Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/nkQ4J-al4-TNNhx5kwAxDyydYxY.roa
File: nkQ4J-al4-TNNhx5kwAxDyydYxY.roa (raw, json)
Hash identifier: Nn7gIavrac29qJqe8wBIjZprs44Pop6hbalpdBelYLI=
Subject key identifier: 9E:44:38:27:E6:A5:E3:E4:CD:36:1C:79:93:00:31:0F:2C:9D:63:16
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 019837298771684511E34728916647F60E93
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/nkQ4J-al4-TNNhx5kwAxDyydYxY.roa
Signing time: Wed 23 Jul 2025 12:02:05 +0000
ROA not before: Wed 23 Jul 2025 12:02:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60187
IP address blocks: 5.150.62.0/24 maxlen: 24
5.150.64.0/24 maxlen: 24
5.150.65.0/24 maxlen: 24
5.150.66.0/24 maxlen: 24
5.150.67.0/24 maxlen: 24
5.150.68.0/24 maxlen: 24
5.150.69.0/24 maxlen: 24
5.150.70.0/24 maxlen: 24
5.150.71.0/24 maxlen: 24
5.150.74.0/24 maxlen: 24
5.150.76.0/24 maxlen: 24
5.150.80.0/20 maxlen: 20
5.150.96.0/22 maxlen: 22
5.150.100.0/22 maxlen: 22
5.150.104.0/22 maxlen: 22
5.150.108.0/22 maxlen: 22
5.150.112.0/22 maxlen: 22
5.150.116.0/22 maxlen: 22
5.150.120.0/22 maxlen: 22
5.150.124.0/22 maxlen: 24
171.33.192.0/21 maxlen: 21
171.33.192.0/22 maxlen: 22
171.33.196.0/22 maxlen: 22
171.33.200.0/21 maxlen: 21
171.33.208.0/21 maxlen: 21
171.33.216.0/21 maxlen: 21
2a02:af40::/29 maxlen: 29
2a02:af40::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:29:87:71:68:45:11:e3:47:28:91:66:47:f6:0e:93
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Jul 23 12:02:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9e443827e6a5e3e4cd361c799300310f2c9d6316
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ec:4b:5d:e5:50:7a:bf:bf:22:fb:98:bd:cd:ee:
b8:a4:37:dc:8c:ba:42:5d:8d:fc:8c:f6:0d:51:0f:
7f:ec:64:89:75:ff:fb:6f:76:db:9f:bc:ee:df:22:
5b:e7:c5:87:fe:d3:0a:eb:cc:ea:48:ed:6c:e5:ba:
2a:22:71:37:ea:b3:68:5b:55:4a:74:08:ea:37:9a:
e8:55:10:bc:f2:e5:44:e1:e4:f7:f8:f5:e4:3b:4f:
4f:ef:ca:2f:01:e4:b0:4f:bd:9a:e9:c5:a5:19:6a:
cf:2d:da:8b:22:f9:c6:e9:a3:1c:61:a1:01:c1:1e:
a1:68:6f:6d:59:85:b8:8a:2a:21:7b:cd:55:a6:07:
ae:a0:d6:b9:ce:68:5a:05:62:5f:ba:99:6f:4b:44:
85:3c:6b:b1:14:bd:e8:da:41:60:93:c7:de:76:74:
d0:dd:46:46:f0:32:92:34:98:9f:0b:fb:2c:d2:85:
da:ec:0a:fd:44:05:36:66:24:4c:4a:2d:0a:7f:4c:
f4:1b:7f:ff:43:99:16:24:b7:29:9a:40:10:44:de:
b4:fc:78:17:60:3d:e6:5c:54:64:f5:b1:3f:07:41:
2f:9b:16:41:e1:e0:04:6c:ed:1a:3c:b7:86:5a:e8:
60:43:1a:dc:6e:81:4e:18:bd:2e:85:bf:d4:c2:d8:
ea:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:44:38:27:E6:A5:E3:E4:CD:36:1C:79:93:00:31:0F:2C:9D:63:16
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/nkQ4J-al4-TNNhx5kwAxDyydYxY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.62.0/24
5.150.64.0/21
5.150.74.0/24
5.150.76.0/24
5.150.80.0-5.150.127.255
171.33.192.0/19
IPv6:
2a02:af40::/29
Signature Algorithm: sha256WithRSAEncryption
c0:21:ac:ef:4d:86:b5:69:68:0a:13:21:98:ef:3d:fa:63:f9:
5f:83:15:48:7e:ff:82:ec:77:4c:c0:a0:24:e3:a2:29:2c:d0:
63:dd:c6:16:81:bf:5f:d1:7c:ea:7c:e4:a9:75:12:67:94:07:
c3:b3:15:0d:f2:de:f1:b8:f4:56:0e:2f:d6:b0:a9:59:ec:a3:
13:60:70:cf:c7:5e:c0:b8:13:b9:88:f4:4d:01:a8:e0:0e:a1:
cd:82:a0:b2:c2:12:e1:15:ab:22:67:95:92:47:72:be:de:2d:
d4:82:09:9b:97:1f:bc:54:ee:fd:ab:f4:13:00:8f:21:41:37:
38:b0:c1:19:0e:95:14:fc:b1:e8:81:f1:f0:6f:88:87:59:75:
75:61:e3:55:65:b4:cb:96:04:51:30:bd:08:2a:f7:17:56:67:
ff:60:b0:ba:59:09:81:bd:cf:3a:95:2a:60:df:1a:39:b0:23:
ad:0f:37:92:0c:77:90:60:16:08:01:bb:ce:cb:c2:b8:60:ef:
fb:3a:36:b8:ea:0b:eb:45:2d:47:ab:ae:39:a5:07:be:3b:da:
80:b5:b5:d4:32:bf:a8:35:27:33:5e:ea:b8:96:23:3d:12:07:
8d:d8:bf:45:8e:4e:1e:41:c0:28:65:c4:7c:1e:d9:de:71:a8:
ac:7f:67:9f
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZg3KYdxaEUR40cokWZH9g6TMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjUwNzIzMTIwMjA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZTQ0MzgyN2U2YTVlM2U0Y2QzNjFjNzk5MzAwMzEwZjJjOWQ2MzE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7Etd5VB6v78i+5i9ze64pDfcjLpC
XY38jPYNUQ9/7GSJdf/7b3bbn7zu3yJb58WH/tMK68zqSO1s5boqInE36rNoW1VK
dAjqN5roVRC88uVE4eT3+PXkO09P78ovAeSwT72a6cWlGWrPLdqLIvnG6aMcYaEB
wR6haG9tWYW4iiohe81VpgeuoNa5zmhaBWJfuplvS0SFPGuxFL3o2kFgk8fednTQ
3UZG8DKSNJifC/ss0oXa7Ar9RAU2ZiRMSi0Kf0z0G3//Q5kWJLcpmkAQRN60/HgX
YD3mXFRk9bE/B0EvmxZB4eAEbO0aPLeGWuhgQxrcboFOGL0uhb/UwtjqXQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFJ5EOCfmpePkzTYceZMAMQ8snWMWMB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEvbmtRNEotYWw0LVROTmh4NWt3QXhEeXlkWXhZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAyBAIAATAsAwQABZY+AwQD
BZZAAwQABZZKAwQABZZMMAwDBAQFllADBAcFlgADBAWrIcAwDQQCAAIwBwMFAyoC
r0AwDQYJKoZIhvcNAQELBQADggEBAMAhrO9NhrVpaAoTIZjvPfpj+V+DFUh+/4Ls
d0zAoCTjoiks0GPdxhaBv1/RfOp85Kl1EmeUB8OzFQ3y3vG49FYOL9awqVnsoxNg
cM/HXsC4E7mI9E0BqOAOoc2CoLLCEuEVqyJnlZJHcr7eLdSCCZuXH7xU7v2r9BMA
jyFBNziwwRkOlRT8seiB8fBviIdZdXVh41VltMuWBFEwvQgq9xdWZ/9gsLpZCYG9
zzqVKmDfGjmwI60PN5IMd5BgFggBu87Lwrhg7/s6NrjqC+tFLUerrjmlB7472oC1
tdQyv6g1JzNe6riWIz0SB43Yv0WOTh5BwChlxHwe2d5xqKx/Z58=
-----END CERTIFICATE-----
Generated at Mon Jul 28 06:09:52 2025 by rpki-client