Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/AKM5h6Ix-3LMoRtdGUA19KyVLio.roa
File: AKM5h6Ix-3LMoRtdGUA19KyVLio.roa (raw, json)
Hash identifier: P77lNcJ0zrzNLtgfjbd4pt0XLBw/55/N1ocxrR5mz8k=
Subject key identifier: 00:A3:39:87:A2:31:FB:72:CC:A1:1B:5D:19:40:35:F4:AC:95:2E:2A
Certificate issuer: /CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Certificate serial: 01978790314F430F5FF91DCFF58FDA347729
Authority key identifier: C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/AKM5h6Ix-3LMoRtdGUA19KyVLio.roa
Signing time: Thu 19 Jun 2025 09:41:03 +0000
ROA not before: Thu 19 Jun 2025 09:41:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214790
IP address blocks: 5.181.201.0/24 maxlen: 24
5.181.202.0/24 maxlen: 24
45.12.28.0/24 maxlen: 24
45.85.117.0/24 maxlen: 24
45.155.120.0/24 maxlen: 24
45.155.121.0/24 maxlen: 24
45.158.81.0/24 maxlen: 24
89.22.192.0/23 maxlen: 24
185.36.140.0/23 maxlen: 24
185.36.142.0/23 maxlen: 24
185.225.205.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.mft
rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:87:90:31:4f:43:0f:5f:f9:1d:cf:f5:8f:da:34:77:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66d9d50b3b89d51c8aa2493e7ef4701d6251dad
Validity
Not Before: Jun 19 09:41:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=00a33987a231fb72cca11b5d194035f4ac952e2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:07:e7:38:7a:59:25:a3:31:f8:fe:1f:13:27:
cd:4a:c9:31:fb:28:db:7d:96:72:ee:6d:c2:63:30:
79:22:c2:b3:22:99:43:94:19:6f:a2:e1:2e:4b:84:
56:5b:f9:c9:3c:0e:72:c9:c6:35:77:a6:eb:fd:63:
14:f9:18:9e:f8:cd:35:20:fb:c9:fe:17:7d:36:a0:
19:77:84:81:ca:df:e7:a2:24:f5:1c:09:47:f2:2d:
99:0e:4f:2b:2b:0e:92:28:f1:c4:a3:79:4b:e2:e9:
f8:d4:77:da:5b:f2:88:e4:1a:2d:96:ae:0d:71:e4:
eb:24:ef:5e:5b:60:5a:88:da:25:5c:7b:b0:95:77:
45:c5:53:fa:66:f2:e4:8d:64:b5:01:b6:38:be:5c:
56:a9:84:dc:81:88:0a:d3:a2:bf:f8:ec:36:7d:87:
ef:ee:f8:85:e9:63:6e:21:05:cc:dd:bf:cd:9f:b4:
fd:09:e0:58:26:f6:77:14:5a:63:f6:e4:08:d7:a8:
4a:a2:ca:53:e4:a7:32:e1:16:73:ba:5b:7e:8a:1a:
79:fd:3c:04:96:dd:0d:8e:74:ea:98:ad:cc:e4:af:
30:ac:64:20:06:95:7f:72:76:15:8d:b0:c7:0c:05:
63:79:51:8d:55:1f:7c:5b:a5:2a:67:9b:7b:13:d4:
f2:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
00:A3:39:87:A2:31:FB:72:CC:A1:1B:5D:19:40:35:F4:AC:95:2E:2A
X509v3 Authority Key Identifier:
keyid:C6:6D:9D:50:B3:B8:9D:51:C8:AA:24:93:E7:EF:47:01:D6:25:1D:AD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xm2dULO4nVHIqiST5-9HAdYlHa0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/AKM5h6Ix-3LMoRtdGUA19KyVLio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/4bb74b-8d6d-4514-a39c-b7c578b74e35/1/xm2dULO4nVHIqiST5-9HAdYlHa0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.201.0-5.181.202.255
45.12.28.0/24
45.85.117.0/24
45.155.120.0/23
45.158.81.0/24
89.22.192.0/23
185.36.140.0/22
185.225.205.0/24
Signature Algorithm: sha256WithRSAEncryption
79:a2:ae:95:7f:16:13:14:3b:4f:a5:26:6a:ff:63:e3:93:f3:
1c:bd:54:e7:e6:15:08:fa:cb:4d:e5:e0:55:51:e1:a8:08:1b:
aa:79:de:a8:d2:38:23:9b:e7:f4:0f:e2:c6:b4:b0:87:c5:a3:
42:57:50:2c:4e:ea:59:b5:c0:46:b0:d1:0a:54:97:14:01:a8:
10:63:e4:0d:b7:71:83:18:cb:e6:3f:bf:b1:96:81:a5:ac:ca:
df:91:7e:22:b9:c0:b3:c1:c0:d4:96:6f:d0:b7:5d:81:3d:15:
cd:60:34:76:3e:d7:6f:7b:c8:a1:a5:dc:73:42:52:cc:3f:c2:
61:a5:ec:76:2b:4d:d7:d2:00:e8:2a:87:1b:1c:61:ce:55:9a:
15:be:03:07:e6:e0:46:a8:c3:9d:cf:c3:9c:a3:5c:fd:a0:92:
ec:76:48:13:58:3b:53:b8:cb:88:30:35:21:3f:4a:81:98:7f:
c7:87:5d:e1:eb:59:7c:dc:e1:7e:f0:36:76:a9:86:28:08:5e:
b3:ce:97:03:05:61:5f:1e:b2:7c:96:b9:c3:d3:c1:eb:d8:09:
61:43:aa:12:25:37:f0:32:e2:34:54:eb:43:ba:e5:5d:5c:73:
c6:1e:86:24:cb:cd:5b:dd:d2:39:4a:7d:a2:3c:6e:ee:cb:a7:
55:6b:53:6a
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZeHkDFPQw9f+R3P9Y/aNHcpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NmQ5ZDUwYjNiODlkNTFjOGFhMjQ5M2U3ZWY0NzAxZDYy
NTFkYWQwHhcNMjUwNjE5MDk0MTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMGEzMzk4N2EyMzFmYjcyY2NhMTFiNWQxOTQwMzVmNGFjOTUyZTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQfnOHpZJaMx+P4fEyfNSskx+yjb
fZZy7m3CYzB5IsKzIplDlBlvouEuS4RWW/nJPA5yycY1d6br/WMU+Rie+M01IPvJ
/hd9NqAZd4SByt/noiT1HAlH8i2ZDk8rKw6SKPHEo3lL4un41HfaW/KI5Botlq4N
ceTrJO9eW2BaiNolXHuwlXdFxVP6ZvLkjWS1AbY4vlxWqYTcgYgK06K/+Ow2fYfv
7viF6WNuIQXM3b/Nn7T9CeBYJvZ3FFpj9uQI16hKospT5Kcy4RZzult+ihp5/TwE
lt0NjnTqmK3M5K8wrGQgBpV/cnYVjbDHDAVjeVGNVR98W6UqZ5t7E9Ty8QIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFACjOYeiMftyzKEbXRlANfSslS4qMB8GA1UdIwQY
MBaAFMZtnVCzuJ1RyKokk+fvRwHWJR2tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMt
YjdjNTc4Yjc0ZTM1LzEvQUtNNWg2SXgtM0xNb1J0ZEdVQTE5S3lWTGlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS80YmI3NGItOGQ2ZC00NTE0LWEzOWMtYjdjNTc4Yjc0ZTM1
LzEveG0yZFVMTzRuVkhJcWlTVDUtOUhBZFlsSGEwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4MAwDBAAFtckD
BAAFtcoDBAAtDBwDBAAtVXUDBAEtm3gDBAAtnlEDBAFZFsADBAK5JIwDBAC54c0w
DQYJKoZIhvcNAQELBQADggEBAHmirpV/FhMUO0+lJmr/Y+OT8xy9VOfmFQj6y03l
4FVR4agIG6p53qjSOCOb5/QP4sa0sIfFo0JXUCxO6lm1wEaw0QpUlxQBqBBj5A23
cYMYy+Y/v7GWgaWsyt+RfiK5wLPBwNSWb9C3XYE9Fc1gNHY+1297yKGl3HNCUsw/
wmGl7HYrTdfSAOgqhxscYc5VmhW+Awfm4Eaow53Pw5yjXP2gkux2SBNYO1O4y4gw
NSE/SoGYf8eHXeHrWXzc4X7wNnaphigIXrPOlwMFYV8esnyWucPTwevYCWFDqhIl
N/Ay4jRU60O65V1cc8YehiTLzVvd0jlKfaI8bu7Lp1VrU2o=
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:47:34 2025 by rpki-client