Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/5B2v-t9G6c4XLHchTlmKyr_cKIc.roa
File: 5B2v-t9G6c4XLHchTlmKyr_cKIc.roa (raw, json)
Hash identifier: TNnzqom3GkwHYObP+jkKUQTCGEpJ+jMjRi9PWCmkNiY=
Subject key identifier: E4:1D:AF:FA:DF:46:E9:CE:17:2C:77:21:4E:59:8A:CA:BF:DC:28:87
Certificate issuer: /CN=618cc46d71e7848978488961d7b51aba1541f3c4
Certificate serial: 0198952C4AB2EF8B0660CAD8EA007181A1CA
Authority key identifier: 61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/5B2v-t9G6c4XLHchTlmKyr_cKIc.roa
Signing time: Sun 10 Aug 2025 18:09:24 +0000
ROA not before: Sun 10 Aug 2025 18:09:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.184.0.0/21 maxlen: 24
89.184.8.0/23 maxlen: 23
89.184.10.0/23 maxlen: 23
89.184.12.0/23 maxlen: 23
89.184.14.0/23 maxlen: 23
89.184.16.0/21 maxlen: 24
89.184.16.0/22 maxlen: 24
89.184.24.0/21 maxlen: 24
89.184.30.0/24 maxlen: 24
89.184.31.0/24 maxlen: 24
193.222.251.0/24 maxlen: 24
193.223.69.0/24 maxlen: 24
193.223.103.0/24 maxlen: 24
193.223.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:95:2c:4a:b2:ef:8b:06:60:ca:d8:ea:00:71:81:a1:ca
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618cc46d71e7848978488961d7b51aba1541f3c4
Validity
Not Before: Aug 10 18:09:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e41daffadf46e9ce172c77214e598acabfdc2887
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:a4:c5:f1:26:10:31:ca:88:1a:c7:f9:ad:1e:
bc:53:27:63:e5:50:99:43:ae:26:74:7b:59:44:8f:
29:e8:2a:8e:d7:7e:5a:df:b5:fb:06:bd:9f:09:19:
07:9d:63:fb:70:c2:0a:f6:70:7f:08:14:fc:00:fd:
9c:a9:aa:f9:5a:d8:ab:94:91:fe:e8:7a:d9:bf:40:
c4:5a:02:3e:6b:cb:08:8f:2e:da:92:e2:5e:d6:b2:
58:ec:8b:c2:b6:36:b4:98:57:81:47:b2:cd:10:a4:
7e:98:44:c7:f1:0a:9a:fd:0a:cb:c1:15:1c:63:3b:
e0:d0:d2:92:d1:b2:04:88:b1:3d:28:26:fe:5e:02:
23:a1:80:f9:d7:1a:4c:87:de:f1:60:12:33:f0:6c:
b5:13:16:bb:a5:75:0e:27:4e:ea:19:0b:ec:7b:03:
62:42:f2:3c:bb:c2:03:b5:21:af:e1:a1:86:ec:21:
f3:f5:e1:5a:6c:98:95:88:e5:d6:b5:48:68:17:f2:
d3:1a:fc:3a:b9:52:76:26:26:8a:6e:95:cf:36:92:
f4:d1:a3:1e:9d:e6:36:77:68:b3:ae:ec:e2:8e:61:
08:98:2e:8c:cc:6b:01:b5:14:25:d8:02:a3:1d:5a:
b6:38:2b:1b:9c:fb:15:74:fd:88:01:46:e7:ee:a6:
a9:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E4:1D:AF:FA:DF:46:E9:CE:17:2C:77:21:4E:59:8A:CA:BF:DC:28:87
X509v3 Authority Key Identifier:
keyid:61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/5B2v-t9G6c4XLHchTlmKyr_cKIc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.0.0/19
193.222.251.0/24
193.223.69.0/24
193.223.103.0/24
193.223.108.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:69:4d:72:a7:5a:8e:5f:db:b3:33:02:6c:b0:11:0b:1a:30:
8c:15:4e:e5:cf:1c:e4:a5:40:b4:51:be:b5:08:02:3a:bd:81:
c0:e3:07:10:1e:e3:01:e4:36:ac:5c:cd:06:8e:af:05:29:b8:
e7:8c:8a:70:29:74:f3:a4:50:ba:1a:d2:6c:de:f2:a1:18:c9:
77:de:e8:c8:41:0b:af:ae:68:fa:e8:cc:ff:8c:3a:c0:69:6e:
72:b6:8b:10:25:f4:2b:54:b0:26:91:61:68:36:c9:a5:68:d5:
dd:d1:d5:3a:cb:15:4f:4c:7b:bc:56:c7:08:a1:61:6d:9a:bf:
09:1b:58:95:0b:d8:4b:1c:bc:94:bf:59:3c:66:a9:98:fb:e7:
1d:ef:c2:e4:a0:ad:89:c9:91:61:85:fd:ab:30:7e:70:87:ce:
92:d3:f7:a6:91:4e:43:e7:0d:d0:d7:b6:f4:13:da:65:93:50:
55:69:74:44:12:b8:6d:94:de:d6:13:7b:a3:d8:e4:24:00:75:
9c:f8:9f:ad:d3:80:40:49:8a:29:2d:c6:50:c4:5f:e2:ad:45:
a3:b5:3d:91:85:d8:b2:36:6d:40:f7:c0:d9:77:6d:a6:90:3f:
60:cd:ed:1d:40:bd:2c:a0:96:a5:87:a3:dd:cf:51:17:84:fb:
f7:7f:95:25
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZiVLEqy74sGYMrY6gBxgaHKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOGNjNDZkNzFlNzg0ODk3ODQ4ODk2MWQ3YjUxYWJhMTU0
MWYzYzQwHhcNMjUwODEwMTgwOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNDFkYWZmYWRmNDZlOWNlMTcyYzc3MjE0ZTU5OGFjYWJmZGMyODg3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2qTF8SYQMcqIGsf5rR68Uydj5VCZ
Q64mdHtZRI8p6CqO135a37X7Br2fCRkHnWP7cMIK9nB/CBT8AP2cqar5WtirlJH+
6HrZv0DEWgI+a8sIjy7akuJe1rJY7IvCtja0mFeBR7LNEKR+mETH8Qqa/QrLwRUc
Yzvg0NKS0bIEiLE9KCb+XgIjoYD51xpMh97xYBIz8Gy1Exa7pXUOJ07qGQvsewNi
QvI8u8IDtSGv4aGG7CHz9eFabJiViOXWtUhoF/LTGvw6uVJ2JiaKbpXPNpL00aMe
neY2d2izruzijmEImC6MzGsBtRQl2AKjHVq2OCsbnPsVdP2IAUbn7qap6QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFOQdr/rfRunOFyx3IU5Zisq/3CiHMB8GA1UdIwQY
MBaAFGGMxG1x54SJeEiJYde1GroVQfPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTIt
NGVmMTljY2M1N2QwLzEvNUIydi10OUc2YzRYTEhjaFRsbUt5cl9jS0ljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTItNGVmMTljY2M1N2Qw
LzEvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFWbgAAwQA
wd77AwQAwd9FAwQAwd9nAwQAwd9sMA0GCSqGSIb3DQEBCwUAA4IBAQCxaU1yp1qO
X9uzMwJssBELGjCMFU7lzxzkpUC0Ub61CAI6vYHA4wcQHuMB5DasXM0Gjq8FKbjn
jIpwKXTzpFC6GtJs3vKhGMl33ujIQQuvrmj66Mz/jDrAaW5ytosQJfQrVLAmkWFo
NsmlaNXd0dU6yxVPTHu8VscIoWFtmr8JG1iVC9hLHLyUv1k8ZqmY++cd78LkoK2J
yZFhhf2rMH5wh86S0/emkU5D5w3Q17b0E9plk1BVaXREErhtlN7WE3uj2OQkAHWc
+J+t04BASYopLcZQxF/irUWjtT2RhdiyNm1A98DZd22mkD9gze0dQL0soJalh6Pd
z1EXhPv3f5Ul
-----END CERTIFICATE-----
Generated at Sun Aug 24 01:30:28 2025 by rpki-client