Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/Nx9kTkaHQ0iwNwkXngRt-k1HWOU.roa
File: Nx9kTkaHQ0iwNwkXngRt-k1HWOU.roa (raw, json)
Hash identifier: pOVBPKl9ofShR8LgVcsGajQVqEVeBnSw/u7hLhRIRNg=
Subject key identifier: 37:1F:64:4E:46:87:43:48:B0:37:09:17:9E:04:6D:FA:4D:47:58:E5
Certificate issuer: /CN=966b05c661c76a5bcc48da838eedb6973f153b86
Certificate serial: 0198ADD5C16BA9FB0C51F4605228A278CD3A
Authority key identifier: 96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/Nx9kTkaHQ0iwNwkXngRt-k1HWOU.roa
Signing time: Fri 15 Aug 2025 13:05:23 +0000
ROA not before: Fri 15 Aug 2025 13:05:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206316
IP address blocks: 5.183.97.0/24 maxlen: 24
5.183.98.0/24 maxlen: 24
5.183.99.0/24 maxlen: 24
185.219.128.0/22 maxlen: 22
185.219.128.0/24 maxlen: 24
185.219.129.0/24 maxlen: 24
185.219.130.0/24 maxlen: 24
185.219.131.0/24 maxlen: 24
2a0b:e640::/29 maxlen: 29
2a0e:bc00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ad:d5:c1:6b:a9:fb:0c:51:f4:60:52:28:a2:78:cd:3a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=966b05c661c76a5bcc48da838eedb6973f153b86
Validity
Not Before: Aug 15 13:05:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=371f644e46874348b03709179e046dfa4d4758e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:1e:be:b0:73:ea:7c:20:c9:82:ff:7e:f4:93:
e7:20:a8:e7:61:63:6a:9a:4c:a2:ab:be:cb:c3:e7:
15:bb:82:da:41:ef:f1:60:ac:f6:d8:52:b2:74:9b:
c8:a1:ea:51:fa:8d:1d:70:d3:c8:9a:63:45:5a:9c:
94:9f:fc:01:7d:46:e4:17:03:fd:1e:18:64:93:5d:
ed:2b:e5:e8:79:98:68:bb:59:2d:5a:92:32:c3:15:
29:b7:0b:1b:20:3d:08:fc:da:39:30:d7:89:44:77:
d3:c4:a3:85:b0:df:c0:9c:5b:b0:b2:86:d1:cc:6c:
5c:f9:ec:95:13:37:ea:6f:dd:15:8b:86:3a:aa:70:
2b:84:79:f7:d2:aa:16:c5:96:6d:98:48:c9:2d:52:
d2:b4:fb:6c:2c:39:8a:df:0b:c9:b1:4c:61:b0:fb:
76:f1:9e:78:d0:90:68:40:22:8a:a0:13:39:43:47:
b8:b1:b9:8a:67:09:56:f4:11:39:ac:55:8b:23:e0:
02:82:4e:6b:6d:4e:95:3a:2d:14:b3:9a:30:52:bf:
86:2c:39:f8:7a:b4:b7:da:91:c8:47:06:93:32:f0:
3f:19:e3:64:dd:ba:53:b0:dc:35:4d:a2:9d:1e:5b:
2f:96:cc:b7:b1:20:c6:37:5b:7a:89:f4:6e:9c:5e:
6f:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:1F:64:4E:46:87:43:48:B0:37:09:17:9E:04:6D:FA:4D:47:58:E5
X509v3 Authority Key Identifier:
keyid:96:6B:05:C6:61:C7:6A:5B:CC:48:DA:83:8E:ED:B6:97:3F:15:3B:86
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lmsFxmHHalvMSNqDju22lz8VO4Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/Nx9kTkaHQ0iwNwkXngRt-k1HWOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6891df-971e-4e60-8cbc-e3c2f32cf3b7/1/lmsFxmHHalvMSNqDju22lz8VO4Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.97.0-5.183.99.255
185.219.128.0/22
IPv6:
2a0b:e640::/29
2a0e:bc00::/29
Signature Algorithm: sha256WithRSAEncryption
3c:25:9e:52:a4:42:8a:ee:4b:3f:53:a8:87:30:8e:92:a3:0a:
b0:be:39:97:d4:ad:af:9f:f2:c8:10:85:3f:84:a8:5d:c8:db:
b7:35:76:8b:f5:a0:19:b6:0d:8a:eb:fa:ae:66:12:45:57:82:
1c:50:c7:6d:5d:d3:8a:eb:e3:1d:47:a9:67:e4:25:c7:56:fa:
82:a3:ff:04:d3:66:79:30:51:40:a5:14:b5:69:10:ee:5f:07:
b6:c3:0b:02:0b:14:ff:b8:34:0b:02:da:ef:80:92:e2:89:a7:
e3:0b:4d:b6:48:28:73:4b:a8:4e:10:85:fe:1a:39:c8:48:e1:
8f:4f:1d:53:49:47:79:1e:13:19:7a:01:88:ba:a8:17:00:ef:
9d:6d:8a:11:69:b9:c2:5e:24:ad:10:83:f4:db:8f:86:27:84:
f6:d7:2c:74:c3:36:30:08:99:a4:e1:3a:22:8f:2e:bc:42:39:
52:78:40:60:e9:ff:5c:6a:e1:2c:d8:87:58:b0:98:70:b2:48:
db:07:1b:2d:14:21:5e:70:4a:c2:dd:91:88:ed:38:75:e1:34:
8f:19:df:91:1a:03:5a:8f:b2:e8:14:8a:2a:99:80:70:9c:9a:
ea:9c:16:98:57:f0:d1:ae:19:25:38:da:c6:33:8f:3e:d6:47:
4a:63:0f:d4
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZit1cFrqfsMUfRgUiiieM06MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2NmIwNWM2NjFjNzZhNWJjYzQ4ZGE4MzhlZWRiNjk3M2Yx
NTNiODYwHhcNMjUwODE1MTMwNTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzFmNjQ0ZTQ2ODc0MzQ4YjAzNzA5MTc5ZTA0NmRmYTRkNDc1OGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtB6+sHPqfCDJgv9+9JPnIKjnYWNq
mkyiq77Lw+cVu4LaQe/xYKz22FKydJvIoepR+o0dcNPImmNFWpyUn/wBfUbkFwP9
Hhhkk13tK+XoeZhou1ktWpIywxUptwsbID0I/No5MNeJRHfTxKOFsN/AnFuwsobR
zGxc+eyVEzfqb90Vi4Y6qnArhHn30qoWxZZtmEjJLVLStPtsLDmK3wvJsUxhsPt2
8Z540JBoQCKKoBM5Q0e4sbmKZwlW9BE5rFWLI+ACgk5rbU6VOi0Us5owUr+GLDn4
erS32pHIRwaTMvA/GeNk3bpTsNw1TaKdHlsvlsy3sSDGN1t6ifRunF5vrwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFDcfZE5Gh0NIsDcJF54EbfpNR1jlMB8GA1UdIwQY
MBaAFJZrBcZhx2pbzEjag47ttpc/FTuGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMt
ZTNjMmYzMmNmM2I3LzEvTng5a1RrYUhRMGl3TndrWG5nUnQtazFIV09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ODkxZGYtOTcxZS00ZTYwLThjYmMtZTNjMmYzMmNmM2I3
LzEvbG1zRnhtSEhhbHZNU05xRGp1MjJsejhWTzRZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAaBAIAATAUMAwDBAAFt2ED
BAIFt2ADBAK524AwFAQCAAIwDgMFAyoL5kADBQMqDrwAMA0GCSqGSIb3DQEBCwUA
A4IBAQA8JZ5SpEKK7ks/U6iHMI6SowqwvjmX1K2vn/LIEIU/hKhdyNu3NXaL9aAZ
tg2K6/quZhJFV4IcUMdtXdOK6+MdR6ln5CXHVvqCo/8E02Z5MFFApRS1aRDuXwe2
wwsCCxT/uDQLAtrvgJLiiafjC022SChzS6hOEIX+GjnISOGPTx1TSUd5HhMZegGI
uqgXAO+dbYoRabnCXiStEIP024+GJ4T21yx0wzYwCJmk4Toijy68QjlSeEBg6f9c
auEs2IdYsJhwskjbBxstFCFecErC3ZGI7Th14TSPGd+RGgNaj7LoFIoqmYBwnJrq
nBaYV/DRrhklONrGM48+1kdKYw/U
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:46:51 2025 by rpki-client