Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/5UoFLpQtoNWTRnd2IrHt1zDXCnU.roa
File: 5UoFLpQtoNWTRnd2IrHt1zDXCnU.roa (raw, json)
Hash identifier: mdK5sii+dlLtOUzntgin3VSmrrSF7YmdacNAlKzg9pg=
Subject key identifier: E5:4A:05:2E:94:2D:A0:D5:93:46:77:76:22:B1:ED:D7:30:D7:0A:75
Certificate issuer: /CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Certificate serial: 0198AF66751EB49F26BEE19FAB7E8767A560
Authority key identifier: 4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/5UoFLpQtoNWTRnd2IrHt1zDXCnU.roa
Signing time: Fri 15 Aug 2025 20:23:04 +0000
ROA not before: Fri 15 Aug 2025 20:23:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21859
IP address blocks: 45.156.131.0/24 maxlen: 24
109.105.208.0/24 maxlen: 24
109.105.209.0/24 maxlen: 24
109.105.210.0/24 maxlen: 24
185.180.141.0/24 maxlen: 24
185.226.196.0/24 maxlen: 24
185.226.197.0/24 maxlen: 24
2a10:3c0:3::/48 maxlen: 48
2a10:3c0:4::/48 maxlen: 48
2a10:3c0:5::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:af:66:75:1e:b4:9f:26:be:e1:9f:ab:7e:87:67:a5:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4acfac8645a3c6f10042dc4a74d700d9d06af17a
Validity
Not Before: Aug 15 20:23:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e54a052e942da0d59346777622b1edd730d70a75
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9f:9d:e7:4e:0e:fa:9e:27:14:1d:f9:61:8b:
ab:af:95:68:54:c9:6b:7f:4f:52:ba:b8:70:29:54:
c5:19:7d:27:e2:a0:32:e5:49:69:8d:99:a4:5d:2f:
79:59:ab:a3:e8:cb:c6:b9:22:eb:27:cf:e9:46:d4:
2b:11:48:7e:fa:e0:a8:4a:65:a0:d7:f7:68:d4:a7:
2f:fb:35:b4:d1:da:c8:45:ee:c3:82:0f:c3:27:09:
bc:84:b9:a4:f5:5b:88:3f:d5:15:00:ea:43:c0:55:
53:d3:17:ef:08:12:50:78:6f:dc:2f:4c:f8:29:38:
01:9a:ee:70:8a:59:59:ae:8f:f9:52:99:3f:01:b8:
1b:b8:5f:93:5f:cf:9c:13:14:ca:2c:2e:ba:98:ea:
d7:ce:fb:41:f9:c4:8a:3c:21:6e:3c:a0:02:e3:53:
20:1b:cd:d9:06:dd:a2:d1:2f:50:67:4f:f2:2a:10:
32:ac:8d:32:00:37:1d:e5:2f:dc:d0:34:03:4f:85:
80:d6:72:b4:f0:fd:76:d5:bd:f2:ef:63:ce:3a:77:
5d:d0:d3:d9:38:50:6d:fb:8a:20:3d:16:67:0a:42:
82:80:3e:14:6a:4c:af:92:75:9d:c6:f2:de:3a:5f:
4e:80:24:f7:84:58:6a:d3:2a:09:2e:f7:95:1e:60:
b2:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:4A:05:2E:94:2D:A0:D5:93:46:77:76:22:B1:ED:D7:30:D7:0A:75
X509v3 Authority Key Identifier:
keyid:4A:CF:AC:86:45:A3:C6:F1:00:42:DC:4A:74:D7:00:D9:D0:6A:F1:7A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/5UoFLpQtoNWTRnd2IrHt1zDXCnU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/2c17cb-4742-44cf-891f-7bf8277d8a2f/1/Ss-shkWjxvEAQtxKdNcA2dBq8Xo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.156.131.0/24
109.105.208.0-109.105.210.255
185.180.141.0/24
185.226.196.0/23
IPv6:
2a10:3c0:3::-2a10:3c0:5:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
23:39:e3:40:93:5b:5f:68:2b:fe:7c:ff:bc:f7:ca:f4:c4:94:
84:55:05:23:8a:82:0e:31:fb:48:9c:7a:22:82:44:5a:d3:5d:
22:00:88:1f:b7:6e:bc:9f:8c:74:c6:cd:50:86:45:41:c5:e0:
be:22:f4:20:39:e6:aa:00:df:46:8b:71:5e:95:9a:32:46:4e:
d5:4d:54:a2:1b:0b:69:64:5f:7d:0c:bc:46:b3:a4:ea:43:8d:
04:09:ec:1a:cd:09:ee:8c:e1:fd:c3:a6:52:29:82:7b:20:9e:
7c:b0:16:46:c3:aa:ae:0c:f1:b7:fe:3f:2b:35:b6:15:da:76:
70:4e:54:22:f4:e3:14:0b:d5:37:35:3b:4b:4e:08:0e:09:41:
b2:0b:23:d5:ac:a0:18:66:a0:a2:f3:39:4a:56:2a:ad:c9:60:
a2:0e:45:c7:11:74:47:56:0a:3d:a0:31:16:da:ce:cb:fd:2c:
a2:43:d9:c5:86:bd:33:84:44:64:61:c1:f3:f2:24:54:69:ae:
b8:d8:9e:76:78:85:dd:67:54:01:79:fe:62:06:a4:b3:93:9d:
d1:7f:bb:22:75:c8:89:91:3e:85:dc:24:dd:53:7d:51:91:67:
fd:58:11:3e:d2:cc:be:09:f3:2e:82:3f:c8:a5:60:44:eb:45:
0b:b8:ff:d9
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZivZnUetJ8mvuGfq36HZ6VgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRhY2ZhYzg2NDVhM2M2ZjEwMDQyZGM0YTc0ZDcwMGQ5ZDA2
YWYxN2EwHhcNMjUwODE1MjAyMzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTRhMDUyZTk0MmRhMGQ1OTM0Njc3NzYyMmIxZWRkNzMwZDcwYTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ+d504O+p4nFB35YYurr5VoVMlr
f09SurhwKVTFGX0n4qAy5UlpjZmkXS95Wauj6MvGuSLrJ8/pRtQrEUh++uCoSmWg
1/do1Kcv+zW00drIRe7Dgg/DJwm8hLmk9VuIP9UVAOpDwFVT0xfvCBJQeG/cL0z4
KTgBmu5willZro/5Upk/AbgbuF+TX8+cExTKLC66mOrXzvtB+cSKPCFuPKAC41Mg
G83ZBt2i0S9QZ0/yKhAyrI0yADcd5S/c0DQDT4WA1nK08P121b3y72POOndd0NPZ
OFBt+4ogPRZnCkKCgD4UakyvknWdxvLeOl9OgCT3hFhq0yoJLveVHmCyvwIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFOVKBS6ULaDVk0Z3diKx7dcw1wp1MB8GA1UdIwQY
MBaAFErPrIZFo8bxAELcSnTXANnQavF6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYt
N2JmODI3N2Q4YTJmLzEvNVVvRkxwUXRvTldUUm5kMklySHQxekRYQ25VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi8yYzE3Y2ItNDc0Mi00NGNmLTg5MWYtN2JmODI3N2Q4YTJm
LzEvU3Mtc2hrV2p4dkVBUXR4S2ROY0EyZEJxOFhvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDAmBAIAATAgAwQALZyDMAwD
BARtadADBABtadIDBAC5tI0DBAG54sQwGgQCAAIwFDASAwcAKhADwAADAwcBKhAD
wAAEMA0GCSqGSIb3DQEBCwUAA4IBAQAjOeNAk1tfaCv+fP+898r0xJSEVQUjioIO
MftInHoigkRa010iAIgft268n4x0xs1QhkVBxeC+IvQgOeaqAN9Gi3FelZoyRk7V
TVSiGwtpZF99DLxGs6TqQ40ECewazQnujOH9w6ZSKYJ7IJ58sBZGw6quDPG3/j8r
NbYV2nZwTlQi9OMUC9U3NTtLTggOCUGyCyPVrKAYZqCi8zlKViqtyWCiDkXHEXRH
Vgo9oDEW2s7L/SyiQ9nFhr0zhERkYcHz8iRUaa642J52eIXdZ1QBef5iBqSzk53R
f7sidciJkT6F3CTdU31RkWf9WBE+0sy+CfMugj/IpWBE60ULuP/Z
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:09:14 2025 by rpki-client