Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Kdk1u6WIFvzBgghL_FOB6ZgFqow.roa
File: Kdk1u6WIFvzBgghL_FOB6ZgFqow.roa (raw, json)
Hash identifier: hva6luQLEhS0oWTELOlJF6JEG4wEaOBcwryevKDIMJM=
Subject key identifier: 29:D9:35:BB:A5:88:16:FC:C1:82:08:4B:FC:53:81:E9:98:05:AA:8C
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 019754C784B6D7E385A974A50A86100971A0
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Kdk1u6WIFvzBgghL_FOB6ZgFqow.roa
Signing time: Mon 09 Jun 2025 13:00:51 +0000
ROA not before: Mon 09 Jun 2025 13:00:51 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34892
IP address blocks: 5.158.232.0/24 maxlen: 24
5.158.233.0/24 maxlen: 24
5.158.234.0/23 maxlen: 23
5.158.236.0/23 maxlen: 23
5.158.238.0/23 maxlen: 23
85.234.0.0/22 maxlen: 22
85.234.4.0/22 maxlen: 22
85.234.8.0/22 maxlen: 22
85.234.12.0/22 maxlen: 22
85.234.16.0/22 maxlen: 22
85.234.20.0/24 maxlen: 24
85.234.21.0/24 maxlen: 24
85.234.24.0/22 maxlen: 22
85.234.28.0/22 maxlen: 22
185.24.44.0/23 maxlen: 23
185.24.44.0/24 maxlen: 24
185.24.45.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 23:47:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:54:c7:84:b6:d7:e3:85:a9:74:a5:0a:86:10:09:71:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 9 13:00:51 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=29d935bba58816fcc182084bfc5381e99805aa8c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:ef:79:65:b0:19:23:56:4b:68:10:34:79:84:
d8:32:06:6e:3a:6f:1b:51:a7:95:2d:bb:f5:93:cf:
0c:b2:3f:fb:08:41:e0:ff:93:fa:c3:64:64:31:0c:
77:5d:e2:48:00:16:b6:e2:37:a3:8f:fe:41:16:66:
16:8d:4d:16:bd:14:d9:a3:18:b7:e7:04:97:cd:47:
18:ad:a4:f8:84:54:99:60:29:04:1d:b1:7d:bb:24:
05:31:2f:46:63:a5:04:ad:78:d8:c9:8e:6f:cf:09:
f4:83:85:24:b8:26:14:31:12:ff:6f:89:b6:45:a9:
8f:25:9b:3c:64:27:25:fd:ac:26:b2:11:36:6a:01:
ca:40:6a:4b:30:4c:1b:b3:d2:b7:4a:fa:90:94:9f:
f0:70:f2:2e:fc:4f:40:58:ad:cd:39:7f:d2:7f:a1:
74:38:70:c3:4a:95:bd:f4:58:1d:4b:87:2d:6b:ae:
eb:fa:f7:7a:79:2d:31:1b:1e:a2:94:33:f9:fc:b1:
6d:41:c0:39:01:49:7b:97:cf:8d:93:7d:98:0d:9b:
cf:74:a4:67:ea:84:d9:3b:db:3e:b2:03:82:89:84:
4f:59:de:2c:a8:d1:92:82:b1:7c:ce:68:df:85:7d:
7a:f3:76:fd:5b:f3:df:b6:93:52:9e:bc:f1:c3:06:
8f:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:D9:35:BB:A5:88:16:FC:C1:82:08:4B:FC:53:81:E9:98:05:AA:8C
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/Kdk1u6WIFvzBgghL_FOB6ZgFqow.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.158.232.0/21
85.234.0.0-85.234.21.255
85.234.24.0/21
185.24.44.0/23
Signature Algorithm: sha256WithRSAEncryption
23:fc:e6:78:a2:64:65:34:63:63:d3:c4:2b:ed:91:e3:b9:47:
2e:57:8a:3d:7e:b0:97:75:87:2e:cd:9f:ed:44:db:73:ef:62:
4e:9f:27:83:24:f1:17:b5:d9:30:72:a1:f9:a9:d2:f5:44:c2:
e1:ec:11:a8:a2:d2:d0:0c:50:7b:3a:79:7d:ff:3d:f6:cc:f6:
be:c9:12:82:7c:b5:07:d9:26:ae:81:a9:17:d1:8d:c3:0d:b2:
fd:62:63:88:0a:57:bf:63:8d:4a:98:07:cb:b3:15:77:5a:33:
27:41:8c:ef:f5:2a:49:c8:24:90:22:22:d6:cb:98:96:4d:f9:
14:93:33:7e:b8:7b:bd:58:00:5e:af:45:30:78:00:17:05:f9:
23:19:4b:f6:43:5d:60:0b:ef:c6:57:ed:5b:92:55:a7:c3:6a:
cc:ca:91:e9:1d:dd:9c:25:af:a3:90:d9:d4:fe:5f:5e:51:e5:
cc:03:bf:0d:8c:f9:e8:17:a5:2c:d6:11:e0:27:f1:3d:11:9b:
a8:05:1f:f8:27:9f:a0:61:03:ff:04:e0:bb:c3:74:c2:b3:09:
37:20:5f:71:e5:04:52:07:1a:e9:01:d5:45:84:e7:75:4d:9e:
32:09:ec:3b:e0:ba:15:49:6a:ea:33:4d:11:6f:53:c1:b8:ce:
3b:a1:7d:e8
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZdUx4S21+OFqXSlCoYQCXGgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjA5MTMwMDUxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOWQ5MzViYmE1ODgxNmZjYzE4MjA4NGJmYzUzODFlOTk4MDVhYThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzO95ZbAZI1ZLaBA0eYTYMgZuOm8b
UaeVLbv1k88Msj/7CEHg/5P6w2RkMQx3XeJIABa24jejj/5BFmYWjU0WvRTZoxi3
5wSXzUcYraT4hFSZYCkEHbF9uyQFMS9GY6UErXjYyY5vzwn0g4UkuCYUMRL/b4m2
RamPJZs8ZCcl/awmshE2agHKQGpLMEwbs9K3SvqQlJ/wcPIu/E9AWK3NOX/Sf6F0
OHDDSpW99FgdS4cta67r+vd6eS0xGx6ilDP5/LFtQcA5AUl7l8+Nk32YDZvPdKRn
6oTZO9s+sgOCiYRPWd4sqNGSgrF8zmjfhX1683b9W/PftpNSnrzxwwaPzQIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFCnZNbuliBb8wYIIS/xTgemYBaqMMB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvS2RrMXU2V0lGdnpCZ2doTF9GT0I2WmdGcW93LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAlBAIAATAfAwQDBZ7oMAsD
AwFV6gMEAVXqFAMEA1XqGAMEAbkYLDANBgkqhkiG9w0BAQsFAAOCAQEAI/zmeKJk
ZTRjY9PEK+2R47lHLleKPX6wl3WHLs2f7UTbc+9iTp8ngyTxF7XZMHKh+anS9UTC
4ewRqKLS0AxQezp5ff899sz2vskSgny1B9kmroGpF9GNww2y/WJjiApXv2ONSpgH
y7MVd1ozJ0GM7/UqScgkkCIi1suYlk35FJMzfrh7vVgAXq9FMHgAFwX5IxlL9kNd
YAvvxlftW5JVp8NqzMqR6R3dnCWvo5DZ1P5fXlHlzAO/DYz56BelLNYR4CfxPRGb
qAUf+CefoGED/wTgu8N0wrMJNyBfceUEUgca6QHVRYTndU2eMgnsO+C6FUlq6jNN
EW9TwbjOO6F96A==
-----END CERTIFICATE-----
Generated at Thu Jun 19 08:40:00 2025 by rpki-client