Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/W_LcH2rarIjndbdlJP8dn2zg91I.roa
File: W_LcH2rarIjndbdlJP8dn2zg91I.roa (raw, json)
Hash identifier: ABTtDVp9Hfq4kC7VPzIn0vf/HFoFzUVcLY2Iv5yLp7M=
Subject key identifier: 5B:F2:DC:1F:6A:DA:AC:88:E7:75:B7:65:24:FF:1D:9F:6C:E0:F7:52
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 019888E6340E5DECAC3D597B8AB3F3890EB8
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/W_LcH2rarIjndbdlJP8dn2zg91I.roa
Signing time: Fri 08 Aug 2025 08:57:24 +0000
ROA not before: Fri 08 Aug 2025 08:57:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 201589
IP address blocks: 5.101.36.0/24 maxlen: 24
5.101.37.0/24 maxlen: 24
5.101.38.0/24 maxlen: 24
5.101.39.0/24 maxlen: 24
5.101.71.0/24 maxlen: 24
31.184.232.0/24 maxlen: 24
31.184.233.0/24 maxlen: 24
31.184.234.0/24 maxlen: 24
31.184.235.0/24 maxlen: 24
185.238.152.0/24 maxlen: 24
185.238.155.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 16 Aug 2025 10:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:88:e6:34:0e:5d:ec:ac:3d:59:7b:8a:b3:f3:89:0e:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: Aug 8 08:57:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bf2dc1f6adaac88e775b76524ff1d9f6ce0f752
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:bc:ca:74:ad:0d:c9:0b:05:d2:75:84:a6:61:
90:9a:96:eb:67:73:87:9c:4b:c4:f3:de:58:3f:94:
a5:ca:9e:ff:ce:59:fc:d6:be:ad:d7:48:1b:12:2e:
72:07:39:06:d8:22:3c:44:8e:4c:73:0a:41:01:3e:
9a:8f:d9:1e:bc:4c:55:05:08:06:19:33:7e:ea:73:
a0:ec:14:a9:7d:69:17:ed:48:d5:78:5d:26:8c:6a:
ec:63:4c:20:e4:ec:21:f2:4f:9d:e8:a4:e6:f0:34:
19:29:f6:97:4c:a1:24:62:6b:b7:39:34:94:87:0c:
cf:80:14:bd:da:20:78:9b:a5:ed:e6:55:51:60:ae:
6c:50:1e:83:ed:83:da:57:96:61:6e:e3:d9:51:92:
39:d7:90:2d:a5:28:25:13:dc:84:81:a4:05:f7:92:
af:9e:2a:cf:7c:e4:cc:56:14:0e:9b:10:cd:3d:2c:
e2:aa:13:16:9b:f7:af:cb:15:89:0e:53:6c:7f:86:
e2:66:50:21:5a:75:1c:9e:86:ba:9d:6a:bb:24:b1:
20:a4:a0:ad:b9:0d:84:87:f5:19:62:dc:26:58:54:
cf:a5:fe:99:8d:5d:fd:24:81:a8:58:f3:56:10:08:
be:6f:80:e8:d5:86:a3:20:83:65:01:57:19:6d:f3:
75:19
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:F2:DC:1F:6A:DA:AC:88:E7:75:B7:65:24:FF:1D:9F:6C:E0:F7:52
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/W_LcH2rarIjndbdlJP8dn2zg91I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.36.0/22
5.101.71.0/24
31.184.232.0/22
185.238.152.0/24
185.238.155.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:89:2e:a3:77:60:81:f5:43:f8:d2:16:79:8f:67:9b:80:f5:
30:c1:9c:79:f6:cb:62:20:dd:f8:50:14:76:2c:8c:bd:fa:f7:
72:4a:50:95:7c:41:7e:1d:a7:db:4b:83:ad:13:6d:4c:b7:c3:
c9:01:65:16:c5:eb:5d:77:cc:31:66:28:f6:0f:a1:d0:d4:83:
7a:33:88:a3:d9:23:2d:d0:91:76:59:23:65:87:c8:3a:3f:43:
2b:8d:c3:65:dc:7a:f0:5c:1e:f8:7f:6d:93:98:08:28:7b:4f:
f1:46:d2:2f:c8:b9:c3:04:19:ee:38:72:9b:56:59:3b:a2:a2:
f5:eb:41:72:4d:0b:1f:e8:6f:5b:d6:75:b5:84:2a:15:6a:cd:
ea:ae:f1:e0:96:81:19:17:07:3b:db:02:f3:8f:5e:4a:1d:58:
aa:b1:6e:50:05:b8:d2:c2:bb:7c:ac:86:a0:87:15:57:08:1d:
d5:33:5c:df:f2:af:94:c4:1a:eb:97:09:00:36:bb:1a:8e:6e:
cb:0b:d5:ca:44:da:2f:c6:91:5f:27:f0:6b:b1:23:6d:5d:d0:
dd:62:06:06:aa:2d:42:14:2e:10:1a:12:90:41:82:aa:87:08:
40:17:c6:83:08:b7:f2:0e:66:a2:89:5c:3c:84:cc:fd:22:c4:
fb:45:32:ca
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZiI5jQOXeysPVl7irPziQ64MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjUwODA4MDg1NzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmYyZGMxZjZhZGFhYzg4ZTc3NWI3NjUyNGZmMWQ5ZjZjZTBmNzUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwrzKdK0NyQsF0nWEpmGQmpbrZ3OH
nEvE895YP5Slyp7/zln81r6t10gbEi5yBzkG2CI8RI5McwpBAT6aj9kevExVBQgG
GTN+6nOg7BSpfWkX7UjVeF0mjGrsY0wg5Owh8k+d6KTm8DQZKfaXTKEkYmu3OTSU
hwzPgBS92iB4m6Xt5lVRYK5sUB6D7YPaV5ZhbuPZUZI515AtpSglE9yEgaQF95Kv
nirPfOTMVhQOmxDNPSziqhMWm/evyxWJDlNsf4biZlAhWnUcnoa6nWq7JLEgpKCt
uQ2Eh/UZYtwmWFTPpf6ZjV39JIGoWPNWEAi+b4Do1YajIINlAVcZbfN1GQIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFFvy3B9q2qyI53W3ZST/HZ9s4PdSMB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvV19MY0gycmFySWpuZGJkbEpQOGRuMnpnOTFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQCBWUkAwQA
BWVHAwQCH7joAwQAue6YAwQAue6bMA0GCSqGSIb3DQEBCwUAA4IBAQBKiS6jd2CB
9UP40hZ5j2ebgPUwwZx59stiIN34UBR2LIy9+vdySlCVfEF+HafbS4OtE21Mt8PJ
AWUWxetdd8wxZij2D6HQ1IN6M4ij2SMt0JF2WSNlh8g6P0MrjcNl3HrwXB74f22T
mAgoe0/xRtIvyLnDBBnuOHKbVlk7oqL160FyTQsf6G9b1nW1hCoVas3qrvHgloEZ
Fwc72wLzj15KHViqsW5QBbjSwrt8rIaghxVXCB3VM1zf8q+UxBrrlwkANrsajm7L
C9XKRNovxpFfJ/BrsSNtXdDdYgYGqi1CFC4QGhKQQYKqhwhAF8aDCLfyDmaiiVw8
hMz9IsT7RTLK
-----END CERTIFICATE-----
Generated at Fri Aug 15 13:47:28 2025 by rpki-client