Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5R0Sh0d6wdUlVS7-K7_xoNhjbyk.roa
File: 5R0Sh0d6wdUlVS7-K7_xoNhjbyk.roa (raw, json)
Hash identifier: hovToY2U71c0RI18VGsfDav+kKcVn8c7DOMVxi0B6a8=
Subject key identifier: E5:1D:12:87:47:7A:C1:D5:25:55:2E:FE:2B:BF:F1:A0:D8:63:6F:29
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 01985A86A2F2459E47AA77CF7B6028B4A6D2
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5R0Sh0d6wdUlVS7-K7_xoNhjbyk.roa
Signing time: Wed 30 Jul 2025 08:50:29 +0000
ROA not before: Wed 30 Jul 2025 08:50:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3257
IP address blocks: 37.252.30.0/24 maxlen: 24
77.107.81.0/24 maxlen: 24
77.107.94.0/24 maxlen: 24
77.107.103.0/24 maxlen: 24
77.107.104.0/24 maxlen: 24
77.107.113.0/24 maxlen: 24
77.107.115.0/24 maxlen: 24
77.107.126.0/24 maxlen: 24
81.168.127.0/24 maxlen: 24
82.152.15.0/24 maxlen: 24
82.152.19.0/24 maxlen: 24
82.152.82.0/24 maxlen: 24
82.152.103.0/24 maxlen: 24
82.152.134.0/24 maxlen: 24
82.152.242.0/24 maxlen: 24
82.153.91.0/24 maxlen: 24
82.153.146.0/24 maxlen: 24
82.153.158.0/24 maxlen: 24
89.213.103.0/24 maxlen: 24
109.176.72.0/24 maxlen: 24
109.176.77.0/24 maxlen: 24
109.176.129.0/24 maxlen: 24
109.176.168.0/24 maxlen: 24
109.176.171.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:86:a2:f2:45:9e:47:aa:77:cf:7b:60:28:b4:a6:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Jul 30 08:50:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e51d1287477ac1d525552efe2bbff1a0d8636f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:57:b2:2a:be:c8:06:71:a8:b8:a1:1c:d0:cf:
3f:af:d5:f1:5a:fa:7c:1a:d6:32:9f:84:3e:71:cd:
ef:26:ac:f4:70:28:08:0d:72:fa:3f:1e:f8:72:98:
16:86:24:d7:76:4a:9b:0e:2a:48:69:5c:d5:85:75:
dc:c0:56:79:ab:af:f7:cc:63:76:eb:20:b2:4f:40:
53:03:10:94:65:c9:69:6e:03:a5:6f:fe:a1:b5:7d:
e4:ed:19:4a:eb:cd:e1:e5:e2:ad:a6:87:d0:94:64:
d8:59:35:a5:66:4c:75:48:eb:30:8b:d3:3c:1c:67:
4e:51:25:ae:c9:04:70:ac:58:1c:2b:a0:cc:9f:8d:
bd:d6:46:d8:a7:d6:63:e8:42:22:cc:21:fc:90:d9:
c4:d4:4c:93:99:56:0a:e8:b0:70:ec:94:23:aa:c4:
e6:f8:6c:60:2a:47:44:eb:31:c5:c5:05:32:09:e9:
eb:d9:be:25:3f:0f:d5:9b:7b:2b:41:a1:94:7c:70:
e9:b2:ba:86:9b:5f:9c:8a:12:c4:22:88:26:39:72:
d9:7d:f6:3a:d1:4d:af:44:9a:b2:4e:d4:a9:70:94:
1f:89:88:fa:6b:ec:17:b8:af:ab:37:ee:03:2c:03:
b3:49:c8:0f:f5:49:f0:e3:94:df:9c:55:81:c7:f5:
4d:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:1D:12:87:47:7A:C1:D5:25:55:2E:FE:2B:BF:F1:A0:D8:63:6F:29
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/5R0Sh0d6wdUlVS7-K7_xoNhjbyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.252.30.0/24
77.107.81.0/24
77.107.94.0/24
77.107.103.0-77.107.104.255
77.107.113.0/24
77.107.115.0/24
77.107.126.0/24
81.168.127.0/24
82.152.15.0/24
82.152.19.0/24
82.152.82.0/24
82.152.103.0/24
82.152.134.0/24
82.152.242.0/24
82.153.91.0/24
82.153.146.0/24
82.153.158.0/24
89.213.103.0/24
109.176.72.0/24
109.176.77.0/24
109.176.129.0/24
109.176.168.0/24
109.176.171.0/24
Signature Algorithm: sha256WithRSAEncryption
61:1f:b1:d5:a1:18:4b:2b:b3:8f:2a:6f:b8:a2:7b:16:cf:3c:
39:dd:21:e7:50:05:b7:94:9a:89:3a:f4:98:c8:e1:0c:1e:86:
68:77:06:32:6c:a7:d0:29:62:33:bf:3c:56:c2:8f:cd:aa:e8:
ce:5e:e4:b9:55:a9:bf:de:19:8b:df:f6:f7:1b:4b:5b:aa:ae:
18:73:3c:ae:2b:6a:64:7b:55:b2:70:d5:04:87:8d:fc:1a:53:
ab:58:35:83:16:ca:6f:9c:d1:dd:c7:01:63:6f:23:aa:51:50:
28:64:5e:d1:ff:6e:84:2f:27:ff:75:95:79:8d:2b:3f:9c:72:
04:b1:29:1a:f0:7b:31:f6:30:dc:23:f4:bb:a3:17:49:45:7d:
3e:21:aa:2b:76:cb:b4:9d:fb:25:51:50:90:85:40:07:04:a1:
fe:66:01:d4:a9:10:3c:e8:09:01:09:4d:55:00:d9:80:91:10:
d1:26:37:ca:3a:26:41:31:98:32:cb:af:2a:d4:59:f3:98:30:
f8:0a:6a:5f:b3:db:3f:71:e7:3b:28:46:fe:7f:11:2b:80:43:
dc:6a:4e:0c:99:d8:2f:2f:6f:ff:11:30:53:59:37:02:c7:74:
ae:19:6b:56:2b:79:84:82:12:30:f8:63:fc:75:74:9f:24:1d:
45:d3:1f:c9
-----BEGIN CERTIFICATE-----
MIIFjjCCBHagAwIBAgISAZhahqLyRZ5HqnfPe2AotKbSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwNzMwMDg1MDI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTFkMTI4NzQ3N2FjMWQ1MjU1NTJlZmUyYmJmZjFhMGQ4NjM2ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVeyKr7IBnGouKEc0M8/r9XxWvp8
GtYyn4Q+cc3vJqz0cCgIDXL6Px74cpgWhiTXdkqbDipIaVzVhXXcwFZ5q6/3zGN2
6yCyT0BTAxCUZclpbgOlb/6htX3k7RlK683h5eKtpofQlGTYWTWlZkx1SOswi9M8
HGdOUSWuyQRwrFgcK6DMn4291kbYp9Zj6EIizCH8kNnE1EyTmVYK6LBw7JQjqsTm
+GxgKkdE6zHFxQUyCenr2b4lPw/Vm3srQaGUfHDpsrqGm1+cihLEIogmOXLZffY6
0U2vRJqyTtSpcJQfiYj6a+wXuK+rN+4DLAOzScgP9Unw45TfnFWBx/VNRQIDAQAB
o4ICmjCCApYwHQYDVR0OBBYEFOUdEodHesHVJVUu/iu/8aDYY28pMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvNVIwU2gwZDZ3ZFVsVlM3LUs3X3hvTmhqYnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGvBggrBgEFBQcBBwEB/wSBnzCBnDCBmQQCAAEwgZIDBAAl
/B4DBABNa1EDBABNa14wDAMEAE1rZwMEAE1raAMEAE1rcQMEAE1rcwMEAE1rfgME
AFGofwMEAFKYDwMEAFKYEwMEAFKYUgMEAFKYZwMEAFKYhgMEAFKY8gMEAFKZWwME
AFKZkgMEAFKZngMEAFnVZwMEAG2wSAMEAG2wTQMEAG2wgQMEAG2wqAMEAG2wqzAN
BgkqhkiG9w0BAQsFAAOCAQEAYR+x1aEYSyuzjypvuKJ7Fs88Od0h51AFt5SaiTr0
mMjhDB6GaHcGMmyn0CliM788VsKPzarozl7kuVWpv94Zi9/29xtLW6quGHM8ritq
ZHtVsnDVBIeN/BpTq1g1gxbKb5zR3ccBY28jqlFQKGRe0f9uhC8n/3WVeY0rP5xy
BLEpGvB7MfYw3CP0u6MXSUV9PiGqK3bLtJ37JVFQkIVABwSh/mYB1KkQPOgJAQlN
VQDZgJEQ0SY3yjomQTGYMsuvKtRZ85gw+ApqX7PbP3HnOyhG/n8RK4BD3GpODJnY
Ly9v/xEwU1k3Asd0rhlrVit5hIISMPhj/HV0nyQdRdMfyQ==
-----END CERTIFICATE-----
Generated at Sat Aug 9 23:22:08 2025 by rpki-client