Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/Fd_HUYvmrfFxU0xnwaPyXbD6xtg.roa
File: Fd_HUYvmrfFxU0xnwaPyXbD6xtg.roa (raw, json)
Hash identifier: b876kIBlXdXsqGX/hdy6VCgbkX80WbO1c9Al1yyM/IY=
Subject key identifier: 15:DF:C7:51:8B:E6:AD:F1:71:53:4C:67:C1:A3:F2:5D:B0:FA:C6:D8
Certificate issuer: /CN=352ae33b11b36a319ba81347d852480d8e74c87d
Certificate serial: 01980940F4F7B18911F9CB92B0EEC7C2B2C6
Authority key identifier: 35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/Fd_HUYvmrfFxU0xnwaPyXbD6xtg.roa
Signing time: Mon 14 Jul 2025 14:05:08 +0000
ROA not before: Mon 14 Jul 2025 14:05:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12430
IP address blocks: 5.224.0.0/15 maxlen: 15
31.4.0.0/16 maxlen: 24
37.222.0.0/15 maxlen: 24
46.24.0.0/14 maxlen: 14
46.25.0.0/21 maxlen: 21
46.25.60.0/22 maxlen: 22
46.136.0.0/16 maxlen: 16
47.58.0.0/16 maxlen: 16
47.59.0.0/16 maxlen: 16
47.60.0.0/16 maxlen: 16
47.61.0.0/16 maxlen: 16
47.62.0.0/16 maxlen: 16
47.63.0.0/16 maxlen: 16
62.87.0.0/17 maxlen: 24
77.208.0.0/14 maxlen: 24
77.224.0.0/13 maxlen: 13
87.124.192.0/18 maxlen: 18
87.125.0.0/16 maxlen: 24
87.235.0.0/16 maxlen: 16
89.6.0.0/15 maxlen: 15
93.113.16.0/21 maxlen: 21
94.248.64.0/18 maxlen: 18
95.60.0.0/14 maxlen: 14
95.60.32.0/21 maxlen: 21
148.56.0.0/16 maxlen: 16
159.147.0.0/16 maxlen: 16
178.57.128.0/18 maxlen: 18
178.139.0.0/16 maxlen: 22
188.84.0.0/14 maxlen: 14
188.86.112.0/22 maxlen: 22
188.211.228.0/22 maxlen: 22
193.125.0.0/16 maxlen: 16
194.220.0.0/16 maxlen: 16
212.73.32.0/19 maxlen: 24
212.145.0.0/16 maxlen: 16
212.166.128.0/17 maxlen: 23
217.130.0.0/16 maxlen: 16
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.mft
rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:07:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:40:f4:f7:b1:89:11:f9:cb:92:b0:ee:c7:c2:b2:c6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=352ae33b11b36a319ba81347d852480d8e74c87d
Validity
Not Before: Jul 14 14:05:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=15dfc7518be6adf171534c67c1a3f25db0fac6d8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:d2:11:e6:19:a4:38:ed:22:64:d2:7c:3d:31:
3a:cb:db:3a:82:56:7e:fd:b0:84:81:94:73:56:0a:
f2:c0:8e:a8:4d:85:3e:03:60:80:2b:90:3b:4a:b4:
83:ae:3b:e4:b7:18:69:89:aa:d4:fb:c5:d3:40:1a:
89:8c:05:05:05:bd:2a:8a:86:04:0c:8e:45:11:5a:
fd:ea:70:f9:4f:57:7e:b1:4f:ad:54:7c:a6:81:dc:
f6:27:8a:e3:b1:9f:5d:13:29:69:56:a6:3a:83:9a:
9a:a1:4b:54:da:ab:42:03:58:46:28:cd:84:08:1b:
33:8e:90:06:a5:87:f8:98:65:fb:22:e5:53:2d:ef:
25:66:03:b5:96:76:7a:f1:2d:16:3a:1e:3b:de:ec:
20:b1:19:4c:02:eb:d0:cc:8f:ca:76:3b:3f:9c:c5:
ea:a8:2e:40:76:05:5f:d8:40:4e:d5:7b:45:f7:40:
41:66:58:96:a4:28:93:27:9e:ba:56:ab:ed:a1:38:
26:2c:fc:66:fe:8a:e9:33:b6:5d:e2:c7:22:c3:a3:
3d:ea:d4:8d:65:d6:13:a2:8a:54:e0:dc:ce:07:9a:
db:29:76:d5:3d:17:31:8c:8a:74:09:15:1f:8f:b9:
81:f7:e3:24:c3:b5:d2:49:ca:50:02:53:0a:c4:0f:
ad:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
15:DF:C7:51:8B:E6:AD:F1:71:53:4C:67:C1:A3:F2:5D:B0:FA:C6:D8
X509v3 Authority Key Identifier:
keyid:35:2A:E3:3B:11:B3:6A:31:9B:A8:13:47:D8:52:48:0D:8E:74:C8:7D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NSrjOxGzajGbqBNH2FJIDY50yH0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/Fd_HUYvmrfFxU0xnwaPyXbD6xtg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/27/c55ab0-ea22-4a19-8b33-25050c593aa1/1/NSrjOxGzajGbqBNH2FJIDY50yH0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.224.0.0/15
31.4.0.0/16
37.222.0.0/15
46.24.0.0/14
46.136.0.0/16
47.58.0.0-47.63.255.255
62.87.0.0/17
77.208.0.0/14
77.224.0.0/13
87.124.192.0-87.125.255.255
87.235.0.0/16
89.6.0.0/15
93.113.16.0/21
94.248.64.0/18
95.60.0.0/14
148.56.0.0/16
159.147.0.0/16
178.57.128.0/18
178.139.0.0/16
188.84.0.0/14
188.211.228.0/22
193.125.0.0/16
194.220.0.0/16
212.73.32.0/19
212.145.0.0/16
212.166.128.0/17
217.130.0.0/16
Signature Algorithm: sha256WithRSAEncryption
09:73:87:c9:9e:9d:67:1f:27:c6:07:d0:46:37:a7:ff:b5:ec:
13:da:a0:03:1a:06:04:34:96:5d:04:f0:24:fd:95:3b:b0:6e:
45:d4:df:bb:99:b3:58:39:60:2d:99:e2:32:d8:08:89:55:3c:
00:02:c1:09:aa:df:92:b2:3f:c5:a6:dd:cc:d0:39:64:bb:cf:
7a:b4:bd:48:57:a3:3a:6a:13:10:2c:fc:84:31:c4:4b:83:51:
a8:0d:29:01:0c:80:3b:8e:02:ce:da:55:0b:d3:88:aa:43:7d:
f7:38:69:43:07:b0:07:7e:9d:7c:66:2b:cb:f4:99:64:82:07:
fb:86:48:9c:88:35:a9:13:49:20:62:a0:a4:5c:9c:4e:d0:b0:
2c:ce:72:95:44:19:94:ed:c6:25:e0:dd:2e:b9:04:7b:4f:c8:
e1:9f:df:d7:ac:c8:52:a1:29:2b:60:26:5f:b4:f4:9a:75:83:
a2:cc:45:fc:dd:fa:e6:2c:8b:0c:9d:73:ed:bd:d9:57:1f:61:
12:10:57:a9:c4:88:7a:da:bc:60:3a:a0:1f:02:23:f2:37:e1:
3e:e0:7a:b2:aa:4e:98:bb:3f:12:1c:1e:1d:c6:41:6e:0f:51:
df:87:96:a2:51:c7:6d:b9:33:97:4f:7e:e6:0a:97:6d:2d:d0:
58:22:27:50
-----BEGIN CERTIFICATE-----
MIIFmTCCBIGgAwIBAgISAZgJQPT3sYkR+cuSsO7HwrLGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM1MmFlMzNiMTFiMzZhMzE5YmE4MTM0N2Q4NTI0ODBkOGU3
NGM4N2QwHhcNMjUwNzE0MTQwNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNWRmYzc1MThiZTZhZGYxNzE1MzRjNjdjMWEzZjI1ZGIwZmFjNmQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt9IR5hmkOO0iZNJ8PTE6y9s6glZ+
/bCEgZRzVgrywI6oTYU+A2CAK5A7SrSDrjvktxhpiarU+8XTQBqJjAUFBb0qioYE
DI5FEVr96nD5T1d+sU+tVHymgdz2J4rjsZ9dEylpVqY6g5qaoUtU2qtCA1hGKM2E
CBszjpAGpYf4mGX7IuVTLe8lZgO1lnZ68S0WOh473uwgsRlMAuvQzI/Kdjs/nMXq
qC5AdgVf2EBO1XtF90BBZliWpCiTJ566VqvtoTgmLPxm/orpM7Zd4sciw6M96tSN
ZdYToopU4NzOB5rbKXbVPRcxjIp0CRUfj7mB9+Mkw7XSScpQAlMKxA+tHwIDAQAB
o4ICpTCCAqEwHQYDVR0OBBYEFBXfx1GL5q3xcVNMZ8Gj8l2w+sbYMB8GA1UdIwQY
MBaAFDUq4zsRs2oxm6gTR9hSSA2OdMh9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMt
MjUwNTBjNTkzYWExLzEvRmRfSFVZdm1yZkZ4VTB4bndhUHlYYkQ2eHRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNy9jNTVhYjAtZWEyMi00YTE5LThiMzMtMjUwNTBjNTkzYWEx
LzEvTlNyak94R3phakdicUJOSDJGSklEWTUweUgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG6BggrBgEFBQcBBwEB/wSBqjCBpzCBpAQCAAEwgZ0DAwEF
4AMDAB8EAwMBJd4DAwIuGAMDAC6IMAoDAwEvOgMDBi8AAwQHPlcAAwMCTdADAwNN
4DALAwQGV3zAAwMBV3wDAwBX6wMDAVkGAwQDXXEQAwQGXvhAAwMCXzwDAwCUOAMD
AJ+TAwQGsjmAAwMAsosDAwK8VAMEArzT5AMDAMF9AwMAwtwDBAXUSSADAwDUkQME
B9SmgAMDANmCMA0GCSqGSIb3DQEBCwUAA4IBAQAJc4fJnp1nHyfGB9BGN6f/tewT
2qADGgYENJZdBPAk/ZU7sG5F1N+7mbNYOWAtmeIy2AiJVTwAAsEJqt+Ssj/Fpt3M
0Dlku896tL1IV6M6ahMQLPyEMcRLg1GoDSkBDIA7jgLO2lUL04iqQ333OGlDB7AH
fp18ZivL9Jlkggf7hkiciDWpE0kgYqCkXJxO0LAsznKVRBmU7cYl4N0uuQR7T8jh
n9/XrMhSoSkrYCZftPSadYOizEX83frmLIsMnXPtvdlXH2ESEFepxIh62rxgOqAf
AiPyN+E+4Hqyqk6Yuz8SHB4dxkFuD1Hfh5aiUcdtuTOXT37mCpdtLdBYIidQ
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:13:23 2025 by rpki-client