Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/tX0XQiC0tFJPchfAYe1wMQIb9lo.roa
File: tX0XQiC0tFJPchfAYe1wMQIb9lo.roa (raw, json)
Hash identifier: Pp0ZYw4juclHUNgiAE6YeX5hBIzAaF6ubZJesZFJE1M=
Subject key identifier: B5:7D:17:42:20:B4:B4:52:4F:72:17:C0:61:ED:70:31:02:1B:F6:5A
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 0198F5C971FCC8E426BE9624DB2A81439041
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/tX0XQiC0tFJPchfAYe1wMQIb9lo.roa
Signing time: Fri 29 Aug 2025 12:24:36 +0000
ROA not before: Fri 29 Aug 2025 12:24:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 2.56.112.0/24 maxlen: 24
2.56.113.0/24 maxlen: 24
5.183.128.0/24 maxlen: 24
45.132.48.0/24 maxlen: 24
45.157.136.0/24 maxlen: 24
62.68.83.0/24 maxlen: 24
62.68.86.0/24 maxlen: 24
62.68.87.0/24 maxlen: 24
62.204.36.0/24 maxlen: 24
62.204.57.0/24 maxlen: 24
62.233.35.0/24 maxlen: 24
62.233.45.0/24 maxlen: 24
62.233.49.0/24 maxlen: 24
62.233.56.0/24 maxlen: 24
62.233.60.0/24 maxlen: 24
80.68.145.0/24 maxlen: 24
80.68.158.0/24 maxlen: 24
80.91.209.0/24 maxlen: 24
80.91.210.0/24 maxlen: 24
91.213.117.0/24 maxlen: 24
91.226.247.0/24 maxlen: 24
91.242.225.0/24 maxlen: 24
91.242.236.0/24 maxlen: 24
93.177.104.0/24 maxlen: 24
93.177.105.0/24 maxlen: 24
93.177.107.0/24 maxlen: 24
94.143.226.0/24 maxlen: 24
94.158.191.0/24 maxlen: 24
130.193.79.0/24 maxlen: 24
130.255.169.0/24 maxlen: 24
146.19.108.0/24 maxlen: 24
146.19.137.0/24 maxlen: 24
146.19.148.0/24 maxlen: 24
146.19.150.0/24 maxlen: 24
146.19.152.0/24 maxlen: 24
146.19.185.0/24 maxlen: 24
146.19.187.0/24 maxlen: 24
146.19.190.0/24 maxlen: 24
146.19.194.0/24 maxlen: 24
176.56.38.0/24 maxlen: 24
178.211.140.0/24 maxlen: 24
185.122.206.0/24 maxlen: 24
185.155.101.0/24 maxlen: 24
185.198.153.0/24 maxlen: 24
185.218.1.0/24 maxlen: 24
185.232.47.0/24 maxlen: 24
193.3.22.0/24 maxlen: 24
193.141.53.0/24 maxlen: 24
193.239.209.0/24 maxlen: 24
194.26.216.0/24 maxlen: 24
194.26.221.0/24 maxlen: 24
194.32.243.0/24 maxlen: 24
195.64.106.0/24 maxlen: 24
195.64.109.0/24 maxlen: 24
195.64.112.0/24 maxlen: 24
195.64.114.0/24 maxlen: 24
195.64.117.0/24 maxlen: 24
195.93.249.0/24 maxlen: 24
195.96.136.0/24 maxlen: 24
195.96.146.0/24 maxlen: 24
195.96.148.0/24 maxlen: 24
195.96.157.0/24 maxlen: 24
212.18.96.0/24 maxlen: 24
212.52.5.0/24 maxlen: 24
217.114.32.0/24 maxlen: 24
217.119.130.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:c9:71:fc:c8:e4:26:be:96:24:db:2a:81:43:90:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Aug 29 12:24:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b57d174220b4b4524f7217c061ed7031021bf65a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:cd:7f:25:e0:91:7e:f9:a7:98:ef:3e:d3:3c:
b6:ff:ee:9b:29:21:ba:a3:8f:77:3b:c8:0a:cc:a0:
f6:5e:f8:37:ff:ac:96:75:aa:5e:b0:c5:59:87:89:
92:fd:d6:fd:77:a3:6e:15:aa:69:9e:9c:7f:52:95:
af:64:66:33:5f:fc:35:2d:70:89:f0:c8:1a:c5:3a:
f5:5d:ea:ae:18:dd:78:f9:35:23:f4:9a:75:e9:07:
a9:f1:0a:08:6b:6c:7c:b7:56:04:4b:03:f7:ba:65:
de:1e:55:1c:18:85:02:6f:76:2f:38:19:e1:10:fd:
84:a4:92:e1:39:1b:b7:28:56:ae:91:89:28:0d:cb:
e9:15:5c:04:ae:71:af:66:9d:8e:4f:46:6f:6e:b3:
cf:71:d1:a5:36:3a:e4:52:de:b6:5b:2d:0e:73:f1:
d3:6e:90:2b:05:e5:11:22:a9:75:82:e4:19:76:74:
3b:76:d9:d2:da:cb:19:97:42:4b:a6:f3:cd:2a:59:
79:5c:57:1d:e4:a1:ae:75:45:8d:bb:94:b3:5b:ed:
d4:56:31:98:97:ff:d4:a2:ff:a4:e0:f2:43:4c:83:
86:98:c8:ed:5e:d2:be:35:ae:36:f4:66:f6:45:64:
33:97:fe:3b:eb:80:84:cc:d2:30:76:70:00:59:88:
4b:3d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:7D:17:42:20:B4:B4:52:4F:72:17:C0:61:ED:70:31:02:1B:F6:5A
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/tX0XQiC0tFJPchfAYe1wMQIb9lo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.112.0/23
5.183.128.0/24
45.132.48.0/24
45.157.136.0/24
62.68.83.0/24
62.68.86.0/23
62.204.36.0/24
62.204.57.0/24
62.233.35.0/24
62.233.45.0/24
62.233.49.0/24
62.233.56.0/24
62.233.60.0/24
80.68.145.0/24
80.68.158.0/24
80.91.209.0-80.91.210.255
91.213.117.0/24
91.226.247.0/24
91.242.225.0/24
91.242.236.0/24
93.177.104.0/23
93.177.107.0/24
94.143.226.0/24
94.158.191.0/24
130.193.79.0/24
130.255.169.0/24
146.19.108.0/24
146.19.137.0/24
146.19.148.0/24
146.19.150.0/24
146.19.152.0/24
146.19.185.0/24
146.19.187.0/24
146.19.190.0/24
146.19.194.0/24
176.56.38.0/24
178.211.140.0/24
185.122.206.0/24
185.155.101.0/24
185.198.153.0/24
185.218.1.0/24
185.232.47.0/24
193.3.22.0/24
193.141.53.0/24
193.239.209.0/24
194.26.216.0/24
194.26.221.0/24
194.32.243.0/24
195.64.106.0/24
195.64.109.0/24
195.64.112.0/24
195.64.114.0/24
195.64.117.0/24
195.93.249.0/24
195.96.136.0/24
195.96.146.0/24
195.96.148.0/24
195.96.157.0/24
212.18.96.0/24
212.52.5.0/24
217.114.32.0/24
217.119.130.0/24
Signature Algorithm: sha256WithRSAEncryption
51:97:5a:bd:bd:e3:85:61:44:08:63:f1:0f:c8:5c:e1:9a:00:
9c:3c:5c:3e:49:21:c9:8b:f3:d9:e4:fd:9b:f5:5d:de:5c:3b:
ce:40:1b:f2:4a:a9:de:46:46:10:f1:94:a0:ee:35:ff:9d:d5:
85:df:12:b2:7b:e0:27:45:c2:79:dd:6f:31:ba:d4:7f:3b:39:
e1:87:64:6a:5b:20:50:b7:d8:b6:f9:e9:5e:a8:a9:c9:65:65:
8e:69:d2:c4:6e:d5:66:6d:c3:f0:8d:8c:3c:26:5c:4a:7b:2d:
c7:57:d2:48:2b:23:19:72:81:b6:68:6b:8b:fd:38:56:9b:0d:
2d:e2:63:c0:9b:37:2f:60:13:19:ed:ac:b7:5d:dd:73:d1:76:
32:c6:36:e5:23:cc:4f:c3:a1:05:d3:fb:71:c6:3b:24:86:e2:
15:8e:53:f4:d3:4a:fc:f7:66:af:79:a5:6f:67:bf:59:b2:37:
0b:89:9f:2e:95:f4:7e:16:e1:52:f7:86:d8:e7:b7:c5:fb:43:
ce:2d:8b:4d:a0:e8:8d:ba:91:de:8e:43:0d:b2:f3:3c:41:e4:
96:07:c3:0a:cb:33:5f:84:58:cc:31:75:9f:e7:12:ff:85:b1:
b4:fe:53:7a:86:1d:40:f6:a9:ea:9c:33:b4:af:2d:cd:aa:5e:
02:54:85:ef
-----BEGIN CERTIFICATE-----
MIIGfTCCBWWgAwIBAgISAZj1yXH8yOQmvpYk2yqBQ5BBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUwODI5MTIyNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTdkMTc0MjIwYjRiNDUyNGY3MjE3YzA2MWVkNzAzMTAyMWJmNjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkM1/JeCRfvmnmO8+0zy2/+6bKSG6
o493O8gKzKD2Xvg3/6yWdapesMVZh4mS/db9d6NuFappnpx/UpWvZGYzX/w1LXCJ
8MgaxTr1XequGN14+TUj9Jp16Qep8QoIa2x8t1YESwP3umXeHlUcGIUCb3YvOBnh
EP2EpJLhORu3KFaukYkoDcvpFVwErnGvZp2OT0ZvbrPPcdGlNjrkUt62Wy0Oc/HT
bpArBeURIql1guQZdnQ7dtnS2ssZl0JLpvPNKll5XFcd5KGudUWNu5SzW+3UVjGY
l//Uov+k4PJDTIOGmMjtXtK+Na429Gb2RWQzl/4764CEzNIwdnAAWYhLPQIDAQAB
o4IDiTCCA4UwHQYDVR0OBBYEFLV9F0IgtLRST3IXwGHtcDECG/ZaMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvdFgwWFFpQzB0RkpQY2hmQVllMXdNUUliOWxvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBnQYIKwYBBQUHAQcBAf8EggGMMIIBiDCCAYQEAgABMIIB
fAMEAQI4cAMEAAW3gAMEAC2EMAMEAC2diAMEAD5EUwMEAT5EVgMEAD7MJAMEAD7M
OQMEAD7pIwMEAD7pLQMEAD7pMQMEAD7pOAMEAD7pPAMEAFBEkQMEAFBEnjAMAwQA
UFvRAwQAUFvSAwQAW9V1AwQAW+L3AwQAW/LhAwQAW/LsAwQBXbFoAwQAXbFrAwQA
Xo/iAwQAXp6/AwQAgsFPAwQAgv+pAwQAkhNsAwQAkhOJAwQAkhOUAwQAkhOWAwQA
khOYAwQAkhO5AwQAkhO7AwQAkhO+AwQAkhPCAwQAsDgmAwQAstOMAwQAuXrOAwQA
uZtlAwQAucaZAwQAudoBAwQAuegvAwQAwQMWAwQAwY01AwQAwe/RAwQAwhrYAwQA
whrdAwQAwiDzAwQAw0BqAwQAw0BtAwQAw0BwAwQAw0ByAwQAw0B1AwQAw135AwQA
w2CIAwQAw2CSAwQAw2CUAwQAw2CdAwQA1BJgAwQA1DQFAwQA2XIgAwQA2XeCMA0G
CSqGSIb3DQEBCwUAA4IBAQBRl1q9veOFYUQIY/EPyFzhmgCcPFw+SSHJi/PZ5P2b
9V3eXDvOQBvySqneRkYQ8ZSg7jX/ndWF3xKye+AnRcJ53W8xutR/Oznhh2RqWyBQ
t9i2+eleqKnJZWWOadLEbtVmbcPwjYw8JlxKey3HV9JIKyMZcoG2aGuL/ThWmw0t
4mPAmzcvYBMZ7ay3Xd1z0XYyxjblI8xPw6EF0/txxjskhuIVjlP000r892aveaVv
Z79ZsjcLiZ8ulfR+FuFS94bY57fF+0POLYtNoOiNupHejkMNsvM8QeSWB8MKyzNf
hFjMMXWf5xL/hbG0/lN6hh1A9qnqnDO0ry3Nql4CVIXv
-----END CERTIFICATE-----
Generated at Tue Sep 9 12:45:56 2025 by rpki-client