Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/XTKb5jjsemI8Q2Ca76y7N4lXQqI.roa
File: XTKb5jjsemI8Q2Ca76y7N4lXQqI.roa (raw, json)
Hash identifier: tivOFI2qSptqUQXTYm844jiz5RuZRuPHvKP0hwKgSjk=
Subject key identifier: 5D:32:9B:E6:38:EC:7A:62:3C:43:60:9A:EF:AC:BB:37:89:57:42:A2
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 0197C678EB3F6CAE6615CB0BC502DF9EAC20
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/XTKb5jjsemI8Q2Ca76y7N4lXQqI.roa
Signing time: Tue 01 Jul 2025 14:51:42 +0000
ROA not before: Tue 01 Jul 2025 14:51:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
37.9.56.0/21 maxlen: 21
77.74.192.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
78.110.160.0/21 maxlen: 21
78.110.168.0/23 maxlen: 23
78.110.170.0/24 maxlen: 24
78.110.172.0/22 maxlen: 22
78.157.192.0/21 maxlen: 21
78.157.200.0/22 maxlen: 22
78.157.204.0/24 maxlen: 24
78.157.206.0/23 maxlen: 23
78.157.208.0/20 maxlen: 20
81.92.192.0/22 maxlen: 22
81.92.217.0/24 maxlen: 24
81.92.218.0/24 maxlen: 24
81.92.219.0/24 maxlen: 24
91.109.112.0/21 maxlen: 21
94.46.184.0/22 maxlen: 22
94.46.192.0/22 maxlen: 22
94.46.207.0/24 maxlen: 24
94.46.220.0/22 maxlen: 22
94.46.244.0/22 maxlen: 22
94.229.64.0/20 maxlen: 20
178.159.0.0/20 maxlen: 20
185.17.24.0/24 maxlen: 24
185.17.26.0/24 maxlen: 24
185.17.27.0/24 maxlen: 24
185.99.252.0/24 maxlen: 24
185.99.253.0/24 maxlen: 24
185.99.254.0/24 maxlen: 24
185.103.96.0/22 maxlen: 22
185.109.168.0/22 maxlen: 22
2a01:a500::/32 maxlen: 32
2a01:a500:1::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:251a::/48 maxlen: 48
2a01:a500:251b::/48 maxlen: 48
2a01:a500:251c::/48 maxlen: 48
2a01:a500:2566::/48 maxlen: 48
2a01:a500:a517::/48 maxlen: 48
2a01:a500:b517::/48 maxlen: 48
2a01:a500:c517::/48 maxlen: 48
2a01:a500:d517::/48 maxlen: 48
2a01:a500:e517::/48 maxlen: 48
2a01:a500:f517::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
2a01:a507:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:78:eb:3f:6c:ae:66:15:cb:0b:c5:02:df:9e:ac:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Jul 1 14:51:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5d329be638ec7a623c43609aefacbb37895742a2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:5e:d6:e9:b3:ca:a5:89:6c:37:9f:fc:0d:e3:
8b:ce:03:bb:06:21:d4:9c:69:14:1f:85:a2:2d:1b:
56:1c:c2:f3:dc:ba:a8:5e:5c:5f:ad:69:59:0e:ae:
d2:18:39:2d:d1:9a:68:89:5a:84:2b:b5:d7:62:8c:
05:c3:a8:62:45:ae:07:31:20:1f:24:5f:ee:c3:3d:
04:df:40:f1:47:5b:c0:24:d7:39:76:18:ae:ab:5a:
e1:c7:95:63:91:cc:59:1d:8e:37:f2:a0:f9:6f:c1:
e8:67:eb:c6:9a:2b:c3:f6:52:21:b9:ee:57:7b:9d:
09:c5:c0:ff:57:78:6e:81:a5:3e:3b:52:27:48:c1:
f3:e1:4b:ec:1b:04:6a:50:40:cb:28:c8:08:1e:36:
d4:cf:63:15:70:8c:c4:c5:a2:a3:24:16:2b:e4:4f:
b0:9c:6e:4b:88:7b:bc:22:9e:7c:95:36:8c:91:8d:
34:d5:8f:ef:45:60:5e:f6:e0:e1:79:73:91:cf:1a:
93:66:96:b9:da:fb:e9:dd:d6:5c:bb:e4:dd:0d:4c:
d4:1b:9d:bf:67:0b:4f:ba:5c:fc:d6:2d:fe:71:66:
e4:f7:94:22:1e:74:08:d6:03:c9:77:b3:1e:d5:7d:
9d:dd:a6:78:1f:d7:8c:00:7b:3a:55:2b:a9:94:5f:
ec:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5D:32:9B:E6:38:EC:7A:62:3C:43:60:9A:EF:AC:BB:37:89:57:42:A2
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/XTKb5jjsemI8Q2Ca76y7N4lXQqI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0-78.110.170.255
78.110.172.0/22
78.157.192.0-78.157.204.255
78.157.206.0-78.157.223.255
81.92.192.0/22
81.92.217.0-81.92.219.255
91.109.112.0/21
94.46.184.0/22
94.46.192.0/22
94.46.207.0/24
94.46.220.0/22
94.46.244.0/22
94.229.64.0/20
178.159.0.0/20
185.17.24.0/24
185.17.26.0/23
185.99.252.0-185.99.254.255
185.103.96.0/22
185.109.168.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
34:28:a6:38:d0:8a:c0:e8:47:ed:10:56:11:3f:7a:36:bd:c2:
ec:d5:cc:23:15:94:b2:f5:51:2d:08:df:a3:a3:f9:5b:d8:a1:
ae:54:41:4d:23:00:7a:1f:5d:32:10:4c:ce:da:ab:6d:b4:28:
70:ba:06:bc:f2:ec:ae:d5:62:3e:a7:bf:1e:ff:b7:99:99:54:
dc:f6:62:dd:dc:22:26:5f:5f:ae:82:9b:3c:ba:6e:ba:40:b9:
ab:39:bf:ed:f9:13:de:94:c2:e9:d8:db:59:b4:0d:9d:78:ef:
d9:83:c5:54:f4:85:1a:8a:8b:4c:d7:d2:86:6d:f9:a2:7c:34:
6b:98:5f:43:ec:e6:35:37:2a:a1:1a:e1:db:f8:88:a0:40:01:
95:c3:33:17:9e:cd:0d:da:57:88:2f:87:49:2c:01:a1:2e:d6:
cb:b9:5f:86:46:4b:a6:e4:13:41:62:6e:64:82:f0:8f:d5:6a:
d3:92:a8:22:0d:8d:2c:1a:bb:ca:b9:d2:97:f0:11:73:d3:93:
ce:d7:2f:9d:f6:b8:d8:32:c8:d3:16:c7:12:eb:4b:7a:d0:29:
3c:a3:e8:d6:df:92:d9:f6:99:58:ef:9e:90:50:28:6a:9f:b7:
28:db:44:c3:f5:a6:d6:81:dd:b8:20:20:df:5c:65:d9:b4:a7:
a5:72:83:d8
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZfGeOs/bK5mFcsLxQLfnqwgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjUwNzAxMTQ1MTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZDMyOWJlNjM4ZWM3YTYyM2M0MzYwOWFlZmFjYmIzNzg5NTc0MmEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn17W6bPKpYlsN5/8DeOLzgO7BiHU
nGkUH4WiLRtWHMLz3LqoXlxfrWlZDq7SGDkt0ZpoiVqEK7XXYowFw6hiRa4HMSAf
JF/uwz0E30DxR1vAJNc5dhiuq1rhx5VjkcxZHY438qD5b8HoZ+vGmivD9lIhue5X
e50JxcD/V3hugaU+O1InSMHz4UvsGwRqUEDLKMgIHjbUz2MVcIzExaKjJBYr5E+w
nG5LiHu8Ip58lTaMkY001Y/vRWBe9uDheXORzxqTZpa52vvp3dZcu+TdDUzUG52/
ZwtPulz81i3+cWbk95QiHnQI1gPJd7Me1X2d3aZ4H9eMAHs6VSuplF/sqwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFF0ym+Y47HpiPENgmu+suzeJV0KiMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvWFRLYjVqanNlbUk4UTJDYTc2eTdONGxYUXFJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCBzQQCAAEwgcYwDAME
AwVliAMEAwVlkAMEAwVlqAMEAx+EAAMEAyUJOAMEA01KwAMEA01LeDAMAwQFTm6g
AwQATm6qAwQCTm6sMAwDBAZOncADBABOncwwDAMEAU6dzgMEBU6dwAMEAlFcwDAM
AwQAUVzZAwQCUVzYAwQDW21wAwQCXi64AwQCXi7AAwQAXi7PAwQCXi7cAwQCXi70
AwQEXuVAAwQEsp8AAwQAuREYAwQBuREaMAwDBAK5Y/wDBAC5Y/4DBAK5Z2ADBAK5
bagwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0GCSqGSIb3DQEBCwUAA4IBAQA0KKY4
0IrA6EftEFYRP3o2vcLs1cwjFZSy9VEtCN+jo/lb2KGuVEFNIwB6H10yEEzO2qtt
tChwuga88uyu1WI+p78e/7eZmVTc9mLd3CImX1+ugps8um66QLmrOb/t+RPelMLp
2NtZtA2deO/Zg8VU9IUaiotM19KGbfmifDRrmF9D7OY1NyqhGuHb+IigQAGVwzMX
ns0N2leIL4dJLAGhLtbLuV+GRkum5BNBYm5kgvCP1WrTkqgiDY0sGrvKudKX8BFz
05PO1y+d9rjYMsjTFscS60t60Ck8o+jW35LZ9plY756QUChqn7co20TD9abWgd24
ICDfXGXZtKelcoPY
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:27:20 2025 by rpki-client