Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/k5WIi1Ejnq2UPqn3UpkS8V7jf1M.roa
File: k5WIi1Ejnq2UPqn3UpkS8V7jf1M.roa (raw, json)
Hash identifier: 0oCwakpSZkb6NAb4lGAZ4tdDGnYcuoaTcDYTLBa8fHY=
Subject key identifier: 93:95:88:8B:51:23:9E:AD:94:3E:A9:F7:52:99:12:F1:5E:E3:7F:53
Certificate issuer: /CN=d6923df4dae91950cf00d235fe39e00eea3816d2
Certificate serial: 019879FB9A883BEFF8B4199DBC3A7464CEC0
Authority key identifier: D6:92:3D:F4:DA:E9:19:50:CF:00:D2:35:FE:39:E0:0E:EA:38:16:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1pI99NrpGVDPANI1_jngDuo4FtI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/k5WIi1Ejnq2UPqn3UpkS8V7jf1M.roa
Signing time: Tue 05 Aug 2025 11:26:28 +0000
ROA not before: Tue 05 Aug 2025 11:26:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15614
IP address blocks: 31.41.200.0/21 maxlen: 21
78.110.208.0/20 maxlen: 20
178.209.128.0/19 maxlen: 19
185.24.20.0/22 maxlen: 22
193.8.86.0/23 maxlen: 23
213.168.176.0/20 maxlen: 20
2a02:13b8::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/1pI99NrpGVDPANI1_jngDuo4FtI.crl
rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/1pI99NrpGVDPANI1_jngDuo4FtI.mft
rsync://rpki.ripe.net/repository/DEFAULT/1pI99NrpGVDPANI1_jngDuo4FtI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:fb:9a:88:3b:ef:f8:b4:19:9d:bc:3a:74:64:ce:c0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d6923df4dae91950cf00d235fe39e00eea3816d2
Validity
Not Before: Aug 5 11:26:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9395888b51239ead943ea9f7529912f15ee37f53
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:7e:0d:f5:35:3d:16:04:02:fd:f8:85:1a:83:
49:d7:df:7d:63:c5:52:55:9a:31:13:96:fb:5b:12:
a0:6a:41:cb:31:f6:6f:90:4a:56:4e:dd:30:b9:6d:
25:99:4d:2d:1b:fa:fc:99:10:7d:0c:df:2c:63:18:
2b:cf:4f:f6:4c:75:c3:da:e2:ba:9f:2e:08:6c:c4:
ad:62:4a:b0:26:91:a6:9a:f2:a7:96:1e:e2:ad:f7:
dc:d1:b9:c9:5d:7f:c6:45:36:04:6c:aa:9c:4b:5a:
ef:89:a0:bb:af:34:b1:05:ee:a6:ac:d3:ae:c7:1c:
e9:33:91:d2:5a:e3:0a:d7:0e:48:79:b8:fd:01:ab:
c1:84:8c:f2:24:ad:34:70:dd:b9:38:f9:84:0a:ad:
f8:5d:be:0a:a7:c1:b8:e6:52:41:16:de:ec:9c:57:
e3:e9:e7:30:97:3d:81:f8:06:bb:e5:65:d3:4e:b5:
f5:7e:51:62:73:d7:95:87:8d:1a:a3:d0:6c:46:75:
c5:1b:b0:f3:dc:58:41:80:02:72:b5:44:93:0c:b3:
f4:cc:0f:95:da:46:15:8a:bd:3a:3c:f9:ac:d6:45:
49:05:3c:e2:1c:1b:38:0b:2a:ab:5c:5a:b6:01:68:
dc:2c:20:cb:4f:e8:80:34:a7:a4:63:e7:8c:db:3c:
84:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:95:88:8B:51:23:9E:AD:94:3E:A9:F7:52:99:12:F1:5E:E3:7F:53
X509v3 Authority Key Identifier:
keyid:D6:92:3D:F4:DA:E9:19:50:CF:00:D2:35:FE:39:E0:0E:EA:38:16:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1pI99NrpGVDPANI1_jngDuo4FtI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/k5WIi1Ejnq2UPqn3UpkS8V7jf1M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a5/32680d-03d9-4afa-9416-8d6fc010523d/1/1pI99NrpGVDPANI1_jngDuo4FtI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.41.200.0/21
78.110.208.0/20
178.209.128.0/19
185.24.20.0/22
193.8.86.0/23
213.168.176.0/20
IPv6:
2a02:13b8::/29
Signature Algorithm: sha256WithRSAEncryption
75:5e:00:f6:dd:e9:f5:48:ac:b6:4f:d8:23:47:b5:1f:9d:e8:
c7:ad:76:1a:f9:29:fb:a4:67:42:81:71:06:af:c9:71:44:5e:
f5:e4:e1:a8:29:8d:36:e1:bb:46:48:d7:2f:89:90:c6:14:20:
4d:30:fe:a5:5f:c8:5d:9b:5f:a8:1b:c4:78:a3:e6:16:3c:59:
e7:6f:f7:8a:0b:df:f2:ce:d0:e6:cb:df:65:ea:d9:74:39:4e:
6a:50:79:25:60:fc:6a:0c:e3:d4:27:dd:6b:d7:9f:ed:e4:6b:
87:c7:6f:f7:85:8e:8f:e9:81:20:72:a3:d3:e9:b2:a8:33:dc:
7a:45:04:ae:c4:24:6f:f9:f5:7b:a3:b7:81:af:6d:a1:b1:8e:
50:01:52:69:62:db:8c:18:62:3d:0a:8e:d4:bc:4b:6e:6c:6f:
39:85:3b:1f:a6:54:39:74:f0:d5:b6:54:a1:4b:fd:25:cb:a6:
ad:e7:18:23:3a:97:9f:f5:90:4a:5e:a9:57:67:9f:8b:c1:50:
65:65:10:2e:ca:20:c7:e3:1f:8a:c0:db:07:0b:57:9d:c9:d5:
76:0c:5b:e6:c1:fe:57:c6:a3:03:82:33:7a:cb:c4:0b:7c:c1:
23:92:cc:38:49:23:17:1a:89:07:02:15:c1:86:63:5c:51:67:
35:d6:c4:fe
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZh5+5qIO+/4tBmdvDp0ZM7AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ2OTIzZGY0ZGFlOTE5NTBjZjAwZDIzNWZlMzllMDBlZWEz
ODE2ZDIwHhcNMjUwODA1MTEyNjI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5Mzk1ODg4YjUxMjM5ZWFkOTQzZWE5Zjc1Mjk5MTJmMTVlZTM3ZjUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArH4N9TU9FgQC/fiFGoNJ1999Y8VS
VZoxE5b7WxKgakHLMfZvkEpWTt0wuW0lmU0tG/r8mRB9DN8sYxgrz0/2THXD2uK6
ny4IbMStYkqwJpGmmvKnlh7irffc0bnJXX/GRTYEbKqcS1rviaC7rzSxBe6mrNOu
xxzpM5HSWuMK1w5Iebj9AavBhIzyJK00cN25OPmECq34Xb4Kp8G45lJBFt7snFfj
6ecwlz2B+Aa75WXTTrX1flFic9eVh40ao9BsRnXFG7Dz3FhBgAJytUSTDLP0zA+V
2kYVir06PPms1kVJBTziHBs4CyqrXFq2AWjcLCDLT+iANKekY+eM2zyE5QIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFJOViItRI56tlD6p91KZEvFe439TMB8GA1UdIwQY
MBaAFNaSPfTa6RlQzwDSNf454A7qOBbSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMXBJOTlOcnBHVkRQQU5JMV9qbmdEdW80RnRJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNS8zMjY4MGQtMDNkOS00YWZhLTk0MTYt
OGQ2ZmMwMTA1MjNkLzEvazVXSWkxRWpucTJVUHFuM1Vwa1M4VjdqZjFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNS8zMjY4MGQtMDNkOS00YWZhLTk0MTYtOGQ2ZmMwMTA1MjNk
LzEvMXBJOTlOcnBHVkRQQU5JMV9qbmdEdW80RnRJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQDHynIAwQE
Tm7QAwQFstGAAwQCuRgUAwQBwQhWAwQE1aiwMA0EAgACMAcDBQMqAhO4MA0GCSqG
SIb3DQEBCwUAA4IBAQB1XgD23en1SKy2T9gjR7UfnejHrXYa+Sn7pGdCgXEGr8lx
RF715OGoKY024btGSNcviZDGFCBNMP6lX8hdm1+oG8R4o+YWPFnnb/eKC9/yztDm
y99l6tl0OU5qUHklYPxqDOPUJ91r15/t5GuHx2/3hY6P6YEgcqPT6bKoM9x6RQSu
xCRv+fV7o7eBr22hsY5QAVJpYtuMGGI9Co7UvEtubG85hTsfplQ5dPDVtlShS/0l
y6at5xgjOpef9ZBKXqlXZ5+LwVBlZRAuyiDH4x+KwNsHC1edydV2DFvmwf5XxqMD
gjN6y8QLfMEjksw4SSMXGokHAhXBhmNcUWc11sT+
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:35:15 2025 by rpki-client