Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cn600CZhrDyLAywBkDi3gtzJ3oY.roa
File: cn600CZhrDyLAywBkDi3gtzJ3oY.roa (raw, json)
Hash identifier: fg8iL9wl0j8BKF8pSDiPWZxZ9VgboR5xcH8K3KPZHZk=
Subject key identifier: 72:7E:B4:D0:26:61:AC:3C:8B:03:2C:01:90:38:B7:82:DC:C9:DE:86
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019A36206466D677B0CA0FBA36C4EE32D48C
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cn600CZhrDyLAywBkDi3gtzJ3oY.roa
Signing time: Thu 30 Oct 2025 17:18:03 +0000
ROA not before: Thu 30 Oct 2025 17:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 5.83.153.0/24 maxlen: 24
5.175.195.0/24 maxlen: 24
5.175.214.0/24 maxlen: 24
94.249.232.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 09:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:36:20:64:66:d6:77:b0:ca:0f:ba:36:c4:ee:32:d4:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 30 17:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=727eb4d02661ac3c8b032c019038b782dcc9de86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:0c:a9:3e:63:9e:b0:f6:59:e0:2f:c7:ed:d6:
12:69:af:8d:c6:ac:aa:aa:02:4a:06:9d:84:75:99:
f3:91:4f:56:29:0c:88:0a:66:d3:08:b3:e0:55:4e:
a3:19:da:fe:9b:1e:63:a5:ea:a8:fd:82:b9:7e:ef:
b9:fd:13:fc:19:75:5b:5e:21:b5:b9:56:4d:e6:59:
c2:eb:bc:0a:5e:86:c7:42:a2:60:29:69:fc:03:6e:
ec:ae:62:b5:d2:4e:b9:1b:5d:6f:71:e1:0a:7b:72:
a1:6a:d1:2c:a1:ea:b6:1f:d4:35:76:d6:f4:ca:e6:
e1:28:6f:12:d2:fe:2f:35:af:56:53:fd:d4:ad:ae:
97:03:87:31:77:75:7e:fc:a8:fe:e8:ee:91:24:ff:
8f:54:0b:85:cd:65:09:4b:09:9a:43:33:c5:dc:d3:
fe:f7:09:f2:a4:0c:5b:af:55:b1:66:9f:a3:0d:15:
5d:d0:95:1f:e7:a7:4b:1d:7f:1f:06:75:c9:40:17:
d0:c4:16:ae:2b:58:55:fd:c7:c5:89:2d:1a:d4:47:
39:40:07:5d:20:6c:73:dd:e4:2f:53:be:12:c2:e2:
4a:fa:94:05:2a:6a:ef:4f:bb:58:09:a9:ae:f0:7b:
71:1a:f4:db:1d:ce:8d:bb:10:d6:b0:f0:bc:91:5e:
e1:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
72:7E:B4:D0:26:61:AC:3C:8B:03:2C:01:90:38:B7:82:DC:C9:DE:86
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/cn600CZhrDyLAywBkDi3gtzJ3oY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.153.0/24
5.175.195.0/24
5.175.214.0/24
94.249.232.0/24
Signature Algorithm: sha256WithRSAEncryption
91:34:8d:22:f6:41:6a:ac:eb:b9:05:a6:04:db:79:ed:21:85:
5f:35:20:0d:a8:bb:b3:0f:0c:c4:90:98:fe:4b:c5:f1:41:31:
a3:03:cc:fb:55:78:1e:f7:a3:67:ac:16:6c:9b:a0:05:f1:28:
37:89:ae:b8:9e:db:12:a1:e1:5c:05:cb:6b:96:fa:a2:e3:92:
37:13:2b:08:a8:3d:b1:04:54:f2:b6:5d:a0:ea:a3:f7:78:06:
b1:d5:ad:81:6d:21:c2:e9:93:6f:6c:aa:7c:11:1c:94:5d:b0:
84:52:16:b5:f9:19:5f:85:df:bc:12:76:8f:89:d5:9b:b8:c4:
0d:a9:e2:16:9f:10:58:98:4a:de:6e:0a:d3:6d:74:26:8b:21:
8e:4e:6f:c0:23:2c:41:69:27:3e:6b:93:af:ac:6d:98:fe:c7:
05:e3:0c:7a:19:b6:5d:af:ce:1a:76:2a:28:c7:fe:b6:33:38:
c7:0c:0e:46:39:d1:0b:54:d5:aa:65:84:cd:1b:51:64:e9:42:
e6:2e:d2:46:e3:02:e8:e0:86:e7:e9:90:97:4d:8d:6a:46:6d:
2f:7d:66:2c:86:b0:e0:d7:7a:7b:f3:9c:eb:34:3c:19:26:08:
6e:ad:c3:8a:28:de:b3:1e:c3:cb:6a:ab:31:7d:a5:6c:6f:d3:
8c:d0:28:9b
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZo2IGRm1newyg+6NsTuMtSMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDMwMTcxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MjdlYjRkMDI2NjFhYzNjOGIwMzJjMDE5MDM4Yjc4MmRjYzlkZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4QypPmOesPZZ4C/H7dYSaa+Nxqyq
qgJKBp2EdZnzkU9WKQyICmbTCLPgVU6jGdr+mx5jpeqo/YK5fu+5/RP8GXVbXiG1
uVZN5lnC67wKXobHQqJgKWn8A27srmK10k65G11vceEKe3KhatEsoeq2H9Q1dtb0
yubhKG8S0v4vNa9WU/3Ura6XA4cxd3V+/Kj+6O6RJP+PVAuFzWUJSwmaQzPF3NP+
9wnypAxbr1WxZp+jDRVd0JUf56dLHX8fBnXJQBfQxBauK1hV/cfFiS0a1Ec5QAdd
IGxz3eQvU74SwuJK+pQFKmrvT7tYCamu8HtxGvTbHc6NuxDWsPC8kV7hgwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHJ+tNAmYaw8iwMsAZA4t4Lcyd6GMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvY242MDBDWmhyRHlMQXl3QmtEaTNndHpKM29ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQABVOZAwQA
Ba/DAwQABa/WAwQAXvnoMA0GCSqGSIb3DQEBCwUAA4IBAQCRNI0i9kFqrOu5BaYE
23ntIYVfNSANqLuzDwzEkJj+S8XxQTGjA8z7VXge96NnrBZsm6AF8Sg3ia64ntsS
oeFcBctrlvqi45I3EysIqD2xBFTytl2g6qP3eAax1a2BbSHC6ZNvbKp8ERyUXbCE
Uha1+Rlfhd+8EnaPidWbuMQNqeIWnxBYmErebgrTbXQmiyGOTm/AIyxBaSc+a5Ov
rG2Y/scF4wx6GbZdr84adioox/62MzjHDA5GOdELVNWqZYTNG1Fk6ULmLtJG4wLo
4Ibn6ZCXTY1qRm0vfWYshrDg13p785zrNDwZJghurcOKKN6zHsPLaqsxfaVsb9OM
0Cib
-----END CERTIFICATE-----
Generated at Tue Nov 4 18:28:08 2025 by rpki-client