Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/GxjiQYL-iGOAVHNMg1TX24x4ygU.roa
File: GxjiQYL-iGOAVHNMg1TX24x4ygU.roa (raw, json)
Hash identifier: 4pz3qTPsLPKhzeVhImXnpiGMiT+ZWEpvQAca1AnIER4=
Subject key identifier: 1B:18:E2:41:82:FE:88:63:80:54:73:4C:83:54:D7:DB:8C:78:CA:05
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 0198C054906D5BDEC1FEEBE2D23479502E66
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/GxjiQYL-iGOAVHNMg1TX24x4ygU.roa
Signing time: Tue 19 Aug 2025 03:17:04 +0000
ROA not before: Tue 19 Aug 2025 03:17:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.16.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.72.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
146.103.89.0/24 maxlen: 24
146.103.90.0/24 maxlen: 24
146.103.91.0/24 maxlen: 24
146.103.92.0/24 maxlen: 24
146.103.93.0/24 maxlen: 24
146.103.94.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c0:54:90:6d:5b:de:c1:fe:eb:e2:d2:34:79:50:2e:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Aug 19 03:17:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1b18e24182fe88638054734c8354d7db8c78ca05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:30:31:c8:9b:bc:92:36:11:c1:67:ed:ac:67:
fa:6e:63:0c:b0:02:f8:15:96:3a:8a:80:6d:af:94:
a6:ca:82:34:e0:79:7d:90:eb:9c:71:e6:c4:0f:95:
13:c8:39:73:68:fc:14:ed:cd:47:12:20:35:34:c8:
73:be:9e:2a:12:18:85:78:21:b5:99:de:08:28:2a:
a2:e1:5d:41:5a:cc:7c:81:45:1c:7f:d4:a9:bf:4b:
8c:ff:a9:83:ee:f4:86:4c:ee:8d:bb:40:97:cb:26:
63:f4:fa:a7:c3:77:c5:3d:6b:7b:f8:59:ac:35:98:
86:5e:a3:4c:b0:ed:4e:d6:67:e9:6d:c2:2b:38:0f:
b2:be:6c:0f:c7:65:2c:d3:7d:6d:af:af:7b:d8:19:
4f:11:e6:12:2c:a6:ca:20:6c:a9:c2:84:9b:60:c8:
33:8f:40:58:50:de:f4:a8:fc:21:23:6a:e3:03:01:
3d:99:ec:a0:ea:19:c6:56:f3:97:15:56:27:7d:7d:
2c:60:3e:b3:2b:7e:24:81:ef:79:79:28:54:79:83:
b3:3f:29:17:df:cb:cb:ab:f7:70:ab:35:54:dc:3b:
43:93:6c:c3:a6:81:74:61:9d:06:67:a9:69:92:f6:
17:6d:89:a5:8f:6c:dd:40:30:18:17:a8:7b:d9:e2:
90:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1B:18:E2:41:82:FE:88:63:80:54:73:4C:83:54:D7:DB:8C:78:CA:05
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/GxjiQYL-iGOAVHNMg1TX24x4ygU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0-140.150.8.255
140.150.10.0-140.150.12.255
140.150.14.0-140.150.16.255
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0-146.103.94.255
Signature Algorithm: sha256WithRSAEncryption
80:91:cd:92:de:4d:8e:da:bd:0c:ca:ec:1d:8e:11:a1:0e:ef:
d3:33:99:f6:b2:b1:99:0b:5b:3c:3a:44:8b:9d:4c:de:69:a9:
fc:70:00:20:a4:e6:9f:28:3e:27:20:34:46:fb:54:31:e2:49:
18:4b:d6:11:94:9c:c2:7a:b3:3d:ae:46:50:77:de:a0:78:bb:
5b:3d:65:e9:79:4e:d8:cb:26:e2:1a:ab:c6:a0:6a:11:e3:a3:
83:e4:40:10:01:e4:c0:f8:3d:65:77:15:78:b9:fd:27:99:bc:
b8:e6:f3:90:ae:b1:38:d5:7d:37:be:9f:bb:c5:4d:a8:ad:3d:
54:96:93:7e:44:ef:d8:6b:ad:88:ea:31:ef:98:21:e4:e4:94:
70:52:a2:a5:af:8f:b1:7c:3d:30:4e:05:51:a8:b4:a9:f0:9a:
28:3e:18:97:7a:65:47:2a:4b:cb:49:a0:79:94:03:bd:75:01:
d6:26:00:04:83:a3:2d:a6:5f:1d:63:50:d4:4e:66:b9:0a:81:
a7:b5:bf:1e:25:21:3b:e3:28:90:cc:65:80:ff:1a:d7:a0:12:
45:33:a0:9e:16:e4:75:a5:36:3a:ad:9b:7c:92:33:52:6e:18:
22:b2:1f:39:8d:7a:cf:a3:00:9c:1a:10:69:63:d8:df:46:60:
49:1e:69:80
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZjAVJBtW97B/uvi0jR5UC5mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwODE5MDMxNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxYjE4ZTI0MTgyZmU4ODYzODA1NDczNGM4MzU0ZDdkYjhjNzhjYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkjAxyJu8kjYRwWftrGf6bmMMsAL4
FZY6ioBtr5SmyoI04Hl9kOuccebED5UTyDlzaPwU7c1HEiA1NMhzvp4qEhiFeCG1
md4IKCqi4V1BWsx8gUUcf9Spv0uM/6mD7vSGTO6Nu0CXyyZj9Pqnw3fFPWt7+Fms
NZiGXqNMsO1O1mfpbcIrOA+yvmwPx2Us031tr6972BlPEeYSLKbKIGypwoSbYMgz
j0BYUN70qPwhI2rjAwE9meyg6hnGVvOXFVYnfX0sYD6zK34kge95eShUeYOzPykX
38vLq/dwqzVU3DtDk2zDpoF0YZ0GZ6lpkvYXbYmlj2zdQDAYF6h72eKQewIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFBsY4kGC/ohjgFRzTINU19uMeMoFMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvR3hqaVFZTC1pR09BVkhOTWcxVFgyNHg0eWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZzALAwMBjJYD
BACMlggwDAMEAYyWCgMEAIyWDDAMAwQBjJYOAwQAjJYQMAwDBAGMlhIDBACMliYw
DAMEA4yWKAMEAIyWLAMEAYyWLjAMAwQGkmdAAwQAkmdEMAwDBACSZ0cDBACSZ14w
DQYJKoZIhvcNAQELBQADggEBAICRzZLeTY7avQzK7B2OEaEO79MzmfaysZkLWzw6
RIudTN5pqfxwACCk5p8oPicgNEb7VDHiSRhL1hGUnMJ6sz2uRlB33qB4u1s9Zel5
TtjLJuIaq8agahHjo4PkQBAB5MD4PWV3FXi5/SeZvLjm85CusTjVfTe+n7vFTait
PVSWk35E79hrrYjqMe+YIeTklHBSoqWvj7F8PTBOBVGotKnwmig+GJd6ZUcqS8tJ
oHmUA711AdYmAASDoy2mXx1jUNROZrkKgae1vx4lITvjKJDMZYD/GtegEkUzoJ4W
5HWlNjqtm3ySM1JuGCKyHzmNes+jAJwaEGlj2N9GYEkeaYA=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:55:21 2025 by rpki-client