Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/7ls-94-1yxFmTgl5cysF8J-SNlk.roa
File: 7ls-94-1yxFmTgl5cysF8J-SNlk.roa (raw, json)
Hash identifier: BjSRi8ur2Kj9jhmA/vb7u2HEIFGQxeKkdlo11CukqAE=
Subject key identifier: EE:5B:3E:F7:8F:B5:CB:11:66:4E:09:79:73:2B:05:F0:9F:92:36:59
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019A0148052381870092EDD947D84CDE890A
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/7ls-94-1yxFmTgl5cysF8J-SNlk.roa
Signing time: Mon 20 Oct 2025 11:01:28 +0000
ROA not before: Mon 20 Oct 2025 11:01:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.35.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.236.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
93.177.105.0/24 maxlen: 24
93.177.107.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.108.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.185.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
146.19.194.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
178.211.140.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.198.153.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.141.53.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
194.26.221.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.64.106.0/24 maxlen: 24
195.64.109.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.64.117.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.148.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.18.96.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 15:30:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:48:05:23:81:87:00:92:ed:d9:47:d8:4c:de:89:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Oct 20 11:01:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ee5b3ef78fb5cb11664e0979732b05f09f923659
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:a1:80:d4:f5:ec:53:b9:1e:f2:f0:ee:e5:57:
85:70:e1:22:3f:04:5e:22:2c:f3:da:86:7c:76:57:
bf:2d:1d:7e:de:dd:58:09:20:c2:a8:9f:84:38:bb:
50:fa:43:90:5c:b7:63:c8:7e:86:e3:12:99:49:e6:
df:af:e0:52:a2:85:31:9d:9a:ba:32:ab:0a:f1:1d:
ca:83:71:ef:ca:f5:cb:46:dc:af:07:79:10:82:77:
e3:1e:b9:91:65:9f:4a:21:82:e1:d7:52:c6:fa:dc:
2a:6f:01:9b:a2:48:a5:44:1e:1e:56:bb:a9:dc:d1:
61:f0:bd:4a:e9:f6:72:7f:3b:a1:3e:df:82:b1:62:
75:fc:1b:3b:7d:8f:7b:ea:4b:f2:42:3d:ba:7e:8a:
71:26:18:2a:35:b0:db:81:9b:a8:db:21:d0:76:a5:
21:52:d8:4f:24:1e:bb:e5:00:1e:0f:43:9d:10:8e:
a8:d3:ab:e5:15:d5:0c:e9:36:bd:2c:c9:fb:f9:7b:
0e:ca:83:0a:a2:a4:2f:d1:d6:b3:a6:fa:aa:dc:18:
29:10:43:2a:dc:cf:a3:ff:ca:1e:24:1d:53:e1:56:
0b:43:7d:c2:46:94:be:97:4a:a9:90:ea:9d:86:a0:
e5:82:5a:7c:f0:17:a1:e3:df:86:7d:f3:c0:9d:5a:
34:c1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:5B:3E:F7:8F:B5:CB:11:66:4E:09:79:73:2B:05:F0:9F:92:36:59
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/7ls-94-1yxFmTgl5cysF8J-SNlk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.35.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.213.117.0/24
91.226.247.0/24
91.242.225.0/24
91.242.236.0/24
93.177.104.0/23
93.177.107.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.108.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.185.0/24
146.19.187.0/24
146.19.190.0/24
146.19.194.0/24
176.56.38.0/24
178.211.140.0/24
185.122.206.0/24
185.155.101.0/24
185.198.153.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.141.53.0/24
193.239.209.0/24
194.26.216.0/24
194.26.221.0/24
194.32.243.0/24
195.64.106.0/24
195.64.109.0/24
195.64.112.0/24
195.64.114.0/24
195.64.117.0/24
195.93.249.0/24
195.96.136.0/24
195.96.148.0/24
195.96.157.0/24
212.18.96.0/24
212.52.5.0/24
217.114.32.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
1f:be:8d:38:a0:69:95:85:d5:59:b4:9c:c0:02:86:be:ca:4e:
7c:84:83:ac:02:7b:2b:01:b9:36:b5:c8:91:4b:98:93:98:ed:
d6:70:19:0d:95:29:76:1d:92:56:d0:73:2a:ce:e8:ec:e0:d9:
c1:ce:72:a4:e7:ce:5c:5d:af:fd:dd:e5:33:51:86:04:61:ea:
4f:1b:79:55:ff:5c:10:36:e0:8d:ce:e6:51:4a:aa:18:b6:8f:
c8:0c:cf:e4:f2:0d:b9:06:a6:f6:99:ef:4c:f5:7e:12:ab:0d:
13:46:66:bf:60:2a:21:1a:f6:98:ee:f4:05:3c:95:66:3a:49:
d5:9f:a3:3c:e3:34:e3:fc:d0:06:7b:95:0c:03:a6:27:e9:c7:
dc:5b:e3:80:be:1d:49:bf:2f:54:5f:b7:b0:f2:da:f3:5b:b1:
c7:f2:5d:a0:b8:1b:ef:3b:e2:08:8e:e6:0b:9d:2b:14:cc:06:
d3:99:f7:84:c3:1f:94:22:e0:15:01:e0:c9:31:7d:70:ad:62:
ab:53:8d:4c:92:01:34:c4:b4:c7:13:c5:4c:d7:f2:de:68:62:
f6:db:e3:f6:5f:a9:0c:ec:dc:91:4b:a3:3d:78:17:80:28:c8:
77:69:03:47:87:09:5a:00:72:d0:4d:d7:47:7f:03:b8:9e:19:
72:9c:08:9d
-----BEGIN CERTIFICATE-----
MIIGdzCCBV+gAwIBAgISAZoBSAUjgYcAku3ZR9hM3okKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUxMDIwMTEwMTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZTViM2VmNzhmYjVjYjExNjY0ZTA5Nzk3MzJiMDVmMDlmOTIzNjU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnKGA1PXsU7ke8vDu5VeFcOEiPwRe
Iizz2oZ8dle/LR1+3t1YCSDCqJ+EOLtQ+kOQXLdjyH6G4xKZSebfr+BSooUxnZq6
MqsK8R3Kg3HvyvXLRtyvB3kQgnfjHrmRZZ9KIYLh11LG+twqbwGbokilRB4eVrup
3NFh8L1K6fZyfzuhPt+CsWJ1/Bs7fY976kvyQj26fopxJhgqNbDbgZuo2yHQdqUh
UthPJB675QAeD0OdEI6o06vlFdUM6Ta9LMn7+XsOyoMKoqQv0dazpvqq3BgpEEMq
3M+j/8oeJB1T4VYLQ33CRpS+l0qpkOqdhqDlglp88Beh49+GffPAnVo0wQIDAQAB
o4IDgzCCA38wHQYDVR0OBBYEFO5bPvePtcsRZk4JeXMrBfCfkjZZMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvN2xzLTk0LTF5eEZtVGdsNWN5c0Y4Si1TTmxrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlwYIKwYBBQUHAQcBAf8EggGGMIIBgjCCAX4EAgABMIIB
dgMEAQI4cAMEAAW3gAMEAC2EMAMEAC2diAMEAD5EUwMEAT5EVgMEAD7MJAMEAD7M
OQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBEnjAMAwQA
UFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LhAwQAW/LsAwQBXbFoAwQAXbFrAwQA
Xo/iAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhNsAwQAkhOJAwQAkhOUAwQAkhOWAwQA
khOYAwQAkhO5AwQAkhO7AwQAkhO+AwQAkhPCAwQAsDgmAwQAstOMAwQAuXrOAwQA
uZtlAwQAucaZAwQAudoBAwQAuegvAwQAwQMWAwQAwY01AwQAwe/RAwQAwhrYAwQA
whrdAwQAwiDzAwQAw0BqAwQAw0BtAwQAw0BwAwQAw0ByAwQAw0B1AwQAw135AwQA
w2CIAwQAw2CUAwQAw2CdAwQA1BJgAwQA1DQFAwQA2XIgAwQA2XeCMA0GCSqGSIb3
DQEBCwUAA4IBAQAfvo04oGmVhdVZtJzAAoa+yk58hIOsAnsrAbk2tciRS5iTmO3W
cBkNlSl2HZJW0HMqzujs4NnBznKk585cXa/93eUzUYYEYepPG3lV/1wQNuCNzuZR
SqoYto/IDM/k8g25Bqb2me9M9X4Sqw0TRma/YCohGvaY7vQFPJVmOknVn6M84zTj
/NAGe5UMA6Yn6cfcW+OAvh1Jvy9UX7ew8trzW7HH8l2guBvvO+IIjuYLnSsUzAbT
mfeEwx+UIuAVAeDJMX1wrWKrU41MkgE0xLTHE8VM1/LeaGL22+P2X6kM7NyRS6M9
eBeAKMh3aQNHhwlaAHLQTddHfwO4nhlynAid
-----END CERTIFICATE-----
Generated at Sat Oct 25 00:18:52 2025 by rpki-client