Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/azUb986KPmjNBXNI1GEnnjHJfR8.roa
File: azUb986KPmjNBXNI1GEnnjHJfR8.roa (raw, json)
Hash identifier: 0Eh3zrlfIiIGJgQrMOsGTA9FYjfTizw8KSjWE+UgRQA=
Subject key identifier: 6B:35:1B:F7:CE:8A:3E:68:CD:05:73:48:D4:61:27:9E:31:C9:7D:1F
Certificate issuer: /CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Certificate serial: 0197BFB77CD1A852D10654E767C6E3B80481
Authority key identifier: F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/azUb986KPmjNBXNI1GEnnjHJfR8.roa
Signing time: Mon 30 Jun 2025 07:22:42 +0000
ROA not before: Mon 30 Jun 2025 07:22:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50436
IP address blocks: 5.28.64.0/18 maxlen: 19
5.28.64.0/19 maxlen: 19
5.28.96.0/19 maxlen: 19
37.120.0.0/17 maxlen: 18
77.64.128.0/17 maxlen: 24
77.64.183.0/24 maxlen: 24
77.64.220.0/23 maxlen: 24
83.221.64.0/19 maxlen: 24
92.206.0.0/16 maxlen: 24
92.206.8.0/21 maxlen: 24
92.206.22.0/23 maxlen: 24
92.206.32.0/20 maxlen: 24
92.206.48.0/20 maxlen: 24
92.206.76.0/22 maxlen: 24
92.206.208.0/24 maxlen: 24
92.206.209.0/24 maxlen: 24
92.206.250.0/23 maxlen: 23
92.206.254.0/23 maxlen: 24
94.139.0.0/19 maxlen: 20
217.68.167.0/24 maxlen: 24
2a02:2455:8000::/36 maxlen: 36
2a02:2455:9000::/36 maxlen: 40
2a02:2455:a000::/36 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.mft
rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:b7:7c:d1:a8:52:d1:06:54:e7:67:c6:e3:b8:04:81
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f4b769a53dd86352d3440f222bdf907cf09c2dba
Validity
Not Before: Jun 30 07:22:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6b351bf7ce8a3e68cd057348d461279e31c97d1f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f8:1f:a0:78:02:76:9b:cb:67:76:96:2d:23:40:
cb:50:83:06:a7:34:38:5e:7e:c7:30:b8:86:52:3e:
54:8e:12:3d:c5:19:8c:75:89:a0:bb:14:77:0c:2f:
60:8f:b9:59:b6:59:b4:61:d9:04:e6:48:c1:1a:0c:
ae:d7:f2:00:73:76:8e:2c:5c:ce:9c:93:c6:2b:39:
93:46:84:bc:98:16:bc:80:ed:72:ef:8b:61:d9:a9:
97:07:8d:91:2b:39:2e:a6:6a:82:be:dc:f0:4f:5b:
6c:1e:03:fb:2b:2a:90:76:32:82:31:51:54:d8:37:
95:00:28:51:9d:e5:23:60:21:3b:13:00:c4:e9:54:
2b:38:d5:dc:ec:d0:cc:a1:3c:e6:e0:66:03:df:40:
97:5e:04:e9:2f:b9:3d:bc:ef:c0:d3:c9:11:81:9c:
65:eb:12:65:5f:b9:4b:f2:c4:08:cc:de:43:5d:68:
93:df:27:f4:cf:91:76:96:f7:52:86:c5:67:61:58:
73:68:51:e6:70:0f:a8:f3:50:fa:ab:9a:7a:11:f9:
e8:7b:da:7c:a7:90:e8:22:05:8c:ec:9e:1d:7b:e3:
b3:ba:ba:1b:47:cf:2b:70:f5:4b:dd:82:eb:ed:96:
f9:d5:2c:22:76:c0:38:a9:55:68:d0:6b:a7:8d:ce:
db:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:35:1B:F7:CE:8A:3E:68:CD:05:73:48:D4:61:27:9E:31:C9:7D:1F
X509v3 Authority Key Identifier:
keyid:F4:B7:69:A5:3D:D8:63:52:D3:44:0F:22:2B:DF:90:7C:F0:9C:2D:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9LdppT3YY1LTRA8iK9-QfPCcLbo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/azUb986KPmjNBXNI1GEnnjHJfR8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/70d50f-ff3c-4f63-8dec-d7c36c27c087/1/9LdppT3YY1LTRA8iK9-QfPCcLbo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.28.64.0/18
37.120.0.0/17
77.64.128.0/17
83.221.64.0/19
92.206.0.0/16
94.139.0.0/19
217.68.167.0/24
IPv6:
2a02:2455:8000::-2a02:2455:afff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
63:2e:bd:c0:19:62:30:6f:87:f5:a1:0c:c8:63:e3:69:d1:90:
49:0b:e5:82:05:01:4b:17:91:46:33:87:5e:41:f9:51:81:8f:
dd:72:7b:9e:fc:26:72:e7:f2:e3:92:f9:8d:50:fa:63:28:f0:
50:0d:b3:ef:3d:b7:70:1f:04:04:f1:14:30:5f:b9:e8:37:67:
70:62:75:36:a0:2d:f1:4e:f0:16:43:9f:59:2c:1c:92:3e:be:
75:f0:6e:d8:b8:04:d4:55:c8:bf:05:4f:41:aa:77:15:06:5e:
95:58:95:04:c0:40:22:27:f2:92:e1:fd:d1:63:a5:89:1e:7c:
a5:87:91:9b:9e:72:d1:6d:44:d5:58:ff:52:75:7f:15:1e:9d:
66:7e:1a:43:26:ea:98:b3:07:4e:82:e9:d8:e5:82:05:75:75:
5f:b0:76:3c:3d:53:14:21:11:f1:c7:b3:66:21:84:7b:4d:1a:
bc:fc:6b:e4:6b:ef:be:87:8d:6c:8b:37:58:da:f8:4f:af:b2:
a2:b4:f9:7d:7c:45:fb:ad:ca:61:fb:b2:02:98:bf:c8:a0:3b:
23:aa:a7:82:02:a6:14:86:f2:64:c9:ed:32:f2:b9:57:4f:c4:
38:ca:54:58:ea:e7:59:16:88:11:fb:50:27:e1:d3:1d:9e:db:
38:3d:30:5d
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZe/t3zRqFLRBlTnZ8bjuASBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY0Yjc2OWE1M2RkODYzNTJkMzQ0MGYyMjJiZGY5MDdjZjA5
YzJkYmEwHhcNMjUwNjMwMDcyMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YjM1MWJmN2NlOGEzZTY4Y2QwNTczNDhkNDYxMjc5ZTMxYzk3ZDFmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA+B+geAJ2m8tndpYtI0DLUIMGpzQ4
Xn7HMLiGUj5UjhI9xRmMdYmguxR3DC9gj7lZtlm0YdkE5kjBGgyu1/IAc3aOLFzO
nJPGKzmTRoS8mBa8gO1y74th2amXB42RKzkupmqCvtzwT1tsHgP7KyqQdjKCMVFU
2DeVAChRneUjYCE7EwDE6VQrONXc7NDMoTzm4GYD30CXXgTpL7k9vO/A08kRgZxl
6xJlX7lL8sQIzN5DXWiT3yf0z5F2lvdShsVnYVhzaFHmcA+o81D6q5p6Efnoe9p8
p5DoIgWM7J4de+OzurobR88rcPVL3YLr7Zb51SwidsA4qVVo0Gunjc7bcwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFGs1G/fOij5ozQVzSNRhJ54xyX0fMB8GA1UdIwQY
MBaAFPS3aaU92GNS00QPIivfkHzwnC26MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMt
ZDdjMzZjMjdjMDg3LzEvYXpVYjk4NktQbWpOQlhOSTFHRW5uakhKZlI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83MGQ1MGYtZmYzYy00ZjYzLThkZWMtZDdjMzZjMjdjMDg3
LzEvOUxkcHBUM1lZMUxUUkE4aUs5LVFmUENjTGJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAvBAIAATApAwQGBRxAAwQH
JXgAAwQHTUCAAwQFU91AAwMAXM4DBAVeiwADBADZRKcwGAQCAAIwEjAQAwYHKgIk
VYADBgQqAiRVoDANBgkqhkiG9w0BAQsFAAOCAQEAYy69wBliMG+H9aEMyGPjadGQ
SQvlggUBSxeRRjOHXkH5UYGP3XJ7nvwmcufy45L5jVD6YyjwUA2z7z23cB8EBPEU
MF+56DdncGJ1NqAt8U7wFkOfWSwckj6+dfBu2LgE1FXIvwVPQap3FQZelViVBMBA
IifykuH90WOliR58pYeRm55y0W1E1Vj/UnV/FR6dZn4aQybqmLMHToLp2OWCBXV1
X7B2PD1TFCER8cezZiGEe00avPxr5GvvvoeNbIs3WNr4T6+yorT5fXxF+63KYfuy
Api/yKA7I6qnggKmFIbyZMntMvK5V0/EOMpUWOrnWRaIEftQJ+HTHZ7bOD0wXQ==
-----END CERTIFICATE-----
Generated at Sat Jul 26 19:58:15 2025 by rpki-client