Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5frCTMLAAAivj5vAlLzU9tn9SZk.roa
File: 5frCTMLAAAivj5vAlLzU9tn9SZk.roa (raw, json)
Hash identifier: ydNqfms74WxpRDm6+VGy0or8AczawOAEsWbCcpbLY/k=
Subject key identifier: E5:FA:C2:4C:C2:C0:00:08:AF:8F:9B:C0:94:BC:D4:F6:D9:FD:49:99
Certificate issuer: /CN=b72945f57103153a07854e74e227f2aec1c5f430
Certificate serial: 0198A37EFABDF69B78794904139B9004A55B
Authority key identifier: B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5frCTMLAAAivj5vAlLzU9tn9SZk.roa
Signing time: Wed 13 Aug 2025 12:54:24 +0000
ROA not before: Wed 13 Aug 2025 12:54:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 400536
IP address blocks: 185.24.148.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.mft
rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:7e:fa:bd:f6:9b:78:79:49:04:13:9b:90:04:a5:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b72945f57103153a07854e74e227f2aec1c5f430
Validity
Not Before: Aug 13 12:54:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5fac24cc2c00008af8f9bc094bcd4f6d9fd4999
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:70:69:02:0c:d1:71:47:53:4d:dc:28:7e:f2:
62:47:56:60:39:9c:19:cc:0a:b9:4c:47:45:07:8f:
00:76:54:f3:38:2e:bb:3b:8f:d8:cd:65:22:f6:e5:
18:c7:51:a4:51:67:d1:71:0c:d8:25:3e:16:d4:80:
13:47:1c:60:c1:6d:0b:8e:0c:ea:d9:db:f8:87:fc:
60:14:ae:a9:6e:9f:86:06:5b:4d:ca:54:49:16:aa:
c2:d1:dd:36:59:a3:83:ff:0f:f2:db:e2:9c:bf:96:
4e:a4:98:4c:28:ba:40:dc:43:be:d7:25:d4:57:4a:
f5:ce:46:f1:7e:0d:2f:7d:07:c2:3d:98:c0:78:be:
01:2c:bc:ff:65:42:e2:67:17:64:d6:de:92:96:89:
a2:ff:4c:25:fa:00:c0:59:03:0b:05:6c:6b:9c:e4:
82:d2:a3:a7:39:13:ab:cb:90:b4:aa:46:65:cb:f9:
a8:8d:5f:65:18:d3:93:3c:09:5a:c1:11:85:4a:3e:
dc:2b:95:f0:2e:22:97:7c:3e:d1:1e:06:54:ad:8c:
6c:e6:17:b2:d6:cd:37:88:41:12:1b:61:08:57:7e:
1f:f4:8b:01:ed:9f:36:46:6f:bd:b3:09:62:55:ee:
21:35:0d:7f:82:c3:7b:68:05:e4:88:ba:14:9b:3f:
ae:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:FA:C2:4C:C2:C0:00:08:AF:8F:9B:C0:94:BC:D4:F6:D9:FD:49:99
X509v3 Authority Key Identifier:
keyid:B7:29:45:F5:71:03:15:3A:07:85:4E:74:E2:27:F2:AE:C1:C5:F4:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tylF9XEDFToHhU504ifyrsHF9DA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/5frCTMLAAAivj5vAlLzU9tn9SZk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/61/5f6906-3fb0-4dff-8d01-2a09cc53a805/1/tylF9XEDFToHhU504ifyrsHF9DA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.24.148.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:f9:f2:6a:f9:68:93:e6:0a:ff:88:96:15:54:67:ca:ca:6e:
65:3e:83:33:b6:42:0c:e0:8c:ae:97:99:8e:52:0b:0a:6a:57:
03:32:2d:ff:88:2d:8e:3c:5d:e0:61:24:49:8c:74:20:57:83:
f1:23:ee:0c:28:e6:7c:c8:ce:33:2e:2e:e0:e3:1f:3d:04:d4:
84:83:87:af:b6:83:51:5a:6d:b7:3f:2b:2e:12:02:23:f6:bd:
b7:86:f6:56:c5:5a:20:74:2b:3a:11:54:c5:6a:03:b8:3a:fa:
8b:03:70:35:66:53:9f:ee:00:af:cf:ac:00:ca:41:c3:82:31:
bb:4c:f7:a3:32:a1:81:00:cf:1d:79:1a:dd:1d:d5:a0:0b:e5:
47:5c:1b:b8:cf:dc:4d:c6:7c:78:87:b5:4b:7d:15:0c:3d:11:
5b:08:c7:6a:54:43:ad:38:3f:92:de:72:ca:57:62:06:38:27:
55:54:3a:92:cf:67:65:2d:ce:0c:da:06:0a:78:69:ef:cb:f9:
7e:77:ea:bf:ba:5b:48:9b:40:99:b1:1f:9d:23:ce:b1:36:ce:
b1:bd:2f:3f:a9:63:35:28:48:94:32:95:e6:ce:3d:ed:74:f2:
d7:3d:4f:85:71:1a:bc:82:0f:c5:c8:f4:7b:2c:f6:67:71:e4:
cf:88:1a:9b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZijfvq99pt4eUkEE5uQBKVbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI3Mjk0NWY1NzEwMzE1M2EwNzg1NGU3NGUyMjdmMmFlYzFj
NWY0MzAwHhcNMjUwODEzMTI1NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWZhYzI0Y2MyYzAwMDA4YWY4ZjliYzA5NGJjZDRmNmQ5ZmQ0OTk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsHBpAgzRcUdTTdwofvJiR1ZgOZwZ
zAq5TEdFB48AdlTzOC67O4/YzWUi9uUYx1GkUWfRcQzYJT4W1IATRxxgwW0Ljgzq
2dv4h/xgFK6pbp+GBltNylRJFqrC0d02WaOD/w/y2+Kcv5ZOpJhMKLpA3EO+1yXU
V0r1zkbxfg0vfQfCPZjAeL4BLLz/ZULiZxdk1t6Slomi/0wl+gDAWQMLBWxrnOSC
0qOnOROry5C0qkZly/mojV9lGNOTPAlawRGFSj7cK5XwLiKXfD7RHgZUrYxs5hey
1s03iEESG2EIV34f9IsB7Z82Rm+9swliVe4hNQ1/gsN7aAXkiLoUmz+uzwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFOX6wkzCwAAIr4+bwJS81PbZ/UmZMB8GA1UdIwQY
MBaAFLcpRfVxAxU6B4VOdOIn8q7BxfQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEt
MmEwOWNjNTNhODA1LzEvNWZyQ1RNTEFBQWl2ajV2QWxMelU5dG45U1prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MS81ZjY5MDYtM2ZiMC00ZGZmLThkMDEtMmEwOWNjNTNhODA1
LzEvdHlsRjlYRURGVG9IaFU1MDRpZnlyc0hGOURBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuRiUMA0G
CSqGSIb3DQEBCwUAA4IBAQCK+fJq+WiT5gr/iJYVVGfKym5lPoMztkIM4Iyul5mO
UgsKalcDMi3/iC2OPF3gYSRJjHQgV4PxI+4MKOZ8yM4zLi7g4x89BNSEg4evtoNR
Wm23PysuEgIj9r23hvZWxVogdCs6EVTFagO4OvqLA3A1ZlOf7gCvz6wAykHDgjG7
TPejMqGBAM8deRrdHdWgC+VHXBu4z9xNxnx4h7VLfRUMPRFbCMdqVEOtOD+S3nLK
V2IGOCdVVDqSz2dlLc4M2gYKeGnvy/l+d+q/ultIm0CZsR+dI86xNs6xvS8/qWM1
KEiUMpXmzj3tdPLXPU+FcRq8gg/FyPR7LPZnceTPiBqb
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:10:53 2025 by rpki-client