Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/5TJg2Iv73VFNhdExw4W7yWYaSDc.roa
File: 5TJg2Iv73VFNhdExw4W7yWYaSDc.roa (raw, json)
Hash identifier: itYnIaMtVgddsFyZfv3i+VtQbQhHkGAFRlMGBpEoryI=
Subject key identifier: E5:32:60:D8:8B:FB:DD:51:4D:85:D1:31:C3:85:BB:C9:66:1A:48:37
Certificate issuer: /CN=7bcb127c7cd778607296b88386e894ae1de385bf
Certificate serial: 0198255A835CD512F69153BF7A439D74BA52
Authority key identifier: 7B:CB:12:7C:7C:D7:78:60:72:96:B8:83:86:E8:94:AE:1D:E3:85:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/5TJg2Iv73VFNhdExw4W7yWYaSDc.roa
Signing time: Sun 20 Jul 2025 01:02:25 +0000
ROA not before: Sun 20 Jul 2025 01:02:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198430
IP address blocks: 46.174.168.0/21 maxlen: 24
46.174.170.0/23 maxlen: 23
46.174.170.0/24 maxlen: 24
46.174.171.0/24 maxlen: 24
91.234.252.0/23 maxlen: 24
91.237.172.0/23 maxlen: 24
91.239.28.0/22 maxlen: 24
91.246.168.0/22 maxlen: 24
193.150.50.0/23 maxlen: 24
194.28.228.0/22 maxlen: 24
194.28.228.0/23 maxlen: 23
194.28.228.0/24 maxlen: 24
194.28.229.0/24 maxlen: 24
194.28.230.0/23 maxlen: 23
194.28.230.0/24 maxlen: 24
194.28.231.0/24 maxlen: 24
2001:678:d40::/48 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.crl
rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.mft
rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 29 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:25:5a:83:5c:d5:12:f6:91:53:bf:7a:43:9d:74:ba:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7bcb127c7cd778607296b88386e894ae1de385bf
Validity
Not Before: Jul 20 01:02:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e53260d88bfbdd514d85d131c385bbc9661a4837
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:da:03:59:d4:e5:e5:74:c4:e1:38:fa:7a:76:
bd:04:9a:1e:b7:9c:fc:0c:b5:a0:ba:2a:ab:24:dc:
86:f8:24:26:c3:f1:19:31:1b:3a:85:5b:6a:ac:70:
53:10:13:60:fe:6a:14:03:06:1b:aa:d5:a9:99:87:
27:5e:c3:f6:06:46:49:42:73:a0:54:0f:79:78:a8:
a1:2b:25:9c:d4:46:0e:fe:65:b4:21:4c:52:1e:8d:
16:1b:0b:1b:15:44:68:11:ee:26:b4:c5:3b:a6:c5:
7e:eb:61:a7:ff:3c:91:bb:38:cf:d3:0c:51:79:57:
b1:a6:32:02:22:02:e3:50:46:df:60:40:08:91:8b:
52:1b:d7:0d:88:ee:3c:c6:99:90:11:20:f5:8d:a8:
a1:fc:13:29:da:19:6a:c2:b1:b5:fe:ec:55:6e:15:
5c:fe:7c:43:45:b5:bd:36:37:b8:b9:5b:b7:a7:58:
77:27:1e:53:52:ab:74:05:3f:0a:2a:c8:eb:8b:fc:
b1:0d:b7:16:07:95:f5:4f:7b:86:6a:ac:82:ac:2e:
19:52:cd:10:3b:a0:c9:21:88:46:4a:eb:d4:5a:1f:
37:bc:e6:af:24:ca:96:cd:c3:1c:d8:68:2d:57:c4:
21:cb:b8:f6:dd:5b:23:12:1c:47:4b:9a:64:d0:fa:
a9:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:32:60:D8:8B:FB:DD:51:4D:85:D1:31:C3:85:BB:C9:66:1A:48:37
X509v3 Authority Key Identifier:
keyid:7B:CB:12:7C:7C:D7:78:60:72:96:B8:83:86:E8:94:AE:1D:E3:85:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8sSfHzXeGBylriDhuiUrh3jhb8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/5TJg2Iv73VFNhdExw4W7yWYaSDc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/93/d60fd8-03d5-4aab-9dab-2e20a79f7145/1/e8sSfHzXeGBylriDhuiUrh3jhb8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.174.168.0/21
91.234.252.0/23
91.237.172.0/23
91.239.28.0/22
91.246.168.0/22
193.150.50.0/23
194.28.228.0/22
IPv6:
2001:678:d40::/48
Signature Algorithm: sha256WithRSAEncryption
7a:cf:d3:19:da:62:a3:1f:f2:db:1c:71:0f:f1:eb:26:2e:fb:
46:33:65:a0:72:8c:6b:6d:7e:73:3d:5d:89:29:24:52:1b:96:
2b:14:67:96:22:73:1b:07:ea:0e:0b:4f:af:f8:2e:94:44:9f:
2f:52:be:4e:ea:9d:fc:17:b8:dc:20:b9:48:58:84:4e:02:4a:
a5:20:27:d0:8d:1e:62:89:fc:45:20:26:c4:22:b0:f0:19:c8:
e2:54:e8:7a:f2:9c:bf:95:86:46:ff:c7:c9:1e:25:96:d6:16:
06:3a:38:9b:79:8f:c4:f1:fd:a5:3a:5d:37:07:66:2e:c0:86:
46:3b:b7:c2:f9:5c:dc:a3:e7:a0:8f:9a:29:21:2c:fc:18:9b:
8e:5f:77:fd:9e:6d:60:57:32:3c:fe:32:38:d6:57:09:8f:de:
0b:26:69:7d:a9:8a:92:00:61:64:68:6f:9b:d2:6b:6e:23:7c:
ce:02:a0:01:f3:65:43:60:0e:1f:68:ce:54:9f:cd:24:41:17:
79:fd:ff:17:a2:91:3d:66:d9:d9:1e:8a:2d:ad:13:58:72:24:
78:49:e5:e5:d9:80:e3:d4:f1:d5:37:ae:00:13:23:d4:a3:2f:
27:0d:04:51:0c:ed:e6:49:34:c5:c5:0a:0c:13:8a:be:1f:91:
87:13:a1:68
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZglWoNc1RL2kVO/ekOddLpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdiY2IxMjdjN2NkNzc4NjA3Mjk2Yjg4Mzg2ZTg5NGFlMWRl
Mzg1YmYwHhcNMjUwNzIwMDEwMjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTMyNjBkODhiZmJkZDUxNGQ4NWQxMzFjMzg1YmJjOTY2MWE0ODM3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAutoDWdTl5XTE4Tj6ena9BJoet5z8
DLWguiqrJNyG+CQmw/EZMRs6hVtqrHBTEBNg/moUAwYbqtWpmYcnXsP2BkZJQnOg
VA95eKihKyWc1EYO/mW0IUxSHo0WGwsbFURoEe4mtMU7psV+62Gn/zyRuzjP0wxR
eVexpjICIgLjUEbfYEAIkYtSG9cNiO48xpmQESD1jaih/BMp2hlqwrG1/uxVbhVc
/nxDRbW9Nje4uVu3p1h3Jx5TUqt0BT8KKsjri/yxDbcWB5X1T3uGaqyCrC4ZUs0Q
O6DJIYhGSuvUWh83vOavJMqWzcMc2GgtV8Qhy7j23VsjEhxHS5pk0PqpfQIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFOUyYNiL+91RTYXRMcOFu8lmGkg3MB8GA1UdIwQY
MBaAFHvLEnx813hgcpa4g4bolK4d44W/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZThzU2ZIelhlR0J5bHJpRGh1aVVyaDNqaGI4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85My9kNjBmZDgtMDNkNS00YWFiLTlkYWIt
MmUyMGE3OWY3MTQ1LzEvNVRKZzJJdjczVkZOaGRFeHc0Vzd5V1lhU0RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85My9kNjBmZDgtMDNkNS00YWFiLTlkYWItMmUyMGE3OWY3MTQ1
LzEvZThzU2ZIelhlR0J5bHJpRGh1aVVyaDNqaGI4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQDLq6oAwQB
W+r8AwQBW+2sAwQCW+8cAwQCW/aoAwQBwZYyAwQCwhzkMA8EAgACMAkDBwAgAQZ4
DUAwDQYJKoZIhvcNAQELBQADggEBAHrP0xnaYqMf8tsccQ/x6yYu+0YzZaByjGtt
fnM9XYkpJFIblisUZ5YicxsH6g4LT6/4LpREny9Svk7qnfwXuNwguUhYhE4CSqUg
J9CNHmKJ/EUgJsQisPAZyOJU6HrynL+Vhkb/x8keJZbWFgY6OJt5j8Tx/aU6XTcH
Zi7AhkY7t8L5XNyj56CPmikhLPwYm45fd/2ebWBXMjz+MjjWVwmP3gsmaX2pipIA
YWRob5vSa24jfM4CoAHzZUNgDh9ozlSfzSRBF3n9/xeikT1m2dkeii2tE1hyJHhJ
5eXZgOPU8dU3rgATI9SjLycNBFEM7eZJNMXFCgwTir4fkYcToWg=
-----END CERTIFICATE-----
Generated at Tue Jul 29 04:36:47 2025 by rpki-client