Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/sVrrx7Gb6G_sdn54MxoyBR_u608.roa
File: sVrrx7Gb6G_sdn54MxoyBR_u608.roa (raw, json)
Hash identifier: Sbr60qsN8yQbzcCC6Kt2PxQJcdbQqg3HyfgkwV+9h+0=
Subject key identifier: B1:5A:EB:C7:B1:9B:E8:6F:EC:76:7E:78:33:1A:32:05:1F:EE:EB:4F
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 01975E3F536CAAA5E484BE1184DC93895BBE
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/sVrrx7Gb6G_sdn54MxoyBR_u608.roa
Signing time: Wed 11 Jun 2025 09:08:17 +0000
ROA not before: Wed 11 Jun 2025 09:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28964
IP address blocks: 5.172.32.0/24 maxlen: 24
89.23.64.0/24 maxlen: 24
89.23.73.0/24 maxlen: 24
89.23.91.0/24 maxlen: 24
89.23.95.0/24 maxlen: 24
109.111.241.0/24 maxlen: 24
109.111.242.0/24 maxlen: 24
109.111.251.0/24 maxlen: 24
109.111.255.0/24 maxlen: 24
178.254.160.0/23 maxlen: 23
178.254.162.0/24 maxlen: 24
178.254.164.0/24 maxlen: 24
178.254.166.0/24 maxlen: 24
178.254.167.0/24 maxlen: 24
178.254.173.0/24 maxlen: 24
178.254.174.0/24 maxlen: 24
178.254.178.0/24 maxlen: 24
178.254.185.0/24 maxlen: 24
185.157.45.0/24 maxlen: 24
185.157.46.0/24 maxlen: 24
185.157.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 22:19:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:3f:53:6c:aa:a5:e4:84:be:11:84:dc:93:89:5b:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Jun 11 09:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b15aebc7b19be86fec767e78331a32051feeeb4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:5b:c0:7b:4a:00:38:2d:1e:12:5a:6e:6b:1f:
c5:43:95:90:d0:78:29:45:68:b9:05:1b:fc:07:0b:
90:34:1f:6b:69:15:16:01:75:57:af:e4:b9:73:d0:
db:8e:31:60:a4:31:18:31:2a:9b:08:b8:1c:88:d1:
21:aa:70:e1:1d:b0:98:76:5d:43:d7:f4:6d:4a:06:
22:16:0b:10:fc:94:8d:fb:ba:bc:9d:d5:8b:4e:2b:
7e:e6:9c:08:ce:18:6f:ef:dc:49:14:6d:63:6e:7c:
d8:f2:2e:02:20:3d:a3:38:6d:9e:1c:54:19:7c:95:
4e:c3:79:72:d3:98:a1:30:8e:89:94:b5:08:6b:cf:
03:84:be:f2:23:7a:99:45:37:48:0b:f8:7f:8b:c6:
bc:c5:3b:6f:c1:e8:eb:8c:30:01:91:7d:a8:08:c7:
d5:f2:d5:6a:86:4f:6a:e9:8d:a4:bb:82:cf:64:93:
55:83:ab:25:fe:f6:b7:90:74:de:1e:7e:f5:4d:4c:
86:65:74:ea:54:3e:7b:05:52:35:92:b1:8a:07:ff:
f8:1d:0c:dd:d3:a9:4b:6d:5e:70:7e:96:41:6d:0c:
02:64:96:d0:28:8d:a1:6d:f9:4c:31:e3:b0:5d:f3:
ba:cc:50:4d:75:e0:f0:8e:94:70:76:1a:4f:24:b7:
07:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B1:5A:EB:C7:B1:9B:E8:6F:EC:76:7E:78:33:1A:32:05:1F:EE:EB:4F
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/sVrrx7Gb6G_sdn54MxoyBR_u608.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.32.0/24
89.23.64.0/24
89.23.73.0/24
89.23.91.0/24
89.23.95.0/24
109.111.241.0-109.111.242.255
109.111.251.0/24
109.111.255.0/24
178.254.160.0-178.254.162.255
178.254.164.0/24
178.254.166.0/23
178.254.173.0-178.254.174.255
178.254.178.0/24
178.254.185.0/24
185.157.45.0-185.157.47.255
Signature Algorithm: sha256WithRSAEncryption
6b:58:5d:41:ab:d3:eb:86:d9:b8:f1:ed:a3:b5:63:c2:64:ee:
90:07:07:51:10:60:e4:10:f1:71:d3:8f:da:49:29:b8:56:69:
25:25:c9:03:96:af:ba:17:a9:76:89:ec:94:d2:75:e2:25:a2:
82:40:92:fd:de:73:e0:cc:31:58:49:4d:3f:5f:9d:0f:49:05:
2c:9b:20:22:b6:6e:14:8f:02:46:ae:07:0f:d2:95:22:c3:b4:
1c:1e:4d:da:9e:4f:34:92:53:04:19:42:25:65:bf:2f:6d:df:
1b:e7:b2:43:4d:cb:5d:82:42:95:d5:c9:df:4f:61:e4:75:6c:
42:a0:ba:d8:65:ec:ec:70:3f:3d:96:ad:27:73:cf:c9:d7:8d:
63:5d:ba:3a:f1:9d:8d:65:27:d7:c4:71:1e:97:5f:47:24:fe:
db:dd:1f:e0:a1:c1:93:84:c3:b4:ad:42:38:e7:c1:c7:d2:bd:
7d:ef:a1:3b:44:b3:6f:46:0f:a9:f1:a5:40:60:3e:ca:7f:98:
85:ee:0b:00:fa:99:47:da:82:fd:10:04:27:fb:1b:4e:74:49:
60:5b:46:bd:06:1c:52:87:47:e4:fb:c7:b9:97:99:b1:a1:c8:
54:42:41:1e:2f:64:24:b0:be:10:41:0f:39:b6:c0:23:58:39:
76:4d:e6:e2
-----BEGIN CERTIFICATE-----
MIIFdTCCBF2gAwIBAgISAZdeP1NsqqXkhL4RhNyTiVu+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwNjExMDkwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMTVhZWJjN2IxOWJlODZmZWM3NjdlNzgzMzFhMzIwNTFmZWVlYjRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq1vAe0oAOC0eElpuax/FQ5WQ0Hgp
RWi5BRv8BwuQNB9raRUWAXVXr+S5c9DbjjFgpDEYMSqbCLgciNEhqnDhHbCYdl1D
1/RtSgYiFgsQ/JSN+7q8ndWLTit+5pwIzhhv79xJFG1jbnzY8i4CID2jOG2eHFQZ
fJVOw3ly05ihMI6JlLUIa88DhL7yI3qZRTdIC/h/i8a8xTtvwejrjDABkX2oCMfV
8tVqhk9q6Y2ku4LPZJNVg6sl/va3kHTeHn71TUyGZXTqVD57BVI1krGKB//4HQzd
06lLbV5wfpZBbQwCZJbQKI2hbflMMeOwXfO6zFBNdeDwjpRwdhpPJLcHFQIDAQAB
o4ICgTCCAn0wHQYDVR0OBBYEFLFa68exm+hv7HZ+eDMaMgUf7utPMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvc1Zycng3R2I2R19zZG41NE14b3lCUl91NjA4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGWBggrBgEFBQcBBwEB/wSBhjCBgzCBgAQCAAEwegMEAAWs
IAMEAFkXQAMEAFkXSQMEAFkXWwMEAFkXXzAMAwQAbW/xAwQAbW/yAwQAbW/7AwQA
bW//MAwDBAWy/qADBACy/qIDBACy/qQDBAGy/qYwDAMEALL+rQMEALL+rgMEALL+
sgMEALL+uTAMAwQAuZ0tAwQEuZ0gMA0GCSqGSIb3DQEBCwUAA4IBAQBrWF1Bq9Pr
htm48e2jtWPCZO6QBwdREGDkEPFx04/aSSm4VmklJckDlq+6F6l2ieyU0nXiJaKC
QJL93nPgzDFYSU0/X50PSQUsmyAitm4UjwJGrgcP0pUiw7QcHk3ank80klMEGUIl
Zb8vbd8b57JDTctdgkKV1cnfT2HkdWxCoLrYZezscD89lq0nc8/J141jXbo68Z2N
ZSfXxHEel19HJP7b3R/gocGThMO0rUI458HH0r1976E7RLNvRg+p8aVAYD7Kf5iF
7gsA+plH2oL9EAQn+xtOdElgW0a9BhxSh0fk+8e5l5mxochUQkEeL2QksL4QQQ85
tsAjWDl2Tebi
-----END CERTIFICATE-----
Generated at Sun Jun 15 08:48:26 2025 by rpki-client