Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/DfUSjPi2INTZBxoOQDwjln-TPKA.roa
File: DfUSjPi2INTZBxoOQDwjln-TPKA.roa (raw, json)
Hash identifier: /ysoks/fge7Q4Y/49e0Xa6J+sfHs/2M2DRhW7QPhPZM=
Subject key identifier: 0D:F5:12:8C:F8:B6:20:D4:D9:07:1A:0E:40:3C:23:96:7F:93:3C:A0
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 0199341F0BA7F1E15ECDD6CAA30CA26E8841
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/DfUSjPi2INTZBxoOQDwjln-TPKA.roa
Signing time: Wed 10 Sep 2025 14:54:33 +0000
ROA not before: Wed 10 Sep 2025 14:54:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33667
IP address blocks: 5.182.186.0/24 maxlen: 24
5.182.193.0/24 maxlen: 24
5.182.194.0/24 maxlen: 24
5.182.195.0/24 maxlen: 24
36.255.215.0/24 maxlen: 24
45.67.141.0/24 maxlen: 24
63.246.129.0/24 maxlen: 24
63.246.148.0/24 maxlen: 24
63.246.152.0/24 maxlen: 24
63.246.159.0/24 maxlen: 24
78.31.206.0/24 maxlen: 24
103.216.197.0/24 maxlen: 24
149.126.13.0/24 maxlen: 24
162.218.89.0/24 maxlen: 24
185.201.41.0/24 maxlen: 24
185.201.43.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:1f:0b:a7:f1:e1:5e:cd:d6:ca:a3:0c:a2:6e:88:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Sep 10 14:54:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0df5128cf8b620d4d9071a0e403c23967f933ca0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:5d:5c:13:06:43:a9:da:33:c7:a2:8d:5f:17:
58:6a:31:5e:34:64:13:a6:02:ac:e9:4e:d0:38:24:
e9:bc:3e:b6:af:3f:8c:5b:50:03:12:16:58:d4:2d:
40:bd:3d:a5:2e:31:71:64:77:48:38:d5:4f:4a:fd:
1e:90:3f:90:df:5e:83:11:f5:ed:12:c2:20:d7:64:
ca:93:63:d0:48:13:7d:9c:08:5a:9c:26:4b:2c:05:
ff:a4:6a:49:97:c1:c8:a8:e9:4f:c6:0c:1a:f2:6b:
e4:cd:b5:e7:29:c2:25:94:58:f5:da:57:e1:42:b2:
65:92:6c:e5:44:52:c8:7b:27:12:46:9d:c5:5f:85:
71:b4:be:17:50:80:ca:6a:18:d0:73:1f:51:dc:8d:
bd:0b:04:aa:d2:d4:77:74:68:cc:08:d5:32:28:21:
b6:13:10:bf:eb:f3:4c:89:38:80:1d:7c:0d:94:8e:
25:07:56:65:81:2d:9d:cb:e7:75:79:92:ca:88:fa:
be:94:ef:3c:f5:ee:dc:0e:37:06:8d:d6:8c:c3:c7:
d6:f6:a4:05:83:41:c5:0e:57:19:12:89:56:d2:f7:
e8:67:51:81:85:34:64:d2:49:9a:df:82:6c:cc:84:
69:2b:8b:4d:fb:56:4c:c4:51:50:0e:db:a0:4d:67:
de:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0D:F5:12:8C:F8:B6:20:D4:D9:07:1A:0E:40:3C:23:96:7F:93:3C:A0
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/DfUSjPi2INTZBxoOQDwjln-TPKA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.186.0/24
5.182.193.0-5.182.195.255
36.255.215.0/24
45.67.141.0/24
63.246.129.0/24
63.246.148.0/24
63.246.152.0/24
63.246.159.0/24
78.31.206.0/24
103.216.197.0/24
149.126.13.0/24
162.218.89.0/24
185.201.41.0/24
185.201.43.0/24
Signature Algorithm: sha256WithRSAEncryption
3e:12:61:e4:2a:ae:1f:d1:39:53:0e:02:67:39:96:d0:50:0d:
ac:bd:a6:e6:b3:b8:6a:23:fe:49:26:12:0d:25:f5:9c:a2:96:
3c:f1:d0:00:9e:66:76:91:15:93:83:ad:c0:d0:11:14:6a:08:
f4:47:14:5c:c0:03:df:13:42:f2:44:a2:d1:cc:6e:9c:02:94:
d9:f6:ab:ce:bf:15:f5:b0:21:b6:b6:81:b6:06:39:0e:3a:7e:
d6:9c:98:c4:b9:19:7b:eb:51:15:eb:f9:f0:db:c3:24:bb:0d:
e5:69:93:5e:ff:f6:de:5d:99:14:02:05:1d:94:f7:dc:40:f3:
b4:6f:f4:dc:2c:d3:40:92:90:37:4f:13:d9:d5:71:b5:29:00:
6c:1b:f7:79:5f:e7:1b:6e:f1:16:aa:1c:2b:f8:f9:f8:06:73:
a1:50:91:1f:6d:ff:90:de:d7:ca:b5:04:8e:df:2a:d1:c9:af:
c4:14:43:18:b2:30:3b:37:6b:9a:51:1b:0c:14:da:0e:57:ae:
3c:c7:ce:70:ed:74:d0:f4:24:fe:7a:41:bc:80:a4:a7:be:2e:
35:67:68:17:36:39:23:a5:59:8e:7a:3a:2f:2b:0f:4c:38:37:
53:37:55:1c:83:f1:b8:06:d2:99:32:35:ae:70:c1:23:8f:38:
ac:78:12:06
-----BEGIN CERTIFICATE-----
MIIFUzCCBDugAwIBAgISAZk0Hwun8eFezdbKowyibohBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwOTEwMTQ1NDMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZGY1MTI4Y2Y4YjYyMGQ0ZDkwNzFhMGU0MDNjMjM5NjdmOTMzY2EwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjF1cEwZDqdozx6KNXxdYajFeNGQT
pgKs6U7QOCTpvD62rz+MW1ADEhZY1C1AvT2lLjFxZHdIONVPSv0ekD+Q316DEfXt
EsIg12TKk2PQSBN9nAhanCZLLAX/pGpJl8HIqOlPxgwa8mvkzbXnKcIllFj12lfh
QrJlkmzlRFLIeycSRp3FX4VxtL4XUIDKahjQcx9R3I29CwSq0tR3dGjMCNUyKCG2
ExC/6/NMiTiAHXwNlI4lB1ZlgS2dy+d1eZLKiPq+lO889e7cDjcGjdaMw8fW9qQF
g0HFDlcZEolW0vfoZ1GBhTRk0kma34JszIRpK4tN+1ZMxFFQDtugTWfeMQIDAQAB
o4ICXzCCAlswHQYDVR0OBBYEFA31Eoz4tiDU2QcaDkA8I5Z/kzygMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvRGZVU2pQaTJJTlRaQnhvT1FEd2psbi1UUEtBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHUGCCsGAQUFBwEHAQH/BGYwZDBiBAIAATBcAwQABba6MAwD
BAAFtsEDBAIFtsADBAAk/9cDBAAtQ40DBAA/9oEDBAA/9pQDBAA/9pgDBAA/9p8D
BABOH84DBABn2MUDBACVfg0DBACi2lkDBAC5ySkDBAC5ySswDQYJKoZIhvcNAQEL
BQADggEBAD4SYeQqrh/ROVMOAmc5ltBQDay9puazuGoj/kkmEg0l9Zyiljzx0ACe
ZnaRFZODrcDQERRqCPRHFFzAA98TQvJEotHMbpwClNn2q86/FfWwIba2gbYGOQ46
ftacmMS5GXvrURXr+fDbwyS7DeVpk17/9t5dmRQCBR2U99xA87Rv9Nws00CSkDdP
E9nVcbUpAGwb93lf5xtu8RaqHCv4+fgGc6FQkR9t/5De18q1BI7fKtHJr8QUQxiy
MDs3a5pRGwwU2g5XrjzHznDtdND0JP56QbyApKe+LjVnaBc2OSOlWY56Oi8rD0w4
N1M3VRyD8bgG0pkyNa5wwSOPOKx4EgY=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:12 2025 by rpki-client