Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/L0PayBXw1av4AajNcmdw2-ceGI4.roa
File: L0PayBXw1av4AajNcmdw2-ceGI4.roa (raw, json)
Hash identifier: yrgEG4D+FXySVVv/ibFmYkuayuflUlw/y8vajoMW3DM=
Subject key identifier: 2F:43:DA:C8:15:F0:D5:AB:F8:01:A8:CD:72:67:70:DB:E7:1E:18:8E
Certificate issuer: /CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Certificate serial: 0198BEE9198E6A9DAF9F203A33C6E7867DC0
Authority key identifier: 42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/L0PayBXw1av4AajNcmdw2-ceGI4.roa
Signing time: Mon 18 Aug 2025 20:40:04 +0000
ROA not before: Mon 18 Aug 2025 20:40:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29386
IP address blocks: 5.0.128.0/21 maxlen: 21
5.0.136.0/21 maxlen: 21
5.0.144.0/21 maxlen: 21
5.0.152.0/21 maxlen: 21
5.0.160.0/21 maxlen: 21
5.0.168.0/21 maxlen: 21
5.0.176.0/21 maxlen: 21
5.0.184.0/21 maxlen: 21
5.155.128.0/21 maxlen: 21
5.155.136.0/21 maxlen: 21
5.155.144.0/21 maxlen: 21
5.155.152.0/21 maxlen: 21
5.155.160.0/21 maxlen: 21
5.155.168.0/21 maxlen: 21
5.155.176.0/21 maxlen: 21
5.155.184.0/21 maxlen: 21
5.155.192.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.mft
rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:be:e9:19:8e:6a:9d:af:9f:20:3a:33:c6:e7:86:7d:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4283696716dbcc360b9a62ef7d84b4d28f958bdd
Validity
Not Before: Aug 18 20:40:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2f43dac815f0d5abf801a8cd726770dbe71e188e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:b1:3f:e8:fa:91:e5:bc:8c:21:f9:81:28:59:
56:95:f0:cd:86:5a:f6:f4:f1:63:77:3f:70:38:b4:
a6:d4:92:90:92:58:95:2c:b6:b3:20:79:64:2a:84:
e4:06:99:2c:74:cb:c5:5b:4a:15:78:ff:76:f3:f8:
12:05:a9:4b:95:6a:f8:bc:24:a5:b7:24:2a:b9:53:
91:c2:7e:05:4b:1e:d2:27:a9:b1:15:aa:be:41:44:
77:59:b1:60:6b:85:e9:a1:98:f5:85:e2:10:c6:fe:
d0:26:ca:b6:6a:66:28:c7:34:20:14:72:02:7b:cf:
07:54:1d:42:cf:31:3e:90:6d:3a:55:18:33:5d:b0:
9a:f1:2c:38:0a:60:fc:6b:0f:92:30:bd:80:a8:26:
91:e9:17:49:83:0d:0a:32:aa:14:4f:6c:c2:2d:1f:
fb:c3:bf:d9:45:b5:5c:d0:ae:40:4f:53:bb:e4:3a:
11:b0:83:d1:70:a0:29:b6:45:3a:7a:dc:a2:8f:bb:
06:6f:ed:cf:dd:f0:7a:67:a0:58:b4:70:0e:05:4f:
d8:74:b4:38:ac:d4:62:f1:7b:99:95:7a:5f:ca:96:
84:3f:ec:ca:ff:a8:ea:b7:32:ff:e4:76:0e:2d:49:
aa:7c:8b:ee:7f:72:cc:5c:a2:e0:dd:4c:b3:f3:1d:
a7:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:43:DA:C8:15:F0:D5:AB:F8:01:A8:CD:72:67:70:DB:E7:1E:18:8E
X509v3 Authority Key Identifier:
keyid:42:83:69:67:16:DB:CC:36:0B:9A:62:EF:7D:84:B4:D2:8F:95:8B:DD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/QoNpZxbbzDYLmmLvfYS00o-Vi90.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/L0PayBXw1av4AajNcmdw2-ceGI4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/5442ce-48bc-4164-9350-9240d9f75ae6/1/QoNpZxbbzDYLmmLvfYS00o-Vi90.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.0.128.0/18
5.155.128.0-5.155.223.255
Signature Algorithm: sha256WithRSAEncryption
93:e4:87:ef:65:23:87:85:bd:9b:65:ef:10:1b:f5:cb:7c:0b:
da:c6:00:b5:14:a3:cf:38:4e:0e:c6:2e:1b:76:cb:64:5a:9f:
4d:e1:86:d1:44:68:7b:36:36:0f:96:f7:e1:95:b4:27:95:1d:
37:10:d9:3b:07:7f:b1:d7:10:d2:3d:3c:4a:b8:b5:67:57:22:
a1:aa:97:b0:e0:31:61:3f:bb:7c:9e:e7:f0:68:16:cf:a9:f2:
b1:3d:7a:32:57:04:28:76:a2:a1:11:a1:33:ef:a7:84:ab:6d:
6f:fe:93:f0:8e:c9:12:7d:e2:ca:5c:4b:fd:c8:17:99:bf:2d:
b7:5b:4c:f5:3d:18:49:69:b5:aa:0f:6a:85:5b:3b:63:c5:a3:
23:74:ab:17:85:b3:cf:75:3e:fe:5e:03:1f:3d:83:67:f4:f4:
22:03:96:8f:4a:b2:a8:63:92:c6:8b:07:7b:ce:8a:75:bd:bc:
0b:43:c7:c5:32:ec:2c:d5:9d:23:21:a3:04:c0:8a:e4:d8:b0:
f8:b2:3b:a3:1a:55:66:8a:8e:aa:34:fd:ac:c6:4a:a0:56:57:
66:a0:13:18:58:01:4a:3e:91:40:c3:6b:34:c5:d4:82:7f:2d:
02:24:25:ab:21:86:f2:50:e8:ce:0d:f5:09:fe:52:c9:e2:95:
01:31:44:95
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZi+6RmOap2vnyA6M8bnhn3AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQyODM2OTY3MTZkYmNjMzYwYjlhNjJlZjdkODRiNGQyOGY5
NThiZGQwHhcNMjUwODE4MjA0MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZjQzZGFjODE1ZjBkNWFiZjgwMWE4Y2Q3MjY3NzBkYmU3MWUxODhlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrE/6PqR5byMIfmBKFlWlfDNhlr2
9PFjdz9wOLSm1JKQkliVLLazIHlkKoTkBpksdMvFW0oVeP928/gSBalLlWr4vCSl
tyQquVORwn4FSx7SJ6mxFaq+QUR3WbFga4XpoZj1heIQxv7QJsq2amYoxzQgFHIC
e88HVB1CzzE+kG06VRgzXbCa8Sw4CmD8aw+SML2AqCaR6RdJgw0KMqoUT2zCLR/7
w7/ZRbVc0K5AT1O75DoRsIPRcKAptkU6etyij7sGb+3P3fB6Z6BYtHAOBU/YdLQ4
rNRi8XuZlXpfypaEP+zK/6jqtzL/5HYOLUmqfIvuf3LMXKLg3Uyz8x2nkQIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFC9D2sgV8NWr+AGozXJncNvnHhiOMB8GA1UdIwQY
MBaAFEKDaWcW28w2C5pi732EtNKPlYvdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAt
OTI0MGQ5Zjc1YWU2LzEvTDBQYXlCWHcxYXY0QWFqTmNtZHcyLWNlR0k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS81NDQyY2UtNDhiYy00MTY0LTkzNTAtOTI0MGQ5Zjc1YWU2
LzEvUW9OcFp4YmJ6RFlMbW1MdmZZUzAwby1WaTkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQGBQCAMAwD
BAcFm4ADBAUFm8AwDQYJKoZIhvcNAQELBQADggEBAJPkh+9lI4eFvZtl7xAb9ct8
C9rGALUUo884Tg7GLht2y2Ran03hhtFEaHs2Ng+W9+GVtCeVHTcQ2TsHf7HXENI9
PEq4tWdXIqGql7DgMWE/u3ye5/BoFs+p8rE9ejJXBCh2oqERoTPvp4SrbW/+k/CO
yRJ94spcS/3IF5m/LbdbTPU9GElptaoPaoVbO2PFoyN0qxeFs891Pv5eAx89g2f0
9CIDlo9KsqhjksaLB3vOinW9vAtDx8Uy7CzVnSMhowTAiuTYsPiyO6MaVWaKjqo0
/azGSqBWV2agExhYAUo+kUDDazTF1IJ/LQIkJashhvJQ6M4N9Qn+UsnilQExRJU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 22:37:33 2025 by rpki-client