Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/m5c36cD4HEnvnKSFkdVs5FAdwfY.roa
File: m5c36cD4HEnvnKSFkdVs5FAdwfY.roa (raw, json)
Hash identifier: zDDIqdWDgnB3uWdjXBi6MQIDiaHOTeoGWkwt3yBBNJ4=
Subject key identifier: 9B:97:37:E9:C0:F8:1C:49:EF:9C:A4:85:91:D5:6C:E4:50:1D:C1:F6
Certificate issuer: /CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
Certificate serial: 0199B81A141783FB7F6A9D0FB0328F09C115
Authority key identifier: 71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/m5c36cD4HEnvnKSFkdVs5FAdwfY.roa
Signing time: Mon 06 Oct 2025 05:59:00 +0000
ROA not before: Mon 06 Oct 2025 05:59:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212616
IP address blocks: 91.230.48.0/24 maxlen: 24
93.175.32.0/19 maxlen: 24
93.175.32.0/24 maxlen: 24
93.175.33.0/24 maxlen: 24
93.175.40.0/24 maxlen: 24
93.175.41.0/24 maxlen: 24
93.175.42.0/24 maxlen: 24
93.175.45.0/24 maxlen: 24
93.175.47.0/24 maxlen: 24
93.175.50.0/24 maxlen: 24
93.175.57.0/24 maxlen: 24
93.175.58.0/24 maxlen: 24
93.175.59.0/24 maxlen: 24
93.175.60.0/24 maxlen: 24
176.97.214.0/24 maxlen: 24
2a0e:5b00::/29 maxlen: 48
2a0e:5b00::/48 maxlen: 48
2a0e:5b00:3::/48 maxlen: 48
2a0e:5b00:100::/48 maxlen: 48
2a0e:5b00:403::/48 maxlen: 48
2a0e:5b00:406::/48 maxlen: 48
2a0e:5b00:409::/48 maxlen: 48
2a0e:5b00:40f::/48 maxlen: 48
2a0e:5b00:411::/48 maxlen: 48
2a0e:5b00:412::/48 maxlen: 48
2a0e:5b00:413::/48 maxlen: 48
2a0e:5b00:415::/48 maxlen: 48
2a0e:5b00:418::/48 maxlen: 48
2a0e:5b00:419::/48 maxlen: 48
2a0e:5b00:41b::/48 maxlen: 48
2a0e:5b00:41d::/48 maxlen: 48
2a0e:5b00:41e::/48 maxlen: 48
2a0e:5b00:41f::/48 maxlen: 48
2a0e:5b00:420::/48 maxlen: 48
2a0e:5b00:500::/48 maxlen: 48
2a0e:5b00:a00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl
rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.mft
rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 18:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:1a:14:17:83:fb:7f:6a:9d:0f:b0:32:8f:09:c1:15
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=712f2269d15633bdbc71d8cd3f458cbd03fe031f
Validity
Not Before: Oct 6 05:59:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b9737e9c0f81c49ef9ca48591d56ce4501dc1f6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:fd:45:05:6b:40:e7:ed:79:67:13:04:c0:f7:
3d:5a:4e:16:ff:e0:00:7d:d1:ba:96:03:73:d1:07:
a7:12:14:c3:d8:1a:ae:69:2c:7c:ef:a7:4a:fc:f1:
d5:92:bc:07:26:13:d8:df:b5:77:e6:de:2c:8e:b4:
09:36:39:b4:0a:30:a5:3c:f4:02:02:7a:3f:a4:5a:
9d:7b:42:d2:1f:d5:b3:5b:ff:be:5a:19:79:6d:05:
a7:fe:40:ac:e3:6a:85:5b:17:04:86:39:24:80:99:
af:a5:a7:41:2d:f9:b3:9c:81:9f:17:0c:07:9f:92:
c5:f7:e4:42:e5:e9:b0:06:db:60:ee:ec:90:cb:ea:
61:bf:9b:27:c4:d3:c7:9d:0d:94:4d:ff:22:5f:c4:
bb:25:2a:b8:67:a0:5f:9e:84:3c:1e:85:62:1e:a0:
f0:1d:8d:04:52:4c:e8:b9:92:3f:2b:fd:11:9f:7f:
79:df:44:a1:d7:9e:4b:c0:8d:73:cd:8d:98:1f:0d:
48:f9:23:11:3f:c4:c4:67:7e:30:c4:56:d8:25:2d:
fa:77:11:59:7a:d0:46:67:25:fe:21:f1:c9:43:64:
a5:3a:39:16:23:ba:b0:fd:4a:9c:2f:fe:09:31:f0:
4a:16:1b:70:c3:b0:e4:ad:d0:2a:e8:20:1a:75:fa:
7b:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:97:37:E9:C0:F8:1C:49:EF:9C:A4:85:91:D5:6C:E4:50:1D:C1:F6
X509v3 Authority Key Identifier:
keyid:71:2F:22:69:D1:56:33:BD:BC:71:D8:CD:3F:45:8C:BD:03:FE:03:1F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cS8iadFWM728cdjNP0WMvQP-Ax8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/m5c36cD4HEnvnKSFkdVs5FAdwfY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c4/e6373c-53cd-4fd5-a435-d18bab9515bf/1/cS8iadFWM728cdjNP0WMvQP-Ax8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.230.48.0/24
93.175.32.0/19
176.97.214.0/24
IPv6:
2a0e:5b00::/29
Signature Algorithm: sha256WithRSAEncryption
03:4c:d2:07:17:70:33:f5:84:89:65:e0:7b:34:fe:9d:ee:43:
5a:57:c1:43:17:7c:4a:58:64:6c:a9:09:58:e1:7b:94:6b:de:
2c:8a:d9:15:6e:6b:07:bd:0d:5d:f7:62:25:e5:d7:6d:6e:88:
be:e2:f7:fd:5e:13:d0:81:14:9a:b3:54:bc:eb:64:4f:c3:e6:
10:d7:96:bc:b0:ac:eb:a3:df:eb:82:4a:4c:b0:12:5f:ac:21:
a6:00:17:f1:66:f0:c5:64:d1:ad:2f:4c:9b:b2:5f:88:59:1d:
32:19:00:f3:95:10:84:ef:77:6e:24:02:31:36:3d:9d:20:7e:
a7:93:38:25:83:71:5d:72:0c:d6:2c:e1:34:d2:d7:11:bc:e9:
88:96:98:fc:26:57:24:56:2c:47:a3:91:ce:d0:37:9f:d3:24:
f5:00:bb:c5:93:ef:ce:47:4b:67:e3:f1:40:71:ab:92:c2:b7:
64:7d:35:d8:c7:66:a6:fc:2e:a4:a1:46:60:d7:05:93:2b:fe:
99:9c:bb:6d:67:cf:4e:96:fb:b0:36:db:af:9d:23:9d:ca:48:
57:3c:51:5f:6e:c1:f8:28:29:9f:fb:fe:4c:cf:0f:ed:d2:cc:
69:8f:6a:e5:71:94:66:2f:30:67:2e:f4:21:5a:d8:fe:dc:f3:
78:03:64:ad
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZm4GhQXg/t/ap0PsDKPCcEVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcxMmYyMjY5ZDE1NjMzYmRiYzcxZDhjZDNmNDU4Y2JkMDNm
ZTAzMWYwHhcNMjUxMDA2MDU1OTAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Yjk3MzdlOWMwZjgxYzQ5ZWY5Y2E0ODU5MWQ1NmNlNDUwMWRjMWY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApf1FBWtA5+15ZxMEwPc9Wk4W/+AA
fdG6lgNz0QenEhTD2BquaSx876dK/PHVkrwHJhPY37V35t4sjrQJNjm0CjClPPQC
Ano/pFqde0LSH9WzW/++Whl5bQWn/kCs42qFWxcEhjkkgJmvpadBLfmznIGfFwwH
n5LF9+RC5emwBttg7uyQy+phv5snxNPHnQ2UTf8iX8S7JSq4Z6BfnoQ8HoViHqDw
HY0EUkzouZI/K/0Rn39530Sh155LwI1zzY2YHw1I+SMRP8TEZ34wxFbYJS36dxFZ
etBGZyX+IfHJQ2SlOjkWI7qw/UqcL/4JMfBKFhtww7DkrdAq6CAadfp7nwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFJuXN+nA+BxJ75ykhZHVbORQHcH2MB8GA1UdIwQY
MBaAFHEvImnRVjO9vHHYzT9FjL0D/gMfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUt
ZDE4YmFiOTUxNWJmLzEvbTVjMzZjRDRIRW52bktTRmtkVnM1RkFkd2ZZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNC9lNjM3M2MtNTNjZC00ZmQ1LWE0MzUtZDE4YmFiOTUxNWJm
LzEvY1M4aWFkRldNNzI4Y2RqTlAwV012UVAtQXg4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQAW+YwAwQF
Xa8gAwQAsGHWMA0EAgACMAcDBQMqDlsAMA0GCSqGSIb3DQEBCwUAA4IBAQADTNIH
F3Az9YSJZeB7NP6d7kNaV8FDF3xKWGRsqQlY4XuUa94sitkVbmsHvQ1d92Il5ddt
boi+4vf9XhPQgRSas1S862RPw+YQ15a8sKzro9/rgkpMsBJfrCGmABfxZvDFZNGt
L0ybsl+IWR0yGQDzlRCE73duJAIxNj2dIH6nkzglg3FdcgzWLOE00tcRvOmIlpj8
JlckVixHo5HO0Def0yT1ALvFk+/OR0tn4/FAcauSwrdkfTXYx2am/C6koUZg1wWT
K/6ZnLttZ89OlvuwNtuvnSOdykhXPFFfbsH4KCmf+/5Mzw/t0sxpj2rlcZRmLzBn
LvQhWtj+3PN4A2St
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:43:07 2025 by rpki-client