Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S_kzP-h3pBK0Ph8jPbEjVjiiUDI.roa
File: S_kzP-h3pBK0Ph8jPbEjVjiiUDI.roa (raw, json)
Hash identifier: nQI0Bkp1pSs/pTFdbWDwAmH+fbnwBA3GIDq+VInnC48=
Subject key identifier: 4B:F9:33:3F:E8:77:A4:12:B4:3E:1F:23:3D:B1:23:56:38:A2:50:32
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019760F1A2E1D5AEE8C9BE9198FB83658E4A
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S_kzP-h3pBK0Ph8jPbEjVjiiUDI.roa
Signing time: Wed 11 Jun 2025 21:42:18 +0000
ROA not before: Wed 11 Jun 2025 21:42:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209874
IP address blocks: 5.83.150.0/24 maxlen: 24
5.175.237.0/24 maxlen: 24
5.175.239.0/24 maxlen: 24
5.231.25.0/24 maxlen: 24
5.231.82.0/24 maxlen: 24
5.231.96.0/24 maxlen: 24
77.90.39.0/24 maxlen: 24
94.103.167.0/24 maxlen: 24
94.249.150.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:60:f1:a2:e1:d5:ae:e8:c9:be:91:98:fb:83:65:8e:4a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Jun 11 21:42:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4bf9333fe877a412b43e1f233db1235638a25032
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:c1:9e:c3:a8:99:9d:1d:60:fe:17:c0:94:29:
31:10:0b:99:6f:84:05:f1:a4:dc:ed:1f:29:6c:aa:
08:d7:38:0d:94:f0:3b:ab:13:e5:f7:0d:f4:98:90:
68:39:9a:7e:81:93:98:59:9b:c2:e9:7a:22:50:24:
43:f3:76:16:84:5d:68:b2:e9:bb:6a:d8:a0:43:82:
c0:67:a3:bb:e3:88:49:78:89:e1:64:7a:8d:0d:5c:
d9:57:87:2f:9f:b9:e3:37:78:3c:8e:0b:07:f8:2b:
da:95:95:31:b9:f8:13:b1:88:52:12:e2:5d:06:8e:
59:42:e3:54:1d:eb:27:52:23:9d:a4:21:6b:04:fc:
95:fa:fd:7e:04:cc:ec:ea:57:b7:e6:5f:4f:de:03:
e5:d5:d4:7c:7c:2c:08:7f:e5:58:11:b8:93:1d:49:
3c:f5:88:62:40:2f:7f:85:26:47:cd:69:1c:21:d3:
46:5a:df:c3:17:a4:9a:8c:1e:97:0a:3f:60:71:84:
c7:92:48:8d:ea:f5:aa:40:85:d9:d9:79:e5:e4:59:
7c:59:5c:03:b5:97:75:ea:e0:ac:50:ca:a5:70:c4:
7c:64:e5:44:df:9b:07:fd:0a:0c:1b:eb:72:1d:61:
10:29:af:fc:c4:ba:17:32:d0:6f:4e:72:80:7d:d1:
22:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:F9:33:3F:E8:77:A4:12:B4:3E:1F:23:3D:B1:23:56:38:A2:50:32
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/S_kzP-h3pBK0Ph8jPbEjVjiiUDI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.150.0/24
5.175.237.0/24
5.175.239.0/24
5.231.25.0/24
5.231.82.0/24
5.231.96.0/24
77.90.39.0/24
94.103.167.0/24
94.249.150.0/24
Signature Algorithm: sha256WithRSAEncryption
df:01:f1:a2:9b:e6:9b:97:1d:c0:d3:8a:ff:14:0c:6b:63:81:
3e:40:71:f9:ac:1d:af:ca:df:7e:3a:28:5f:6f:3c:4d:49:e2:
d7:5e:c9:0c:6b:17:47:5f:cc:fb:ad:d6:9b:33:18:79:f1:fc:
7c:5e:88:7b:09:84:3f:31:59:37:91:53:e3:d6:43:44:15:85:
f2:7a:d9:06:24:10:72:24:de:26:f3:f2:a1:df:3a:40:2d:00:
65:b5:3a:55:62:1f:59:04:df:bd:5e:11:14:2e:88:e7:ad:27:
da:31:8c:55:24:fd:5e:e7:81:72:97:6f:8a:d2:7a:30:c2:9f:
b2:d5:ff:40:ad:f4:48:e2:59:6b:26:f2:13:a7:3c:a4:26:e2:
9f:8a:11:f0:2f:0b:2d:fc:3a:48:86:69:e6:f7:c7:d9:4b:73:
70:ca:ff:eb:d0:9e:cc:5d:de:c3:c8:52:87:c6:ed:71:f1:21:
81:b7:f6:77:e8:e5:78:ac:0d:e9:d1:0e:5b:2e:25:47:c6:6f:
6a:40:e5:c8:77:be:76:38:82:3e:88:ef:5a:b5:95:9d:24:3d:
0d:47:ac:5b:6e:08:f3:82:b5:68:c0:3d:67:6c:47:81:a8:f2:
1c:50:75:10:ac:f1:1a:20:99:93:7e:7d:9a:95:b8:1d:a8:18:
75:d3:ca:c5
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZdg8aLh1a7oyb6RmPuDZY5KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwNjExMjE0MjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YmY5MzMzZmU4NzdhNDEyYjQzZTFmMjMzZGIxMjM1NjM4YTI1MDMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApcGew6iZnR1g/hfAlCkxEAuZb4QF
8aTc7R8pbKoI1zgNlPA7qxPl9w30mJBoOZp+gZOYWZvC6XoiUCRD83YWhF1osum7
atigQ4LAZ6O744hJeInhZHqNDVzZV4cvn7njN3g8jgsH+CvalZUxufgTsYhSEuJd
Bo5ZQuNUHesnUiOdpCFrBPyV+v1+BMzs6le35l9P3gPl1dR8fCwIf+VYEbiTHUk8
9YhiQC9/hSZHzWkcIdNGWt/DF6SajB6XCj9gcYTHkkiN6vWqQIXZ2Xnl5Fl8WVwD
tZd16uCsUMqlcMR8ZOVE35sH/QoMG+tyHWEQKa/8xLoXMtBvTnKAfdEi4wIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFEv5Mz/od6QStD4fIz2xI1Y4olAyMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvU19relAtaDNwQkswUGg4alBiRWpWamlpVURJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQABVOWAwQA
Ba/tAwQABa/vAwQABecZAwQABedSAwQABedgAwQATVonAwQAXmenAwQAXvmWMA0G
CSqGSIb3DQEBCwUAA4IBAQDfAfGim+ablx3A04r/FAxrY4E+QHH5rB2vyt9+Oihf
bzxNSeLXXskMaxdHX8z7rdabMxh58fx8Xoh7CYQ/MVk3kVPj1kNEFYXyetkGJBBy
JN4m8/Kh3zpALQBltTpVYh9ZBN+9XhEULojnrSfaMYxVJP1e54Fyl2+K0nowwp+y
1f9ArfRI4llrJvITpzykJuKfihHwLwst/DpIhmnm98fZS3Nwyv/r0J7MXd7DyFKH
xu1x8SGBt/Z36OV4rA3p0Q5bLiVHxm9qQOXId752OII+iO9atZWdJD0NR6xbbgjz
grVowD1nbEeBqPIcUHUQrPEaIJmTfn2albgdqBh108rF
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:27:49 2025 by rpki-client