Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/Vxr-eqC3jRCgU_-2m5GJLwTnMiU.roa
File: Vxr-eqC3jRCgU_-2m5GJLwTnMiU.roa (raw, json)
Hash identifier: 3psvyWOXuv8ZH8EOXvpV+lDM1KKTJw0jZUcQ9/RsgxQ=
Subject key identifier: 57:1A:FE:7A:A0:B7:8D:10:A0:53:FF:B6:9B:91:89:2F:04:E7:32:25
Certificate issuer: /CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Certificate serial: 0197A7021271CE54AE0FCDFD5C87F1C12ACE
Authority key identifier: 4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/Vxr-eqC3jRCgU_-2m5GJLwTnMiU.roa
Signing time: Wed 25 Jun 2025 12:13:40 +0000
ROA not before: Wed 25 Jun 2025 12:13:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3188
IP address blocks: 5.2.80.0/21 maxlen: 21
5.2.80.0/24 maxlen: 24
5.2.81.0/24 maxlen: 24
5.2.82.0/24 maxlen: 24
5.2.83.0/24 maxlen: 24
5.2.84.0/24 maxlen: 24
5.2.85.0/24 maxlen: 24
5.2.86.0/24 maxlen: 24
5.2.87.0/24 maxlen: 24
185.8.32.0/22 maxlen: 22
185.8.32.0/24 maxlen: 24
185.8.33.0/24 maxlen: 24
185.8.34.0/24 maxlen: 24
185.8.35.0/24 maxlen: 24
185.8.128.0/22 maxlen: 22
185.8.128.0/24 maxlen: 24
185.8.129.0/24 maxlen: 24
185.8.130.0/24 maxlen: 24
185.8.131.0/24 maxlen: 24
185.67.121.0/24 maxlen: 24
185.150.128.0/22 maxlen: 22
185.150.128.0/24 maxlen: 24
185.150.129.0/24 maxlen: 24
185.150.130.0/24 maxlen: 24
185.150.131.0/24 maxlen: 24
193.31.118.0/24 maxlen: 24
2a02:d9c0::/29 maxlen: 29
2a04:b600::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.mft
rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 06:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a7:02:12:71:ce:54:ae:0f:cd:fd:5c:87:f1:c1:2a:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4cbfd3e72d4a0396f95347336b42678f68c26430
Validity
Not Before: Jun 25 12:13:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=571afe7aa0b78d10a053ffb69b91892f04e73225
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ed:22:ec:d0:5a:62:58:b6:8f:79:01:cf:61:
70:c2:6d:55:08:e8:6b:77:1a:a6:85:03:cb:21:fc:
4f:74:b1:9d:fa:0c:a1:53:69:48:f7:f7:e2:0b:2c:
13:d4:ce:ea:54:e6:71:da:7e:1b:7c:3f:85:cf:74:
3c:21:45:a1:50:b1:ab:38:81:d7:c4:0a:3b:56:a7:
76:15:a4:5a:9d:40:47:48:ce:c1:7f:9b:e2:74:f8:
08:d4:7f:65:7e:cb:a2:d6:58:2a:88:4f:f3:19:a9:
fe:42:eb:39:d9:cd:92:14:3b:6e:6e:b1:79:0f:c5:
58:01:a9:c1:8d:08:96:cf:5c:25:cc:17:3d:87:a5:
86:6f:1c:c2:7f:ae:ad:33:2e:f9:d6:2e:3c:7c:b1:
11:dc:3b:58:38:18:19:95:72:40:f6:85:31:50:66:
d5:e3:c2:52:31:86:da:81:ab:0d:2e:9b:7f:d0:c8:
f0:49:d8:92:7b:5d:48:12:4c:53:57:d3:4b:4e:1f:
fe:bf:c1:6a:d3:cc:3c:c5:71:32:77:08:d8:64:b3:
fd:46:ab:b1:55:57:bc:f0:b0:96:8e:3d:1c:0a:ee:
09:0d:f6:29:b9:96:78:3e:fb:29:02:ca:72:30:e4:
24:b5:82:37:8c:fd:b1:a0:fc:fc:92:aa:c6:16:08:
0d:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:1A:FE:7A:A0:B7:8D:10:A0:53:FF:B6:9B:91:89:2F:04:E7:32:25
X509v3 Authority Key Identifier:
keyid:4C:BF:D3:E7:2D:4A:03:96:F9:53:47:33:6B:42:67:8F:68:C2:64:30
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TL_T5y1KA5b5U0cza0Jnj2jCZDA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/Vxr-eqC3jRCgU_-2m5GJLwTnMiU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d2/b5733b-3891-449b-9950-ff60e218ed41/1/TL_T5y1KA5b5U0cza0Jnj2jCZDA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.80.0/21
185.8.32.0/22
185.8.128.0/22
185.67.121.0/24
185.150.128.0/22
193.31.118.0/24
IPv6:
2a02:d9c0::/29
2a04:b600::/29
Signature Algorithm: sha256WithRSAEncryption
19:c4:f8:15:33:76:d2:a4:7c:1f:5d:7e:c8:6c:a1:cc:5e:b9:
70:23:02:be:87:ba:e5:78:10:d2:a0:2c:88:f1:9a:cb:bf:4c:
03:c3:10:89:29:a7:3d:54:93:8f:ee:91:aa:10:59:a4:17:c7:
20:fc:71:b6:96:ca:7c:d4:76:fc:95:a3:2e:4d:6c:48:70:88:
63:8b:0e:78:ae:9c:9e:48:10:1b:8a:ae:96:e5:76:a1:91:44:
88:01:ef:d4:e1:28:a9:ad:8d:1e:66:f9:80:eb:af:25:21:0a:
9a:c4:04:ba:02:87:bb:65:b2:16:91:a0:35:5d:d9:eb:25:cd:
8e:c3:d3:98:68:cf:de:c2:cb:57:0e:9c:18:34:f3:c2:ba:3d:
db:af:35:d2:21:bb:39:3c:1b:cb:62:36:f3:30:fd:f1:a1:78:
b3:36:51:64:d8:3e:70:58:a9:1c:ba:b1:33:87:1c:f2:80:6a:
bd:f2:85:38:29:ee:ec:67:ee:2d:90:a3:4a:24:28:bf:f3:46:
0a:50:2c:da:dc:31:a1:41:e0:ab:05:fe:67:e9:63:01:06:be:
60:67:5a:3f:fb:b3:74:a6:28:e8:a2:48:19:3e:03:dc:84:c8:
38:2e:e3:48:7a:a5:8d:49:ca:35:9f:02:72:3b:b2:69:86:d3:
78:dd:7a:f4
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZenAhJxzlSuD839XIfxwSrOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYmZkM2U3MmQ0YTAzOTZmOTUzNDczMzZiNDI2NzhmNjhj
MjY0MzAwHhcNMjUwNjI1MTIxMzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzFhZmU3YWEwYjc4ZDEwYTA1M2ZmYjY5YjkxODkyZjA0ZTczMjI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt+0i7NBaYli2j3kBz2Fwwm1VCOhr
dxqmhQPLIfxPdLGd+gyhU2lI9/fiCywT1M7qVOZx2n4bfD+Fz3Q8IUWhULGrOIHX
xAo7Vqd2FaRanUBHSM7Bf5vidPgI1H9lfsui1lgqiE/zGan+Qus52c2SFDtubrF5
D8VYAanBjQiWz1wlzBc9h6WGbxzCf66tMy751i48fLER3DtYOBgZlXJA9oUxUGbV
48JSMYbagasNLpt/0MjwSdiSe11IEkxTV9NLTh/+v8Fq08w8xXEydwjYZLP9Rqux
VVe88LCWjj0cCu4JDfYpuZZ4PvspAspyMOQktYI3jP2xoPz8kqrGFggNTQIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFFca/nqgt40QoFP/tpuRiS8E5zIlMB8GA1UdIwQY
MBaAFEy/0+ctSgOW+VNHM2tCZ49owmQwMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAt
ZmY2MGUyMThlZDQxLzEvVnhyLWVxQzNqUkNnVV8tMm01R0pMd1RuTWlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMi9iNTczM2ItMzg5MS00NDliLTk5NTAtZmY2MGUyMThlZDQx
LzEvVExfVDV5MUtBNWI1VTBjemEwSm5qMmpDWkRBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjAqBAIAATAkAwQDBQJQAwQC
uQggAwQCuQiAAwQAuUN5AwQCuZaAAwQAwR92MBQEAgACMA4DBQMqAtnAAwUDKgS2
ADANBgkqhkiG9w0BAQsFAAOCAQEAGcT4FTN20qR8H11+yGyhzF65cCMCvoe65XgQ
0qAsiPGay79MA8MQiSmnPVSTj+6RqhBZpBfHIPxxtpbKfNR2/JWjLk1sSHCIY4sO
eK6cnkgQG4quluV2oZFEiAHv1OEoqa2NHmb5gOuvJSEKmsQEugKHu2WyFpGgNV3Z
6yXNjsPTmGjP3sLLVw6cGDTzwro926810iG7OTwby2I28zD98aF4szZRZNg+cFip
HLqxM4cc8oBqvfKFOCnu7GfuLZCjSiQov/NGClAs2twxoUHgqwX+Z+ljAQa+YGda
P/uzdKYo6KJIGT4D3ITIOC7jSHqljUnKNZ8CcjuyaYbTeN169A==
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:36:34 2025 by rpki-client