Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/5bucpm77LtnXjK7o-jpiDW291Yw.roa
File: 5bucpm77LtnXjK7o-jpiDW291Yw.roa (raw, json)
Hash identifier: S2CYvpEr7FdqvUdlAxqrDbEjDQNF8pYqq1mftWv1ZPE=
Subject key identifier: E5:BB:9C:A6:6E:FB:2E:D9:D7:8C:AE:E8:FA:3A:62:0D:6D:BD:D5:8C
Certificate issuer: /CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Certificate serial: 019A2BDDBB97AEF804DF9B0B65B769043461
Authority key identifier: 66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/5bucpm77LtnXjK7o-jpiDW291Yw.roa
Signing time: Tue 28 Oct 2025 17:29:03 +0000
ROA not before: Tue 28 Oct 2025 17:29:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34170
IP address blocks: 80.69.48.0/24 maxlen: 24
80.69.49.0/24 maxlen: 24
80.69.50.0/24 maxlen: 24
80.69.51.0/24 maxlen: 24
80.69.53.0/24 maxlen: 24
80.69.56.0/24 maxlen: 24
80.69.57.0/24 maxlen: 24
80.69.60.0/24 maxlen: 24
91.135.240.0/24 maxlen: 24
91.135.241.0/24 maxlen: 24
91.135.242.0/24 maxlen: 24
91.135.243.0/24 maxlen: 24
91.135.244.0/24 maxlen: 24
91.135.252.0/24 maxlen: 24
91.135.253.0/24 maxlen: 24
92.39.90.0/24 maxlen: 24
92.39.91.0/24 maxlen: 24
92.39.92.0/24 maxlen: 24
92.39.93.0/24 maxlen: 24
92.39.94.0/24 maxlen: 24
158.181.34.0/24 maxlen: 24
158.181.37.0/24 maxlen: 24
158.181.38.0/24 maxlen: 24
158.181.39.0/24 maxlen: 24
158.181.44.0/23 maxlen: 23
158.181.46.0/23 maxlen: 23
185.92.224.0/24 maxlen: 24
185.92.225.0/24 maxlen: 24
185.92.226.0/24 maxlen: 24
185.105.196.0/24 maxlen: 24
185.105.197.0/24 maxlen: 24
185.105.198.0/24 maxlen: 24
185.105.199.0/24 maxlen: 24
212.47.152.0/24 maxlen: 24
212.47.153.0/24 maxlen: 24
212.47.154.0/24 maxlen: 24
212.47.155.0/24 maxlen: 24
212.47.156.0/24 maxlen: 24
212.47.157.0/24 maxlen: 24
212.47.158.0/24 maxlen: 24
2a05:8200::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 30 Oct 2025 17:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:2b:dd:bb:97:ae:f8:04:df:9b:0b:65:b7:69:04:34:61
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=666034ca6a16bbd0144abdf5cf2458f968b1589c
Validity
Not Before: Oct 28 17:29:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5bb9ca66efb2ed9d78caee8fa3a620d6dbdd58c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:65:23:57:b8:e7:01:ca:3b:30:63:cd:b8:d4:
21:be:3d:31:33:05:38:42:db:e9:e4:b1:fb:41:3c:
69:13:68:fe:62:20:74:bd:28:c2:29:81:53:4a:9f:
d1:c0:0b:c9:93:a8:5c:ae:dc:85:fc:f5:02:37:87:
f1:7b:79:a2:f8:1b:46:f3:90:d2:7c:fe:34:bf:39:
bf:0b:33:c4:a3:4c:75:cc:8e:90:de:26:23:f2:dd:
00:15:9a:99:a4:14:00:0c:f0:8e:cf:61:2a:05:5b:
14:06:84:e7:f7:3d:2e:7d:f1:42:1f:6e:89:82:d1:
a6:fe:71:ae:0d:f6:77:9c:d3:b6:93:b4:5e:b5:50:
c5:e4:6d:c7:1b:30:2b:c1:60:40:b9:95:88:ac:6f:
7d:7d:69:19:2d:e8:2d:ad:0a:17:fc:e0:05:99:25:
3e:5d:47:80:3a:0d:c3:f4:e2:88:f8:03:a1:b2:30:
c4:b9:bd:73:69:58:23:17:76:28:3a:4f:39:df:04:
f0:dd:9a:f7:98:fe:1d:6b:d4:dd:a8:4e:88:17:6a:
70:86:47:ee:06:66:0d:b5:d1:8d:ea:09:4e:39:f5:
2f:5e:7c:cf:f2:c5:c8:04:c5:4c:e8:59:56:8e:a3:
a7:f1:a4:54:de:4c:e0:3f:a9:1b:78:d5:32:06:68:
eb:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:BB:9C:A6:6E:FB:2E:D9:D7:8C:AE:E8:FA:3A:62:0D:6D:BD:D5:8C
X509v3 Authority Key Identifier:
keyid:66:60:34:CA:6A:16:BB:D0:14:4A:BD:F5:CF:24:58:F9:68:B1:58:9C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZmA0ymoWu9AUSr31zyRY-WixWJw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/5bucpm77LtnXjK7o-jpiDW291Yw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/f4b733-29ad-4d56-b9d2-5d48bcd7c1dc/1/ZmA0ymoWu9AUSr31zyRY-WixWJw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.69.48.0/22
80.69.53.0/24
80.69.56.0/23
80.69.60.0/24
91.135.240.0-91.135.244.255
91.135.252.0/23
92.39.90.0-92.39.94.255
158.181.34.0/24
158.181.37.0-158.181.39.255
158.181.44.0/22
185.92.224.0-185.92.226.255
185.105.196.0/22
212.47.152.0-212.47.158.255
IPv6:
2a05:8200::/29
Signature Algorithm: sha256WithRSAEncryption
07:56:61:5c:d4:71:82:30:fd:fa:6d:84:7a:f2:c1:28:5d:97:
c2:12:87:49:ee:dc:10:21:a7:80:fd:30:a4:35:66:8e:be:dc:
d4:0b:37:07:16:61:37:e6:9e:f6:09:6c:8a:2c:e7:05:3a:43:
69:de:52:2e:24:9c:56:24:99:0d:5b:90:79:ce:85:15:b2:67:
f4:4b:67:0e:7e:52:d2:91:85:99:52:7d:22:98:af:c9:ef:be:
ae:48:fb:82:6a:ce:b0:b5:85:ec:53:91:32:a4:7f:f8:de:17:
1a:70:95:df:f2:e6:b9:df:7d:9a:8c:4f:18:c8:74:5b:0d:66:
68:fc:52:ee:f4:ff:c3:2f:4f:3d:98:84:36:da:c9:a7:68:78:
a3:de:3b:b8:c2:66:87:3b:d8:c0:a0:04:32:ba:4d:c5:08:3d:
f0:8f:07:a6:ca:4d:fa:01:a8:f3:86:c6:49:bc:63:b4:ce:71:
c5:80:e1:62:bf:92:35:04:40:18:e9:22:60:d8:c2:ec:ab:c5:
a6:9a:ae:af:cc:c6:c8:66:16:cd:7c:7d:d9:6b:71:f6:b7:54:
e0:bf:5b:7e:26:3b:ec:11:92:8c:93:82:e5:76:f6:8f:7b:d3:
be:55:69:5c:22:c0:5f:27:e9:60:11:5f:00:c2:0c:07:72:bf:
e0:21:13:c7
-----BEGIN CERTIFICATE-----
MIIFfzCCBGegAwIBAgISAZor3buXrvgE35sLZbdpBDRhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2NjAzNGNhNmExNmJiZDAxNDRhYmRmNWNmMjQ1OGY5Njhi
MTU4OWMwHhcNMjUxMDI4MTcyOTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWJiOWNhNjZlZmIyZWQ5ZDc4Y2FlZThmYTNhNjIwZDZkYmRkNThjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAumUjV7jnAco7MGPNuNQhvj0xMwU4
Qtvp5LH7QTxpE2j+YiB0vSjCKYFTSp/RwAvJk6hcrtyF/PUCN4fxe3mi+BtG85DS
fP40vzm/CzPEo0x1zI6Q3iYj8t0AFZqZpBQADPCOz2EqBVsUBoTn9z0uffFCH26J
gtGm/nGuDfZ3nNO2k7RetVDF5G3HGzArwWBAuZWIrG99fWkZLegtrQoX/OAFmSU+
XUeAOg3D9OKI+AOhsjDEub1zaVgjF3YoOk853wTw3Zr3mP4da9TdqE6IF2pwhkfu
BmYNtdGN6glOOfUvXnzP8sXIBMVM6FlWjqOn8aRU3kzgP6kbeNUyBmjrdwIDAQAB
o4ICizCCAocwHQYDVR0OBBYEFOW7nKZu+y7Z14yu6Po6Yg1tvdWMMB8GA1UdIwQY
MBaAFGZgNMpqFrvQFEq99c8kWPlosVicMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDIt
NWQ0OGJjZDdjMWRjLzEvNWJ1Y3BtNzdMdG5Yaks3by1qcGlEVzI5MVl3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9mNGI3MzMtMjlhZC00ZDU2LWI5ZDItNWQ0OGJjZDdjMWRj
LzEvWm1BMHltb1d1OUFVU3IzMXp5UlktV2l4V0p3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGgBggrBgEFBQcBBwEB/wSBkDCBjTB8BAIAATB2AwQCUEUw
AwQAUEU1AwQBUEU4AwQAUEU8MAwDBARbh/ADBABbh/QDBAFbh/wwDAMEAVwnWgME
AFwnXgMEAJ61IjAMAwQAnrUlAwQDnrUgAwQCnrUsMAwDBAW5XOADBAC5XOIDBAK5
acQwDAMEA9QvmAMEANQvnjANBAIAAjAHAwUDKgWCADANBgkqhkiG9w0BAQsFAAOC
AQEAB1ZhXNRxgjD9+m2EevLBKF2XwhKHSe7cECGngP0wpDVmjr7c1As3BxZhN+ae
9glsiiznBTpDad5SLiScViSZDVuQec6FFbJn9EtnDn5S0pGFmVJ9Ipivye++rkj7
gmrOsLWF7FORMqR/+N4XGnCV3/Lmud99moxPGMh0Ww1maPxS7vT/wy9PPZiENtrJ
p2h4o947uMJmhzvYwKAEMrpNxQg98I8HpspN+gGo84bGSbxjtM5xxYDhYr+SNQRA
GOkiYNjC7KvFppqur8zGyGYWzXx92Wtx9rdU4L9bfiY77BGSjJOC5Xb2j3vTvlVp
XCLAXyfpYBFfAMIMB3K/4CETxw==
-----END CERTIFICATE-----
Generated at Wed Oct 29 22:17:05 2025 by rpki-client