Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/pL72vqVUAsI2OqPhIFXtCmcBsXs.roa
File: pL72vqVUAsI2OqPhIFXtCmcBsXs.roa (raw, json)
Hash identifier: VhYdpnCr8tUqW7UklGwuDlV0czIVlX+IJ54h3dKiBik=
Subject key identifier: A4:BE:F6:BE:A5:54:02:C2:36:3A:A3:E1:20:55:ED:0A:67:01:B1:7B
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 019850247D054474EC4E7AE18570E97518D8
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/pL72vqVUAsI2OqPhIFXtCmcBsXs.roa
Signing time: Mon 28 Jul 2025 08:27:05 +0000
ROA not before: Mon 28 Jul 2025 08:27:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.72.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
31.40.194.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.6.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
84.252.64.0/22 maxlen: 24
88.218.80.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.132.126.0/24 maxlen: 24
91.132.127.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
193.160.74.0/24 maxlen: 24
193.160.75.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
194.53.188.0/22 maxlen: 24
194.124.41.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
213.109.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 12:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:24:7d:05:44:74:ec:4e:7a:e1:85:70:e9:75:18:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Jul 28 08:27:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4bef6bea55402c2363aa3e12055ed0a6701b17b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:18:fb:f4:0b:23:3c:33:89:d2:68:24:d3:84:
d5:01:17:d9:4b:43:52:83:5e:12:66:9b:dd:49:5a:
da:5e:ef:8b:c7:69:ac:1a:e2:9d:d0:be:59:0c:8b:
68:67:a5:89:b2:26:af:80:6e:20:ea:7c:7c:b5:e2:
6a:0b:e0:a8:ef:c0:2d:7b:2e:da:61:fa:38:b0:f0:
ff:1f:1c:95:c7:b8:06:67:ef:b0:6d:76:1f:99:6b:
c0:44:70:b3:a0:3c:28:46:23:a7:67:9c:0e:ad:66:
8c:e4:33:a1:29:de:c0:40:1a:93:5b:64:62:b5:32:
34:bb:52:02:fc:8b:02:9e:a5:f9:c3:0c:9e:46:42:
b4:2a:05:08:9f:ed:91:59:e1:00:28:3e:7f:30:a3:
26:c5:a8:d4:27:d0:47:0e:34:ab:ef:13:bf:6c:3a:
f0:c7:de:de:7f:6b:f3:58:45:dd:d1:e4:9e:14:b5:
fa:11:41:a7:99:4f:da:75:8a:c0:0a:93:71:0a:86:
18:2e:44:de:2d:89:78:7b:dd:49:b1:d8:36:b7:b5:
d4:64:3c:34:76:40:17:53:cd:0c:22:7f:3d:71:b4:
23:b1:27:ce:d6:9a:22:62:7a:aa:1f:9c:4e:0d:b9:
fb:fe:e9:b1:34:bd:22:c6:55:16:c7:ba:56:a9:9b:
5d:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:BE:F6:BE:A5:54:02:C2:36:3A:A3:E1:20:55:ED:0A:67:01:B1:7B
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/pL72vqVUAsI2OqPhIFXtCmcBsXs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
31.40.194.0/24
45.130.184.0-45.130.186.255
45.140.4.0/24
45.140.6.0/23
77.83.20.0/22
84.252.64.0/22
88.218.80.0/24
88.218.239.0/24
91.132.126.0/23
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.160.74.0/23
194.28.157.0/24
194.53.188.0/22
194.124.41.0/24
212.69.135.0/24
213.109.188.0/22
Signature Algorithm: sha256WithRSAEncryption
27:ea:15:22:9a:cf:27:c7:e3:3e:1b:5d:49:85:6c:b1:ff:ab:
16:8c:4f:94:03:2a:d9:b4:73:c0:74:ed:f5:94:9e:71:46:d4:
4f:c0:46:d5:cc:c3:80:0c:c3:6c:be:76:e4:1e:4e:40:35:4c:
88:82:35:fe:fa:61:a4:9d:b9:df:ab:a4:15:ba:33:d0:6d:bf:
40:3a:0a:e1:84:0c:6a:37:84:22:8b:eb:bd:88:ee:57:64:07:
e2:a0:e2:87:26:36:1f:5f:74:09:85:a7:e0:d3:06:58:97:10:
c9:ca:05:f5:81:52:8e:24:63:ee:69:c5:fb:48:af:f5:07:68:
cb:a3:19:0d:de:73:1c:27:d2:0f:06:01:85:31:89:2a:7a:6d:
36:7b:be:ae:c9:1b:bd:aa:55:01:96:51:88:cc:41:8f:ab:f1:
cc:b4:d1:2c:b2:e7:9b:e2:2b:66:43:ec:f9:b4:8f:70:80:e0:
dd:d4:a4:6a:35:a8:92:db:e1:d2:3e:97:9d:ca:f9:89:55:71:
11:cc:57:0d:ed:5b:c0:6d:fa:43:1f:0c:03:e3:1e:b2:09:a2:
2f:e1:a4:d3:93:0c:68:18:f8:e9:39:09:a4:88:23:dd:f4:dd:
f2:22:c8:7d:ac:55:44:e5:13:d2:0a:26:ea:3d:f9:a2:ca:a3:
9c:9b:f5:8d
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZhQJH0FRHTsTnrhhXDpdRjYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwNzI4MDgyNzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGJlZjZiZWE1NTQwMmMyMzYzYWEzZTEyMDU1ZWQwYTY3MDFiMTdiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBj79AsjPDOJ0mgk04TVARfZS0NS
g14SZpvdSVraXu+Lx2msGuKd0L5ZDItoZ6WJsiavgG4g6nx8teJqC+Co78Atey7a
Yfo4sPD/HxyVx7gGZ++wbXYfmWvARHCzoDwoRiOnZ5wOrWaM5DOhKd7AQBqTW2Ri
tTI0u1IC/IsCnqX5wwyeRkK0KgUIn+2RWeEAKD5/MKMmxajUJ9BHDjSr7xO/bDrw
x97ef2vzWEXd0eSeFLX6EUGnmU/adYrACpNxCoYYLkTeLYl4e91Jsdg2t7XUZDw0
dkAXU80MIn89cbQjsSfO1poiYnqqH5xODbn7/umxNL0ixlUWx7pWqZtdjQIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFKS+9r6lVALCNjqj4SBV7QpnAbF7MB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvcEw3MnZxVlVBc0kyT3FQaElGWHRDbWNCc1hzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBqwQCAAEwgaQDBAAF
aEgDBAAFaEoDBAAfKMIwDAMEAy2CuAMEAC2CugMEAC2MBAMEAS2MBgMEAk1TFAME
AlT8QAMEAFjaUAMEAFja7wMEAVuEfgMEAFv17wMEAF/WUwMEAV/WXAMEAF/WXwME
AbB2vAMEALB2vwMEAbmxTAMEAMGgRAMEAMGgSAMEAcGgSgMEAMIcnQMEAsI1vAME
AMJ8KQMEANRFhwMEAtVtvDANBgkqhkiG9w0BAQsFAAOCAQEAJ+oVIprPJ8fjPhtd
SYVssf+rFoxPlAMq2bRzwHTt9ZSecUbUT8BG1czDgAzDbL525B5OQDVMiII1/vph
pJ2536ukFboz0G2/QDoK4YQMajeEIovrvYjuV2QH4qDihyY2H190CYWn4NMGWJcQ
ycoF9YFSjiRj7mnF+0iv9Qdoy6MZDd5zHCfSDwYBhTGJKnptNnu+rskbvapVAZZR
iMxBj6vxzLTRLLLnm+IrZkPs+bSPcIDg3dSkajWoktvh0j6Xncr5iVVxEcxXDe1b
wG36Qx8MA+MesgmiL+Gk05MMaBj46TkJpIgj3fTd8iLIfaxVROUT0gom6j35osqj
nJv1jQ==
-----END CERTIFICATE-----
Generated at Mon Aug 4 22:22:32 2025 by rpki-client