Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/RQEsj5U6gDhjJcVy0TlXi-Wv0Jw.roa
File: RQEsj5U6gDhjJcVy0TlXi-Wv0Jw.roa (raw, json)
Hash identifier: 5spwbq7vTMKhgpfXnPqWkbfUupwJGaz4yD3OLMK3ImM=
Subject key identifier: 45:01:2C:8F:95:3A:80:38:63:25:C5:72:D1:39:57:8B:E5:AF:D0:9C
Certificate issuer: /CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Certificate serial: 0197CA3ECC3BEB4BE544BD3527A8B3F4509E
Authority key identifier: 09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/RQEsj5U6gDhjJcVy0TlXi-Wv0Jw.roa
Signing time: Wed 02 Jul 2025 08:26:42 +0000
ROA not before: Wed 02 Jul 2025 08:26:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202053
IP address blocks: 5.22.208.0/22 maxlen: 22
5.22.212.0/22 maxlen: 22
5.22.216.0/22 maxlen: 22
5.22.220.0/22 maxlen: 22
80.69.172.0/22 maxlen: 22
81.27.96.0/20 maxlen: 20
83.136.248.0/21 maxlen: 21
85.9.200.0/21 maxlen: 21
85.9.208.0/21 maxlen: 21
85.9.216.0/22 maxlen: 22
85.9.220.0/22 maxlen: 22
94.237.0.0/24 maxlen: 24
94.237.1.0/24 maxlen: 24
94.237.2.0/23 maxlen: 23
94.237.4.0/22 maxlen: 22
94.237.8.0/21 maxlen: 21
94.237.16.0/21 maxlen: 21
94.237.24.0/21 maxlen: 21
94.237.32.0/21 maxlen: 21
94.237.40.0/21 maxlen: 21
94.237.48.0/20 maxlen: 20
94.237.64.0/20 maxlen: 20
94.237.80.0/20 maxlen: 20
94.237.96.0/21 maxlen: 21
94.237.104.0/22 maxlen: 22
94.237.108.0/22 maxlen: 22
94.237.112.0/21 maxlen: 21
94.237.120.0/22 maxlen: 22
94.237.124.0/23 maxlen: 23
94.237.126.0/24 maxlen: 24
95.111.192.0/21 maxlen: 21
95.111.200.0/22 maxlen: 22
95.111.204.0/22 maxlen: 22
95.111.208.0/22 maxlen: 22
95.111.216.0/21 maxlen: 21
185.20.136.0/22 maxlen: 22
185.26.48.0/22 maxlen: 22
185.70.196.0/22 maxlen: 22
194.62.96.0/22 maxlen: 22
213.163.192.0/20 maxlen: 20
2a04:3540::/32 maxlen: 32
2a04:3541::/32 maxlen: 32
2a04:3541:8000::/34 maxlen: 34
2a04:3542::/32 maxlen: 32
2a04:3542:8000::/34 maxlen: 34
2a04:3543::/32 maxlen: 32
2a04:3544::/32 maxlen: 32
2a04:3544:8000::/34 maxlen: 34
2a04:3545::/32 maxlen: 32
2a04:3546::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ca:3e:cc:3b:eb:4b:e5:44:bd:35:27:a8:b3:f4:50:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=099a1f2dbf7b7a84ae57b8d67426b7e4e420fab5
Validity
Not Before: Jul 2 08:26:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45012c8f953a80386325c572d139578be5afd09c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:73:73:54:56:dc:79:f5:46:c5:89:db:00:46:
a8:d6:bb:b8:5e:78:d9:f3:60:aa:0b:72:db:d1:80:
c2:94:4c:a3:71:d2:ef:84:f5:9e:9a:e6:6a:7f:90:
9c:d4:8b:f5:32:fc:76:1f:d8:cc:16:ec:19:fe:7e:
a5:9f:b9:30:d5:c0:10:8a:b7:69:1a:e9:66:9b:9b:
cd:e0:be:3b:21:2f:a8:ca:c8:aa:ff:aa:fa:f7:62:
bc:a5:b9:2a:39:92:22:46:5e:99:88:81:c1:f1:78:
12:a3:a1:18:ab:e5:5a:40:12:85:75:7f:7c:50:e7:
1c:54:04:97:f5:a3:5d:97:9e:7a:e2:a1:09:dc:97:
66:e3:e5:42:7a:9f:0b:ac:91:10:59:b6:81:8b:94:
71:ea:e9:98:9f:28:9d:61:cc:cb:9e:8b:2c:f9:6e:
f9:0d:c3:fc:93:2e:2d:f0:b7:e8:86:a9:2a:e0:b8:
4f:3c:46:79:8f:4d:32:e6:08:34:70:9e:1f:c0:09:
74:fd:00:db:ad:a4:5d:1f:48:40:ef:16:61:6a:89:
42:e5:b2:30:83:af:a7:a0:8c:72:fd:84:ee:d9:ff:
1d:65:11:00:e7:e5:24:3c:d5:13:de:28:da:52:f7:
75:17:db:2d:a2:c4:d1:15:26:b8:c9:1b:e2:c8:81:
78:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:01:2C:8F:95:3A:80:38:63:25:C5:72:D1:39:57:8B:E5:AF:D0:9C
X509v3 Authority Key Identifier:
keyid:09:9A:1F:2D:BF:7B:7A:84:AE:57:B8:D6:74:26:B7:E4:E4:20:FA:B5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CZofLb97eoSuV7jWdCa35OQg-rU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/RQEsj5U6gDhjJcVy0TlXi-Wv0Jw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/d42abb-3342-4887-af40-9cd68f221e21/1/CZofLb97eoSuV7jWdCa35OQg-rU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.208.0/20
80.69.172.0/22
81.27.96.0/20
83.136.248.0/21
85.9.200.0-85.9.223.255
94.237.0.0-94.237.126.255
95.111.192.0-95.111.211.255
95.111.216.0/21
185.20.136.0/22
185.26.48.0/22
185.70.196.0/22
194.62.96.0/22
213.163.192.0/20
IPv6:
2a04:3540::-2a04:3546:ffff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
38:dd:19:05:c9:8a:a3:f0:88:a2:21:ee:8b:e5:50:d4:e1:1a:
07:02:86:ec:d5:64:9c:43:f7:5b:b5:70:74:65:1f:07:a4:d4:
05:8f:be:f2:cf:07:8f:1d:d1:99:b2:65:f2:c9:95:8f:13:bb:
e5:9a:97:4e:a0:5b:55:2c:0a:85:57:8f:56:f5:c1:01:02:96:
36:3a:55:2d:60:85:a1:c1:8e:01:48:3b:30:87:5c:02:23:f9:
45:1e:11:2d:02:3e:46:60:23:5c:ec:01:b5:6f:03:d2:af:c5:
e4:e1:af:37:bc:61:20:70:7a:04:3c:e8:78:eb:99:d4:b4:3a:
d5:43:ab:3b:0f:1f:4f:5c:36:81:ab:2b:a2:6b:bf:a3:c4:cf:
b1:4c:be:2f:5d:35:4d:f1:95:b4:85:e8:48:ea:f2:36:18:38:
e8:03:1a:3d:b8:d8:8b:4f:51:2d:45:92:93:ab:f0:8c:38:78:
b9:54:c4:8d:56:9a:d5:66:4e:eb:1f:ea:5c:c4:98:a1:4b:4f:
62:1b:f2:57:15:37:6d:44:e1:a6:ab:9a:35:5d:da:da:8a:43:
a4:0d:b6:44:81:6c:6a:ac:69:eb:28:16:2a:0a:24:fa:b6:13:
1c:d2:57:d2:89:f3:58:eb:ea:96:6b:62:2f:54:47:dc:8d:8d:
c9:07:f4:c3
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZfKPsw760vlRL01J6iz9FCeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5OWExZjJkYmY3YjdhODRhZTU3YjhkNjc0MjZiN2U0ZTQy
MGZhYjUwHhcNMjUwNzAyMDgyNjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NTAxMmM4Zjk1M2E4MDM4NjMyNWM1NzJkMTM5NTc4YmU1YWZkMDljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxXNzVFbcefVGxYnbAEao1ru4XnjZ
82CqC3Lb0YDClEyjcdLvhPWemuZqf5Cc1Iv1Mvx2H9jMFuwZ/n6ln7kw1cAQirdp
Gulmm5vN4L47IS+oysiq/6r692K8pbkqOZIiRl6ZiIHB8XgSo6EYq+VaQBKFdX98
UOccVASX9aNdl5564qEJ3Jdm4+VCep8LrJEQWbaBi5Rx6umYnyidYczLnoss+W75
DcP8ky4t8Lfohqkq4LhPPEZ5j00y5gg0cJ4fwAl0/QDbraRdH0hA7xZhaolC5bIw
g6+noIxy/YTu2f8dZREA5+UkPNUT3ijaUvd1F9stosTRFSa4yRviyIF4nQIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFEUBLI+VOoA4YyXFctE5V4vlr9CcMB8GA1UdIwQY
MBaAFAmaHy2/e3qErle41nQmt+TkIPq1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAt
OWNkNjhmMjIxZTIxLzEvUlFFc2o1VTZnRGhqSmNWeTBUbFhpLVd2MEp3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS9kNDJhYmItMzM0Mi00ODg3LWFmNDAtOWNkNjhmMjIxZTIx
LzEvQ1pvZkxiOTdlb1N1VjdqV2RDYTM1T1FnLXJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBrBAIAATBlAwQEBRbQ
AwQCUEWsAwQEURtgAwQDU4j4MAwDBANVCcgDBAVVCcAwCwMDAF7tAwQAXu1+MAwD
BAZfb8ADBAJfb9ADBANfb9gDBAK5FIgDBAK5GjADBAK5RsQDBALCPmADBATVo8Aw
FgQCAAIwEDAOAwUGKgQ1QAMFACoENUYwDQYJKoZIhvcNAQELBQADggEBADjdGQXJ
iqPwiKIh7ovlUNThGgcChuzVZJxD91u1cHRlHwek1AWPvvLPB48d0ZmyZfLJlY8T
u+Wal06gW1UsCoVXj1b1wQECljY6VS1ghaHBjgFIOzCHXAIj+UUeES0CPkZgI1zs
AbVvA9KvxeThrze8YSBwegQ86HjrmdS0OtVDqzsPH09cNoGrK6Jrv6PEz7FMvi9d
NU3xlbSF6Ejq8jYYOOgDGj242ItPUS1FkpOr8Iw4eLlUxI1WmtVmTusf6lzEmKFL
T2Ib8lcVN21E4aarmjVd2tqKQ6QNtkSBbGqsaesoFioKJPq2ExzSV9KJ81jr6pZr
Yi9UR9yNjckH9MM=
-----END CERTIFICATE-----
Generated at Sun Jul 27 08:43:30 2025 by rpki-client