Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IUTkEFrjb7lN-w5zeY4pqlLKUu8.roa
File: IUTkEFrjb7lN-w5zeY4pqlLKUu8.roa (raw, json)
Hash identifier: LCLWWsRmvZEBLl89l4Ybwp5FtpaUoZnoRp/7DEAb5RU=
Subject key identifier: 21:44:E4:10:5A:E3:6F:B9:4D:FB:0E:73:79:8E:29:AA:52:CA:52:EF
Certificate issuer: /CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Certificate serial: 019841AFED89ACA174FF84DC687BDB965F62
Authority key identifier: 02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IUTkEFrjb7lN-w5zeY4pqlLKUu8.roa
Signing time: Fri 25 Jul 2025 13:05:04 +0000
ROA not before: Fri 25 Jul 2025 13:05:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14537
IP address blocks: 5.62.80.0/20 maxlen: 24
45.85.4.0/22 maxlen: 24
66.84.64.0/20 maxlen: 24
78.24.208.0/21 maxlen: 24
81.85.104.0/21 maxlen: 24
94.125.56.0/21 maxlen: 24
109.202.112.0/21 maxlen: 24
185.28.72.0/22 maxlen: 24
193.31.208.0/20 maxlen: 24
193.33.228.0/23 maxlen: 24
2a03:9e00::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl
rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.mft
rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 01:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:41:af:ed:89:ac:a1:74:ff:84:dc:68:7b:db:96:5f:62
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0246e8a76d30c7c0495bc5ce8ee5110feab286e6
Validity
Not Before: Jul 25 13:05:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2144e4105ae36fb94dfb0e73798e29aa52ca52ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:47:0c:01:03:fa:82:93:85:87:97:a5:17:59:
92:bd:c4:ac:28:51:b3:c7:b3:10:05:ba:87:19:94:
9a:22:cc:aa:d8:12:e4:3f:5e:35:cf:43:54:9f:39:
04:a7:a5:93:e3:1a:81:5f:52:ac:7d:08:bb:ac:cb:
0e:78:4e:2b:87:26:87:3c:54:71:8a:05:c6:3f:d0:
62:8a:6f:f6:a8:7d:df:c9:e8:6a:e4:bd:ba:4e:5a:
a8:87:9f:47:cd:df:42:5e:9b:a1:ab:e7:f2:e1:e0:
bb:d7:5a:91:be:bf:c9:16:4e:47:de:95:d5:d0:8c:
c1:9a:3e:89:9b:1e:5d:0d:6c:90:00:47:89:d0:69:
5c:f1:a3:ed:e1:ce:c6:24:a1:c4:01:ee:d9:78:6c:
29:19:70:f9:18:42:e8:89:a7:6a:5e:a3:34:e7:ef:
e7:3b:c9:a7:76:69:c9:50:22:4d:6f:ef:96:71:0f:
9d:1a:ab:5a:63:1f:1f:c9:f3:94:ec:3a:9c:b7:72:
2a:52:9a:bb:dd:78:9f:db:e5:43:cb:5e:c2:8a:c6:
7a:28:ac:c3:83:ef:be:e1:2a:af:f8:09:e4:c3:4b:
91:61:64:76:e1:e1:29:c5:db:cf:fb:04:86:b6:42:
33:70:25:18:cf:f7:da:a6:77:9c:50:04:b4:0c:93:
26:c5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
21:44:E4:10:5A:E3:6F:B9:4D:FB:0E:73:79:8E:29:AA:52:CA:52:EF
X509v3 Authority Key Identifier:
keyid:02:46:E8:A7:6D:30:C7:C0:49:5B:C5:CE:8E:E5:11:0F:EA:B2:86:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Akbop20wx8BJW8XOjuURD-qyhuY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/IUTkEFrjb7lN-w5zeY4pqlLKUu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/86/c0a576-a220-4de0-aac1-7b96a9997718/1/Akbop20wx8BJW8XOjuURD-qyhuY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.80.0/20
45.85.4.0/22
66.84.64.0/20
78.24.208.0/21
81.85.104.0/21
94.125.56.0/21
109.202.112.0/21
185.28.72.0/22
193.31.208.0/20
193.33.228.0/23
IPv6:
2a03:9e00::/32
Signature Algorithm: sha256WithRSAEncryption
2f:22:67:48:15:f9:d1:6a:ca:c2:89:89:b0:91:9f:98:c7:8f:
19:77:9e:b2:2f:83:f1:29:89:cb:04:18:a4:d9:32:0c:74:d5:
37:81:30:e9:33:a7:d9:c3:8e:66:d5:61:7a:f7:22:4b:b9:ed:
02:76:e5:1b:6e:86:7e:5d:ab:34:5f:5e:f8:5b:f5:c9:10:8b:
ab:2d:00:f7:ad:78:7d:ff:26:22:ae:8c:96:87:9e:ea:97:f9:
41:38:0d:ad:46:d0:7b:f5:18:31:a8:a6:97:0e:e0:fe:41:27:
e2:c5:53:db:e0:76:05:db:fa:76:ef:cb:a8:58:b6:98:0d:2a:
75:8a:71:80:a7:b5:2c:c8:2a:ea:3e:97:43:2d:bb:e9:09:f9:
ae:5e:f5:25:7b:eb:0c:59:4c:bf:8a:98:60:cf:d3:b4:d2:b9:
51:f5:c1:e8:55:fa:71:0b:f8:8d:01:03:1c:d0:5c:3c:6c:a8:
cd:a1:78:1c:09:13:c8:f4:58:91:03:34:da:83:c7:c5:e5:e4:
00:52:f8:fa:97:2c:c5:a7:f5:76:62:8a:6b:1e:82:f4:a6:13:
ab:bb:18:73:b4:c6:e4:71:88:32:6b:45:58:1a:cc:a0:86:f9:
44:0c:77:ea:85:be:f2:e9:16:21:53:9c:2e:7b:8b:d1:ce:77:
52:37:5d:9d
-----BEGIN CERTIFICATE-----
MIIFQjCCBCqgAwIBAgISAZhBr+2JrKF0/4TcaHvbll9iMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyNDZlOGE3NmQzMGM3YzA0OTViYzVjZThlZTUxMTBmZWFi
Mjg2ZTYwHhcNMjUwNzI1MTMwNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMTQ0ZTQxMDVhZTM2ZmI5NGRmYjBlNzM3OThlMjlhYTUyY2E1MmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi0cMAQP6gpOFh5elF1mSvcSsKFGz
x7MQBbqHGZSaIsyq2BLkP141z0NUnzkEp6WT4xqBX1KsfQi7rMsOeE4rhyaHPFRx
igXGP9Biim/2qH3fyehq5L26Tlqoh59Hzd9CXpuhq+fy4eC711qRvr/JFk5H3pXV
0IzBmj6Jmx5dDWyQAEeJ0Glc8aPt4c7GJKHEAe7ZeGwpGXD5GELoiadqXqM05+/n
O8mndmnJUCJNb++WcQ+dGqtaYx8fyfOU7Dqct3IqUpq73Xif2+VDy17CisZ6KKzD
g+++4Sqv+Ankw0uRYWR24eEpxdvP+wSGtkIzcCUYz/fapnecUAS0DJMmxQIDAQAB
o4ICTjCCAkowHQYDVR0OBBYEFCFE5BBa42+5TfsOc3mOKapSylLvMB8GA1UdIwQY
MBaAFAJG6KdtMMfASVvFzo7lEQ/qsobmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEt
N2I5NmE5OTk3NzE4LzEvSVVUa0VGcmpiN2xOLXc1emVZNHBxbExLVXU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ni9jMGE1NzYtYTIyMC00ZGUwLWFhYzEtN2I5NmE5OTk3NzE4
LzEvQWtib3AyMHd4OEJKVzhYT2p1VVJELXF5aHVZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGQGCCsGAQUFBwEHAQH/BFUwUzBCBAIAATA8AwQEBT5QAwQC
LVUEAwQEQlRAAwQDThjQAwQDUVVoAwQDXn04AwQDbcpwAwQCuRxIAwQEwR/QAwQB
wSHkMA0EAgACMAcDBQAqA54AMA0GCSqGSIb3DQEBCwUAA4IBAQAvImdIFfnRasrC
iYmwkZ+Yx48Zd56yL4PxKYnLBBik2TIMdNU3gTDpM6fZw45m1WF69yJLue0CduUb
boZ+Xas0X174W/XJEIurLQD3rXh9/yYiroyWh57ql/lBOA2tRtB79RgxqKaXDuD+
QSfixVPb4HYF2/p278uoWLaYDSp1inGAp7UsyCrqPpdDLbvpCfmuXvUle+sMWUy/
iphgz9O00rlR9cHoVfpxC/iNAQMc0Fw8bKjNoXgcCRPI9FiRAzTag8fF5eQAUvj6
lyzFp/V2YoprHoL0phOruxhztMbkcYgya0VYGsyghvlEDHfqhb7y6RYhU5wue4vR
zndSN12d
-----END CERTIFICATE-----
Generated at Sun Jul 27 10:43:03 2025 by rpki-client