Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/p12bDBAT0QPkWrhSOmjX5OOfRYU.roa
File: p12bDBAT0QPkWrhSOmjX5OOfRYU.roa (raw, json)
Hash identifier: I61D+01sCFA7/6eEMCDLtoz2JVh8EMCx1bfIAf32jrk=
Subject key identifier: A7:5D:9B:0C:10:13:D1:03:E4:5A:B8:52:3A:68:D7:E4:E3:9F:45:85
Certificate issuer: /CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Certificate serial: 0198091C57661AE01F46659861CB7FDFC434
Authority key identifier: A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/p12bDBAT0QPkWrhSOmjX5OOfRYU.roa
Signing time: Mon 14 Jul 2025 13:25:08 +0000
ROA not before: Mon 14 Jul 2025 13:25:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30823
IP address blocks: 5.249.160.0/24 maxlen: 24
5.249.161.0/24 maxlen: 24
5.249.162.0/24 maxlen: 24
5.249.163.0/24 maxlen: 24
5.249.164.0/24 maxlen: 24
5.249.165.0/24 maxlen: 24
5.249.166.0/24 maxlen: 24
45.141.36.0/24 maxlen: 24
45.141.37.0/24 maxlen: 24
45.146.252.0/24 maxlen: 24
45.146.253.0/24 maxlen: 24
45.146.254.0/24 maxlen: 24
45.146.255.0/24 maxlen: 24
88.214.56.0/24 maxlen: 24
88.214.57.0/24 maxlen: 24
88.214.58.0/24 maxlen: 24
88.214.59.0/24 maxlen: 24
92.42.44.0/22 maxlen: 22
92.42.44.0/24 maxlen: 24
92.42.45.0/24 maxlen: 24
92.42.46.0/24 maxlen: 24
92.42.47.0/24 maxlen: 24
134.255.216.0/24 maxlen: 24
134.255.217.0/24 maxlen: 24
134.255.218.0/24 maxlen: 24
134.255.219.0/24 maxlen: 24
134.255.231.0/24 maxlen: 24
134.255.232.0/24 maxlen: 24
134.255.233.0/24 maxlen: 24
134.255.234.0/24 maxlen: 24
147.189.168.0/24 maxlen: 24
147.189.169.0/24 maxlen: 24
147.189.170.0/24 maxlen: 24
147.189.171.0/24 maxlen: 24
147.189.172.0/24 maxlen: 24
147.189.173.0/24 maxlen: 24
147.189.174.0/24 maxlen: 24
147.189.175.0/24 maxlen: 24
185.223.28.0/24 maxlen: 24
185.223.29.0/24 maxlen: 24
185.223.30.0/24 maxlen: 24
185.223.31.0/24 maxlen: 24
185.239.236.0/24 maxlen: 24
185.239.237.0/24 maxlen: 24
185.239.238.0/24 maxlen: 24
185.239.239.0/24 maxlen: 24
185.249.197.0/24 maxlen: 24
185.249.198.0/24 maxlen: 24
185.249.199.0/24 maxlen: 24
193.23.126.0/24 maxlen: 24
193.23.127.0/24 maxlen: 24
193.23.160.0/24 maxlen: 24
193.23.161.0/24 maxlen: 24
193.34.69.0/24 maxlen: 24
193.203.238.0/24 maxlen: 24
194.156.88.0/24 maxlen: 24
194.156.90.0/24 maxlen: 24
194.156.91.0/24 maxlen: 24
2a0c:3580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:1c:57:66:1a:e0:1f:46:65:98:61:cb:7f:df:c4:34
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Validity
Not Before: Jul 14 13:25:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a75d9b0c1013d103e45ab8523a68d7e4e39f4585
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:cc:04:5e:6a:fb:15:83:7c:24:69:3d:2c:3c:
bb:b0:05:49:8f:81:63:1d:44:0d:ea:c3:4b:0d:71:
29:87:5c:8d:43:4d:98:4b:f2:27:21:f0:8e:d7:96:
71:72:33:f3:57:f4:ec:6e:a7:bc:9a:b9:42:f7:c8:
55:a4:0f:9b:36:59:c4:34:7b:55:f7:da:72:ce:96:
66:00:f9:7e:af:72:bd:3d:90:ac:29:82:97:e1:fd:
59:bb:a9:f5:71:0d:b3:82:94:20:d0:55:e3:00:77:
64:1d:00:f2:ac:34:87:30:d7:64:e2:3d:72:d2:49:
04:70:d5:04:d6:5a:58:83:c6:1b:82:8f:5b:aa:55:
aa:47:c2:aa:aa:cf:3b:f9:bb:35:f4:2d:b3:c5:18:
b8:0c:25:43:9e:23:7d:06:da:64:88:35:86:a0:c2:
d4:c6:e5:6f:55:41:a7:7b:d1:ee:a6:ad:83:fd:6b:
36:01:1c:58:c0:79:08:0d:9f:1a:2a:d8:92:e1:34:
9c:5a:f9:9c:e8:eb:ab:3a:bf:09:57:52:c9:31:7e:
cf:77:6a:3b:90:5c:77:14:6c:9b:61:0b:7c:14:d8:
2f:1c:01:fc:c7:6c:02:17:61:fc:b1:10:b8:cd:f2:
fd:2a:e2:d3:01:43:68:37:ce:1e:54:0c:68:6f:1d:
8f:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:5D:9B:0C:10:13:D1:03:E4:5A:B8:52:3A:68:D7:E4:E3:9F:45:85
X509v3 Authority Key Identifier:
keyid:A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/p12bDBAT0QPkWrhSOmjX5OOfRYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.160.0-5.249.166.255
45.141.36.0/23
45.146.252.0/22
88.214.56.0/22
92.42.44.0/22
134.255.216.0/22
134.255.231.0-134.255.234.255
147.189.168.0/21
185.223.28.0/22
185.239.236.0/22
185.249.197.0-185.249.199.255
193.23.126.0/23
193.23.160.0/23
193.34.69.0/24
193.203.238.0/24
194.156.88.0/24
194.156.90.0/23
IPv6:
2a0c:3580::/29
Signature Algorithm: sha256WithRSAEncryption
93:8c:26:8b:ca:03:2b:a1:8d:6f:c2:8a:13:be:4a:dd:23:0b:
01:86:28:cc:40:0e:a0:11:17:c3:70:8d:53:a7:b4:39:d0:aa:
d5:30:10:36:4e:36:9e:c6:38:d0:09:fc:a5:03:d6:91:8e:9b:
7a:eb:b2:b2:e5:02:4d:d4:c0:65:50:8f:b9:44:02:87:3a:ce:
c5:b7:c8:2f:0f:93:95:f0:a5:6a:a1:6b:5a:7e:8c:9b:3e:24:
d1:2d:2d:2a:a2:c2:5c:74:9e:76:35:0f:bf:dc:1a:c2:7c:e2:
a4:f3:a4:21:a0:31:1d:16:90:1d:84:41:ae:d6:b7:21:73:e6:
c0:32:1a:97:96:d0:f8:c4:b4:7d:11:d9:fa:e7:f6:67:0c:b7:
a7:24:dc:c0:4c:4e:42:7a:38:3c:54:1d:4d:c0:31:48:97:de:
bb:3d:87:64:c7:30:7e:b2:b4:a4:db:ae:27:45:f5:14:ff:19:
65:99:76:43:bf:02:61:21:12:38:e1:c6:c0:c2:e3:17:3d:6e:
8e:7c:c2:48:a3:92:f0:45:6f:76:b6:d5:79:40:2c:63:5d:b5:
36:a2:71:b8:9e:99:00:d0:c9:8e:94:6a:74:71:57:4a:35:6d:
7d:a4:20:ab:b8:a1:d4:c8:07:fd:fa:0c:21:83:88:89:b6:ba:
a7:53:e8:46
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZgJHFdmGuAfRmWYYct/38Q0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNTEzZDI4OGRhYmRlN2RlZTA2OWJkYjYzNjU3M2NlOWMz
ZWNiNjAwHhcNMjUwNzE0MTMyNTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzVkOWIwYzEwMTNkMTAzZTQ1YWI4NTIzYTY4ZDdlNGUzOWY0NTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAp8wEXmr7FYN8JGk9LDy7sAVJj4Fj
HUQN6sNLDXEph1yNQ02YS/InIfCO15ZxcjPzV/Tsbqe8mrlC98hVpA+bNlnENHtV
99pyzpZmAPl+r3K9PZCsKYKX4f1Zu6n1cQ2zgpQg0FXjAHdkHQDyrDSHMNdk4j1y
0kkEcNUE1lpYg8Ybgo9bqlWqR8Kqqs87+bs19C2zxRi4DCVDniN9BtpkiDWGoMLU
xuVvVUGne9Hupq2D/Ws2ARxYwHkIDZ8aKtiS4TScWvmc6OurOr8JV1LJMX7Pd2o7
kFx3FGybYQt8FNgvHAH8x2wCF2H8sRC4zfL9KuLTAUNoN84eVAxobx2PwQIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFKddmwwQE9ED5Fq4Ujpo1+Tjn0WFMB8GA1UdIwQY
MBaAFKNRPSiNq9597gab22Nlc86cPstgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDct
ZTBkN2RkNWUyZTZmLzEvcDEyYkRCQVQwUVBrV3JoU09talg1T09mUllVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDctZTBkN2RkNWUyZTZm
LzEvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfjAMAwQF
BfmgAwQABfmmAwQBLY0kAwQCLZL8AwQCWNY4AwQCXCosAwQChv/YMAwDBACG/+cD
BACG/+oDBAOTvagDBAK53xwDBAK57+wwDAMEALn5xQMEA7n5wAMEAcEXfgMEAcEX
oAMEAMEiRQMEAMHL7gMEAMKcWAMEAcKcWjANBAIAAjAHAwUDKgw1gDANBgkqhkiG
9w0BAQsFAAOCAQEAk4wmi8oDK6GNb8KKE75K3SMLAYYozEAOoBEXw3CNU6e0OdCq
1TAQNk42nsY40An8pQPWkY6beuuysuUCTdTAZVCPuUQChzrOxbfILw+TlfClaqFr
Wn6Mmz4k0S0tKqLCXHSedjUPv9wawnzipPOkIaAxHRaQHYRBrta3IXPmwDIal5bQ
+MS0fRHZ+uf2Zwy3pyTcwExOQno4PFQdTcAxSJfeuz2HZMcwfrK0pNuuJ0X1FP8Z
ZZl2Q78CYSESOOHGwMLjFz1ujnzCSKOS8EVvdrbVeUAsY121NqJxuJ6ZANDJjpRq
dHFXSjVtfaQgq7ih1MgH/foMIYOIiba6p1PoRg==
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:55:28 2025 by rpki-client