Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5d-MK0SFUKCa7OqDshoW83Eshuo.roa
File: 5d-MK0SFUKCa7OqDshoW83Eshuo.roa (raw, json)
Hash identifier: aey5uC54BClCdDEzkN3fyScGqIKvlanDv8iSdtaGwEg=
Subject key identifier: E5:DF:8C:2B:44:85:50:A0:9A:EC:EA:83:B2:1A:16:F3:71:2C:86:EA
Certificate issuer: /CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Certificate serial: 019971ACF2898D1FB1BA6D3BC75741209BD5
Authority key identifier: E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5d-MK0SFUKCa7OqDshoW83Eshuo.roa
Signing time: Mon 22 Sep 2025 13:46:23 +0000
ROA not before: Mon 22 Sep 2025 13:46:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201019
IP address blocks: 5.173.224.0/19 maxlen: 19
5.173.224.0/20 maxlen: 20
5.173.240.0/20 maxlen: 20
185.89.184.0/22 maxlen: 22
188.33.0.0/18 maxlen: 18
188.33.0.0/19 maxlen: 19
188.33.64.0/18 maxlen: 18
188.33.128.0/17 maxlen: 17
2a00:1982::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.mft
rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:71:ac:f2:89:8d:1f:b1:ba:6d:3b:c7:57:41:20:9b:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e61c07c951488f04cb3b0fd338af84d77e46bf52
Validity
Not Before: Sep 22 13:46:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5df8c2b448550a09aecea83b21a16f3712c86ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:c6:20:18:e6:8f:97:81:41:42:d2:b6:58:6c:
08:28:e6:28:85:dd:4a:a3:98:b1:9c:d1:35:cc:32:
d0:dd:df:f2:50:2a:ae:77:af:c2:2d:3f:2a:54:1e:
3d:79:2c:77:91:29:a6:01:07:80:56:12:f0:4d:d9:
2e:3a:53:97:58:cd:7d:73:77:83:12:49:52:7b:5a:
e9:83:88:72:42:14:f2:8f:18:59:90:a6:c3:7c:c9:
43:07:81:ee:48:35:5e:5a:47:89:df:f6:d9:5f:ba:
a6:94:13:b4:fd:fd:47:02:71:99:97:eb:a7:e5:22:
95:d5:f3:b5:f0:e7:12:05:58:75:13:45:90:52:26:
2c:1e:eb:2c:e2:87:50:b6:4d:1c:63:49:d5:82:28:
f3:b1:e3:ce:34:96:dd:95:8e:21:6e:be:14:0f:2b:
6d:c5:c5:08:f7:3a:b0:c6:07:46:0d:4c:30:4e:69:
55:a0:aa:d9:ec:03:d7:59:43:f1:4b:da:20:c2:d3:
81:ff:d6:b7:4c:75:93:b3:07:83:ed:19:31:8a:b4:
33:4e:ec:26:ba:bf:31:44:d6:f3:bf:f4:2b:6a:0d:
f3:f0:00:30:b4:ed:d4:58:7c:9e:82:30:22:98:5b:
9c:25:b5:46:f0:02:26:80:0a:39:66:27:d0:99:15:
ca:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:DF:8C:2B:44:85:50:A0:9A:EC:EA:83:B2:1A:16:F3:71:2C:86:EA
X509v3 Authority Key Identifier:
keyid:E6:1C:07:C9:51:48:8F:04:CB:3B:0F:D3:38:AF:84:D7:7E:46:BF:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5hwHyVFIjwTLOw_TOK-E135Gv1I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5d-MK0SFUKCa7OqDshoW83Eshuo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/2dba5c-9a90-4052-a1eb-6a8477cb6c2a/1/5hwHyVFIjwTLOw_TOK-E135Gv1I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.173.224.0/19
185.89.184.0/22
188.33.0.0/16
IPv6:
2a00:1982::/32
Signature Algorithm: sha256WithRSAEncryption
73:e4:7d:8f:fc:ec:d8:cc:8f:b3:7c:7c:a5:a7:ff:05:de:c6:
1d:9b:eb:d5:89:13:02:07:1e:39:85:f4:6f:de:28:42:77:64:
2c:f1:9e:9c:23:46:d8:bd:e1:3f:f7:7a:80:9a:38:7d:b9:61:
22:13:81:77:d9:19:44:d7:d1:86:25:5d:ca:67:1d:6a:c7:ca:
61:8f:3a:4e:f2:37:dc:4b:1d:78:b9:84:5a:22:b9:ef:70:fa:
9f:dc:5f:8b:f6:51:99:25:7e:d8:1b:72:60:44:67:e7:0c:52:
a9:a7:58:f4:9e:aa:03:b4:e8:e3:9e:12:fb:e9:9a:9c:8b:b6:
cf:c9:94:b7:a7:19:a6:4d:d1:ac:4b:eb:f3:8a:89:53:0e:27:
90:87:2d:7a:32:47:fd:62:74:f4:25:37:e3:8f:9c:9c:36:c7:
81:98:24:9f:45:fa:77:ea:0a:70:10:84:ae:18:a1:2d:41:6e:
62:1c:d2:10:8a:f4:f4:d9:80:3e:fd:c2:98:d7:8b:33:67:90:
dd:9a:bd:07:9c:0f:a3:4d:42:64:78:e0:c2:6c:e7:28:c8:b1:
91:c0:15:e9:9c:37:6b:0c:8d:ad:13:6a:c2:68:91:f4:18:21:
5f:64:20:f0:9d:e9:34:b8:86:be:3d:a6:7a:34:d7:11:bf:d1:
65:12:fc:dc
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZlxrPKJjR+xum07x1dBIJvVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MWMwN2M5NTE0ODhmMDRjYjNiMGZkMzM4YWY4NGQ3N2U0
NmJmNTIwHhcNMjUwOTIyMTM0NjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWRmOGMyYjQ0ODU1MGEwOWFlY2VhODNiMjFhMTZmMzcxMmM4NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5cYgGOaPl4FBQtK2WGwIKOYohd1K
o5ixnNE1zDLQ3d/yUCqud6/CLT8qVB49eSx3kSmmAQeAVhLwTdkuOlOXWM19c3eD
EklSe1rpg4hyQhTyjxhZkKbDfMlDB4HuSDVeWkeJ3/bZX7qmlBO0/f1HAnGZl+un
5SKV1fO18OcSBVh1E0WQUiYsHuss4odQtk0cY0nVgijzsePONJbdlY4hbr4UDytt
xcUI9zqwxgdGDUwwTmlVoKrZ7APXWUPxS9ogwtOB/9a3THWTsweD7RkxirQzTuwm
ur8xRNbzv/Qrag3z8AAwtO3UWHyegjAimFucJbVG8AImgAo5ZifQmRXKZQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFOXfjCtEhVCgmuzqg7IaFvNxLIbqMB8GA1UdIwQY
MBaAFOYcB8lRSI8EyzsP0zivhNd+Rr9SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWIt
NmE4NDc3Y2I2YzJhLzEvNWQtTUswU0ZVS0NhN09xRHNob1c4M0VzaHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy8yZGJhNWMtOWE5MC00MDUyLWExZWItNmE4NDc3Y2I2YzJh
LzEvNWh3SHlWRklqd1RMT3dfVE9LLUUxMzVHdjFJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAXBAIAATARAwQFBa3gAwQC
uVm4AwMAvCEwDQQCAAIwBwMFACoAGYIwDQYJKoZIhvcNAQELBQADggEBAHPkfY/8
7NjMj7N8fKWn/wXexh2b69WJEwIHHjmF9G/eKEJ3ZCzxnpwjRti94T/3eoCaOH25
YSITgXfZGUTX0YYlXcpnHWrHymGPOk7yN9xLHXi5hFoiue9w+p/cX4v2UZklftgb
cmBEZ+cMUqmnWPSeqgO06OOeEvvpmpyLts/JlLenGaZN0axL6/OKiVMOJ5CHLXoy
R/1idPQlN+OPnJw2x4GYJJ9F+nfqCnAQhK4YoS1BbmIc0hCK9PTZgD79wpjXizNn
kN2avQecD6NNQmR44MJs5yjIsZHAFemcN2sMja0TasJokfQYIV9kIPCd6TS4hr49
pno01xG/0WUS/Nw=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:50:35 2025 by rpki-client