Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/678Ssp4Z32Xzh5qaxFQ_L2xmBQQ.roa
File: 678Ssp4Z32Xzh5qaxFQ_L2xmBQQ.roa (raw, json)
Hash identifier: 4hZcrSL2hIrc1nZJbFZOEGuN6nZyCxrX2dpnXRqI8sw=
Subject key identifier: EB:BF:12:B2:9E:19:DF:65:F3:87:9A:9A:C4:54:3F:2F:6C:66:05:04
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0198BAA5CD86BA652A7B0626701686871392
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/678Ssp4Z32Xzh5qaxFQ_L2xmBQQ.roa
Signing time: Mon 18 Aug 2025 00:48:04 +0000
ROA not before: Mon 18 Aug 2025 00:48:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7015
IP address blocks: 5.182.187.0/24 maxlen: 24
5.182.192.0/24 maxlen: 24
5.182.198.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
31.132.53.0/24 maxlen: 24
36.255.213.0/24 maxlen: 24
36.255.214.0/24 maxlen: 24
45.67.141.0/24 maxlen: 24
45.248.52.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
94.154.182.0/24 maxlen: 24
103.130.178.0/24 maxlen: 24
103.210.12.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
162.218.90.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
185.205.204.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ba:a5:cd:86:ba:65:2a:7b:06:26:70:16:86:87:13:92
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Aug 18 00:48:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebbf12b29e19df65f3879a9ac4543f2f6c660504
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:05:95:02:0c:3f:10:03:ea:cd:fc:4a:77:dc:
52:7e:12:a1:88:41:cc:35:07:92:18:14:8c:a4:20:
3a:93:e0:ff:c9:f7:d8:a5:6f:e2:25:5f:db:9c:38:
36:06:ff:61:e2:35:5d:cd:af:9c:85:59:69:26:cc:
d6:af:0d:c0:c5:2a:42:e4:e9:09:58:c5:f2:71:06:
08:9b:97:d3:36:b0:53:0b:44:fc:e2:ee:3c:c5:d1:
3b:11:0c:f6:42:4a:f4:29:2e:1d:82:41:d0:94:96:
f1:18:85:fa:0f:a9:7f:04:66:5b:89:a3:30:dc:bf:
c4:c0:e8:d4:ab:f8:9f:51:45:46:cd:40:db:8d:60:
0e:26:e6:85:f4:5c:ae:1b:1a:d1:97:b4:76:cb:92:
bb:51:6d:0e:7a:b9:cc:ee:15:d5:21:c7:29:93:93:
91:d3:da:9e:01:5b:a3:97:b2:e7:54:eb:b2:82:82:
24:2b:c4:c7:36:a9:15:ac:1d:5d:52:86:00:f6:ff:
53:47:58:1d:21:92:36:ba:33:e8:0e:b1:67:12:26:
61:f1:62:fe:b8:0c:78:b4:00:84:92:e6:e5:97:e1:
5c:68:3a:54:c8:ae:fd:bb:db:d4:4b:a9:75:b5:37:
db:b9:de:dd:15:2f:1a:d0:57:8f:22:d0:3f:d7:59:
93:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:BF:12:B2:9E:19:DF:65:F3:87:9A:9A:C4:54:3F:2F:6C:66:05:04
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/678Ssp4Z32Xzh5qaxFQ_L2xmBQQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.187.0/24
5.182.192.0/24
5.182.198.0/24
31.132.52.0/23
36.255.213.0-36.255.214.255
45.67.141.0/24
45.248.52.0/24
63.246.130.0-63.246.133.255
63.246.137.0/24
92.249.31.0/24
94.154.182.0/24
103.130.178.0/24
103.210.12.0/24
147.78.205.0-147.78.206.255
162.218.90.0/24
185.52.137.0/24
185.187.212.0/24
185.201.40.0/24
185.205.204.0/23
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
46:8c:14:25:91:4f:c7:3a:92:13:38:1a:e1:99:ac:b0:9f:71:
7c:95:cc:69:14:23:28:bd:60:5c:b6:4e:da:4d:a0:c1:43:f0:
a8:8d:f9:9f:f1:4a:4f:e9:13:a1:9c:db:82:e9:00:a5:42:5d:
df:50:e0:e0:8b:7a:4e:d0:cb:14:d4:9f:1c:27:65:7a:8e:6a:
ac:59:c7:01:c9:a3:e0:9d:ef:9f:a9:5c:1b:97:e3:78:66:b9:
28:31:f9:75:e1:c3:f0:27:c8:ad:25:c7:eb:2a:1b:86:86:79:
ad:a9:fb:cd:cd:51:df:ac:c3:0e:cf:e5:fb:f8:18:fc:c3:3e:
0c:84:a1:23:95:8a:48:a8:bd:d9:61:c6:0c:e3:94:6a:b2:4e:
be:28:da:25:a7:18:7b:70:a6:7e:5a:4b:98:38:e2:ad:0c:c6:
fd:68:72:80:a1:c7:5d:65:4f:d5:75:29:16:6b:d1:c6:bb:de:
0c:1c:75:a2:c7:d6:98:97:4e:6a:17:06:ca:19:1e:40:83:be:
f6:e7:8e:bc:0f:26:ea:3e:74:d7:c2:c7:37:4c:26:ec:68:28:
f9:98:a6:22:51:fe:5e:7c:10:58:3c:41:7b:84:69:99:5c:23:
ec:14:51:f2:10:67:05:0e:87:cb:a8:db:03:4c:47:7a:85:86:
ba:83:57:45
-----BEGIN CERTIFICATE-----
MIIFkjCCBHqgAwIBAgISAZi6pc2GumUqewYmcBaGhxOSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwODE4MDA0ODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmJmMTJiMjllMTlkZjY1ZjM4NzlhOWFjNDU0M2YyZjZjNjYwNTA0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAWVAgw/EAPqzfxKd9xSfhKhiEHM
NQeSGBSMpCA6k+D/yffYpW/iJV/bnDg2Bv9h4jVdza+chVlpJszWrw3AxSpC5OkJ
WMXycQYIm5fTNrBTC0T84u48xdE7EQz2Qkr0KS4dgkHQlJbxGIX6D6l/BGZbiaMw
3L/EwOjUq/ifUUVGzUDbjWAOJuaF9FyuGxrRl7R2y5K7UW0OernM7hXVIccpk5OR
09qeAVujl7LnVOuygoIkK8THNqkVrB1dUoYA9v9TR1gdIZI2ujPoDrFnEiZh8WL+
uAx4tACEkubll+FcaDpUyK79u9vUS6l1tTfbud7dFS8a0FePItA/11mTqwIDAQAB
o4ICnjCCApowHQYDVR0OBBYEFOu/ErKeGd9l84eamsRUPy9sZgUEMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvNjc4U3NwNFozMlh6aDVxYXhGUV9MMnhtQlFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGzBggrBgEFBQcBBwEB/wSBozCBoDCBnQQCAAEwgZYDBAAF
trsDBAAFtsADBAAFtsYDBAEfhDQwDAMEACT/1QMEACT/1gMEAC1DjQMEAC34NDAM
AwQBP/aCAwQBP/aEAwQAP/aJAwQAXPkfAwQAXpq2AwQAZ4KyAwQAZ9IMMAwDBACT
Ts0DBACTTs4DBACi2loDBAC5NIkDBAC5u9QDBAC5ySgDBAG5zcwDBADUPA8DBADZ
xakwDQYJKoZIhvcNAQELBQADggEBAEaMFCWRT8c6khM4GuGZrLCfcXyVzGkUIyi9
YFy2TtpNoMFD8KiN+Z/xSk/pE6Gc24LpAKVCXd9Q4OCLek7QyxTUnxwnZXqOaqxZ
xwHJo+Cd75+pXBuX43hmuSgx+XXhw/AnyK0lx+sqG4aGea2p+83NUd+sww7P5fv4
GPzDPgyEoSOVikiovdlhxgzjlGqyTr4o2iWnGHtwpn5aS5g44q0Mxv1ocoChx11l
T9V1KRZr0ca73gwcdaLH1piXTmoXBsoZHkCDvvbnjrwPJuo+dNfCxzdMJuxoKPmY
piJR/l58EFg8QXuEaZlcI+wUUfIQZwUOh8uo2wNMR3qFhrqDV0U=
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:16:38 2025 by rpki-client