Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/D5G6PMvb3J_sD5DCK4P6pKbgGp0.roa
File: D5G6PMvb3J_sD5DCK4P6pKbgGp0.roa (raw, json)
Hash identifier: G9aLrjJnG75rn4IsfgxzCqkd3zCbfg0pV6hyiy9q9jI=
Subject key identifier: 0F:91:BA:3C:CB:DB:DC:9F:EC:0F:90:C2:2B:83:FA:A4:A6:E0:1A:9D
Certificate issuer: /CN=618cc46d71e7848978488961d7b51aba1541f3c4
Certificate serial: 01985FDE6C2CD3F96F153C6EB3481B0F8148
Authority key identifier: 61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/D5G6PMvb3J_sD5DCK4P6pKbgGp0.roa
Signing time: Thu 31 Jul 2025 09:44:28 +0000
ROA not before: Thu 31 Jul 2025 09:44:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 89.184.0.0/21 maxlen: 24
89.184.8.0/23 maxlen: 23
89.184.14.0/23 maxlen: 23
89.184.16.0/21 maxlen: 24
89.184.24.0/21 maxlen: 24
193.222.251.0/24 maxlen: 24
193.223.69.0/24 maxlen: 24
193.223.103.0/24 maxlen: 24
193.223.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5f:de:6c:2c:d3:f9:6f:15:3c:6e:b3:48:1b:0f:81:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618cc46d71e7848978488961d7b51aba1541f3c4
Validity
Not Before: Jul 31 09:44:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f91ba3ccbdbdc9fec0f90c22b83faa4a6e01a9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:dc:5e:3e:70:7f:6b:18:e9:84:bf:33:aa:d1:
f0:a0:07:90:10:0a:13:3f:31:08:f3:5d:33:94:12:
8a:7a:ca:d6:e2:12:c9:a5:0b:b5:8b:6f:c4:68:54:
0e:89:2f:83:73:77:ad:74:44:8f:d7:83:52:f7:3e:
c0:8f:00:98:c4:77:ce:92:4e:33:bb:bd:49:07:02:
f6:1e:1b:60:0e:35:3f:b2:be:9e:ca:21:83:b7:f3:
3a:ea:f2:57:cb:7a:13:ba:1a:ae:3b:9c:b2:13:b9:
d0:f5:2a:3e:d6:34:3b:6e:95:27:b8:8f:8d:f3:95:
51:b9:56:66:3e:9b:79:29:b9:6e:66:c9:34:8d:a2:
90:a4:7c:3f:32:13:5d:06:e4:d0:71:fe:9e:6b:d0:
15:f0:9e:f8:e4:66:57:88:45:1c:9e:2b:e8:0d:04:
75:3d:2d:28:84:0b:b8:f4:07:2b:de:22:57:55:2e:
d5:cc:d3:2d:d3:04:c0:24:d3:58:a7:53:35:12:f2:
f7:8e:4d:d0:2c:5e:a2:eb:d3:ef:0a:af:4e:91:f6:
e8:8a:a4:e3:0c:14:3a:19:05:82:e3:77:9d:f8:22:
5c:90:4a:6c:41:ef:ab:9c:77:7b:da:ce:0e:9e:9d:
35:18:c8:0c:2b:8e:b7:31:09:58:4b:0e:b8:d4:10:
2f:d3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:91:BA:3C:CB:DB:DC:9F:EC:0F:90:C2:2B:83:FA:A4:A6:E0:1A:9D
X509v3 Authority Key Identifier:
keyid:61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/D5G6PMvb3J_sD5DCK4P6pKbgGp0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.0.0-89.184.9.255
89.184.14.0-89.184.31.255
193.222.251.0/24
193.223.69.0/24
193.223.103.0/24
193.223.108.0/24
Signature Algorithm: sha256WithRSAEncryption
49:e0:03:89:c1:e1:7a:88:a7:ff:55:b1:7c:c1:7e:58:15:4b:
a4:c4:dd:46:de:00:fa:06:4a:fa:f8:f7:a0:09:bd:58:59:00:
55:a9:3b:ca:ad:72:70:d4:48:b3:87:d8:4b:9a:bf:05:3e:df:
e9:db:2f:9f:fa:cb:57:74:f2:1e:ae:95:14:6e:7c:9f:ba:0f:
8b:e2:2d:9d:76:c7:9c:c2:56:35:47:4c:1a:65:fd:dc:73:1f:
75:ac:13:76:ca:da:7e:9d:dc:36:07:29:42:c6:7a:0b:08:85:
09:6e:ec:45:ea:15:7e:fd:01:65:17:fa:6f:5a:e2:79:13:f6:
ec:d8:41:3b:bf:27:18:a2:a8:83:02:bf:d4:93:ce:de:e4:ad:
cb:1c:ec:5b:0c:a7:9c:3b:55:36:30:90:9d:33:56:b1:34:70:
db:83:13:5e:b2:a2:c8:93:2c:d6:cc:d1:1d:9f:43:1d:64:5c:
9e:cf:d7:ef:bf:98:4e:11:04:0a:c1:02:8a:b1:75:55:80:97:
84:37:98:48:f6:00:1e:5f:45:bd:3a:b8:98:8e:77:a1:ce:1f:
65:54:38:99:58:2d:a9:5e:d5:c8:38:64:81:a6:65:5b:ce:33:
cb:99:32:04:ec:6c:ba:9b:0e:51:6c:ed:04:3c:c9:ae:32:96:
68:07:64:5a
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZhf3mws0/lvFTxus0gbD4FIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOGNjNDZkNzFlNzg0ODk3ODQ4ODk2MWQ3YjUxYWJhMTU0
MWYzYzQwHhcNMjUwNzMxMDk0NDI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjkxYmEzY2NiZGJkYzlmZWMwZjkwYzIyYjgzZmFhNGE2ZTAxYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtdxePnB/axjphL8zqtHwoAeQEAoT
PzEI810zlBKKesrW4hLJpQu1i2/EaFQOiS+Dc3etdESP14NS9z7AjwCYxHfOkk4z
u71JBwL2HhtgDjU/sr6eyiGDt/M66vJXy3oTuhquO5yyE7nQ9So+1jQ7bpUnuI+N
85VRuVZmPpt5KbluZsk0jaKQpHw/MhNdBuTQcf6ea9AV8J745GZXiEUcnivoDQR1
PS0ohAu49Acr3iJXVS7VzNMt0wTAJNNYp1M1EvL3jk3QLF6i69PvCq9OkfboiqTj
DBQ6GQWC43ed+CJckEpsQe+rnHd72s4Onp01GMgMK463MQlYSw641BAv0wIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFA+RujzL29yf7A+QwiuD+qSm4BqdMB8GA1UdIwQY
MBaAFGGMxG1x54SJeEiJYde1GroVQfPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTIt
NGVmMTljY2M1N2QwLzEvRDVHNlBNdmIzSl9zRDVEQ0s0UDZwS2JnR3AwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTItNGVmMTljY2M1N2Qw
LzEvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzA5BAIAATAzMAsDAwNZuAME
AVm4CDAMAwQBWbgOAwQFWbgAAwQAwd77AwQAwd9FAwQAwd9nAwQAwd9sMA0GCSqG
SIb3DQEBCwUAA4IBAQBJ4AOJweF6iKf/VbF8wX5YFUukxN1G3gD6Bkr6+PegCb1Y
WQBVqTvKrXJw1Eizh9hLmr8FPt/p2y+f+stXdPIerpUUbnyfug+L4i2ddsecwlY1
R0waZf3ccx91rBN2ytp+ndw2BylCxnoLCIUJbuxF6hV+/QFlF/pvWuJ5E/bs2EE7
vycYoqiDAr/Uk87e5K3LHOxbDKecO1U2MJCdM1axNHDbgxNesqLIkyzWzNEdn0Md
ZFyez9fvv5hOEQQKwQKKsXVVgJeEN5hI9gAeX0W9OriYjnehzh9lVDiZWC2pXtXI
OGSBpmVbzjPLmTIE7Gy6mw5RbO0EPMmuMpZoB2Ra
-----END CERTIFICATE-----
Generated at Tue Aug 5 22:55:02 2025 by rpki-client