Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/s2xgB0QZNfvYfrzPXniiWg5dZ-Y.roa
File: s2xgB0QZNfvYfrzPXniiWg5dZ-Y.roa (raw, json)
Hash identifier: 1ZGnvQoHhGiZQXVXIspZQC9bqK3oL+/dGUTtVlwc37s=
Subject key identifier: B3:6C:60:07:44:19:35:FB:D8:7E:BC:CF:5E:78:A2:5A:0E:5D:67:E6
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019873435759DBEEC8BA1DE09B7F70E939E7
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/s2xgB0QZNfvYfrzPXniiWg5dZ-Y.roa
Signing time: Mon 04 Aug 2025 04:07:29 +0000
ROA not before: Mon 04 Aug 2025 04:07:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207252
IP address blocks: 5.83.152.0/24 maxlen: 24
5.231.29.0/24 maxlen: 24
77.90.12.0/24 maxlen: 24
77.90.42.0/24 maxlen: 24
85.93.8.0/24 maxlen: 24
185.119.16.0/22 maxlen: 24
185.119.16.0/24 maxlen: 24
185.119.17.0/24 maxlen: 24
185.119.18.0/24 maxlen: 24
185.119.19.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:73:43:57:59:db:ee:c8:ba:1d:e0:9b:7f:70:e9:39:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Aug 4 04:07:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b36c6007441935fbd87ebccf5e78a25a0e5d67e6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:a5:20:a9:65:72:ef:35:49:5b:73:cb:39:49:
bd:87:46:6b:f1:40:81:94:d1:8d:84:25:12:ec:2e:
7c:e8:7a:76:e8:86:5f:7e:d5:06:0b:57:d0:9f:22:
73:34:11:ea:b6:c7:01:20:0a:09:87:48:12:3a:8e:
76:3d:71:49:0a:e2:71:2e:f1:71:5f:0c:83:4c:15:
4e:5e:ba:ec:b7:44:d0:f6:07:b0:1d:f6:0a:ab:2d:
a1:62:93:db:80:e6:ac:29:bb:07:e6:5a:35:65:d4:
6f:ab:e2:6a:d4:f8:58:d7:24:83:50:40:a5:de:b6:
85:d9:f4:cc:2b:cb:ba:e0:87:0a:7f:f4:60:f5:e0:
5f:d3:f0:15:ff:8c:76:d3:39:35:8c:d5:b0:07:8b:
65:d4:67:5e:90:0e:51:ae:9a:f1:9d:28:2f:18:ff:
ed:9b:06:fb:fc:b2:06:23:55:79:72:9a:e5:c5:37:
a0:f5:2f:31:2a:33:e4:43:32:9b:a3:75:93:81:0d:
a0:05:46:83:d6:a0:37:8e:ea:38:8f:9e:53:7e:31:
09:a3:72:cb:10:9e:e7:b6:f0:67:a6:c4:9c:b7:97:
ec:38:0a:4f:e3:df:78:b4:50:13:21:1e:60:2d:25:
78:86:68:4c:fa:36:9c:47:ae:af:62:83:91:52:fb:
5a:a7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:6C:60:07:44:19:35:FB:D8:7E:BC:CF:5E:78:A2:5A:0E:5D:67:E6
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/s2xgB0QZNfvYfrzPXniiWg5dZ-Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.152.0/24
5.231.29.0/24
77.90.12.0/24
77.90.42.0/24
85.93.8.0/24
185.119.16.0/22
Signature Algorithm: sha256WithRSAEncryption
61:d9:37:ef:c8:a9:ad:e4:4d:d7:d2:a0:6f:b0:a1:38:ee:07:
86:f0:fc:eb:ed:73:1b:46:bb:21:e4:9b:20:4d:a6:bd:0b:5f:
94:17:65:2f:3f:ad:bd:34:7f:54:b8:81:61:03:60:fa:79:15:
1c:6c:70:c2:bc:9a:59:ee:3b:14:2c:a0:97:5e:b1:47:24:cc:
12:0f:84:37:f4:b9:3c:9e:91:06:b1:0c:a0:8a:75:af:0d:83:
63:25:95:63:2f:82:d1:45:9b:2f:bb:d2:fd:88:e3:bf:0d:c9:
bf:70:54:5a:0a:b8:d7:32:74:17:9c:fc:a0:84:dc:50:87:79:
4d:7e:27:17:64:ed:21:01:7c:af:8b:73:29:5d:0e:cc:c1:90:
b6:fd:6e:4b:85:07:01:b7:3b:2b:12:c3:56:bc:35:48:03:b6:
8b:33:49:b0:51:99:9e:c2:31:48:ea:4e:d1:91:1f:7c:cb:fc:
98:5a:e8:1e:1a:80:d1:7a:d7:4b:ce:82:20:bb:e3:a3:67:12:
f1:31:b7:15:59:d3:76:4f:05:be:44:b4:e1:95:1e:d5:cf:34:
60:9c:9e:f4:b1:62:39:6e:bd:33:e6:08:ff:78:59:49:b5:ef:
3e:23:cc:a0:d9:d5:93:b7:dd:08:e2:cd:da:86:ac:75:89:05:
41:ed:90:14
-----BEGIN CERTIFICATE-----
MIIFGzCCBAOgAwIBAgISAZhzQ1dZ2+7Iuh3gm39w6TnnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwODA0MDQwNzI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzZjNjAwNzQ0MTkzNWZiZDg3ZWJjY2Y1ZTc4YTI1YTBlNWQ2N2U2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1KUgqWVy7zVJW3PLOUm9h0Zr8UCB
lNGNhCUS7C586Hp26IZfftUGC1fQnyJzNBHqtscBIAoJh0gSOo52PXFJCuJxLvFx
XwyDTBVOXrrst0TQ9gewHfYKqy2hYpPbgOasKbsH5lo1ZdRvq+Jq1PhY1ySDUECl
3raF2fTMK8u64IcKf/Rg9eBf0/AV/4x20zk1jNWwB4tl1GdekA5RrprxnSgvGP/t
mwb7/LIGI1V5cprlxTeg9S8xKjPkQzKbo3WTgQ2gBUaD1qA3juo4j55TfjEJo3LL
EJ7ntvBnpsSct5fsOApP4994tFATIR5gLSV4hmhM+jacR66vYoORUvtapwIDAQAB
o4ICJzCCAiMwHQYDVR0OBBYEFLNsYAdEGTX72H68z154oloOXWfmMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvczJ4Z0IwUVpOZnZZZnJ6UFhuaWlXZzVkWi1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD0GCCsGAQUFBwEHAQH/BC4wLDAqBAIAATAkAwQABVOYAwQA
BecdAwQATVoMAwQATVoqAwQAVV0IAwQCuXcQMA0GCSqGSIb3DQEBCwUAA4IBAQBh
2TfvyKmt5E3X0qBvsKE47geG8Pzr7XMbRrsh5JsgTaa9C1+UF2UvP629NH9UuIFh
A2D6eRUcbHDCvJpZ7jsULKCXXrFHJMwSD4Q39Lk8npEGsQyginWvDYNjJZVjL4LR
RZsvu9L9iOO/Dcm/cFRaCrjXMnQXnPyghNxQh3lNficXZO0hAXyvi3MpXQ7MwZC2
/W5LhQcBtzsrEsNWvDVIA7aLM0mwUZmewjFI6k7RkR98y/yYWugeGoDRetdLzoIg
u+OjZxLxMbcVWdN2TwW+RLThlR7VzzRgnJ70sWI5br0z5gj/eFlJte8+I8yg2dWT
t90I4s3ahqx1iQVB7ZAU
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:44:05 2025 by rpki-client