Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/h5NF_Tx5Gv6vWtfnwGyh3VRdnTk.roa
File: h5NF_Tx5Gv6vWtfnwGyh3VRdnTk.roa (raw, json)
Hash identifier: BKuppRUn6Xq2lQXG35ViYm1avyM64S8t8uEWZ7eoEGQ=
Subject key identifier: 87:93:45:FD:3C:79:1A:FE:AF:5A:D7:E7:C0:6C:A1:DD:54:5D:9D:39
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 0196C395664D29FA85DFF2851D2FCD5BFAE9
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/h5NF_Tx5Gv6vWtfnwGyh3VRdnTk.roa
Signing time: Mon 12 May 2025 08:21:10 +0000
ROA not before: Mon 12 May 2025 08:21:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210756
IP address blocks: 5.8.42.0/24 maxlen: 24
5.8.43.0/24 maxlen: 24
5.101.68.0/24 maxlen: 24
5.101.69.0/24 maxlen: 24
5.101.70.0/24 maxlen: 24
5.101.218.0/24 maxlen: 24
5.188.2.0/24 maxlen: 24
5.188.3.0/24 maxlen: 24
5.188.7.0/24 maxlen: 24
5.188.35.0/24 maxlen: 24
5.188.37.0/24 maxlen: 24
5.188.38.0/24 maxlen: 24
5.188.39.0/24 maxlen: 24
5.188.121.0/24 maxlen: 24
5.188.149.0/24 maxlen: 24
5.188.150.0/24 maxlen: 24
5.188.170.0/24 maxlen: 24
5.188.171.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.188.179.0/24 maxlen: 24
5.188.212.0/24 maxlen: 24
5.188.224.0/24 maxlen: 24
5.188.229.0/24 maxlen: 24
5.189.201.0/24 maxlen: 24
5.189.205.0/24 maxlen: 24
5.189.223.0/24 maxlen: 24
31.184.200.0/24 maxlen: 24
31.184.201.0/24 maxlen: 24
31.184.202.0/24 maxlen: 24
31.184.203.0/24 maxlen: 24
31.184.204.0/24 maxlen: 24
31.184.205.0/24 maxlen: 24
37.9.36.0/24 maxlen: 24
37.9.37.0/24 maxlen: 24
37.9.38.0/24 maxlen: 24
37.9.39.0/24 maxlen: 24
37.9.52.0/24 maxlen: 24
37.9.53.0/24 maxlen: 24
37.9.54.0/24 maxlen: 24
37.9.55.0/24 maxlen: 24
45.147.162.0/24 maxlen: 24
45.147.163.0/24 maxlen: 24
79.133.127.0/24 maxlen: 24
82.97.207.0/24 maxlen: 24
83.229.14.0/24 maxlen: 24
83.229.25.0/24 maxlen: 24
91.243.80.0/24 maxlen: 24
91.243.82.0/24 maxlen: 24
91.243.83.0/24 maxlen: 24
91.243.84.0/24 maxlen: 24
91.243.86.0/24 maxlen: 24
92.38.128.0/24 maxlen: 24
92.38.129.0/24 maxlen: 24
92.38.130.0/24 maxlen: 24
92.38.131.0/24 maxlen: 24
92.38.136.0/24 maxlen: 24
92.38.137.0/24 maxlen: 24
92.38.138.0/24 maxlen: 24
92.38.139.0/24 maxlen: 24
92.38.152.0/24 maxlen: 24
92.38.153.0/24 maxlen: 24
92.38.156.0/24 maxlen: 24
92.38.188.0/24 maxlen: 24
92.38.189.0/24 maxlen: 24
92.38.190.0/24 maxlen: 24
92.38.191.0/24 maxlen: 24
92.223.4.0/24 maxlen: 24
92.223.5.0/24 maxlen: 24
92.223.6.0/24 maxlen: 24
92.223.8.0/24 maxlen: 24
92.223.9.0/24 maxlen: 24
92.223.14.0/24 maxlen: 24
92.223.32.0/24 maxlen: 24
92.223.33.0/24 maxlen: 24
92.223.34.0/24 maxlen: 24
92.223.35.0/24 maxlen: 24
92.223.36.0/24 maxlen: 24
92.223.38.0/24 maxlen: 24
92.223.41.0/24 maxlen: 24
92.223.43.0/24 maxlen: 24
92.223.49.0/24 maxlen: 24
92.223.60.0/24 maxlen: 24
92.223.64.0/24 maxlen: 24
92.223.65.0/24 maxlen: 24
92.223.67.0/24 maxlen: 24
92.223.72.0/24 maxlen: 24
92.223.80.0/24 maxlen: 24
92.223.87.0/24 maxlen: 24
92.223.91.0/24 maxlen: 24
92.223.103.0/24 maxlen: 24
92.223.106.0/24 maxlen: 24
92.223.108.0/24 maxlen: 24
92.223.109.0/24 maxlen: 24
92.223.110.0/24 maxlen: 24
92.223.111.0/24 maxlen: 24
92.223.114.0/24 maxlen: 24
92.223.115.0/24 maxlen: 24
92.223.122.0/24 maxlen: 24
92.223.123.0/24 maxlen: 24
95.85.88.0/24 maxlen: 24
95.181.176.0/24 maxlen: 24
95.181.177.0/24 maxlen: 24
95.181.178.0/24 maxlen: 24
95.181.179.0/24 maxlen: 24
95.181.180.0/24 maxlen: 24
95.181.181.0/24 maxlen: 24
95.181.182.0/24 maxlen: 24
95.181.183.0/24 maxlen: 24
146.185.196.0/24 maxlen: 24
146.185.197.0/24 maxlen: 24
146.185.198.0/24 maxlen: 24
146.185.199.0/24 maxlen: 24
146.185.215.0/24 maxlen: 24
146.185.218.0/24 maxlen: 24
185.14.46.0/24 maxlen: 24
185.101.137.0/24 maxlen: 24
193.17.93.0/24 maxlen: 24
195.39.207.0/24 maxlen: 24
2a11:27c0::/44 maxlen: 44
2a11:27c0:10::/44 maxlen: 44
2a11:27c0:20::/44 maxlen: 44
2a11:27c0:100::/44 maxlen: 44
2a11:27c0:110::/44 maxlen: 44
2a11:27c0:120::/44 maxlen: 44
2a11:27c0:130::/44 maxlen: 44
2a11:27c0:140::/44 maxlen: 44
2a11:27c0:150::/44 maxlen: 44
2a11:27c0:160::/44 maxlen: 44
2a11:27c0:170::/44 maxlen: 44
2a11:27c0:180::/44 maxlen: 44
2a11:27c0:190::/44 maxlen: 44
2a11:27c0:1a0::/44 maxlen: 44
2a11:27c0:1b0::/44 maxlen: 44
2a11:27c0:1c0::/44 maxlen: 44
2a11:27c0:1d0::/44 maxlen: 44
2a11:27c0:1e0::/44 maxlen: 44
2a11:27c0:1f0::/44 maxlen: 44
2a11:27c0:200::/44 maxlen: 44
2a11:27c0:210::/44 maxlen: 44
2a11:27c0:1000::/44 maxlen: 44
2a11:27c0:1010::/44 maxlen: 44
2a11:27c0:1020::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:95:66:4d:29:fa:85:df:f2:85:1d:2f:cd:5b:fa:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: May 12 08:21:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=879345fd3c791afeaf5ad7e7c06ca1dd545d9d39
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:c7:a7:3d:e6:75:fc:b4:31:a2:2c:1f:7f:5f:
05:9b:5c:97:2b:ce:39:b7:e4:6a:ef:c1:23:95:45:
25:71:53:f5:93:e2:e9:4e:79:d1:2d:99:e6:a9:09:
92:20:b9:79:24:61:9f:9a:82:67:9c:39:d8:b5:b4:
61:d9:1d:4a:78:81:be:8d:8b:c6:85:f3:dc:3c:a3:
89:b1:9e:0c:27:df:ce:aa:a2:db:32:ac:52:12:57:
1b:77:4d:6f:10:30:63:c2:d1:7f:45:93:bf:41:95:
4b:69:b7:c0:a5:7b:6a:4b:d3:28:a6:17:5e:6f:70:
43:10:ee:42:09:7d:fa:98:8b:61:e7:96:14:28:7a:
35:f7:44:fc:3b:d6:84:40:3b:59:5c:d8:0b:a1:72:
fb:ce:79:c3:ce:b3:7b:ff:24:a7:24:62:b0:95:55:
33:6c:d9:60:a8:32:86:d9:25:60:04:35:fd:39:05:
ec:de:9b:85:1f:b5:36:75:c4:5c:98:c4:31:67:3e:
99:10:83:03:b2:78:47:ac:fe:59:c9:af:16:0a:1c:
de:36:f3:db:03:ae:44:4e:11:86:2d:3f:35:5c:2d:
a5:7c:7a:44:32:27:bd:c0:b5:6a:5e:79:eb:14:3b:
ea:a1:d0:5a:db:09:73:43:59:92:02:d3:b4:bd:f2:
73:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:93:45:FD:3C:79:1A:FE:AF:5A:D7:E7:C0:6C:A1:DD:54:5D:9D:39
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/h5NF_Tx5Gv6vWtfnwGyh3VRdnTk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.42.0/23
5.101.68.0-5.101.70.255
5.101.218.0/24
5.188.2.0/23
5.188.7.0/24
5.188.35.0/24
5.188.37.0-5.188.39.255
5.188.121.0/24
5.188.149.0-5.188.150.255
5.188.170.0/23
5.188.176.0/22
5.188.212.0/24
5.188.224.0/24
5.188.229.0/24
5.189.201.0/24
5.189.205.0/24
5.189.223.0/24
31.184.200.0-31.184.205.255
37.9.36.0/22
37.9.52.0/22
45.147.162.0/23
79.133.127.0/24
82.97.207.0/24
83.229.14.0/24
83.229.25.0/24
91.243.80.0/24
91.243.82.0-91.243.84.255
91.243.86.0/24
92.38.128.0/22
92.38.136.0/22
92.38.152.0/23
92.38.156.0/24
92.38.188.0/22
92.223.4.0-92.223.6.255
92.223.8.0/23
92.223.14.0/24
92.223.32.0-92.223.36.255
92.223.38.0/24
92.223.41.0/24
92.223.43.0/24
92.223.49.0/24
92.223.60.0/24
92.223.64.0/23
92.223.67.0/24
92.223.72.0/24
92.223.80.0/24
92.223.87.0/24
92.223.91.0/24
92.223.103.0/24
92.223.106.0/24
92.223.108.0/22
92.223.114.0/23
92.223.122.0/23
95.85.88.0/24
95.181.176.0/21
146.185.196.0/22
146.185.215.0/24
146.185.218.0/24
185.14.46.0/24
185.101.137.0/24
193.17.93.0/24
195.39.207.0/24
IPv6:
2a11:27c0::-2a11:27c0:2f:ffff:ffff:ffff:ffff:ffff
2a11:27c0:100::-2a11:27c0:21f:ffff:ffff:ffff:ffff:ffff
2a11:27c0:1000::-2a11:27c0:102f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
0b:11:43:08:5d:82:d1:57:2c:2a:e5:59:97:5c:d5:53:1a:14:
d6:d4:7b:09:f7:3e:5e:94:37:03:a1:a5:55:fe:26:cc:a0:19:
7c:5b:16:8b:cd:db:b6:50:8d:76:09:1b:cf:db:11:29:9e:9c:
f2:b0:c4:01:d0:7e:7a:a8:4e:32:b5:d0:2e:46:e5:6d:d4:7a:
bb:8a:79:bc:bb:ec:bd:d8:44:07:45:6d:e1:a4:92:9a:7d:34:
46:e4:ad:de:a5:8f:f1:b5:35:9d:d5:2f:f6:a1:be:09:db:b2:
86:d6:a7:87:f5:e0:e5:e2:ee:88:94:3c:dd:8a:12:f4:58:dd:
77:85:5e:af:10:a3:d1:84:26:e0:e2:65:94:c4:80:c4:90:eb:
44:7b:d7:5f:6c:21:5b:a4:49:ff:cf:a7:db:95:0f:95:af:8e:
3c:48:c1:40:a2:7b:21:36:c6:5a:7f:d6:40:5b:8b:b6:e3:7c:
24:0a:62:46:ba:3a:28:d7:b3:1b:7d:ba:8d:d8:4d:20:27:bc:
f7:77:4f:c4:4b:2d:cd:1d:b1:c6:be:93:a9:25:d0:38:65:b2:
e0:d2:bb:d5:84:91:70:b0:86:45:b3:ff:b1:29:c6:b9:c3:2f:
4a:5d:a5:ce:70:63:5f:03:ad:66:30:75:e8:13:16:ae:2e:7c:
56:35:2e:f8
-----BEGIN CERTIFICATE-----
MIIG7TCCBdWgAwIBAgISAZbDlWZNKfqF3/KFHS/NW/rpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjUwNTEyMDgyMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NzkzNDVmZDNjNzkxYWZlYWY1YWQ3ZTdjMDZjYTFkZDU0NWQ5ZDM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3MenPeZ1/LQxoiwff18Fm1yXK845
t+Rq78EjlUUlcVP1k+LpTnnRLZnmqQmSILl5JGGfmoJnnDnYtbRh2R1KeIG+jYvG
hfPcPKOJsZ4MJ9/OqqLbMqxSElcbd01vEDBjwtF/RZO/QZVLabfApXtqS9Mophde
b3BDEO5CCX36mIth55YUKHo190T8O9aEQDtZXNgLoXL7znnDzrN7/ySnJGKwlVUz
bNlgqDKG2SVgBDX9OQXs3puFH7U2dcRcmMQxZz6ZEIMDsnhHrP5Zya8WChzeNvPb
A65EThGGLT81XC2lfHpEMie9wLVqXnnrFDvqodBa2wlzQ1mSAtO0vfJzlwIDAQAB
o4ID+TCCA/UwHQYDVR0OBBYEFIeTRf08eRr+r1rX58Bsod1UXZ05MB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvaDVORl9UeDVHdjZ2V3RmbndHeWgzVlJkblRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICDQYIKwYBBQUHAQcBAf8EggH8MIIB+DCCAbQEAgABMIIB
rAMEAQUIKjAMAwQCBWVEAwQABWVGAwQABWXaAwQBBbwCAwQABbwHAwQABbwjMAwD
BAAFvCUDBAMFvCADBAAFvHkwDAMEAAW8lQMEAAW8lgMEAQW8qgMEAgW8sAMEAAW8
1AMEAAW84AMEAAW85QMEAAW9yQMEAAW9zQMEAAW93zAMAwQDH7jIAwQBH7jMAwQC
JQkkAwQCJQk0AwQBLZOiAwQAT4V/AwQAUmHPAwQAU+UOAwQAU+UZAwQAW/NQMAwD
BAFb81IDBABb81QDBABb81YDBAJcJoADBAJcJogDBAFcJpgDBABcJpwDBAJcJrww
DAMEAlzfBAMEAFzfBgMEAVzfCAMEAFzfDjAMAwQFXN8gAwQAXN8kAwQAXN8mAwQA
XN8pAwQAXN8rAwQAXN8xAwQAXN88AwQBXN9AAwQAXN9DAwQAXN9IAwQAXN9QAwQA
XN9XAwQAXN9bAwQAXN9nAwQAXN9qAwQCXN9sAwQBXN9yAwQBXN96AwQAX1VYAwQD
X7WwAwQCkrnEAwQAkrnXAwQAkrnaAwQAuQ4uAwQAuWWJAwQAwRFdAwQAwyfPMD4E
AgACMDgwEAMFBioRJ8ADBwQqESfAACAwEQMGACoRJ8ABAwcFKhEnwAIAMBEDBgQq
ESfAEAMHBCoRJ8AQIDANBgkqhkiG9w0BAQsFAAOCAQEACxFDCF2C0VcsKuVZl1zV
UxoU1tR7Cfc+XpQ3A6GlVf4mzKAZfFsWi83btlCNdgkbz9sRKZ6c8rDEAdB+eqhO
MrXQLkblbdR6u4p5vLvsvdhEB0Vt4aSSmn00RuSt3qWP8bU1ndUv9qG+Cduyhtan
h/Xg5eLuiJQ83YoS9Fjdd4VerxCj0YQm4OJllMSAxJDrRHvXX2whW6RJ/8+n25UP
la+OPEjBQKJ7ITbGWn/WQFuLtuN8JApiRro6KNezG326jdhNICe893dPxEstzR2x
xr6TqSXQOGWy4NK71YSRcLCGRbP/sSnGucMvSl2lznBjXwOtZjB16BMWri58VjUu
+A==
-----END CERTIFICATE-----
Generated at Sun Jun 8 04:22:17 2025 by rpki-client