Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/S5j_GQCRjjiNxYQftq07l5Bg_ZE.roa
File: S5j_GQCRjjiNxYQftq07l5Bg_ZE.roa (raw, json)
Hash identifier: zfxV9QGTaT297YCoQAB+CRwjlujgkE/dhqewvaMINXY=
Subject key identifier: 4B:98:FF:19:00:91:8E:38:8D:C5:84:1F:B6:AD:3B:97:90:60:FD:91
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0198744B021F539CC91019238146553B26CB
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/S5j_GQCRjjiNxYQftq07l5Bg_ZE.roa
Signing time: Mon 04 Aug 2025 08:55:29 +0000
ROA not before: Mon 04 Aug 2025 08:55:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 78.135.72.0/24 maxlen: 24
78.135.78.0/24 maxlen: 24
78.135.81.0/24 maxlen: 24
78.135.88.0/24 maxlen: 24
188.132.141.0/24 maxlen: 24
188.132.152.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.188.0/24 maxlen: 24
188.132.189.0/24 maxlen: 24
188.132.191.0/24 maxlen: 24
188.132.212.0/24 maxlen: 24
188.132.213.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.217.0/24 maxlen: 24
188.132.229.0/24 maxlen: 24
188.132.236.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
212.68.59.0/24 maxlen: 24
212.68.60.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 00:00:57 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:4b:02:1f:53:9c:c9:10:19:23:81:46:55:3b:26:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Aug 4 08:55:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4b98ff1900918e388dc5841fb6ad3b979060fd91
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:42:97:cd:2c:47:de:c6:4a:83:ca:c0:2c:c2:
69:86:08:6d:02:26:7a:55:0e:d6:87:c1:5d:80:ba:
75:15:9d:57:58:9f:82:74:ef:f9:1b:58:09:ed:72:
f7:0d:26:98:a0:62:e6:77:11:dc:fb:52:95:9c:ed:
22:2f:92:b1:94:e3:0c:ca:a9:9b:da:0d:2b:2a:5f:
3d:df:47:86:8c:c2:fd:ae:45:46:56:e4:c1:29:3d:
b3:a5:59:28:fd:23:5a:e5:ba:f0:d5:73:97:3b:30:
d2:b4:aa:c3:e1:1c:75:b0:92:55:41:b1:d4:0b:00:
0d:f8:04:3c:2a:31:a1:30:3b:cf:b4:7d:f8:4b:51:
c2:d4:47:89:00:f5:13:e3:0c:6e:21:d7:69:35:4e:
cc:07:f3:9e:34:6f:79:3d:7b:fe:ff:c3:5d:d2:f4:
66:77:af:4d:8a:0c:0b:e2:bc:79:c9:12:c6:ba:cd:
10:5f:2b:3b:c7:bb:aa:9e:8a:13:5a:cc:38:20:d4:
ae:1d:0b:7e:9a:fa:8b:b1:9c:71:ff:fd:83:fe:68:
a0:c3:93:fd:1f:cd:b9:d4:b2:b1:12:7c:0f:64:56:
bc:0f:d9:bc:aa:fb:d9:d7:c7:46:c3:11:22:76:29:
40:64:12:6f:91:3d:30:35:e4:30:64:95:83:a7:45:
ee:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4B:98:FF:19:00:91:8E:38:8D:C5:84:1F:B6:AD:3B:97:90:60:FD:91
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/S5j_GQCRjjiNxYQftq07l5Bg_ZE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.72.0/24
78.135.78.0/24
78.135.81.0/24
78.135.88.0/24
188.132.141.0/24
188.132.152.0/24
188.132.163.0/24
188.132.188.0/23
188.132.191.0/24
188.132.212.0/23
188.132.216.0/23
188.132.229.0/24
188.132.236.0/24
212.68.55.0/24
212.68.59.0-212.68.60.255
Signature Algorithm: sha256WithRSAEncryption
52:f5:7f:bd:0f:14:99:d7:9f:0b:64:61:81:93:37:fd:a0:3e:
f4:cb:3a:55:34:0e:af:88:1f:91:6c:e2:90:75:ae:ca:bd:bb:
ca:3f:10:ac:c5:c9:c0:13:dc:51:a7:e9:cd:56:29:f3:c0:ed:
bb:a3:fe:ab:9c:91:75:2b:13:15:04:d9:98:cf:ce:13:3d:e5:
2f:2c:a8:74:62:45:8a:3c:d9:ef:30:73:75:94:72:20:a9:28:
d6:d7:8f:4d:bd:95:bf:55:c0:2d:f4:79:c0:1b:1d:4e:00:53:
06:f8:94:21:48:2e:fd:c5:9d:fd:f2:f0:93:6e:e3:17:59:3b:
ce:58:4d:e2:30:ba:06:88:3d:06:07:97:35:b3:59:5d:d3:e4:
93:2f:ed:fc:e0:fb:dc:4d:96:c6:07:ad:70:42:d0:3f:50:1e:
31:b3:6a:92:2d:4b:e6:24:a2:f2:7c:a1:9d:e5:5e:34:cc:ce:
73:e8:30:e4:b1:1f:c0:e8:d4:e5:9a:97:58:30:a2:0f:c3:af:
89:18:28:84:bb:99:8a:e0:8e:0e:36:10:7d:df:44:fe:7f:10:
88:c5:e8:02:48:7c:72:57:69:b7:68:84:cd:7b:e9:4a:fa:3f:
bd:b4:a8:e7:5a:70:53:05:4c:4e:5e:9c:65:bf:a6:5a:6f:0f:
82:33:f0:ea
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZh0SwIfU5zJEBkjgUZVOybLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwODA0MDg1NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0Yjk4ZmYxOTAwOTE4ZTM4OGRjNTg0MWZiNmFkM2I5NzkwNjBmZDkxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArEKXzSxH3sZKg8rALMJphghtAiZ6
VQ7Wh8FdgLp1FZ1XWJ+CdO/5G1gJ7XL3DSaYoGLmdxHc+1KVnO0iL5KxlOMMyqmb
2g0rKl8930eGjML9rkVGVuTBKT2zpVko/SNa5brw1XOXOzDStKrD4Rx1sJJVQbHU
CwAN+AQ8KjGhMDvPtH34S1HC1EeJAPUT4wxuIddpNU7MB/OeNG95PXv+/8Nd0vRm
d69NigwL4rx5yRLGus0QXys7x7uqnooTWsw4INSuHQt+mvqLsZxx//2D/migw5P9
H8251LKxEnwPZFa8D9m8qvvZ18dGwxEidilAZBJvkT0wNeQwZJWDp0XuSQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFEuY/xkAkY44jcWEH7atO5eQYP2RMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvUzVqX0dRQ1JqamlOeFlRZnRxMDdsNUJnX1pFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiAwQATodIAwQA
TodOAwQATodRAwQATodYAwQAvISNAwQAvISYAwQAvISjAwQBvIS8AwQAvIS/AwQB
vITUAwQBvITYAwQAvITlAwQAvITsAwQA1EQ3MAwDBADURDsDBADURDwwDQYJKoZI
hvcNAQELBQADggEBAFL1f70PFJnXnwtkYYGTN/2gPvTLOlU0Dq+IH5Fs4pB1rsq9
u8o/EKzFycAT3FGn6c1WKfPA7buj/quckXUrExUE2ZjPzhM95S8sqHRiRYo82e8w
c3WUciCpKNbXj029lb9VwC30ecAbHU4AUwb4lCFILv3Fnf3y8JNu4xdZO85YTeIw
ugaIPQYHlzWzWV3T5JMv7fzg+9xNlsYHrXBC0D9QHjGzapItS+YkovJ8oZ3lXjTM
znPoMOSxH8Do1OWal1gwog/Dr4kYKIS7mYrgjg42EH3fRP5/EIjF6AJIfHJXabdo
hM176Ur6P720qOdacFMFTE5enGW/plpvD4Iz8Oo=
-----END CERTIFICATE-----
Generated at Wed Aug 6 10:19:06 2025 by rpki-client