Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/ODc1gK0oD8K1S6OjlSUuEAdPqK0.roa
File: ODc1gK0oD8K1S6OjlSUuEAdPqK0.roa (raw, json)
Hash identifier: N7ESVyDMVLp84r34OHJBu7zgck65lpFVFqPhaP/zbjg=
Subject key identifier: 38:37:35:80:AD:28:0F:C2:B5:4B:A3:A3:95:25:2E:10:07:4F:A8:AD
Certificate issuer: /CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Certificate serial: 019855A2DBFE4C85EB12E6108B0C12B1ADDD
Authority key identifier: 4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/ODc1gK0oD8K1S6OjlSUuEAdPqK0.roa
Signing time: Tue 29 Jul 2025 10:03:13 +0000
ROA not before: Tue 29 Jul 2025 10:03:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 140.150.0.0/24 maxlen: 24
140.150.1.0/24 maxlen: 24
140.150.2.0/24 maxlen: 24
140.150.3.0/24 maxlen: 24
140.150.4.0/24 maxlen: 24
140.150.5.0/24 maxlen: 24
140.150.6.0/24 maxlen: 24
140.150.7.0/24 maxlen: 24
140.150.8.0/24 maxlen: 24
140.150.10.0/24 maxlen: 24
140.150.11.0/24 maxlen: 24
140.150.12.0/24 maxlen: 24
140.150.14.0/24 maxlen: 24
140.150.15.0/24 maxlen: 24
140.150.16.0/24 maxlen: 24
140.150.18.0/24 maxlen: 24
140.150.19.0/24 maxlen: 24
140.150.20.0/24 maxlen: 24
140.150.21.0/24 maxlen: 24
140.150.22.0/24 maxlen: 24
140.150.23.0/24 maxlen: 24
140.150.24.0/24 maxlen: 24
140.150.25.0/24 maxlen: 24
140.150.26.0/24 maxlen: 24
140.150.27.0/24 maxlen: 24
140.150.28.0/24 maxlen: 24
140.150.29.0/24 maxlen: 24
140.150.30.0/24 maxlen: 24
140.150.31.0/24 maxlen: 24
140.150.32.0/24 maxlen: 24
140.150.33.0/24 maxlen: 24
140.150.34.0/24 maxlen: 24
140.150.35.0/24 maxlen: 24
140.150.36.0/24 maxlen: 24
140.150.37.0/24 maxlen: 24
140.150.38.0/24 maxlen: 24
140.150.40.0/24 maxlen: 24
140.150.41.0/24 maxlen: 24
140.150.42.0/24 maxlen: 24
140.150.43.0/24 maxlen: 24
140.150.44.0/24 maxlen: 24
140.150.46.0/24 maxlen: 24
140.150.47.0/24 maxlen: 24
146.103.64.0/24 maxlen: 24
146.103.65.0/24 maxlen: 24
146.103.66.0/24 maxlen: 24
146.103.67.0/24 maxlen: 24
146.103.68.0/24 maxlen: 24
146.103.71.0/24 maxlen: 24
146.103.72.0/24 maxlen: 24
146.103.73.0/24 maxlen: 24
146.103.74.0/24 maxlen: 24
146.103.75.0/24 maxlen: 24
146.103.76.0/24 maxlen: 24
146.103.77.0/24 maxlen: 24
146.103.78.0/24 maxlen: 24
146.103.79.0/24 maxlen: 24
146.103.80.0/24 maxlen: 24
146.103.81.0/24 maxlen: 24
146.103.82.0/24 maxlen: 24
146.103.83.0/24 maxlen: 24
146.103.84.0/24 maxlen: 24
146.103.85.0/24 maxlen: 24
146.103.86.0/24 maxlen: 24
146.103.87.0/24 maxlen: 24
146.103.88.0/24 maxlen: 24
146.103.89.0/24 maxlen: 24
146.103.90.0/24 maxlen: 24
146.103.91.0/24 maxlen: 24
146.103.92.0/24 maxlen: 24
146.103.93.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.mft
rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 07:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:a2:db:fe:4c:85:eb:12:e6:10:8b:0c:12:b1:ad:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4b9331fa7be470dc179e16c306e98c6c731a575c
Validity
Not Before: Jul 29 10:03:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38373580ad280fc2b54ba3a395252e10074fa8ad
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:d2:40:94:3c:5f:51:4b:eb:92:c4:59:cc:70:
24:02:c0:06:00:1d:c8:1d:3e:25:ea:28:53:51:e2:
1b:8e:1d:9f:16:e0:dc:8a:36:99:77:e0:1a:44:b4:
19:03:c7:79:13:f5:02:5b:12:05:26:1c:02:56:34:
d8:fb:08:e9:cd:97:da:96:31:17:e9:6e:9e:e2:6f:
da:45:16:b5:18:b4:87:fa:b6:ca:c1:ba:35:84:4a:
b3:a5:85:4b:85:8b:67:1d:f3:b7:d7:f5:f4:e8:08:
d1:91:7f:58:00:75:6c:07:90:75:6e:ea:f4:05:0c:
25:91:0f:ce:92:77:84:9e:fc:66:b9:d6:c1:6d:1b:
c2:10:9b:7b:ae:8c:ec:f5:a5:83:60:94:a8:88:8a:
92:54:3c:e4:90:ab:c9:ea:48:12:7b:cd:91:6c:fa:
54:d6:e2:0f:3e:33:6f:76:1a:c0:0b:60:21:93:5e:
ed:d9:28:29:57:ec:5c:b2:04:8b:07:33:67:fd:34:
86:c9:7e:64:40:81:65:e4:0a:b1:76:19:ba:1b:49:
e8:a3:14:38:03:64:91:34:14:6f:42:d5:29:ee:fd:
62:d1:17:50:9c:ed:e2:66:97:e6:43:ae:f9:71:b7:
f7:ab:13:51:48:65:d6:50:b3:eb:18:f4:fa:0d:a8:
fc:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:37:35:80:AD:28:0F:C2:B5:4B:A3:A3:95:25:2E:10:07:4F:A8:AD
X509v3 Authority Key Identifier:
keyid:4B:93:31:FA:7B:E4:70:DC:17:9E:16:C3:06:E9:8C:6C:73:1A:57:5C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/S5Mx-nvkcNwXnhbDBumMbHMaV1w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/ODc1gK0oD8K1S6OjlSUuEAdPqK0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/5b48a7-a0d7-43f2-a362-8b2b4738b1cc/1/S5Mx-nvkcNwXnhbDBumMbHMaV1w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
140.150.0.0-140.150.8.255
140.150.10.0-140.150.12.255
140.150.14.0-140.150.16.255
140.150.18.0-140.150.38.255
140.150.40.0-140.150.44.255
140.150.46.0/23
146.103.64.0-146.103.68.255
146.103.71.0-146.103.93.255
Signature Algorithm: sha256WithRSAEncryption
8a:42:a3:dd:6f:55:df:31:f4:7d:34:2f:b6:3f:4e:5c:e5:0b:
1f:d6:28:e0:ed:f5:d1:b7:e9:89:28:00:e3:13:5d:56:5e:7b:
e5:ef:c2:43:be:88:15:93:a3:2d:73:36:01:7f:86:73:3c:60:
a8:b0:5b:50:1d:4e:32:36:e6:9e:f4:a5:ed:93:88:91:5f:fb:
43:20:45:98:88:c7:b9:c9:85:a2:31:7a:9c:ec:ba:10:5e:2c:
01:c0:56:2a:e9:0f:3a:94:ca:f0:2d:b5:93:86:26:50:92:4b:
d1:c9:48:18:4f:04:9d:96:15:cd:10:c6:e8:f6:2f:35:d7:04:
f1:db:c3:5c:94:6e:53:49:2e:12:00:73:1a:4c:a6:50:45:46:
5d:82:11:0b:bf:15:02:93:f6:70:9c:0d:4e:d0:3f:fa:6f:a8:
a6:33:0b:50:ab:33:f8:73:f4:4e:91:6c:61:af:88:94:68:b0:
99:d3:89:ca:d2:43:7e:65:da:2a:3f:09:b1:ec:9b:28:28:d8:
21:b0:86:18:29:45:1a:6d:3e:13:48:40:5d:c6:a8:ed:1e:58:
6b:16:ef:6b:62:e1:b8:7a:75:b0:ae:04:d2:f7:f0:3e:a4:c8:
88:e8:4b:c5:e4:ab:b6:4d:00:b0:c1:3f:5e:4e:87:d5:4b:14:
ff:4f:99:b8
-----BEGIN CERTIFICATE-----
MIIFXzCCBEegAwIBAgISAZhVotv+TIXrEuYQiwwSsa3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRiOTMzMWZhN2JlNDcwZGMxNzllMTZjMzA2ZTk4YzZjNzMx
YTU3NWMwHhcNMjUwNzI5MTAwMzEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzODM3MzU4MGFkMjgwZmMyYjU0YmEzYTM5NTI1MmUxMDA3NGZhOGFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArNJAlDxfUUvrksRZzHAkAsAGAB3I
HT4l6ihTUeIbjh2fFuDcijaZd+AaRLQZA8d5E/UCWxIFJhwCVjTY+wjpzZfaljEX
6W6e4m/aRRa1GLSH+rbKwbo1hEqzpYVLhYtnHfO31/X06AjRkX9YAHVsB5B1bur0
BQwlkQ/OkneEnvxmudbBbRvCEJt7rozs9aWDYJSoiIqSVDzkkKvJ6kgSe82RbPpU
1uIPPjNvdhrAC2Ahk17t2SgpV+xcsgSLBzNn/TSGyX5kQIFl5Aqxdhm6G0nooxQ4
A2SRNBRvQtUp7v1i0RdQnO3iZpfmQ675cbf3qxNRSGXWULPrGPT6Daj83QIDAQAB
o4ICazCCAmcwHQYDVR0OBBYEFDg3NYCtKA/CtUujo5UlLhAHT6itMB8GA1UdIwQY
MBaAFEuTMfp75HDcF54WwwbpjGxzGldcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjIt
OGIyYjQ3MzhiMWNjLzEvT0RjMWdLMG9EOEsxUzZPamxTVXVFQWRQcUswLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC81YjQ4YTctYTBkNy00M2YyLWEzNjItOGIyYjQ3MzhiMWNj
LzEvUzVNeC1udmtjTndYbmhiREJ1bU1iSE1hVjF3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGABggrBgEFBQcBBwEB/wRxMG8wbQQCAAEwZzALAwMBjJYD
BACMlggwDAMEAYyWCgMEAIyWDDAMAwQBjJYOAwQAjJYQMAwDBAGMlhIDBACMliYw
DAMEA4yWKAMEAIyWLAMEAYyWLjAMAwQGkmdAAwQAkmdEMAwDBACSZ0cDBAGSZ1ww
DQYJKoZIhvcNAQELBQADggEBAIpCo91vVd8x9H00L7Y/TlzlCx/WKODt9dG36Yko
AOMTXVZee+XvwkO+iBWToy1zNgF/hnM8YKiwW1AdTjI25p70pe2TiJFf+0MgRZiI
x7nJhaIxepzsuhBeLAHAVirpDzqUyvAttZOGJlCSS9HJSBhPBJ2WFc0Qxuj2LzXX
BPHbw1yUblNJLhIAcxpMplBFRl2CEQu/FQKT9nCcDU7QP/pvqKYzC1CrM/hz9E6R
bGGviJRosJnTicrSQ35l2io/CbHsmygo2CGwhhgpRRptPhNIQF3GqO0eWGsW72ti
4bh6dbCuBNL38D6kyIjoS8Xkq7ZNALDBP15Oh9VLFP9Pmbg=
-----END CERTIFICATE-----
Generated at Wed Aug 6 11:22:19 2025 by rpki-client