Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/kfDh3hy2QTOpTQ69Ddi9BORW86w.roa
File: kfDh3hy2QTOpTQ69Ddi9BORW86w.roa (raw, json)
Hash identifier: 2EpvnyfhBP51x4DqrBYsDQsSYTzeAsPDkCdWUDywoxs=
Subject key identifier: 91:F0:E1:DE:1C:B6:41:33:A9:4D:0E:BD:0D:D8:BD:04:E4:56:F3:AC
Certificate issuer: /CN=5fbe65ae23f207fa695255f55a907ac1608be094
Certificate serial: 0198BCCA31463465AEB1A9A13AF7D57C37B1
Authority key identifier: 5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/kfDh3hy2QTOpTQ69Ddi9BORW86w.roa
Signing time: Mon 18 Aug 2025 10:47:04 +0000
ROA not before: Mon 18 Aug 2025 10:47:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211183
IP address blocks: 5.35.124.0/24 maxlen: 24
5.35.125.0/24 maxlen: 24
5.35.126.0/24 maxlen: 24
5.35.127.0/24 maxlen: 24
5.253.62.0/24 maxlen: 24
37.140.241.0/24 maxlen: 24
45.128.204.0/24 maxlen: 24
79.133.181.0/24 maxlen: 24
79.133.182.0/24 maxlen: 24
79.133.183.0/24 maxlen: 24
89.191.225.0/24 maxlen: 24
91.200.84.0/24 maxlen: 24
94.154.11.0/24 maxlen: 24
185.198.152.0/24 maxlen: 24
185.239.50.0/24 maxlen: 24
185.239.51.0/24 maxlen: 24
185.240.103.0/24 maxlen: 24
185.244.51.0/24 maxlen: 24
185.250.44.0/24 maxlen: 24
185.250.46.0/24 maxlen: 24
185.250.47.0/24 maxlen: 24
193.187.96.0/24 maxlen: 24
194.5.78.0/24 maxlen: 24
194.5.79.0/24 maxlen: 24
195.93.252.0/24 maxlen: 24
217.171.146.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:ca:31:46:34:65:ae:b1:a9:a1:3a:f7:d5:7c:37:b1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5fbe65ae23f207fa695255f55a907ac1608be094
Validity
Not Before: Aug 18 10:47:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91f0e1de1cb64133a94d0ebd0dd8bd04e456f3ac
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:b0:ca:55:15:0f:e9:2e:25:0f:a7:53:d2:7c:
f4:cd:41:e8:7c:94:fc:4b:ad:2f:49:62:38:f9:0a:
ef:cc:45:02:46:89:81:11:fd:60:dd:2a:e4:bf:2b:
d1:18:47:26:01:90:01:8b:5d:41:a2:15:5b:05:24:
5e:c1:5e:0b:8b:c1:d5:4a:0c:e0:cf:4a:ff:9e:8b:
18:b2:54:df:77:9c:cf:92:8c:14:31:1f:83:50:ea:
9f:a1:38:69:93:8e:dc:21:48:85:d6:2f:38:65:ab:
c2:af:fa:5c:a3:d1:26:d3:33:6f:e1:13:ee:44:c3:
b1:52:c8:9b:27:3f:cb:cc:ec:7a:b0:c8:f7:ae:b1:
20:7f:7a:89:a1:5b:98:99:2b:f0:fd:8f:01:70:12:
d4:7f:30:97:d2:ab:a3:bd:e1:00:eb:21:33:ff:b8:
75:d5:e1:61:f6:91:b9:b5:0e:e9:7a:32:5c:6c:b3:
97:ee:56:4a:2f:d4:1f:99:0b:ab:14:a1:03:e8:2b:
c1:b5:1b:b8:c9:31:0f:e3:8a:94:53:25:7f:07:45:
f2:20:b6:19:e3:2a:a0:32:89:91:f8:2f:a3:72:a2:
72:be:6c:39:2d:45:25:8b:0f:0b:75:18:2a:26:6b:
56:01:93:99:1f:0c:10:66:ed:4b:43:c8:1d:7b:de:
fc:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:F0:E1:DE:1C:B6:41:33:A9:4D:0E:BD:0D:D8:BD:04:E4:56:F3:AC
X509v3 Authority Key Identifier:
keyid:5F:BE:65:AE:23:F2:07:FA:69:52:55:F5:5A:90:7A:C1:60:8B:E0:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/X75lriPyB_ppUlX1WpB6wWCL4JQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/kfDh3hy2QTOpTQ69Ddi9BORW86w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/f4319f-3dfb-42ea-ba95-492ab372689d/1/X75lriPyB_ppUlX1WpB6wWCL4JQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.124.0/22
5.253.62.0/24
37.140.241.0/24
45.128.204.0/24
79.133.181.0-79.133.183.255
89.191.225.0/24
91.200.84.0/24
94.154.11.0/24
185.198.152.0/24
185.239.50.0/23
185.240.103.0/24
185.244.51.0/24
185.250.44.0/24
185.250.46.0/23
193.187.96.0/24
194.5.78.0/23
195.93.252.0/24
217.171.146.0/24
Signature Algorithm: sha256WithRSAEncryption
99:0b:55:ea:7e:02:4b:26:04:73:02:31:8a:7e:07:0c:7b:f5:
59:bd:32:00:47:b7:11:4f:98:79:0e:59:59:bb:53:43:09:4a:
e6:e9:0a:50:10:9b:e7:56:b7:15:ec:f2:7c:01:5a:e0:64:08:
96:9d:1f:12:84:55:3e:50:1d:38:f5:82:bb:f0:db:fb:3f:ac:
fd:aa:9f:bd:81:76:76:91:01:e6:b6:5c:ca:89:47:12:78:0c:
30:89:0e:ad:18:0c:f2:4a:2f:7f:4d:73:5c:6f:e2:20:9c:7f:
e9:ce:a8:bc:ea:54:66:27:cb:ca:97:d8:50:e6:80:84:bf:ac:
0e:00:98:99:e7:d0:b7:b4:94:48:2d:a3:09:ea:e5:66:09:f4:
c1:39:38:a8:89:72:4e:6b:61:82:0a:b3:3a:ec:63:1c:77:8b:
19:60:71:51:46:81:4c:e8:90:a8:00:27:6c:b1:ea:6a:ef:5f:
a8:e3:73:3c:b2:e8:9b:5f:5f:f7:99:c2:23:f4:44:0d:1f:4a:
ce:52:79:24:c9:d1:2a:9b:5d:d9:fd:1b:cb:38:3a:75:9c:6e:
45:25:7c:4a:36:a0:ce:d6:40:2c:5d:98:3f:f3:cc:bc:9f:27:
47:27:e1:35:fa:c2:f0:e2:1e:f5:eb:e5:e7:34:32:16:5a:bc:
48:7f:12:3c
-----BEGIN CERTIFICATE-----
MIIFbDCCBFSgAwIBAgISAZi8yjFGNGWusamhOvfVfDexMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVmYmU2NWFlMjNmMjA3ZmE2OTUyNTVmNTVhOTA3YWMxNjA4
YmUwOTQwHhcNMjUwODE4MTA0NzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWYwZTFkZTFjYjY0MTMzYTk0ZDBlYmQwZGQ4YmQwNGU0NTZmM2FjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtLDKVRUP6S4lD6dT0nz0zUHofJT8
S60vSWI4+QrvzEUCRomBEf1g3SrkvyvRGEcmAZABi11BohVbBSRewV4Li8HVSgzg
z0r/nosYslTfd5zPkowUMR+DUOqfoThpk47cIUiF1i84ZavCr/pco9Em0zNv4RPu
RMOxUsibJz/LzOx6sMj3rrEgf3qJoVuYmSvw/Y8BcBLUfzCX0qujveEA6yEz/7h1
1eFh9pG5tQ7pejJcbLOX7lZKL9QfmQurFKED6CvBtRu4yTEP44qUUyV/B0XyILYZ
4yqgMomR+C+jcqJyvmw5LUUliw8LdRgqJmtWAZOZHwwQZu1LQ8gde978wQIDAQAB
o4ICeDCCAnQwHQYDVR0OBBYEFJHw4d4ctkEzqU0OvQ3YvQTkVvOsMB8GA1UdIwQY
MBaAFF++Za4j8gf6aVJV9VqQesFgi+CUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUt
NDkyYWIzNzI2ODlkLzEva2ZEaDNoeTJRVE9wVFE2OURkaTlCT1JXODZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9mNDMxOWYtM2RmYi00MmVhLWJhOTUtNDkyYWIzNzI2ODlk
LzEvWDc1bHJpUHlCX3BwVWxYMVdwQjZ3V0NMNEpRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGNBggrBgEFBQcBBwEB/wR+MHwwegQCAAEwdAMEAgUjfAME
AAX9PgMEACWM8QMEAC2AzDAMAwQAT4W1AwQDT4WwAwQAWb/hAwQAW8hUAwQAXpoL
AwQAucaYAwQBue8yAwQAufBnAwQAufQzAwQAufosAwQBufouAwQAwbtgAwQBwgVO
AwQAw138AwQA2auSMA0GCSqGSIb3DQEBCwUAA4IBAQCZC1XqfgJLJgRzAjGKfgcM
e/VZvTIAR7cRT5h5DllZu1NDCUrm6QpQEJvnVrcV7PJ8AVrgZAiWnR8ShFU+UB04
9YK78Nv7P6z9qp+9gXZ2kQHmtlzKiUcSeAwwiQ6tGAzySi9/TXNcb+IgnH/pzqi8
6lRmJ8vKl9hQ5oCEv6wOAJiZ59C3tJRILaMJ6uVmCfTBOTioiXJOa2GCCrM67GMc
d4sZYHFRRoFM6JCoACdssepq71+o43M8suibX1/3mcIj9EQNH0rOUnkkydEqm13Z
/RvLODp1nG5FJXxKNqDO1kAsXZg/88y8nydHJ+E1+sLw4h716+XnNDIWWrxIfxI8
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:56:28 2025 by rpki-client