Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/XrYoU1Qtu7kIh7k3ghCaVq1ANas.roa
File: XrYoU1Qtu7kIh7k3ghCaVq1ANas.roa (raw, json)
Hash identifier: kmlQRZbBuxfjCIFV/FuQ/zRXRyQ+HVmYIQmDEjdu3CE=
Subject key identifier: 5E:B6:28:53:54:2D:BB:B9:08:87:B9:37:82:10:9A:56:AD:40:35:AB
Certificate issuer: /CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Certificate serial: 0198085954D1ABB80E84FE7ED871E4B5CBE9
Authority key identifier: 0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/XrYoU1Qtu7kIh7k3ghCaVq1ANas.roa
Signing time: Mon 14 Jul 2025 09:52:08 +0000
ROA not before: Mon 14 Jul 2025 09:52:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8849
IP address blocks: 5.42.206.0/24 maxlen: 24
5.44.249.0/24 maxlen: 24
31.222.226.0/24 maxlen: 24
62.122.187.0/24 maxlen: 24
88.210.36.0/23 maxlen: 24
89.36.162.0/24 maxlen: 24
89.36.163.0/24 maxlen: 24
89.40.226.0/24 maxlen: 24
91.192.81.0/24 maxlen: 24
95.81.107.0/24 maxlen: 24
95.81.110.0/24 maxlen: 24
95.174.68.0/24 maxlen: 24
95.174.69.0/24 maxlen: 24
95.174.70.0/24 maxlen: 24
95.174.71.0/24 maxlen: 24
103.97.91.0/24 maxlen: 24
103.111.112.0/22 maxlen: 22
103.253.36.0/24 maxlen: 24
109.122.200.0/23 maxlen: 23
109.122.207.0/24 maxlen: 24
146.19.196.0/24 maxlen: 24
158.255.76.0/24 maxlen: 24
176.97.192.0/24 maxlen: 24
185.140.210.0/24 maxlen: 24
185.140.211.0/24 maxlen: 24
185.147.53.0/24 maxlen: 24
185.224.249.0/24 maxlen: 24
185.230.245.0/24 maxlen: 24
193.35.224.0/24 maxlen: 24
213.111.130.0/24 maxlen: 24
213.111.131.0/24 maxlen: 24
213.111.142.0/24 maxlen: 24
2a06:f901:4000::/36 maxlen: 36
2a06:f901:8000::/36 maxlen: 36
2a06:f901:c000::/36 maxlen: 36
2a06:f902:4000::/36 maxlen: 36
2a06:f902:8000::/36 maxlen: 36
2a06:f903:4000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.mft
rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 14:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:08:59:54:d1:ab:b8:0e:84:fe:7e:d8:71:e4:b5:cb:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0febfbfd6f937c5ae39e3e38e8ab8384107421a6
Validity
Not Before: Jul 14 09:52:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5eb62853542dbbb90887b93782109a56ad4035ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:a9:8f:ec:12:25:30:0a:f5:bb:5f:99:1d:f9:
fa:ae:61:24:c7:62:45:a3:0e:9e:d2:75:a2:21:39:
12:52:0c:38:99:41:91:b5:72:cf:ba:9e:fd:66:1b:
8a:c0:3d:1e:d2:22:29:2a:94:42:2c:c0:b9:d2:20:
07:c1:0f:6b:cd:de:67:20:d3:b7:9e:8f:92:22:2d:
19:b2:9d:51:6d:00:62:7c:8c:0c:3b:2b:62:41:4a:
70:88:be:e0:53:8d:4d:6c:ba:2b:5c:95:c4:16:66:
82:0c:71:b2:e7:00:53:67:44:0c:fe:36:a3:7a:28:
26:a4:4b:23:92:a0:73:f1:b2:e6:59:58:53:a7:b5:
69:de:d0:4b:3f:38:e0:be:97:51:a1:97:58:0a:4c:
ce:d9:f8:c2:0d:8a:a0:4b:25:e0:64:ae:62:bd:c8:
fc:99:d2:f3:f4:88:72:8b:c0:f7:64:1b:3d:1a:a0:
54:7f:10:47:f3:19:09:2c:8a:66:bc:0f:e1:04:37:
95:61:93:72:82:a1:e4:6e:64:8c:a4:6a:28:b8:71:
bc:73:e3:78:d2:7a:f3:f1:ea:24:46:11:80:15:77:
e2:00:3c:bd:0e:e8:9c:db:81:6d:69:a1:c5:b4:62:
bd:0b:47:cc:9b:8d:88:06:0e:1d:9a:f3:52:5d:fe:
10:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:B6:28:53:54:2D:BB:B9:08:87:B9:37:82:10:9A:56:AD:40:35:AB
X509v3 Authority Key Identifier:
keyid:0F:EB:FB:FD:6F:93:7C:5A:E3:9E:3E:38:E8:AB:83:84:10:74:21:A6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D-v7_W-TfFrjnj446KuDhBB0IaY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/XrYoU1Qtu7kIh7k3ghCaVq1ANas.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/be/67d834-2612-4739-9f4b-7d70374d76d2/1/D-v7_W-TfFrjnj446KuDhBB0IaY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.206.0/24
5.44.249.0/24
31.222.226.0/24
62.122.187.0/24
88.210.36.0/23
89.36.162.0/23
89.40.226.0/24
91.192.81.0/24
95.81.107.0/24
95.81.110.0/24
95.174.68.0/22
103.97.91.0/24
103.111.112.0/22
103.253.36.0/24
109.122.200.0/23
109.122.207.0/24
146.19.196.0/24
158.255.76.0/24
176.97.192.0/24
185.140.210.0/23
185.147.53.0/24
185.224.249.0/24
185.230.245.0/24
193.35.224.0/24
213.111.130.0/23
213.111.142.0/24
IPv6:
2a06:f901:4000::/36
2a06:f901:8000::/36
2a06:f901:c000::/36
2a06:f902:4000::/36
2a06:f902:8000::/36
2a06:f903:4000::/36
Signature Algorithm: sha256WithRSAEncryption
63:1e:e8:16:8c:b7:fb:26:bf:f4:3f:74:cf:c3:04:a5:a2:89:
10:c0:a5:96:3d:0b:c2:ce:2a:ec:24:fb:37:c4:16:a9:28:8c:
a5:66:97:59:ec:3c:a4:f5:01:01:f1:31:3b:da:cc:98:96:1d:
a9:45:cb:c9:be:cd:ae:cd:3a:cb:47:18:a6:66:5b:db:22:90:
8b:d8:a5:b6:58:13:fb:b5:02:71:67:2a:be:fc:2a:85:83:0c:
69:ec:a3:01:88:aa:bf:02:cc:45:aa:4c:06:e0:8f:fb:31:92:
44:e1:92:0c:75:07:a9:84:0f:43:9a:84:96:57:0c:cc:91:1f:
92:61:66:82:e2:e8:e6:b4:12:a0:60:1d:e9:0c:81:f6:76:35:
cc:78:e0:38:7b:8e:20:96:c5:fb:24:b8:f3:d4:3c:6b:e0:41:
11:28:7a:31:a1:e0:14:a8:3e:05:a2:8a:64:63:73:05:a3:8e:
da:5d:49:4b:95:4c:e7:bd:88:56:5e:78:81:fb:8b:95:ae:66:
06:c3:8b:33:56:56:09:6e:9f:1d:d5:1e:f1:9a:a4:57:ce:2e:
09:b6:ac:ab:a7:09:69:b2:a0:dc:12:6f:22:77:e5:5c:32:7d:
0f:54:e1:33:c3:5b:ce:1b:62:87:70:47:e1:1a:52:c7:4e:e5:
b5:04:df:98
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZgIWVTRq7gOhP5+2HHktcvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZWJmYmZkNmY5MzdjNWFlMzllM2UzOGU4YWI4Mzg0MTA3
NDIxYTYwHhcNMjUwNzE0MDk1MjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZWI2Mjg1MzU0MmRiYmI5MDg4N2I5Mzc4MjEwOWE1NmFkNDAzNWFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArqmP7BIlMAr1u1+ZHfn6rmEkx2JF
ow6e0nWiITkSUgw4mUGRtXLPup79ZhuKwD0e0iIpKpRCLMC50iAHwQ9rzd5nINO3
no+SIi0Zsp1RbQBifIwMOytiQUpwiL7gU41NbLorXJXEFmaCDHGy5wBTZ0QM/jaj
eigmpEsjkqBz8bLmWVhTp7Vp3tBLPzjgvpdRoZdYCkzO2fjCDYqgSyXgZK5ivcj8
mdLz9Ihyi8D3ZBs9GqBUfxBH8xkJLIpmvA/hBDeVYZNygqHkbmSMpGoouHG8c+N4
0nrz8eokRhGAFXfiADy9Duic24FtaaHFtGK9C0fMm42IBg4dmvNSXf4QLwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFF62KFNULbu5CIe5N4IQmlatQDWrMB8GA1UdIwQY
MBaAFA/r+/1vk3xa454+OOirg4QQdCGmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGIt
N2Q3MDM3NGQ3NmQyLzEvWHJZb1UxUXR1N2tJaDdrM2doQ2FWcTFBTmFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZS82N2Q4MzQtMjYxMi00NzM5LTlmNGItN2Q3MDM3NGQ3NmQy
LzEvRC12N19XLVRmRnJqbmo0NDZLdURoQkIwSWFZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHxBggrBgEFBQcBBwEB/wSB4TCB3jCBowQCAAEwgZwDBAAF
Ks4DBAAFLPkDBAAf3uIDBAA+ersDBAFY0iQDBAFZJKIDBABZKOIDBABbwFEDBABf
UWsDBABfUW4DBAJfrkQDBABnYVsDBAJnb3ADBABn/SQDBAFtesgDBABtes8DBACS
E8QDBACe/0wDBACwYcADBAG5jNIDBAC5kzUDBAC54PkDBAC55vUDBADBI+ADBAHV
b4IDBADVb44wNgQCAAIwMAMGBCoG+QFAAwYEKgb5AYADBgQqBvkBwAMGBCoG+QJA
AwYEKgb5AoADBgQqBvkDQDANBgkqhkiG9w0BAQsFAAOCAQEAYx7oFoy3+ya/9D90
z8MEpaKJEMCllj0Lws4q7CT7N8QWqSiMpWaXWew8pPUBAfExO9rMmJYdqUXLyb7N
rs06y0cYpmZb2yKQi9iltlgT+7UCcWcqvvwqhYMMaeyjAYiqvwLMRapMBuCP+zGS
ROGSDHUHqYQPQ5qEllcMzJEfkmFmguLo5rQSoGAd6QyB9nY1zHjgOHuOIJbF+yS4
89Q8a+BBESh6MaHgFKg+BaKKZGNzBaOO2l1JS5VM572IVl54gfuLla5mBsOLM1ZW
CW6fHdUe8ZqkV84uCbasq6cJabKg3BJvInflXDJ9D1ThM8Nbzhtih3BH4RpSx07l
tQTfmA==
-----END CERTIFICATE-----
Generated at Wed Jul 23 23:44:15 2025 by rpki-client