Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/ExAganwf9gZ05D9qRE8-_5Xus6o.roa
File: ExAganwf9gZ05D9qRE8-_5Xus6o.roa (raw, json)
Hash identifier: e3o8e5ycJojpJP7dj6Tp5MfZKgzjJp1td8ZGojsGOIg=
Subject key identifier: 13:10:20:6A:7C:1F:F6:06:74:E4:3F:6A:44:4F:3E:FF:95:EE:B3:AA
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B53E1AC1A48CFEEC322DEEA68383E9
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/ExAganwf9gZ05D9qRE8-_5Xus6o.roa
Signing time: Mon 14 Jul 2025 16:12:09 +0000
ROA not before: Mon 14 Jul 2025 16:12:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207569
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
45.9.74.0/24 maxlen: 24
45.133.245.0/24 maxlen: 24
45.133.246.0/24 maxlen: 24
46.17.106.0/24 maxlen: 24
85.209.0.0/24 maxlen: 24
95.214.8.0/24 maxlen: 24
139.28.220.0/24 maxlen: 24
139.28.221.0/24 maxlen: 24
185.17.2.0/24 maxlen: 24
185.58.207.0/24 maxlen: 24
185.94.167.0/24 maxlen: 24
185.104.250.0/24 maxlen: 24
185.105.118.0/24 maxlen: 24
185.125.228.0/24 maxlen: 24
185.125.231.0/24 maxlen: 24
185.188.181.0/24 maxlen: 24
193.109.84.0/24 maxlen: 24
193.124.180.0/24 maxlen: 24
193.124.181.0/24 maxlen: 24
194.53.54.0/24 maxlen: 24
194.67.200.0/24 maxlen: 24
195.66.87.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 21:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b5:3e:1a:c1:a4:8c:fe:ec:32:2d:ee:a6:83:83:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:12:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1310206a7c1ff60674e43f6a444f3eff95eeb3aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:26:d7:55:a9:2f:01:7e:8b:fa:14:4d:37:7a:
e1:78:8d:8c:a2:24:d7:a0:85:c3:54:0b:0c:96:4a:
3e:07:dd:eb:77:ef:1f:42:d2:81:15:e4:bf:18:37:
aa:b9:f8:db:ec:b7:2d:99:c0:bb:75:1b:80:fb:70:
0b:a0:7d:0d:56:8a:43:7d:ce:28:3e:2b:69:b8:0e:
12:24:56:6d:c5:f4:67:51:35:59:cd:96:6d:93:d5:
92:dc:75:4e:0a:5f:b6:83:60:32:40:30:c1:5c:02:
b4:aa:ae:8a:60:50:a0:fe:95:f6:fc:bd:96:fc:27:
15:bd:fb:95:74:7d:20:1f:bc:f3:8b:14:fe:5b:79:
20:47:40:ef:03:fb:56:79:4f:cb:9a:5f:14:d1:0d:
a2:df:03:27:67:6b:4d:90:6e:28:85:68:27:89:55:
56:20:31:d6:9e:e5:d3:c5:43:58:4f:1a:7a:21:d0:
4f:f1:47:84:50:bd:0e:e3:c5:a9:29:b5:69:84:84:
6c:ee:cd:f7:e0:c1:a1:28:f9:d6:80:80:84:88:ad:
24:77:5d:2b:de:f6:77:21:22:23:e3:d5:f8:41:2f:
c7:92:22:45:77:e5:04:b3:5b:88:c5:6e:ce:36:95:
f6:09:10:19:ec:dc:e3:8f:74:26:fa:60:e9:83:92:
b5:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
13:10:20:6A:7C:1F:F6:06:74:E4:3F:6A:44:4F:3E:FF:95:EE:B3:AA
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/ExAganwf9gZ05D9qRE8-_5Xus6o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
45.9.74.0/24
45.133.245.0-45.133.246.255
46.17.106.0/24
85.209.0.0/24
95.214.8.0/24
139.28.220.0/23
185.17.2.0/24
185.58.207.0/24
185.94.167.0/24
185.104.250.0/24
185.105.118.0/24
185.125.228.0/24
185.125.231.0/24
185.188.181.0/24
193.109.84.0/24
193.124.180.0/23
194.53.54.0/24
194.67.200.0/24
195.66.87.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:c8:65:56:93:b7:22:d9:a1:de:b8:03:f2:8e:29:d4:75:e6:
b0:69:44:f5:a2:be:7f:ac:40:9b:61:f1:77:7b:6a:8b:b6:61:
16:ab:54:79:59:cb:eb:df:73:02:f2:16:ec:d4:ba:a9:07:34:
26:8c:6d:08:7e:3f:be:a4:e1:d0:15:14:8a:e2:4c:4f:14:e7:
2a:97:4d:69:99:8f:f1:95:ea:43:f6:cf:90:f9:c0:4a:13:40:
95:70:ff:65:d1:08:24:48:5d:da:47:48:a0:f4:f3:58:35:7a:
68:25:17:b7:bb:e6:e8:28:ff:13:03:78:62:87:74:dc:3a:0c:
eb:95:f1:af:25:74:61:2e:e2:d5:43:83:d0:a9:5b:01:96:5a:
34:12:7a:76:0b:e2:fc:68:64:5e:51:86:cc:a1:27:c2:b2:8b:
89:b3:d5:57:4c:7d:6e:19:08:63:d3:77:19:a6:08:84:24:90:
56:85:40:b5:ca:99:6f:1a:4d:69:a1:7c:12:14:25:45:65:c5:
e5:d2:99:68:57:fc:4f:03:19:48:69:7c:3d:b7:2b:ea:d8:80:
7a:99:d9:a5:a3:47:ad:8c:54:76:0b:c5:53:e3:1c:25:3c:8a:
8a:c4:e0:91:3d:b3:25:10:e4:53:e0:03:08:37:b4:55:bd:43:
2e:e0:d4:ab
-----BEGIN CERTIFICATE-----
MIIFfDCCBGSgAwIBAgISAZgJtT4awaSM/uwyLe6mg4PpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMzEwMjA2YTdjMWZmNjA2NzRlNDNmNmE0NDRmM2VmZjk1ZWViM2FhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ybXVakvAX6L+hRNN3rheI2MoiTX
oIXDVAsMlko+B93rd+8fQtKBFeS/GDequfjb7LctmcC7dRuA+3ALoH0NVopDfc4o
PitpuA4SJFZtxfRnUTVZzZZtk9WS3HVOCl+2g2AyQDDBXAK0qq6KYFCg/pX2/L2W
/CcVvfuVdH0gH7zzixT+W3kgR0DvA/tWeU/Lml8U0Q2i3wMnZ2tNkG4ohWgniVVW
IDHWnuXTxUNYTxp6IdBP8UeEUL0O48WpKbVphIRs7s334MGhKPnWgICEiK0kd10r
3vZ3ISIj49X4QS/HkiJFd+UEs1uIxW7ONpX2CRAZ7Nzjj3Qm+mDpg5K11wIDAQAB
o4ICiDCCAoQwHQYDVR0OBBYEFBMQIGp8H/YGdOQ/akRPPv+V7rOqMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvRXhBZ2Fud2Y5Z1owNUQ5cVJFOC1fNVh1czZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGdBggrBgEFBQcBBwEB/wSBjTCBijCBhwQCAAEwgYADBAEF
tIgDBAAtCUowDAMEAC2F9QMEAC2F9gMEAC4RagMEAFXRAAMEAF/WCAMEAYsc3AME
ALkRAgMEALk6zwMEALlepwMEALlo+gMEALlpdgMEALl95AMEALl95wMEALm8tQME
AMFtVAMEAcF8tAMEAMI1NgMEAMJDyAMEAMNCVzANBgkqhkiG9w0BAQsFAAOCAQEA
fchlVpO3Itmh3rgD8o4p1HXmsGlE9aK+f6xAm2Hxd3tqi7ZhFqtUeVnL699zAvIW
7NS6qQc0JoxtCH4/vqTh0BUUiuJMTxTnKpdNaZmP8ZXqQ/bPkPnAShNAlXD/ZdEI
JEhd2kdIoPTzWDV6aCUXt7vm6Cj/EwN4Yod03DoM65XxryV0YS7i1UOD0KlbAZZa
NBJ6dgvi/GhkXlGGzKEnwrKLibPVV0x9bhkIY9N3GaYIhCSQVoVAtcqZbxpNaaF8
EhQlRWXF5dKZaFf8TwMZSGl8Pbcr6tiAepnZpaNHrYxUdgvFU+McJTyKisTgkT2z
JRDkU+ADCDe0Vb1DLuDUqw==
-----END CERTIFICATE-----
Generated at Mon Jul 21 02:14:54 2025 by rpki-client