Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/jk5DLmbJDPFvDX_KRrXRzuIQONk.roa
File: jk5DLmbJDPFvDX_KRrXRzuIQONk.roa (raw, json)
Hash identifier: QsbO4bJZnkw7RxYXi6mJ0xpqtRhxRs42uhmxBRFdmEI=
Subject key identifier: 8E:4E:43:2E:66:C9:0C:F1:6F:0D:7F:CA:46:B5:D1:CE:E2:10:38:D9
Certificate issuer: /CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Certificate serial: 01988FD828673E3BA031C5E1106044584B9A
Authority key identifier: 94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/jk5DLmbJDPFvDX_KRrXRzuIQONk.roa
Signing time: Sat 09 Aug 2025 17:19:24 +0000
ROA not before: Sat 09 Aug 2025 17:19:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204957
IP address blocks: 5.34.176.0/23 maxlen: 23
5.34.178.0/23 maxlen: 23
45.90.56.0/22 maxlen: 22
46.28.67.0/24 maxlen: 24
46.28.70.0/24 maxlen: 24
62.233.57.0/24 maxlen: 24
82.117.252.0/23 maxlen: 23
82.117.254.0/24 maxlen: 24
82.117.255.0/24 maxlen: 24
82.118.20.0/22 maxlen: 22
85.90.196.0/24 maxlen: 24
85.90.199.0/24 maxlen: 24
195.123.232.0/22 maxlen: 22
195.123.236.0/22 maxlen: 22
195.123.240.0/22 maxlen: 22
195.123.244.0/22 maxlen: 22
195.211.96.0/23 maxlen: 23
195.211.98.0/23 maxlen: 23
217.12.194.0/24 maxlen: 24
217.12.206.0/23 maxlen: 23
2a05:9400::/32 maxlen: 32
2a05:9401::/32 maxlen: 32
2a05:9402::/32 maxlen: 32
2a05:9403::/32 maxlen: 32
2a05:9404::/32 maxlen: 32
2a05:9405::/32 maxlen: 32
2a05:9406::/32 maxlen: 32
2a12:6fc0::/32 maxlen: 32
2a12:6fc1::/32 maxlen: 32
2a12:6fc2::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.mft
rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:8f:d8:28:67:3e:3b:a0:31:c5:e1:10:60:44:58:4b:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=94d98e8fec680775a157266e0c6b78b141a34f5e
Validity
Not Before: Aug 9 17:19:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8e4e432e66c90cf16f0d7fca46b5d1cee21038d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:9a:d2:3c:d3:c7:40:7c:9f:56:f8:d2:98:86:
d5:13:b9:ba:bd:50:d5:81:cb:c2:4b:07:16:bd:48:
9e:7d:38:19:a6:47:ab:9e:53:04:41:21:96:2e:51:
d7:a8:c1:80:48:14:65:fc:04:92:7c:49:fa:c8:96:
93:86:bc:3e:1b:57:7f:ce:4e:e0:5b:7a:fb:28:fa:
6c:5a:41:71:9f:8d:83:18:59:79:1e:7a:9a:7b:a0:
82:ad:bb:be:4b:03:06:60:ae:3f:d0:c2:8b:00:7b:
87:39:39:14:0a:4c:6c:2b:38:23:8e:b7:5d:15:1f:
75:1c:71:07:c2:cf:ff:4a:a5:bf:d6:62:cc:00:11:
5a:5f:d4:c0:71:68:11:2e:ef:7d:b5:ca:9a:f9:a6:
c8:97:75:97:66:b3:b9:e6:66:a2:d8:38:27:e8:f2:
79:6f:d7:c0:27:1b:37:61:2f:77:b2:8b:64:e6:d9:
5d:0b:eb:15:dd:a0:80:8f:8f:a9:d9:d0:c3:3f:8c:
e5:15:05:37:b0:cb:ce:ed:66:1c:7f:5c:ea:f6:34:
e0:0f:c6:bb:4e:41:b8:b6:29:e3:43:bf:d8:65:0a:
f6:2d:39:4a:ca:60:2b:0f:3a:83:6f:cb:c3:04:2e:
45:76:22:6e:31:1f:db:5b:2c:aa:01:73:68:62:64:
f5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:4E:43:2E:66:C9:0C:F1:6F:0D:7F:CA:46:B5:D1:CE:E2:10:38:D9
X509v3 Authority Key Identifier:
keyid:94:D9:8E:8F:EC:68:07:75:A1:57:26:6E:0C:6B:78:B1:41:A3:4F:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lNmOj-xoB3WhVyZuDGt4sUGjT14.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/jk5DLmbJDPFvDX_KRrXRzuIQONk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/7ae3c7-67e4-44de-b139-87d17df74c7e/1/lNmOj-xoB3WhVyZuDGt4sUGjT14.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.34.176.0/22
45.90.56.0/22
46.28.67.0/24
46.28.70.0/24
62.233.57.0/24
82.117.252.0/22
82.118.20.0/22
85.90.196.0/24
85.90.199.0/24
195.123.232.0-195.123.247.255
195.211.96.0/22
217.12.194.0/24
217.12.206.0/23
IPv6:
2a05:9400::-2a05:9406:ffff:ffff:ffff:ffff:ffff:ffff
2a12:6fc0::-2a12:6fc2:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
44:47:e0:62:d9:85:ff:25:6e:c1:2c:c1:cf:5f:09:e8:0a:f4:
09:77:f1:95:3d:b1:e3:5b:36:f3:b5:5e:5f:9e:07:a8:0c:17:
16:6a:d9:de:56:c8:de:c9:43:5f:f2:6f:51:94:fb:c1:b3:9d:
d1:41:88:2a:f8:fe:11:1e:09:3f:b9:1b:f5:fb:82:cb:af:47:
a8:7b:86:6f:9b:54:df:4b:42:7f:2c:a9:f5:81:10:bf:d3:c4:
9a:3f:73:e1:44:fb:95:8c:43:b1:d8:d4:bd:82:9d:e3:ae:78:
d9:2c:d4:2b:95:36:5b:e4:64:90:98:e4:63:81:44:37:b9:22:
31:29:81:af:13:2d:8b:8e:3e:24:05:9c:e1:01:9f:13:2c:94:
73:64:ef:66:cf:71:61:3f:06:b3:d8:aa:06:0c:17:64:68:7b:
3c:7f:1f:09:ac:76:07:7f:44:70:ee:8e:d9:84:a1:45:49:a8:
37:c5:61:90:9b:eb:d3:68:ef:0e:66:bf:09:c6:91:29:da:9f:
b5:7c:ca:1c:72:6c:72:68:58:b2:e3:8e:5a:c9:27:54:a2:10:
4e:9d:61:d5:ff:bf:52:d5:04:37:a9:4d:c3:31:9d:5a:fc:10:
ea:52:85:9f:67:d0:80:94:9e:cd:6b:61:61:75:85:a2:67:d1:
71:5f:7d:a7
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZiP2ChnPjugMcXhEGBEWEuaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk0ZDk4ZThmZWM2ODA3NzVhMTU3MjY2ZTBjNmI3OGIxNDFh
MzRmNWUwHhcNMjUwODA5MTcxOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZTRlNDMyZTY2YzkwY2YxNmYwZDdmY2E0NmI1ZDFjZWUyMTAzOGQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv5rSPNPHQHyfVvjSmIbVE7m6vVDV
gcvCSwcWvUiefTgZpkernlMEQSGWLlHXqMGASBRl/ASSfEn6yJaThrw+G1d/zk7g
W3r7KPpsWkFxn42DGFl5Hnqae6CCrbu+SwMGYK4/0MKLAHuHOTkUCkxsKzgjjrdd
FR91HHEHws//SqW/1mLMABFaX9TAcWgRLu99tcqa+abIl3WXZrO55mai2Dgn6PJ5
b9fAJxs3YS93sotk5tldC+sV3aCAj4+p2dDDP4zlFQU3sMvO7WYcf1zq9jTgD8a7
TkG4tinjQ7/YZQr2LTlKymArDzqDb8vDBC5FdiJuMR/bWyyqAXNoYmT1UwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFI5OQy5myQzxbw1/yka10c7iEDjZMB8GA1UdIwQY
MBaAFJTZjo/saAd1oVcmbgxreLFBo09eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzkt
ODdkMTdkZjc0YzdlLzEvams1RExtYkpEUEZ2RFhfS1JyWFJ6dUlRT05rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83YWUzYzctNjdlNC00NGRlLWIxMzktODdkMTdkZjc0Yzdl
LzEvbE5tT2oteG9CM1doVnladURHdDRzVUdqVDE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBcBAIAATBWAwQCBSKw
AwQCLVo4AwQALhxDAwQALhxGAwQAPuk5AwQCUnX8AwQCUnYUAwQAVVrEAwQAVVrH
MAwDBAPDe+gDBAPDe/ADBALD02ADBADZDMIDBAHZDM4wJQQCAAIwHzANAwQCKgWU
AwUAKgWUBjAOAwUGKhJvwAMFACoSb8IwDQYJKoZIhvcNAQELBQADggEBAERH4GLZ
hf8lbsEswc9fCegK9Al38ZU9seNbNvO1Xl+eB6gMFxZq2d5WyN7JQ1/yb1GU+8Gz
ndFBiCr4/hEeCT+5G/X7gsuvR6h7hm+bVN9LQn8sqfWBEL/TxJo/c+FE+5WMQ7HY
1L2CneOueNks1CuVNlvkZJCY5GOBRDe5IjEpga8TLYuOPiQFnOEBnxMslHNk72bP
cWE/BrPYqgYMF2Roezx/Hwmsdgd/RHDujtmEoUVJqDfFYZCb69No7w5mvwnGkSna
n7V8yhxybHJoWLLjjlrJJ1SiEE6dYdX/v1LVBDepTcMxnVr8EOpShZ9n0ICUns1r
YWF1haJn0XFffac=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:44:15 2025 by rpki-client