Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/oRxsUKSYIuzdN0Xg3gRFu2NrJy8.roa
File: oRxsUKSYIuzdN0Xg3gRFu2NrJy8.roa (raw, json)
Hash identifier: G0qB8+sSsdcXAzCtBm3ppzfiLkWZse0m227rFDZokhc=
Subject key identifier: A1:1C:6C:50:A4:98:22:EC:DD:37:45:E0:DE:04:45:BB:63:6B:27:2F
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019818A5A71CC74DE442DE5CE3F40E3F3D66
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/oRxsUKSYIuzdN0Xg3gRFu2NrJy8.roa
Signing time: Thu 17 Jul 2025 13:49:26 +0000
ROA not before: Thu 17 Jul 2025 13:49:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50113
IP address blocks: 5.180.136.0/24 maxlen: 24
5.180.137.0/24 maxlen: 24
5.252.116.0/24 maxlen: 24
45.89.64.0/24 maxlen: 24
91.217.77.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.174.139.0/24 maxlen: 24
185.180.230.0/24 maxlen: 24
185.188.180.0/24 maxlen: 24
185.189.12.0/22 maxlen: 22
185.189.12.0/24 maxlen: 24
185.189.13.0/24 maxlen: 24
185.189.14.0/24 maxlen: 24
185.189.15.0/24 maxlen: 24
192.162.100.0/24 maxlen: 24
192.162.101.0/24 maxlen: 24
192.162.102.0/24 maxlen: 24
192.162.103.0/24 maxlen: 24
193.0.200.0/24 maxlen: 24
193.0.202.0/24 maxlen: 24
193.0.203.0/24 maxlen: 24
193.168.226.0/24 maxlen: 24
194.63.140.0/24 maxlen: 24
194.63.141.0/24 maxlen: 24
194.63.142.0/24 maxlen: 24
194.63.143.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:a5:a7:1c:c7:4d:e4:42:de:5c:e3:f4:0e:3f:3d:66
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 17 13:49:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a11c6c50a49822ecdd3745e0de0445bb636b272f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:50:dc:87:14:5f:fb:a6:04:bb:c0:17:33:07:
cc:08:26:5b:2e:1c:f1:8a:fd:47:5d:43:10:de:5d:
dd:15:7c:04:37:4d:41:63:98:10:c5:3a:e2:95:58:
f1:19:4d:63:1a:a0:85:23:ee:32:70:49:93:4d:10:
26:f8:4a:49:4e:03:d8:4e:9a:11:9b:43:8e:03:13:
1a:8a:02:72:e1:15:05:47:a6:e0:54:65:d5:6f:1f:
66:da:59:91:82:dc:4b:9b:f4:08:d3:39:1d:04:5c:
d9:8d:29:70:6a:f8:6f:b5:ff:d7:07:ba:37:dc:6c:
fe:be:25:66:c3:24:36:75:f3:05:d2:5e:c6:b9:73:
2f:8d:12:60:e9:b1:5b:0a:8c:2c:6c:e5:62:38:5f:
10:f2:7d:f1:de:27:da:c3:2f:3b:d8:10:7f:7b:75:
d1:f8:94:1b:c4:c6:ce:ac:d2:7d:3c:fc:7e:34:e2:
5c:40:84:aa:f8:69:11:14:e2:63:01:81:59:f0:ec:
9f:db:10:a6:3e:dc:d7:e3:21:e5:2d:cc:fb:12:30:
6a:25:b4:12:1e:ef:0c:e5:a7:2f:17:fa:e3:da:22:
c6:d6:66:56:a8:98:9b:77:81:b3:f3:eb:8f:26:9b:
db:63:d2:98:b4:31:50:a4:f3:09:94:ab:b5:4b:48:
b4:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A1:1C:6C:50:A4:98:22:EC:DD:37:45:E0:DE:04:45:BB:63:6B:27:2F
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/oRxsUKSYIuzdN0Xg3gRFu2NrJy8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.136.0/23
5.252.116.0/24
45.89.64.0/24
91.217.77.0/24
185.104.248.0/24
185.174.139.0/24
185.180.230.0/24
185.188.180.0/24
185.189.12.0/22
192.162.100.0/22
193.0.200.0/24
193.0.202.0/23
193.168.226.0/24
194.63.140.0/22
Signature Algorithm: sha256WithRSAEncryption
66:8e:96:6f:68:3e:2a:ef:18:22:6a:be:84:ec:83:dd:5f:f0:
3d:26:ab:6f:3e:a8:5d:c9:18:44:90:02:d3:a4:db:53:6f:f1:
63:c8:d9:b2:0a:f4:d0:c1:58:47:91:24:b6:bd:e1:18:12:79:
8a:df:55:2a:f1:b6:de:9f:57:eb:b1:bf:12:b5:f1:79:d5:9c:
d1:90:be:08:29:a1:aa:85:1e:20:a9:8c:d9:a7:51:14:19:5f:
d7:2e:a3:54:a1:2b:d8:e4:86:a9:23:fe:ea:33:0c:26:8c:ce:
c0:54:42:99:ac:36:5c:b8:01:18:ea:0f:96:35:e4:13:a2:52:
36:8e:d6:17:72:38:08:89:fd:da:63:53:94:bd:d8:3b:8f:66:
0c:1e:ad:f3:ff:d7:75:ee:d7:31:de:0e:96:3e:4a:b3:d3:77:
53:ef:53:36:f2:47:1e:c4:87:64:ca:b0:89:cf:c5:d9:4f:c8:
ef:13:dd:0c:4d:3c:b7:7d:c8:45:b5:73:45:99:c0:29:9b:48:
e5:22:f6:34:14:2a:78:c8:a2:eb:4d:b1:d8:5e:31:ce:db:ec:
ec:44:60:53:9e:bb:cc:5d:1e:6b:08:21:36:fb:c1:f3:6a:64:
5e:16:8f:92:9a:ee:e7:76:f1:57:a5:61:b8:ba:06:32:93:bf:
96:32:d6:5b
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZgYpaccx03kQt5c4/QOPz1mMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE3MTM0OTI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMTFjNmM1MGE0OTgyMmVjZGQzNzQ1ZTBkZTA0NDViYjYzNmIyNzJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw1DchxRf+6YEu8AXMwfMCCZbLhzx
iv1HXUMQ3l3dFXwEN01BY5gQxTrilVjxGU1jGqCFI+4ycEmTTRAm+EpJTgPYTpoR
m0OOAxMaigJy4RUFR6bgVGXVbx9m2lmRgtxLm/QI0zkdBFzZjSlwavhvtf/XB7o3
3Gz+viVmwyQ2dfMF0l7GuXMvjRJg6bFbCowsbOViOF8Q8n3x3ifawy872BB/e3XR
+JQbxMbOrNJ9PPx+NOJcQISq+GkRFOJjAYFZ8Oyf2xCmPtzX4yHlLcz7EjBqJbQS
Hu8M5acvF/rj2iLG1mZWqJibd4Gz8+uPJpvbY9KYtDFQpPMJlKu1S0i0AQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFKEcbFCkmCLs3TdF4N4ERbtjaycvMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvb1J4c1VLU1lJdXpkTjBYZzNnUkZ1Mk5ySnk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQBBbSIAwQA
Bfx0AwQALVlAAwQAW9lNAwQAuWj4AwQAua6LAwQAubTmAwQAuby0AwQCub0MAwQC
wKJkAwQAwQDIAwQBwQDKAwQAwajiAwQCwj+MMA0GCSqGSIb3DQEBCwUAA4IBAQBm
jpZvaD4q7xgiar6E7IPdX/A9JqtvPqhdyRhEkALTpNtTb/FjyNmyCvTQwVhHkSS2
veEYEnmK31Uq8bben1frsb8StfF51ZzRkL4IKaGqhR4gqYzZp1EUGV/XLqNUoSvY
5IapI/7qMwwmjM7AVEKZrDZcuAEY6g+WNeQTolI2jtYXcjgIif3aY1OUvdg7j2YM
Hq3z/9d17tcx3g6WPkqz03dT71M28kcexIdkyrCJz8XZT8jvE90MTTy3fchFtXNF
mcApm0jlIvY0FCp4yKLrTbHYXjHO2+zsRGBTnrvMXR5rCCE2+8HzamReFo+Smu7n
dvFXpWG4ugYyk7+WMtZb
-----END CERTIFICATE-----
Generated at Sun Jul 20 19:00:14 2025 by rpki-client