Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/kL_nWqD9s8VP0wMvny-2TOGvAdE.roa
File: kL_nWqD9s8VP0wMvny-2TOGvAdE.roa (raw, json)
Hash identifier: 3whyZK+EQb3qxTzyxzs0f1wKwxYwvBzqI24s/5635lU=
Subject key identifier: 90:BF:E7:5A:A0:FD:B3:C5:4F:D3:03:2F:9F:2F:B6:4C:E1:AF:01:D1
Certificate issuer: /CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Certificate serial: 01984D9D34A488A9211A2D87134345951F21
Authority key identifier: 37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/kL_nWqD9s8VP0wMvny-2TOGvAdE.roa
Signing time: Sun 27 Jul 2025 20:40:04 +0000
ROA not before: Sun 27 Jul 2025 20:40:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214171
IP address blocks: 5.22.202.0/24 maxlen: 24
5.22.203.0/24 maxlen: 24
193.19.147.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.mft
rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 08:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4d:9d:34:a4:88:a9:21:1a:2d:87:13:43:45:95:1f:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=374f6f3e3cb973bac8a43f6c0b806b3d11c9adc3
Validity
Not Before: Jul 27 20:40:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=90bfe75aa0fdb3c54fd3032f9f2fb64ce1af01d1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c6:21:68:b9:fe:64:e4:71:f0:cc:07:ed:65:
fa:38:a5:2f:e7:8c:62:f1:a9:92:bb:3d:bd:b7:79:
4b:f5:5a:42:78:b2:6e:c8:f9:1d:bd:3a:b4:4c:2f:
4a:a8:e8:eb:67:16:1c:d5:9f:08:51:78:58:42:ab:
8f:4b:46:73:d3:82:5d:40:68:87:bb:ab:dd:a0:32:
bf:b6:dd:41:fe:9f:6e:d1:b1:a6:7a:81:55:15:53:
9b:ec:36:93:e0:e1:b8:c8:1d:c8:de:6b:8f:21:c2:
d8:da:b5:bd:d0:58:ae:47:21:1b:1d:09:44:bd:3b:
2d:db:60:0d:05:71:17:ce:b1:2a:83:8f:bb:54:7a:
49:e6:5e:34:b8:78:96:53:8c:63:fa:6f:c5:d0:32:
e1:6c:91:77:66:ce:34:48:a1:48:85:0a:0d:1d:d4:
7d:16:3e:f3:be:68:1d:77:b1:03:1d:15:c3:d3:f1:
2e:65:c2:a5:f9:35:f8:0b:6a:40:ee:a3:b9:f0:83:
e4:71:4a:9b:0a:1c:50:72:ce:f2:c0:d4:ad:88:f4:
ef:58:f8:66:34:87:5e:62:b9:20:cd:c3:b0:97:f1:
73:d8:31:d9:77:ac:c0:9f:f4:d2:ea:97:aa:3c:8c:
d8:41:53:43:5f:95:ed:84:e0:6a:48:63:cc:6a:72:
1c:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
90:BF:E7:5A:A0:FD:B3:C5:4F:D3:03:2F:9F:2F:B6:4C:E1:AF:01:D1
X509v3 Authority Key Identifier:
keyid:37:4F:6F:3E:3C:B9:73:BA:C8:A4:3F:6C:0B:80:6B:3D:11:C9:AD:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/N09vPjy5c7rIpD9sC4BrPRHJrcM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/kL_nWqD9s8VP0wMvny-2TOGvAdE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4f/8d1167-0c4d-488f-9a83-c0177dfda847/1/N09vPjy5c7rIpD9sC4BrPRHJrcM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.202.0/23
193.19.147.0/24
Signature Algorithm: sha256WithRSAEncryption
33:35:20:e9:6d:ed:54:90:d7:99:da:aa:af:e4:de:47:96:76:
3a:4a:c2:5f:54:f2:b2:da:db:a8:5c:12:00:78:25:b3:07:5b:
f1:c0:66:4b:d9:13:9c:d9:94:93:df:64:46:d2:39:be:60:d4:
1f:e5:72:cb:5e:ab:86:c6:9e:3a:35:4f:12:09:24:85:c6:37:
a4:a0:79:76:af:04:b6:e5:d1:85:f4:21:59:7f:27:d5:8c:77:
ca:09:6b:7f:cf:6b:0a:34:19:89:30:73:e3:bd:9f:b2:53:63:
80:a5:d1:a7:87:b9:c6:aa:ed:bd:88:8c:5d:77:c4:4f:4e:e2:
ed:c4:fb:30:a3:05:7b:3b:73:15:e1:81:77:98:74:6f:23:9a:
35:4f:8a:6d:71:e3:3b:e7:ab:d0:40:25:24:92:4e:f8:ec:2f:
20:bc:75:94:8f:2f:ba:6a:32:e8:96:a5:b4:e7:ca:9e:77:5e:
f7:78:dc:61:9e:28:bd:ce:64:ed:f9:42:ef:a2:00:4c:cb:ae:
54:3c:07:d0:39:d8:0c:f1:a2:4a:dc:5f:5c:a9:67:3d:31:6f:
7c:18:29:4f:a5:ae:00:ad:db:57:41:0b:4f:e1:84:3b:8b:b2:
e6:f7:70:19:9c:48:10:e8:8f:e5:c0:63:50:2d:fc:5d:4f:f8:
ad:91:6c:7b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhNnTSkiKkhGi2HE0NFlR8hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM3NGY2ZjNlM2NiOTczYmFjOGE0M2Y2YzBiODA2YjNkMTFj
OWFkYzMwHhcNMjUwNzI3MjA0MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MGJmZTc1YWEwZmRiM2M1NGZkMzAzMmY5ZjJmYjY0Y2UxYWYwMWQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1cYhaLn+ZORx8MwH7WX6OKUv54xi
8amSuz29t3lL9VpCeLJuyPkdvTq0TC9KqOjrZxYc1Z8IUXhYQquPS0Zz04JdQGiH
u6vdoDK/tt1B/p9u0bGmeoFVFVOb7DaT4OG4yB3I3muPIcLY2rW90FiuRyEbHQlE
vTst22ANBXEXzrEqg4+7VHpJ5l40uHiWU4xj+m/F0DLhbJF3Zs40SKFIhQoNHdR9
Fj7zvmgdd7EDHRXD0/EuZcKl+TX4C2pA7qO58IPkcUqbChxQcs7ywNStiPTvWPhm
NIdeYrkgzcOwl/Fz2DHZd6zAn/TS6peqPIzYQVNDX5XthOBqSGPManIcowIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJC/51qg/bPFT9MDL58vtkzhrwHRMB8GA1UdIwQY
MBaAFDdPbz48uXO6yKQ/bAuAaz0Rya3DMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMt
YzAxNzdkZmRhODQ3LzEva0xfbldxRDlzOFZQMHdNdm55LTJUT0d2QWRFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Zi84ZDExNjctMGM0ZC00ODhmLTlhODMtYzAxNzdkZmRhODQ3
LzEvTjA5dlBqeTVjN3JJcEQ5c0M0QnJQUkhKcmNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBBRbKAwQA
wROTMA0GCSqGSIb3DQEBCwUAA4IBAQAzNSDpbe1UkNeZ2qqv5N5HlnY6SsJfVPKy
2tuoXBIAeCWzB1vxwGZL2ROc2ZST32RG0jm+YNQf5XLLXquGxp46NU8SCSSFxjek
oHl2rwS25dGF9CFZfyfVjHfKCWt/z2sKNBmJMHPjvZ+yU2OApdGnh7nGqu29iIxd
d8RPTuLtxPswowV7O3MV4YF3mHRvI5o1T4ptceM756vQQCUkkk747C8gvHWUjy+6
ajLolqW058qed173eNxhnii9zmTt+ULvogBMy65UPAfQOdgM8aJK3F9cqWc9MW98
GClPpa4ArdtXQQtP4YQ7i7Lm93AZnEgQ6I/lwGNQLfxdT/itkWx7
-----END CERTIFICATE-----
Generated at Thu Aug 7 17:32:26 2025 by rpki-client