Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/S5KO8C6dpLpIBB9rsyHHcn-4u_I.roa
File: S5KO8C6dpLpIBB9rsyHHcn-4u_I.roa (raw, json)
Hash identifier: GnxbHhgk1bq/0XdOXrBEvFBmYvy78byA1Jqa/a7A7bI=
Subject key identifier: 4B:92:8E:F0:2E:9D:A4:BA:48:04:1F:6B:B3:21:C7:72:7F:B8:BB:F2
Certificate issuer: /CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Certificate serial: 0198A3C39C597E27EE9F44F1A7DD4FFFF00B
Authority key identifier: 7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/S5KO8C6dpLpIBB9rsyHHcn-4u_I.roa
Signing time: Wed 13 Aug 2025 14:09:22 +0000
ROA not before: Wed 13 Aug 2025 14:09:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15723
IP address blocks: 5.178.4.0/22 maxlen: 22
5.178.4.0/24 maxlen: 24
5.178.5.0/24 maxlen: 24
5.178.6.0/24 maxlen: 24
5.178.7.0/24 maxlen: 24
5.178.9.0/24 maxlen: 24
5.178.10.0/24 maxlen: 24
5.178.11.0/24 maxlen: 24
5.178.12.0/22 maxlen: 22
5.178.12.0/24 maxlen: 24
5.178.13.0/24 maxlen: 24
5.178.14.0/24 maxlen: 24
5.178.15.0/24 maxlen: 24
46.23.100.0/22 maxlen: 22
46.23.100.0/24 maxlen: 24
46.23.101.0/24 maxlen: 24
46.23.102.0/24 maxlen: 24
46.23.103.0/24 maxlen: 24
62.217.128.0/19 maxlen: 19
62.217.128.0/24 maxlen: 24
62.217.129.0/24 maxlen: 24
62.217.130.0/24 maxlen: 24
62.217.131.0/24 maxlen: 24
62.217.132.0/24 maxlen: 24
62.217.133.0/24 maxlen: 24
62.217.134.0/24 maxlen: 24
62.217.135.0/24 maxlen: 24
62.217.136.0/24 maxlen: 24
62.217.137.0/24 maxlen: 24
62.217.138.0/24 maxlen: 24
62.217.139.0/24 maxlen: 24
62.217.140.0/24 maxlen: 24
62.217.141.0/24 maxlen: 24
62.217.142.0/24 maxlen: 24
62.217.143.0/24 maxlen: 24
62.217.144.0/24 maxlen: 24
62.217.145.0/24 maxlen: 24
62.217.146.0/24 maxlen: 24
62.217.147.0/24 maxlen: 24
62.217.148.0/24 maxlen: 24
62.217.149.0/24 maxlen: 24
62.217.150.0/24 maxlen: 24
62.217.151.0/24 maxlen: 24
62.217.152.0/24 maxlen: 24
62.217.153.0/24 maxlen: 24
62.217.154.0/24 maxlen: 24
62.217.155.0/24 maxlen: 24
62.217.156.0/24 maxlen: 24
62.217.157.0/24 maxlen: 24
62.217.158.0/24 maxlen: 24
62.217.159.0/24 maxlen: 24
88.151.199.0/24 maxlen: 24
109.205.208.0/24 maxlen: 24
185.81.217.0/24 maxlen: 24
185.81.219.0/24 maxlen: 24
188.64.8.0/22 maxlen: 22
188.64.8.0/24 maxlen: 24
188.64.9.0/24 maxlen: 24
188.64.10.0/24 maxlen: 24
188.64.11.0/24 maxlen: 24
188.64.12.0/22 maxlen: 22
188.64.12.0/24 maxlen: 24
188.64.13.0/24 maxlen: 24
188.64.14.0/24 maxlen: 24
188.64.15.0/24 maxlen: 24
2a00:48c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:c3:9c:59:7e:27:ee:9f:44:f1:a7:dd:4f:ff:f0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d06a42bb2446e51f192ea375bdf7eec5a51c77f
Validity
Not Before: Aug 13 14:09:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b928ef02e9da4ba48041f6bb321c7727fb8bbf2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:bb:9e:89:05:db:d8:b2:e3:b1:e5:7a:70:af:
25:b8:53:2c:bc:66:6d:b6:f1:ce:2e:4b:2b:dc:e4:
8b:5c:68:91:1e:74:e3:77:94:c6:85:68:6c:a2:e1:
99:00:b4:a8:52:41:34:7b:17:69:a9:bf:b1:ef:33:
f8:5c:21:4a:bc:5f:0f:e4:91:0d:19:33:2a:6d:6a:
1b:cb:32:ac:f1:f7:6a:1d:15:a2:e1:bb:bf:2c:58:
ae:fa:dd:a4:a7:d1:3c:41:6c:eb:fc:7d:69:8e:ac:
46:ce:f1:e1:1a:5d:77:5f:17:71:e6:7c:f9:f5:f4:
7b:2d:d6:8f:0e:ad:8d:4c:7d:94:c0:ae:06:cf:7e:
38:83:2f:72:40:ba:d8:32:df:6c:9b:fe:5b:55:98:
4c:ca:cc:6d:6b:f8:10:51:28:58:15:06:5c:51:76:
8c:d1:17:aa:3a:e3:dd:9e:cc:0c:6a:55:33:5b:72:
ef:0c:d2:ac:16:38:46:47:e3:68:98:da:08:70:02:
39:fd:94:b0:f8:00:9a:4d:e1:c4:56:92:59:82:6c:
24:ff:b8:6b:06:74:db:27:7a:8f:7a:a6:e6:11:9d:
28:8c:dd:78:49:55:7d:52:ed:5a:62:a9:33:6f:dc:
53:5b:b6:42:cf:fb:5e:0f:77:42:a6:ff:c3:fe:ab:
fa:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:92:8E:F0:2E:9D:A4:BA:48:04:1F:6B:B3:21:C7:72:7F:B8:BB:F2
X509v3 Authority Key Identifier:
keyid:7D:06:A4:2B:B2:44:6E:51:F1:92:EA:37:5B:DF:7E:EC:5A:51:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fQakK7JEblHxkuo3W99-7FpRx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/S5KO8C6dpLpIBB9rsyHHcn-4u_I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ec/78002a-4fc0-4dbf-8585-2cf806b2d0f2/1/fQakK7JEblHxkuo3W99-7FpRx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.178.4.0/22
5.178.9.0-5.178.15.255
46.23.100.0/22
62.217.128.0/19
88.151.199.0/24
109.205.208.0/24
185.81.217.0/24
185.81.219.0/24
188.64.8.0/21
IPv6:
2a00:48c0::/32
Signature Algorithm: sha256WithRSAEncryption
35:68:f0:8d:88:52:40:02:f8:cf:39:d5:09:87:a1:7b:f2:dc:
81:49:44:2e:6f:d2:95:1c:dc:ca:34:63:09:e7:cc:9b:26:70:
41:32:85:81:a9:e6:51:f4:52:5b:f8:ca:6a:94:44:86:6d:99:
d8:a1:1f:a8:73:a9:f3:83:b2:6d:2e:dc:dd:ce:a2:81:27:55:
1b:83:97:ba:9e:0b:eb:24:dc:28:76:40:9b:f3:73:eb:d1:b4:
1d:0a:ad:88:e8:9b:76:a0:68:25:61:d6:01:73:e0:d0:dc:53:
ca:92:81:4d:81:84:a5:40:b0:68:57:16:3b:d0:ff:c3:4a:b6:
c9:87:ae:0b:27:2a:43:cb:15:78:29:57:aa:31:73:21:27:88:
c5:83:3b:82:61:da:8e:2c:16:66:9e:43:ce:21:7d:83:b2:0e:
27:dc:56:47:24:1d:b3:50:db:b1:80:b6:7a:4f:7d:04:2b:7d:
ab:29:b6:73:a1:06:52:1b:25:f8:ea:c9:2e:8e:2f:3a:5f:6b:
a5:a5:df:17:6f:1e:7c:5e:1c:df:d7:19:36:6b:da:37:80:1e:
7e:17:2d:b0:0c:59:57:dc:bd:c1:8c:dc:d0:a7:76:64:ff:b4:
28:cf:fb:af:41:5e:b6:69:f3:75:ca:0d:af:bc:f4:f5:e3:9f:
d3:d5:95:b1
-----BEGIN CERTIFICATE-----
MIIFRDCCBCygAwIBAgISAZijw5xZfifun0Txp91P//ALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkMDZhNDJiYjI0NDZlNTFmMTkyZWEzNzViZGY3ZWVjNWE1
MWM3N2YwHhcNMjUwODEzMTQwOTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YjkyOGVmMDJlOWRhNGJhNDgwNDFmNmJiMzIxYzc3MjdmYjhiYmYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqrueiQXb2LLjseV6cK8luFMsvGZt
tvHOLksr3OSLXGiRHnTjd5TGhWhsouGZALSoUkE0exdpqb+x7zP4XCFKvF8P5JEN
GTMqbWobyzKs8fdqHRWi4bu/LFiu+t2kp9E8QWzr/H1pjqxGzvHhGl13Xxdx5nz5
9fR7LdaPDq2NTH2UwK4Gz344gy9yQLrYMt9sm/5bVZhMysxta/gQUShYFQZcUXaM
0ReqOuPdnswMalUzW3LvDNKsFjhGR+NomNoIcAI5/ZSw+ACaTeHEVpJZgmwk/7hr
BnTbJ3qPeqbmEZ0ojN14SVV9Uu1aYqkzb9xTW7ZCz/teD3dCpv/D/qv6YwIDAQAB
o4ICUDCCAkwwHQYDVR0OBBYEFEuSjvAunaS6SAQfa7Mhx3J/uLvyMB8GA1UdIwQY
MBaAFH0GpCuyRG5R8ZLqN1vffuxaUcd/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUt
MmNmODA2YjJkMGYyLzEvUzVLTzhDNmRwTHBJQkI5cnN5SEhjbi00dV9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lYy83ODAwMmEtNGZjMC00ZGJmLTg1ODUtMmNmODA2YjJkMGYy
LzEvZlFha0s3SkVibEh4a3VvM1c5OS03RnBSeDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGYGCCsGAQUFBwEHAQH/BFcwVTBEBAIAATA+AwQCBbIEMAwD
BAAFsgkDBAQFsgADBAIuF2QDBAU+2YADBABYl8cDBABtzdADBAC5UdkDBAC5UdsD
BAO8QAgwDQQCAAIwBwMFACoASMAwDQYJKoZIhvcNAQELBQADggEBADVo8I2IUkAC
+M851QmHoXvy3IFJRC5v0pUc3Mo0YwnnzJsmcEEyhYGp5lH0Ulv4ymqURIZtmdih
H6hzqfODsm0u3N3OooEnVRuDl7qeC+sk3Ch2QJvzc+vRtB0KrYjom3agaCVh1gFz
4NDcU8qSgU2BhKVAsGhXFjvQ/8NKtsmHrgsnKkPLFXgpV6oxcyEniMWDO4Jh2o4s
FmaeQ84hfYOyDifcVkckHbNQ27GAtnpPfQQrfasptnOhBlIbJfjqyS6OLzpfa6Wl
3xdvHnxeHN/XGTZr2jeAHn4XLbAMWVfcvcGM3NCndmT/tCjP+69BXrZp83XKDa+8
9PXjn9PVlbE=
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:10:43 2025 by rpki-client