Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/3s4wnSqH-ttb7eev48ZraLJ1VGA.roa
File: 3s4wnSqH-ttb7eev48ZraLJ1VGA.roa (raw, json)
Hash identifier: Wmw6t+8HEkfVe2fN2mvQR9Y93IEdiC1FC6bam2JbkeM=
Subject key identifier: DE:CE:30:9D:2A:87:FA:DB:5B:ED:E7:AF:E3:C6:6B:68:B2:75:54:60
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 01989E7C53E775D9C69065B2F2C6718CB933
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/3s4wnSqH-ttb7eev48ZraLJ1VGA.roa
Signing time: Tue 12 Aug 2025 13:33:24 +0000
ROA not before: Tue 12 Aug 2025 13:33:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 5.180.84.0/22 maxlen: 24
107.150.169.0/24 maxlen: 24
107.150.173.0/24 maxlen: 24
124.198.140.0/22 maxlen: 24
124.198.148.0/22 maxlen: 24
124.198.152.0/21 maxlen: 24
158.173.136.0/22 maxlen: 24
162.218.177.0/24 maxlen: 24
162.218.178.0/24 maxlen: 24
163.47.104.0/22 maxlen: 24
167.160.1.0/24 maxlen: 24
167.160.2.0/24 maxlen: 24
185.192.213.0/24 maxlen: 24
185.192.214.0/24 maxlen: 24
185.203.149.0/24 maxlen: 24
185.203.150.0/24 maxlen: 24
185.212.173.0/24 maxlen: 24
185.212.174.0/24 maxlen: 24
202.49.244.0/22 maxlen: 24
202.50.124.0/22 maxlen: 24
203.188.176.0/22 maxlen: 24
203.188.184.0/22 maxlen: 24
203.188.188.0/24 maxlen: 24
212.32.51.0/24 maxlen: 24
212.32.70.0/24 maxlen: 24
212.32.77.0/24 maxlen: 24
212.32.78.0/23 maxlen: 24
212.56.51.0/24 maxlen: 24
212.56.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 07:01:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:7c:53:e7:75:d9:c6:90:65:b2:f2:c6:71:8c:b9:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Aug 12 13:33:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dece309d2a87fadb5bede7afe3c66b68b2755460
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:11:42:26:75:49:c1:54:3e:b3:f7:8a:3a:2a:
27:31:49:f7:5f:72:2e:c1:80:75:6c:04:08:ea:ce:
73:85:5c:70:51:ee:82:db:26:8b:fa:6d:15:63:a0:
8d:07:a9:c3:82:01:c3:2f:15:56:d5:fd:20:20:ec:
1b:52:c9:40:b4:ed:b4:fd:84:aa:9b:bb:17:7d:dc:
88:fe:e1:36:4a:8d:6a:70:8b:6a:dc:92:f7:f7:eb:
d1:39:2d:dd:6f:6d:8d:9e:3f:df:a3:68:cd:bb:e4:
55:b3:65:54:f9:26:34:4d:54:37:71:18:3f:df:53:
16:f2:97:1a:87:49:f5:a6:a8:71:85:f5:7a:31:ea:
c5:9c:5a:5c:03:00:97:cc:37:88:21:d6:64:e9:6b:
7b:c2:38:cd:df:69:a0:47:c2:c7:67:47:69:2a:c6:
b6:6a:5e:b2:43:cf:33:ba:06:eb:8a:a4:54:67:09:
54:2d:07:17:bf:cc:cb:f5:4d:1b:b7:f6:16:6c:9c:
36:fd:29:a2:fd:67:d5:c6:f3:e0:e2:d5:38:f4:f7:
36:e5:16:a2:af:21:c7:84:dc:54:07:df:b4:c1:3a:
23:66:9f:82:91:c9:66:84:a6:0b:ed:f9:76:db:cc:
aa:0a:f5:da:bf:77:51:88:ba:6e:a2:1e:1a:83:e4:
f0:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DE:CE:30:9D:2A:87:FA:DB:5B:ED:E7:AF:E3:C6:6B:68:B2:75:54:60
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/3s4wnSqH-ttb7eev48ZraLJ1VGA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.84.0/22
107.150.169.0/24
107.150.173.0/24
124.198.140.0/22
124.198.148.0-124.198.159.255
158.173.136.0/22
162.218.177.0-162.218.178.255
163.47.104.0/22
167.160.1.0-167.160.2.255
185.192.213.0-185.192.214.255
185.203.149.0-185.203.150.255
185.212.173.0-185.212.174.255
202.49.244.0/22
202.50.124.0/22
203.188.176.0/22
203.188.184.0-203.188.188.255
212.32.51.0/24
212.32.70.0/24
212.32.77.0-212.32.79.255
212.56.51.0/24
212.56.55.0/24
Signature Algorithm: sha256WithRSAEncryption
53:76:c7:04:2a:52:c3:84:60:56:4f:70:10:c6:e2:49:f5:8c:
d5:e6:81:1d:a1:e2:de:54:11:79:54:d2:47:01:64:4a:43:0d:
12:c4:06:88:0b:dc:ed:35:b1:1b:53:ed:7e:63:71:28:48:2a:
5c:cd:6f:52:25:15:65:a7:5d:81:89:12:9f:9f:0a:ab:7c:a0:
76:c8:ce:6c:a9:09:1e:f8:0a:fa:67:a7:10:d5:1c:d3:5d:8d:
3c:61:a9:23:e2:51:24:8b:39:0f:cb:f4:53:96:1f:a7:38:a3:
b5:c0:ef:93:b8:0f:12:5e:fb:c8:aa:c4:e6:2a:ab:0b:e7:dc:
46:1c:23:d2:81:76:e2:07:28:0c:6b:08:0e:75:76:9e:c3:08:
bb:72:da:1b:79:10:36:53:bb:fd:60:a5:19:b5:e4:78:88:70:
40:02:21:b7:22:f1:6c:74:ea:48:35:ca:9e:f6:df:27:dc:88:
72:7c:6f:08:41:9d:ae:b2:31:66:fd:bf:f3:94:ce:ff:30:dd:
de:27:5c:f2:55:18:e8:e0:c8:d3:4c:5f:ba:e4:9b:bf:d5:95:
3c:e0:e4:98:23:34:34:82:05:22:97:a2:bb:ae:1c:7f:26:5e:
41:be:84:a2:63:22:49:e3:e7:36:da:21:af:bb:35:8a:ad:89:
73:e5:00:56
-----BEGIN CERTIFICATE-----
MIIFujCCBKKgAwIBAgISAZiefFPnddnGkGWy8sZxjLkzMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwODEyMTMzMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZWNlMzA5ZDJhODdmYWRiNWJlZGU3YWZlM2M2NmI2OGIyNzU1NDYwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3xFCJnVJwVQ+s/eKOionMUn3X3Iu
wYB1bAQI6s5zhVxwUe6C2yaL+m0VY6CNB6nDggHDLxVW1f0gIOwbUslAtO20/YSq
m7sXfdyI/uE2So1qcItq3JL39+vROS3db22Nnj/fo2jNu+RVs2VU+SY0TVQ3cRg/
31MW8pcah0n1pqhxhfV6MerFnFpcAwCXzDeIIdZk6Wt7wjjN32mgR8LHZ0dpKsa2
al6yQ88zugbriqRUZwlULQcXv8zL9U0bt/YWbJw2/Smi/WfVxvPg4tU49Pc25Rai
ryHHhNxUB9+0wTojZp+CkclmhKYL7fl228yqCvXav3dRiLpuoh4ag+TwBQIDAQAB
o4ICxjCCAsIwHQYDVR0OBBYEFN7OMJ0qh/rbW+3nr+PGa2iydVRgMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvM3M0d25TcUgtdHRiN2VldjQ4WnJhTEoxVkdBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHbBggrBgEFBQcBBwEB/wSByzCByDCBxQQCAAEwgb4DBAIF
tFQDBABrlqkDBABrlq0DBAJ8xowwDAMEAnzGlAMEBXzGgAMEAp6tiDAMAwQAotqx
AwQAotqyAwQCoy9oMAwDBACnoAEDBACnoAIwDAMEALnA1QMEALnA1jAMAwQAucuV
AwQAucuWMAwDBAC51K0DBAC51K4DBALKMfQDBALKMnwDBALLvLAwDAMEA8u8uAME
AMu8vAMEANQgMwMEANQgRjAMAwQA1CBNAwQE1CBAAwQA1DgzAwQA1Dg3MA0GCSqG
SIb3DQEBCwUAA4IBAQBTdscEKlLDhGBWT3AQxuJJ9YzV5oEdoeLeVBF5VNJHAWRK
Qw0SxAaIC9ztNbEbU+1+Y3EoSCpczW9SJRVlp12BiRKfnwqrfKB2yM5sqQke+Ar6
Z6cQ1RzTXY08Yakj4lEkizkPy/RTlh+nOKO1wO+TuA8SXvvIqsTmKqsL59xGHCPS
gXbiBygMawgOdXaewwi7ctobeRA2U7v9YKUZteR4iHBAAiG3IvFsdOpINcqe9t8n
3IhyfG8IQZ2usjFm/b/zlM7/MN3eJ1zyVRjo4MjTTF+65Ju/1ZU84OSYIzQ0ggUi
l6K7rhx/Jl5BvoSiYyJJ4+c22iGvuzWKrYlz5QBW
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:59:07 2025 by rpki-client