Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-n3O5tM-TwgnJSDKOwZN0LS3QVM.roa
File: 1-n3O5tM-TwgnJSDKOwZN0LS3QVM.roa (raw, json)
Hash identifier: ym3ORJ588isN/mkzSrCCtd6kKz6gqgBX0fwO58x+BvE=
Subject key identifier: FA:7D:CE:E6:D3:3E:4F:08:27:25:20:CA:3B:06:4D:D0:B4:B7:41:53
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 01985EA81226A8605ECBB26A1ABAA4F5D302
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-n3O5tM-TwgnJSDKOwZN0LS3QVM.roa
Signing time: Thu 31 Jul 2025 04:05:29 +0000
ROA not before: Thu 31 Jul 2025 04:05:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 5.175.216.0/24 maxlen: 24
5.231.71.0/24 maxlen: 24
5.231.74.0/24 maxlen: 24
5.231.92.0/24 maxlen: 24
5.231.107.0/24 maxlen: 24
5.231.109.0/24 maxlen: 24
5.231.116.0/24 maxlen: 24
5.231.253.0/24 maxlen: 24
94.249.190.0/24 maxlen: 24
94.249.195.0/24 maxlen: 24
94.249.230.0/24 maxlen: 24
94.249.238.0/24 maxlen: 24
94.249.239.0/24 maxlen: 24
94.249.245.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 11:35:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5e:a8:12:26:a8:60:5e:cb:b2:6a:1a:ba:a4:f5:d3:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jul 31 04:05:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fa7dcee6d33e4f08272520ca3b064dd0b4b74153
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:71:f1:92:72:48:5b:8b:5d:46:60:a9:27:96:
83:8f:4c:b4:d1:5e:e5:ec:26:d1:45:2b:d8:d2:50:
45:4b:50:fa:ca:db:95:ac:fc:3e:48:02:2b:b8:5e:
a9:08:55:a6:85:6d:58:54:c0:db:da:d1:cc:d7:37:
c8:d7:3f:1a:5b:81:9c:d1:bb:19:c1:3b:54:a0:eb:
80:57:21:2b:66:73:9b:a0:da:29:0c:db:89:82:ae:
4d:fd:18:42:27:ba:93:11:b4:d6:f3:e8:91:ff:cd:
8d:89:96:75:c3:9f:5b:19:86:b0:f1:1f:ab:b9:a2:
f5:35:d1:df:38:cf:1e:e4:6c:ea:dd:8f:88:3e:fe:
88:e0:a0:da:55:e6:2e:86:c6:ca:75:ec:62:e0:4e:
0f:7e:71:fd:cf:5c:df:21:99:94:28:ca:9a:85:0d:
d1:05:cd:1a:c0:36:42:31:f9:a5:3a:cc:b4:24:ac:
8c:af:66:f4:ed:81:62:8a:6b:2f:1b:41:eb:82:8f:
a7:a3:6f:3d:be:71:e7:32:97:e5:ce:70:1e:35:e5:
38:a6:29:18:52:7c:d4:fe:29:6d:0c:8d:42:52:b2:
c0:6b:66:02:aa:f9:c7:36:89:9d:53:aa:0a:ea:c1:
d7:76:a0:a6:9e:37:4b:03:86:81:d8:c7:87:a9:5b:
d7:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:7D:CE:E6:D3:3E:4F:08:27:25:20:CA:3B:06:4D:D0:B4:B7:41:53
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/1-n3O5tM-TwgnJSDKOwZN0LS3QVM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.175.216.0/24
5.231.71.0/24
5.231.74.0/24
5.231.92.0/24
5.231.107.0/24
5.231.109.0/24
5.231.116.0/24
5.231.253.0/24
94.249.190.0/24
94.249.195.0/24
94.249.230.0/24
94.249.238.0/23
94.249.245.0/24
Signature Algorithm: sha256WithRSAEncryption
e5:d9:f1:6a:cb:ef:c0:51:ea:d3:fd:df:d8:4c:69:05:ab:a5:
b6:37:b4:58:26:a8:a3:6c:d8:23:73:43:05:56:35:09:1f:71:
84:2b:42:81:dc:48:46:ba:18:f5:68:26:04:53:cf:f3:94:01:
24:4c:45:91:b0:d9:f7:44:64:44:6d:9b:30:b7:e0:ab:78:c5:
f2:96:19:1b:03:70:2d:70:14:89:e6:b9:0a:08:c5:71:40:33:
eb:7f:ab:17:7e:07:bc:28:1e:f5:3f:af:85:ae:81:cf:1d:27:
52:d9:7e:d2:3a:91:2c:3a:53:d4:f6:5d:8a:a1:90:ad:f0:81:
28:05:f3:f5:16:2a:53:bb:94:dc:ba:15:53:6f:ee:2d:83:bd:
3c:c1:fd:c7:18:b0:8e:02:65:dc:77:fa:e4:14:06:2d:bf:02:
70:17:6c:e8:9d:27:37:cf:97:0b:ae:99:19:b2:bb:94:de:55:
e3:15:55:9a:4f:86:5d:72:ff:7b:22:9a:14:f6:29:b1:fb:5a:
bb:45:10:81:16:3e:d5:76:08:b7:31:48:7b:54:ec:47:d0:33:
7c:79:ef:72:39:a6:53:31:3f:df:5a:fc:f7:6a:76:22:64:bf:
7a:ee:1c:85:49:1e:b2:f4:f9:49:82:0f:ef:39:23:84:eb:0e:
90:95:b3:87
-----BEGIN CERTIFICATE-----
MIIFRjCCBC6gAwIBAgISAZheqBImqGBey7JqGrqk9dMCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNzMxMDQwNTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYTdkY2VlNmQzM2U0ZjA4MjcyNTIwY2EzYjA2NGRkMGI0Yjc0MTUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwnHxknJIW4tdRmCpJ5aDj0y00V7l
7CbRRSvY0lBFS1D6ytuVrPw+SAIruF6pCFWmhW1YVMDb2tHM1zfI1z8aW4Gc0bsZ
wTtUoOuAVyErZnOboNopDNuJgq5N/RhCJ7qTEbTW8+iR/82NiZZ1w59bGYaw8R+r
uaL1NdHfOM8e5Gzq3Y+IPv6I4KDaVeYuhsbKdexi4E4PfnH9z1zfIZmUKMqahQ3R
Bc0awDZCMfmlOsy0JKyMr2b07YFiimsvG0Hrgo+no289vnHnMpflznAeNeU4pikY
UnzU/iltDI1CUrLAa2YCqvnHNomdU6oK6sHXdqCmnjdLA4aB2MeHqVvX1wIDAQAB
o4ICUjCCAk4wHQYDVR0OBBYEFPp9zubTPk8IJyUgyjsGTdC0t0FTMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvMS1uM081dE0tVHdnbkpTREtPd1pOMExTM1FWTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMTAvOTY1ODM3LTUyY2ItNDZiNC1hZWRiLWUxYmQ4OGQzZmQw
Ny8xL1BtQ1hhWWFHNFZWZlVmYklnN3hhV0ZTYkkySS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjBnBggrBgEFBQcBBwEB/wRYMFYwVAQCAAEwTgMEAAWv2AME
AAXnRwMEAAXnSgMEAAXnXAMEAAXnawMEAAXnbQMEAAXndAMEAAXn/QMEAF75vgME
AF75wwMEAF755gMEAV757gMEAF759TANBgkqhkiG9w0BAQsFAAOCAQEA5dnxasvv
wFHq0/3f2ExpBaultje0WCaoo2zYI3NDBVY1CR9xhCtCgdxIRroY9WgmBFPP85QB
JExFkbDZ90RkRG2bMLfgq3jF8pYZGwNwLXAUiea5CgjFcUAz63+rF34HvCge9T+v
ha6Bzx0nUtl+0jqRLDpT1PZdiqGQrfCBKAXz9RYqU7uU3LoVU2/uLYO9PMH9xxiw
jgJl3Hf65BQGLb8CcBds6J0nN8+XC66ZGbK7lN5V4xVVmk+GXXL/eyKaFPYpsfta
u0UQgRY+1XYItzFIe1TsR9AzfHnvcjmmUzE/31r892p2ImS/eu4chUkesvT5SYIP
7zkjhOsOkJWzhw==
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:29:40 2025 by rpki-client