Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/ap-CQNVkX98mFn3ro8X-u0Z5ytQ.roa
File: ap-CQNVkX98mFn3ro8X-u0Z5ytQ.roa (raw, json)
Hash identifier: +GioIV7wmV/PxdEFnTECTYhJxvq+IEyFtRu6eqMs3Ac=
Subject key identifier: 6A:9F:82:40:D5:64:5F:DF:26:16:7D:EB:A3:C5:FE:BB:46:79:CA:D4
Certificate issuer: /CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Certificate serial: 0198A28D477A2018ED6D2234470A0B01B55C
Authority key identifier: 8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/ap-CQNVkX98mFn3ro8X-u0Z5ytQ.roa
Signing time: Wed 13 Aug 2025 08:30:24 +0000
ROA not before: Wed 13 Aug 2025 08:30:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44534
IP address blocks: 5.45.209.0/24 maxlen: 24
5.255.203.0/24 maxlen: 24
5.255.232.0/24 maxlen: 24
5.255.234.0/23 maxlen: 23
37.140.168.0/24 maxlen: 24
77.88.6.0/24 maxlen: 24
77.88.42.0/23 maxlen: 23
77.88.61.0/24 maxlen: 24
84.252.160.0/19 maxlen: 20
87.250.232.0/24 maxlen: 24
87.250.238.0/24 maxlen: 24
90.156.176.0/20 maxlen: 24
90.156.176.0/24 maxlen: 24
93.158.155.0/24 maxlen: 24
93.158.184.0/24 maxlen: 24
93.158.185.0/24 maxlen: 24
93.158.186.0/24 maxlen: 24
93.158.187.0/24 maxlen: 24
95.108.168.0/22 maxlen: 22
95.108.170.0/24 maxlen: 24
141.8.130.0/23 maxlen: 23
178.154.152.0/24 maxlen: 24
2a02:6bf:8000::/34 maxlen: 48
2a02:6bf:8005::/48 maxlen: 48
2a02:6bf:8006::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.mft
rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:8d:47:7a:20:18:ed:6d:22:34:47:0a:0b:01:b5:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8d84404e5f8a4b117ae44e73d53c44ecdd578342
Validity
Not Before: Aug 13 08:30:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a9f8240d5645fdf26167deba3c5febb4679cad4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:17:91:4a:b6:73:5c:58:d1:d1:5a:d1:13:2f:
13:c1:51:f1:39:8c:c8:f6:04:20:2c:de:89:dd:95:
9a:e9:a0:2d:3e:85:3a:1e:6d:66:bb:3a:6e:2d:be:
77:a2:55:82:36:bd:d7:22:75:b7:0c:46:2f:c9:e3:
0f:00:75:59:bd:7f:6d:71:4f:a2:bf:72:47:1e:38:
53:24:97:43:a5:1d:82:65:ec:c0:d4:56:0c:1d:c0:
a5:4d:2b:ca:9b:2d:70:0b:7a:70:96:28:cc:3e:ec:
f5:05:ba:ab:c3:b1:67:e7:94:84:1a:f5:8f:15:7a:
e7:62:8d:1a:02:47:db:32:0e:50:a2:e7:2f:35:37:
6c:31:d0:9f:76:24:16:68:63:fd:f1:84:57:fe:b4:
4d:68:a1:dd:35:ac:d0:94:9f:53:82:9d:f5:e2:bd:
52:d1:e3:b7:6c:73:26:75:79:80:8c:c6:93:66:d5:
9f:ee:53:7c:3f:d1:84:85:d4:21:0d:02:6b:0a:a2:
24:d1:dd:73:56:8d:1b:01:ee:a0:ce:86:62:1c:92:
35:af:4c:cb:94:a5:52:6f:76:b7:d6:8d:ed:55:ca:
8a:48:0e:fd:f2:84:c0:29:dd:48:a1:68:eb:df:d7:
64:6b:eb:29:2d:47:25:a8:fb:d3:1b:10:c2:35:ff:
49:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9F:82:40:D5:64:5F:DF:26:16:7D:EB:A3:C5:FE:BB:46:79:CA:D4
X509v3 Authority Key Identifier:
keyid:8D:84:40:4E:5F:8A:4B:11:7A:E4:4E:73:D5:3C:44:EC:DD:57:83:42
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/jYRATl-KSxF65E5z1TxE7N1Xg0I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/ap-CQNVkX98mFn3ro8X-u0Z5ytQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/d51f64-5d06-4fc0-ab69-2cd98ee53569/1/jYRATl-KSxF65E5z1TxE7N1Xg0I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.209.0/24
5.255.203.0/24
5.255.232.0/24
5.255.234.0/23
37.140.168.0/24
77.88.6.0/24
77.88.42.0/23
77.88.61.0/24
84.252.160.0/19
87.250.232.0/24
87.250.238.0/24
90.156.176.0/20
93.158.155.0/24
93.158.184.0/22
95.108.168.0/22
141.8.130.0/23
178.154.152.0/24
IPv6:
2a02:6bf:8000::/34
Signature Algorithm: sha256WithRSAEncryption
4f:2b:6f:a8:77:61:dc:cb:24:86:af:57:31:d7:fa:35:8e:1f:
7a:9b:87:8c:25:f9:b7:08:1a:5f:1d:99:48:09:90:db:4a:da:
c3:3e:a7:46:f1:ba:f5:3a:2c:cf:4f:91:48:f9:88:6d:32:f9:
6a:ce:10:be:6b:0e:89:33:e0:2d:f3:b8:fc:72:eb:84:16:4f:
cb:dc:c6:90:39:84:03:55:3a:3a:38:dd:5a:9a:c3:d9:74:58:
98:96:fe:22:93:11:e4:34:38:a2:5e:9a:f3:fd:09:a0:88:a1:
86:28:b4:dd:0a:84:1f:dc:67:d1:fa:0c:bc:29:e1:18:b3:bd:
6e:fc:d3:13:77:eb:36:1b:a1:98:53:04:33:4e:12:2e:aa:b7:
90:f3:c7:92:36:d2:c9:81:28:53:77:00:ff:74:91:15:99:03:
eb:ad:1b:ac:2c:44:db:8c:ba:56:11:c2:78:79:f7:a8:ab:8c:
e2:ee:e6:e4:05:c7:9c:eb:03:46:a2:90:1e:00:3b:d7:4d:2a:
e4:4c:8e:5b:41:49:5a:87:b1:a4:50:b6:a5:ef:35:64:f2:75:
33:eb:b9:6a:bf:ea:15:7a:5e:54:75:af:ae:da:e4:3c:f8:b9:
79:69:84:69:a9:a8:c6:eb:11:48:8a:b4:a1:4e:f4:0f:84:30:
16:00:ac:5f
-----BEGIN CERTIFICATE-----
MIIFbzCCBFegAwIBAgISAZiijUd6IBjtbSI0RwoLAbVcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhkODQ0MDRlNWY4YTRiMTE3YWU0NGU3M2Q1M2M0NGVjZGQ1
NzgzNDIwHhcNMjUwODEzMDgzMDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTlmODI0MGQ1NjQ1ZmRmMjYxNjdkZWJhM2M1ZmViYjQ2NzljYWQ0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1heRSrZzXFjR0VrREy8TwVHxOYzI
9gQgLN6J3ZWa6aAtPoU6Hm1muzpuLb53olWCNr3XInW3DEYvyeMPAHVZvX9tcU+i
v3JHHjhTJJdDpR2CZezA1FYMHcClTSvKmy1wC3pwlijMPuz1Bbqrw7Fn55SEGvWP
FXrnYo0aAkfbMg5QoucvNTdsMdCfdiQWaGP98YRX/rRNaKHdNazQlJ9Tgp314r1S
0eO3bHMmdXmAjMaTZtWf7lN8P9GEhdQhDQJrCqIk0d1zVo0bAe6gzoZiHJI1r0zL
lKVSb3a31o3tVcqKSA798oTAKd1IoWjr39dka+spLUclqPvTGxDCNf9JcQIDAQAB
o4ICezCCAncwHQYDVR0OBBYEFGqfgkDVZF/fJhZ966PF/rtGecrUMB8GA1UdIwQY
MBaAFI2EQE5fiksReuROc9U8ROzdV4NCMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjkt
MmNkOThlZTUzNTY5LzEvYXAtQ1FOVmtYOThtRm4zcm84WC11MFo1eXRRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS9kNTFmNjQtNWQwNi00ZmMwLWFiNjktMmNkOThlZTUzNTY5
LzEvallSQVRsLUtTeEY2NUU1ejFUeEU3TjFYZzBJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGQBggrBgEFBQcBBwEB/wSBgDB+MGwEAgABMGYDBAAFLdED
BAAF/8sDBAAF/+gDBAEF/+oDBAAljKgDBABNWAYDBAFNWCoDBABNWD0DBAVU/KAD
BABX+ugDBABX+u4DBARanLADBABdnpsDBAJdnrgDBAJfbKgDBAGNCIIDBACympgw
DgQCAAIwCAMGBioCBr+AMA0GCSqGSIb3DQEBCwUAA4IBAQBPK2+od2HcyySGr1cx
1/o1jh96m4eMJfm3CBpfHZlICZDbStrDPqdG8br1OizPT5FI+YhtMvlqzhC+aw6J
M+At87j8cuuEFk/L3MaQOYQDVTo6ON1amsPZdFiYlv4ikxHkNDiiXprz/QmgiKGG
KLTdCoQf3GfR+gy8KeEYs71u/NMTd+s2G6GYUwQzThIuqreQ88eSNtLJgShTdwD/
dJEVmQPrrRusLETbjLpWEcJ4efeoq4zi7ubkBcec6wNGopAeADvXTSrkTI5bQUla
h7GkULal7zVk8nUz67lqv+oVel5Uda+u2uQ8+Ll5aYRpqajG6xFIirShTvQPhDAW
AKxf
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:12:42 2025 by rpki-client