Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/RN1TQT-xsg56kc-nHBGX1sw7VuM.roa
File: RN1TQT-xsg56kc-nHBGX1sw7VuM.roa (raw, json)
Hash identifier: D7xpV8ZZw/mpW8KuuJCirKc+B2zWMvFel25IE+bx6qQ=
Subject key identifier: 44:DD:53:41:3F:B1:B2:0E:7A:91:CF:A7:1C:11:97:D6:CC:3B:56:E3
Certificate issuer: /CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Certificate serial: 01980927537D91F8BEF02B31169ED6EFAC16
Authority key identifier: A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/RN1TQT-xsg56kc-nHBGX1sw7VuM.roa
Signing time: Mon 14 Jul 2025 13:37:08 +0000
ROA not before: Mon 14 Jul 2025 13:37:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206996
IP address blocks: 5.249.160.0/24 maxlen: 24
5.249.161.0/24 maxlen: 24
5.249.162.0/24 maxlen: 24
5.249.163.0/24 maxlen: 24
5.249.164.0/24 maxlen: 24
5.249.165.0/24 maxlen: 24
45.141.36.0/24 maxlen: 24
45.141.37.0/24 maxlen: 24
45.146.252.0/24 maxlen: 24
45.146.253.0/24 maxlen: 24
45.146.254.0/24 maxlen: 24
45.146.255.0/24 maxlen: 24
88.214.56.0/24 maxlen: 24
88.214.57.0/24 maxlen: 24
88.214.58.0/24 maxlen: 24
92.42.44.0/24 maxlen: 24
92.42.45.0/24 maxlen: 24
92.42.46.0/24 maxlen: 24
92.42.47.0/24 maxlen: 24
134.255.216.0/24 maxlen: 24
134.255.217.0/24 maxlen: 24
134.255.218.0/24 maxlen: 24
134.255.219.0/24 maxlen: 24
134.255.231.0/24 maxlen: 24
134.255.232.0/24 maxlen: 24
134.255.233.0/24 maxlen: 24
134.255.234.0/24 maxlen: 24
147.189.168.0/24 maxlen: 24
147.189.169.0/24 maxlen: 24
147.189.170.0/24 maxlen: 24
147.189.171.0/24 maxlen: 24
147.189.172.0/24 maxlen: 24
147.189.173.0/24 maxlen: 24
147.189.174.0/24 maxlen: 24
147.189.175.0/24 maxlen: 24
185.223.28.0/24 maxlen: 24
185.223.29.0/24 maxlen: 24
185.223.30.0/24 maxlen: 24
185.223.31.0/24 maxlen: 24
185.239.236.0/24 maxlen: 24
185.239.237.0/24 maxlen: 24
185.239.238.0/24 maxlen: 24
185.239.239.0/24 maxlen: 24
185.249.197.0/24 maxlen: 24
185.249.198.0/24 maxlen: 24
185.249.199.0/24 maxlen: 24
193.23.126.0/24 maxlen: 24
193.23.127.0/24 maxlen: 24
193.23.160.0/24 maxlen: 24
193.23.161.0/24 maxlen: 24
193.34.69.0/24 maxlen: 24
193.203.238.0/24 maxlen: 24
194.156.88.0/24 maxlen: 24
194.156.90.0/24 maxlen: 24
194.156.91.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 17:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:27:53:7d:91:f8:be:f0:2b:31:16:9e:d6:ef:ac:16
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Validity
Not Before: Jul 14 13:37:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=44dd53413fb1b20e7a91cfa71c1197d6cc3b56e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:3d:aa:da:6d:fc:8c:83:44:84:cc:15:cf:da:
35:97:c5:dc:0c:c8:4a:15:c4:09:d4:12:68:a3:0f:
89:82:82:44:5a:79:a3:b8:26:57:b0:bc:ba:37:a8:
9f:9a:86:d8:4d:e9:a2:1a:be:bb:55:11:d3:68:b4:
77:0e:92:22:6f:b4:77:1d:37:1c:c6:c5:dc:0c:07:
07:bc:e2:05:fc:a2:d6:7a:78:47:d6:75:f4:c3:83:
26:f9:bd:12:a8:74:30:8e:11:c6:ad:79:61:8f:c0:
11:db:8e:06:fb:1a:fb:d3:95:a0:5b:54:26:6e:63:
da:5e:f5:2e:71:db:c9:3c:72:b3:0c:01:b3:25:91:
ef:28:11:57:5f:8e:8e:ce:7b:1c:36:ad:73:7a:72:
c5:a7:ab:ea:8e:09:8f:2c:e2:0b:08:61:7c:ee:52:
ee:a2:57:93:ee:8c:04:3c:e8:36:0f:52:8c:83:cf:
0c:7f:35:3e:3b:e1:3f:ce:4d:ce:54:b6:df:96:82:
af:08:91:d9:8d:e2:6e:b3:01:37:e3:fa:e3:79:0a:
15:bc:52:fc:5b:f0:b9:2b:79:d1:b4:60:4a:00:85:
be:78:5c:81:37:03:e8:c2:a0:be:a8:0e:94:9d:39:
76:d7:9f:a3:2a:c0:23:27:56:85:fd:af:2a:0a:d7:
fb:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:DD:53:41:3F:B1:B2:0E:7A:91:CF:A7:1C:11:97:D6:CC:3B:56:E3
X509v3 Authority Key Identifier:
keyid:A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/RN1TQT-xsg56kc-nHBGX1sw7VuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.160.0-5.249.165.255
45.141.36.0/23
45.146.252.0/22
88.214.56.0-88.214.58.255
92.42.44.0/22
134.255.216.0/22
134.255.231.0-134.255.234.255
147.189.168.0/21
185.223.28.0/22
185.239.236.0/22
185.249.197.0-185.249.199.255
193.23.126.0/23
193.23.160.0/23
193.34.69.0/24
193.203.238.0/24
194.156.88.0/24
194.156.90.0/23
Signature Algorithm: sha256WithRSAEncryption
06:5e:5a:e6:f5:72:00:e6:ac:ad:68:bb:af:92:d3:b7:c8:2d:
cf:11:89:f0:85:d9:7d:ee:32:64:54:65:f2:6d:bd:87:00:a4:
d1:aa:a0:d2:8b:71:26:90:cc:f4:84:de:9d:0a:f4:7e:4a:5b:
35:9f:dd:df:f7:05:09:bc:19:dc:28:3e:03:14:61:31:ee:78:
66:7f:f9:06:d3:ed:cd:7e:c7:d2:4d:55:43:d4:87:f9:33:08:
91:37:1a:f7:6f:9f:72:e1:8e:eb:f1:4e:bf:13:6e:33:71:3d:
8d:01:3c:99:f5:0f:13:ed:ea:f5:8d:cb:81:80:9c:5b:e7:6f:
0e:db:c3:97:cb:5c:86:ae:24:f8:f6:ad:1b:97:7f:a0:f1:bc:
8a:b0:82:a4:cb:e8:39:6d:9c:be:00:87:1f:5c:f9:cc:1a:5b:
22:25:ff:34:b9:31:7a:81:80:8b:a2:09:85:de:e7:57:a7:64:
0c:84:a0:64:b5:6c:9a:a7:06:74:32:1d:6e:57:16:fd:50:24:
d8:d6:27:17:96:0b:2a:cb:25:5f:cf:63:cc:c2:e3:e2:51:c0:
fc:1b:6d:f4:44:17:f7:60:87:74:f2:9d:69:cc:a6:51:ac:64:
77:ea:01:70:9d:8f:9a:0c:cd:3b:02:ca:45:6c:5c:c8:59:b7:
37:db:ab:45
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZgJJ1N9kfi+8CsxFp7W76wWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNTEzZDI4OGRhYmRlN2RlZTA2OWJkYjYzNjU3M2NlOWMz
ZWNiNjAwHhcNMjUwNzE0MTMzNzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NGRkNTM0MTNmYjFiMjBlN2E5MWNmYTcxYzExOTdkNmNjM2I1NmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1z2q2m38jINEhMwVz9o1l8XcDMhK
FcQJ1BJoow+JgoJEWnmjuCZXsLy6N6ifmobYTemiGr67VRHTaLR3DpIib7R3HTcc
xsXcDAcHvOIF/KLWenhH1nX0w4Mm+b0SqHQwjhHGrXlhj8AR244G+xr705WgW1Qm
bmPaXvUucdvJPHKzDAGzJZHvKBFXX46OznscNq1zenLFp6vqjgmPLOILCGF87lLu
oleT7owEPOg2D1KMg88MfzU+O+E/zk3OVLbfloKvCJHZjeJuswE34/rjeQoVvFL8
W/C5K3nRtGBKAIW+eFyBNwPowqC+qA6UnTl215+jKsAjJ1aF/a8qCtf7QwIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFETdU0E/sbIOepHPpxwRl9bMO1bjMB8GA1UdIwQY
MBaAFKNRPSiNq9597gab22Nlc86cPstgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDct
ZTBkN2RkNWUyZTZmLzEvUk4xVFFULXhzZzU2a2MtbkhCR1gxc3c3VnVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDctZTBkN2RkNWUyZTZm
LzEvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDCBjQQCAAEwgYYwDAME
BQX5oAMEAQX5pAMEAS2NJAMEAi2S/DAMAwQDWNY4AwQAWNY6AwQCXCosAwQChv/Y
MAwDBACG/+cDBACG/+oDBAOTvagDBAK53xwDBAK57+wwDAMEALn5xQMEA7n5wAME
AcEXfgMEAcEXoAMEAMEiRQMEAMHL7gMEAMKcWAMEAcKcWjANBgkqhkiG9w0BAQsF
AAOCAQEABl5a5vVyAOasrWi7r5LTt8gtzxGJ8IXZfe4yZFRl8m29hwCk0aqg0otx
JpDM9ITenQr0fkpbNZ/d3/cFCbwZ3Cg+AxRhMe54Zn/5BtPtzX7H0k1VQ9SH+TMI
kTca92+fcuGO6/FOvxNuM3E9jQE8mfUPE+3q9Y3LgYCcW+dvDtvDl8tchq4k+Pat
G5d/oPG8irCCpMvoOW2cvgCHH1z5zBpbIiX/NLkxeoGAi6IJhd7nV6dkDISgZLVs
mqcGdDIdblcW/VAk2NYnF5YLKsslX89jzMLj4lHA/Btt9EQX92CHdPKdacymUaxk
d+oBcJ2PmgzNOwLKRWxcyFm3N9urRQ==
-----END CERTIFICATE-----
Generated at Sat Jul 26 00:22:18 2025 by rpki-client