:7f:ff:f1:0b:62:1e:08:bf:2f:e7:a9:58:9e:41:
13:cb:8c:5f:ac:37:28:ab:5f:4d:45:15:7e:05:29:b2:49:c0:
39:ce:e1:4f:d6:aa:1c:fa:d1:ff:de:6a:80:3d:81:90:b9:64:
03:50:05:97:95:ec:d7:a3:d1:c8:65:fc:f4:c7:dd:e2:bc:08:
d5:81:c3:48:92:2a:85:c1:ab:fd:d8:16:cf:0d:cf:4d:4f:5e:
49:4f:6c:7c:08:4b:5e:ec:c5:21:03:11:96:3a:e7:60:fa:06:
53:38:51:d3:30:68:07:92:7b:17:02:23:d3:c4:cb:35:d3:43:
e6:f7:0f:c7:c0:99:35:09:8d:75:f7:4c:05:3c:a0:80:c3:33:
e2:f3:29:94:d0:c2:1e:b3:c9:59:a1:90:fc:f6:a1:c1:ca:53:
cc:b9:a3:f3:c3:60:8e:3f:4e:91:da:80:7b:36:60:a2:53:aa:
2c:58:51:f3:dd:e4:f2:8c:f6:e2:1f:b4:24:b4:8c:ea:6c:0c:
a5:1e:0f:d0:d3:14:d2:69:84:c5:80:74:1c:31:ff:ba:d4:1a:
b8:80:c3:3b:be:f4:86:28:8c:27:1f:f8:7c:7d:28:e0:11:cc:
f1:9a:40:e8
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZjRH+FCa9jhWk2aexhSUF0NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEzNGRiZjRjMTNhYmExN2EwNGMwYjJmMjQ1YjZmNTg5MGM4
MDUxNjMwHhcNMjUwODIyMDkzMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlN2U1NWZjZmUyMTA0OTNiZjM1MDBiNGFmNzAxOWRlZjMxMmM1M2Y1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy9DrDlkLuOYh8q8MgPnR0Q0RpgyP
fvi+7p9o15tFAOS1Nu6gnNoU/HrEndr0QAza4KLCooY+Ll668VJ+6vF8NJylGisW
v4c3oP3kR56sYs5DTNgVkS4LsD+GOT3Ib1H3go5lBHFq3dUz+bciChrn2oIsBBJV
9RraExtFMkAJ/Ui0/IeRJWc7xcBEjHAsvTM3kddUzysDN3T2X72NQAGd8jVoe+RW
FYyqmw/FmxeGrjpNPERH4S4CLjPXptwWeAZGvaEGVgkP+RiyXxCUvnvwdUxOwbTb
b24ozpQ734EPzr8N1740Es6a/An1k5tW0HP/IUbxIXznl81YQSileo/8UwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFOflX8/iEEk781ALSvcBne8xLFP1MB8GA1UdIwQY
MBaAFBNNv0wTq6F6BMCy8kW29YkMgFFjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRTAyX1RCT3JvWG9Fd0xMeVJiYjFpUXlBVVdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC80YTIzZjUtN2Q4NC00NGFiLThmMzMt
NTgzYTYwODIwZThjLzEvNS1WZnotSVFTVHZ6VUF0Szl3R2Q3ekVzVV9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC80YTIzZjUtN2Q4NC00NGFiLThmMzMtNTgzYTYwODIwZThj
LzEvRTAyX1RCT3JvWG9Fd0xMeVJiYjFpUXlBVVdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQDl+2gAwQC
wSVsAwQBw/Z0MA0EAgACMAcDBQAqAaDAMA0GCSqGSIb3DQEBCwUAA4IBAQA8QIG/
V53iAKZ+03lNAGRWToB7kmMkf//xC2IeCL8v56lYnkETy4xfrDcoq19NRRV+BSmy
ScA5zuFP1qoc+tH/3mqAPYGQuWQDUAWXlezXo9HIZfz0x93ivAjVgcNIkiqFwav9
2BbPDc9NT15JT2x8CEte7MUhAxGWOudg+gZTOFHTMGgHknsXAiPTxMs100Pm9w/H
wJk1CY1190wFPKCAwzPi8ymU0MIes8lZoZD89qHBylPMuaPzw2COP06R2oB7NmCi
U6osWFHz3eTyjPbiH7QktIzqbAylHg/Q0xTSaYTFgHQcMf+61Bq4gMM7vvSGKIwn
H/h8fSjgEczxmkDo
-----END CERTIFICATE-----
Generated at Sat Aug 23 20:49:45 2025 by rpki-client