Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/l_MO4A28e3KwyEtD0kV3A-0v5u4.roa
File: l_MO4A28e3KwyEtD0kV3A-0v5u4.roa (raw, json)
Hash identifier: buDn7u/my6bNBUxqeeeHIFjDgNfsjb+RHjTj8TDteJM=
Subject key identifier: 97:F3:0E:E0:0D:BC:7B:72:B0:C8:4B:43:D2:45:77:03:ED:2F:E6:EE
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 019843C2EE9B81149981AF0B3D467EA1B660
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/l_MO4A28e3KwyEtD0kV3A-0v5u4.roa
Signing time: Fri 25 Jul 2025 22:45:05 +0000
ROA not before: Fri 25 Jul 2025 22:45:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2914
IP address blocks: 5.182.28.0/22 maxlen: 22
45.67.117.0/24 maxlen: 24
91.242.70.0/24 maxlen: 24
91.242.73.0/24 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.105.0/24 maxlen: 24
91.242.126.0/24 maxlen: 24
176.126.223.0/24 maxlen: 24
185.180.145.0/24 maxlen: 24
194.50.200.0/24 maxlen: 24
194.50.201.0/24 maxlen: 24
194.180.238.0/24 maxlen: 24
195.138.103.0/24 maxlen: 24
195.138.104.0/22 maxlen: 24
195.138.107.0/24 maxlen: 24
195.138.111.0/24 maxlen: 24
195.138.114.0/24 maxlen: 24
195.138.116.0/24 maxlen: 24
195.138.118.0/24 maxlen: 24
195.138.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:43:c2:ee:9b:81:14:99:81:af:0b:3d:46:7e:a1:b6:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Jul 25 22:45:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=97f30ee00dbc7b72b0c84b43d2457703ed2fe6ee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:81:be:6e:c2:0d:1c:03:30:89:b1:57:d8:dc:
c6:5d:dc:d3:a1:46:7d:02:9d:a1:48:57:b5:df:73:
75:da:35:7f:fb:34:64:77:f7:cb:9f:fc:2c:1d:df:
aa:7e:9a:dc:ea:00:75:6e:91:77:fd:b0:e3:25:99:
68:a9:6b:aa:d3:ce:13:f3:3e:e8:e3:79:26:3c:86:
6b:da:74:bc:43:51:3e:f4:74:a3:14:04:2b:08:47:
2a:65:ee:51:21:1d:73:a2:8a:3e:8c:ef:56:21:db:
a8:31:66:d9:41:fb:44:b9:ee:b0:0c:72:e9:aa:05:
18:b5:10:f7:54:3a:5d:10:01:e0:d5:1e:4a:59:c9:
1e:02:75:b2:3d:ec:b3:0b:fe:ca:7d:72:22:8a:ae:
f8:f1:af:3c:6a:d0:0a:23:9f:e7:fd:4d:97:f9:da:
a2:52:c7:a7:1a:5a:c9:c2:56:59:95:27:0e:69:22:
e1:51:e8:ab:cd:8f:83:54:65:4f:e4:0e:36:11:a7:
2a:8f:a3:f3:cf:40:d9:0e:ba:24:97:a7:cc:fe:a8:
37:b1:1d:55:d1:01:fb:b1:8e:dd:4b:3d:09:8f:ca:
42:36:17:f6:44:53:1e:ca:c4:34:54:18:95:c8:cc:
5e:24:6e:e1:9c:93:6f:32:e1:cf:fd:0c:65:1a:0d:
f0:2b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:F3:0E:E0:0D:BC:7B:72:B0:C8:4B:43:D2:45:77:03:ED:2F:E6:EE
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/l_MO4A28e3KwyEtD0kV3A-0v5u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.28.0/22
45.67.117.0/24
91.242.70.0/24
91.242.73.0-91.242.74.255
91.242.105.0/24
91.242.126.0/24
176.126.223.0/24
185.180.145.0/24
194.50.200.0/23
194.180.238.0/24
195.138.103.0-195.138.107.255
195.138.111.0/24
195.138.114.0/24
195.138.116.0/24
195.138.118.0/24
195.138.120.0/24
Signature Algorithm: sha256WithRSAEncryption
6a:85:e9:18:79:9b:92:76:dc:2f:cf:c2:a7:ad:dd:78:59:b9:
04:3e:0c:32:0c:8f:b3:64:d9:2c:36:67:80:a3:ab:72:cf:fd:
59:a2:da:0e:95:5e:20:e2:6e:ec:36:a1:1e:ea:97:76:c9:2a:
8b:b7:76:20:91:4a:04:b0:73:a2:1a:99:c5:35:d9:5f:9c:03:
95:ff:d9:95:cd:45:4f:e9:24:b3:cd:78:4d:55:90:19:b2:aa:
29:1d:dd:0a:a7:a4:6b:fa:16:80:69:f9:43:79:6c:b7:80:72:
e8:63:aa:53:fd:c0:c0:cc:8b:90:af:f2:73:4d:7b:c3:b5:12:
e1:38:2b:63:d6:15:3b:62:d2:0e:5a:03:af:8e:68:7f:79:c3:
05:b8:ba:e9:e6:6f:bd:38:9d:30:09:fe:b4:fa:af:78:46:8d:
db:bc:b4:2e:17:73:27:9f:fe:6c:94:e9:47:fc:47:83:4c:53:
80:f6:3d:94:d0:1a:30:22:fa:bc:30:2b:84:98:1c:65:6e:55:
64:5d:4e:d1:41:86:6c:21:af:86:13:ce:03:60:64:be:eb:a3:
60:9d:41:72:50:f3:46:07:9f:7a:9e:c6:76:77:76:58:04:2a:
9d:26:fe:50:96:ba:b8:a2:f6:76:87:3d:b3:e0:52:98:1f:60:
4b:dc:b6:b3
-----BEGIN CERTIFICATE-----
MIIFaDCCBFCgAwIBAgISAZhDwu6bgRSZga8LPUZ+obZgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwNzI1MjI0NTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5N2YzMGVlMDBkYmM3YjcyYjBjODRiNDNkMjQ1NzcwM2VkMmZlNmVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl4G+bsINHAMwibFX2NzGXdzToUZ9
Ap2hSFe133N12jV/+zRkd/fLn/wsHd+qfprc6gB1bpF3/bDjJZloqWuq084T8z7o
43kmPIZr2nS8Q1E+9HSjFAQrCEcqZe5RIR1zooo+jO9WIduoMWbZQftEue6wDHLp
qgUYtRD3VDpdEAHg1R5KWckeAnWyPeyzC/7KfXIiiq748a88atAKI5/n/U2X+dqi
UsenGlrJwlZZlScOaSLhUeirzY+DVGVP5A42Eacqj6Pzz0DZDrokl6fM/qg3sR1V
0QH7sY7dSz0Jj8pCNhf2RFMeysQ0VBiVyMxeJG7hnJNvMuHP/QxlGg3wKwIDAQAB
o4ICdDCCAnAwHQYDVR0OBBYEFJfzDuANvHtysMhLQ9JFdwPtL+buMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvbF9NTzRBMjhlM0t3eUV0RDBrVjNBLTB2NXU0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGJBggrBgEFBQcBBwEB/wR6MHgwdgQCAAEwcAMEAgW2HAME
AC1DdQMEAFvyRjAMAwQAW/JJAwQAW/JKAwQAW/JpAwQAW/J+AwQAsH7fAwQAubSR
AwQBwjLIAwQAwrTuMAwDBADDimcDBALDimgDBADDim8DBADDinIDBADDinQDBADD
inYDBADDingwDQYJKoZIhvcNAQELBQADggEBAGqF6Rh5m5J23C/Pwqet3XhZuQQ+
DDIMj7Nk2Sw2Z4Cjq3LP/Vmi2g6VXiDibuw2oR7ql3bJKou3diCRSgSwc6IamcU1
2V+cA5X/2ZXNRU/pJLPNeE1VkBmyqikd3QqnpGv6FoBp+UN5bLeAcuhjqlP9wMDM
i5Cv8nNNe8O1EuE4K2PWFTti0g5aA6+OaH95wwW4uunmb704nTAJ/rT6r3hGjdu8
tC4Xcyef/myU6Uf8R4NMU4D2PZTQGjAi+rwwK4SYHGVuVWRdTtFBhmwhr4YTzgNg
ZL7ro2CdQXJQ80YHn3qexnZ3dlgEKp0m/lCWurii9naHPbPgUpgfYEvctrM=
-----END CERTIFICATE-----
Generated at Mon Aug 4 15:27:42 2025 by rpki-client