Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5aREl2tnqSeJ3EnaMuRJKgTaw8M.roa
File: 5aREl2tnqSeJ3EnaMuRJKgTaw8M.roa (raw, json)
Hash identifier: +59wYZhBzuDab+mIyrt+sW2gnNSJh6zN385z4HSytBc=
Subject key identifier: E5:A4:44:97:6B:67:A9:27:89:DC:49:DA:32:E4:49:2A:04:DA:C3:C3
Certificate issuer: /CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Certificate serial: 019953DED2387B675969208A627E58954BE9
Authority key identifier: 86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5aREl2tnqSeJ3EnaMuRJKgTaw8M.roa
Signing time: Tue 16 Sep 2025 18:52:15 +0000
ROA not before: Tue 16 Sep 2025 18:52:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 5.102.116.0/22 maxlen: 24
5.102.120.0/22 maxlen: 24
82.163.64.0/22 maxlen: 24
82.163.168.0/22 maxlen: 24
82.163.224.0/22 maxlen: 24
185.86.140.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:53:de:d2:38:7b:67:59:69:20:8a:62:7e:58:95:4b:e9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86cce06e70df970d90abfe3cbe7fa882f467b1e4
Validity
Not Before: Sep 16 18:52:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e5a444976b67a92789dc49da32e4492a04dac3c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:25:ab:2e:c8:0c:6b:3c:31:a0:c2:36:c9:7d:
3b:01:78:31:91:25:b9:1e:dd:d5:68:fc:5b:a1:6d:
a2:22:cf:f1:53:9e:92:cd:ff:28:de:0c:c9:4c:5c:
f8:33:58:90:4e:ed:37:d4:1b:0f:f5:13:f6:0d:6a:
a9:2c:1e:da:04:c3:8d:59:b6:d4:0d:92:78:8d:c3:
06:9c:41:e8:97:27:4f:9c:2e:32:fe:ed:e2:42:6f:
ee:af:fc:e8:ab:0c:94:7e:33:15:ce:92:2d:47:e3:
c6:99:4d:9e:9d:13:e8:3c:1c:1c:33:3c:7f:f4:04:
04:0e:f4:b2:f6:89:86:c9:f1:6d:1a:a6:ac:15:c5:
26:44:1e:6d:6d:b6:e7:71:2f:b0:29:4c:b6:47:f8:
2b:a4:42:46:7d:9c:4e:8b:d9:b5:6a:cd:0f:f5:43:
e7:0f:d3:1d:a6:0d:e1:41:22:b3:17:59:d9:cd:a1:
0c:b5:41:e3:52:63:22:e5:35:49:a2:bb:e6:79:74:
a8:a1:ff:b6:84:fc:32:14:57:c1:0d:c6:f3:3e:62:
66:c2:9f:76:9f:0f:3b:40:48:02:36:07:36:93:b7:
4e:4f:0a:fe:a0:d9:1d:b8:16:c1:72:fb:26:ca:1e:
d4:60:f7:94:0b:f3:6f:7a:e9:13:ad:61:c8:cf:3f:
0e:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:A4:44:97:6B:67:A9:27:89:DC:49:DA:32:E4:49:2A:04:DA:C3:C3
X509v3 Authority Key Identifier:
keyid:86:CC:E0:6E:70:DF:97:0D:90:AB:FE:3C:BE:7F:A8:82:F4:67:B1:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hszgbnDflw2Qq_48vn-ogvRnseQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/5aREl2tnqSeJ3EnaMuRJKgTaw8M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/78/66f05c-741c-4720-bc7e-89714a7e8d58/1/hszgbnDflw2Qq_48vn-ogvRnseQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.116.0-5.102.123.255
82.163.64.0/22
82.163.168.0/22
82.163.224.0/22
185.86.140.0/23
Signature Algorithm: sha256WithRSAEncryption
35:c5:bc:2e:a9:aa:5d:1f:76:79:6a:a1:83:3a:7b:77:cd:6e:
8d:96:12:0b:5e:07:74:5f:3d:b8:e5:8f:c0:4d:15:cf:f9:d8:
c6:c3:c4:bd:d4:15:96:59:7f:63:2a:29:55:24:e8:ce:da:15:
ef:0a:e3:7e:96:d2:fa:63:17:02:30:c8:79:fa:33:e3:4c:5e:
e9:55:91:81:26:1e:a8:b0:70:6d:0d:75:b8:06:81:b8:bd:8b:
d5:f8:9a:97:da:7b:ad:07:cd:1b:ca:95:0c:53:dc:a0:bc:1c:
af:00:63:22:cc:ae:c3:a6:a5:d1:27:c9:7d:4a:a3:7e:2a:a0:
82:1b:ba:38:5a:ce:18:c2:97:11:65:22:b7:98:67:61:a5:4a:
18:3c:7a:a9:dd:89:74:97:55:60:4f:6d:0b:e0:c6:25:e0:0f:
c8:9e:ba:90:ff:97:00:5e:4f:bb:e9:c3:48:5d:de:5e:e4:26:
de:d6:8e:51:85:4e:53:25:c7:82:72:12:a5:e5:71:b6:24:21:
6e:fd:02:9a:f0:c1:ce:6e:5f:cd:63:0f:3f:f1:f3:05:7f:e6:
0e:b0:87:19:b4:26:8d:bc:9d:17:17:d1:64:2a:64:fb:3f:01:
64:53:ce:8e:2a:9c:21:9f:b5:b6:39:03:2d:f2:07:fa:99:5d:
09:91:48:6e
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZlT3tI4e2dZaSCKYn5YlUvpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2Y2NlMDZlNzBkZjk3MGQ5MGFiZmUzY2JlN2ZhODgyZjQ2
N2IxZTQwHhcNMjUwOTE2MTg1MjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNWE0NDQ5NzZiNjdhOTI3ODlkYzQ5ZGEzMmU0NDkyYTA0ZGFjM2MzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwCWrLsgMazwxoMI2yX07AXgxkSW5
Ht3VaPxboW2iIs/xU56Szf8o3gzJTFz4M1iQTu031BsP9RP2DWqpLB7aBMONWbbU
DZJ4jcMGnEHolydPnC4y/u3iQm/ur/zoqwyUfjMVzpItR+PGmU2enRPoPBwcMzx/
9AQEDvSy9omGyfFtGqasFcUmRB5tbbbncS+wKUy2R/grpEJGfZxOi9m1as0P9UPn
D9Mdpg3hQSKzF1nZzaEMtUHjUmMi5TVJorvmeXSoof+2hPwyFFfBDcbzPmJmwp92
nw87QEgCNgc2k7dOTwr+oNkduBbBcvsmyh7UYPeUC/NveukTrWHIzz8O4wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFOWkRJdrZ6knidxJ2jLkSSoE2sPDMB8GA1UdIwQY
MBaAFIbM4G5w35cNkKv+PL5/qIL0Z7HkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2Ut
ODk3MTRhN2U4ZDU4LzEvNWFSRWwydG5xU2VKM0VuYU11UkpLZ1RhdzhNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83OC82NmYwNWMtNzQxYy00NzIwLWJjN2UtODk3MTRhN2U4ZDU4
LzEvaHN6Z2JuRGZsdzJRcV80OHZuLW9ndlJuc2VRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBAIFZnQD
BAIFZngDBAJSo0ADBAJSo6gDBAJSo+ADBAG5VowwDQYJKoZIhvcNAQELBQADggEB
ADXFvC6pql0fdnlqoYM6e3fNbo2WEgteB3RfPbjlj8BNFc/52MbDxL3UFZZZf2Mq
KVUk6M7aFe8K436W0vpjFwIwyHn6M+NMXulVkYEmHqiwcG0NdbgGgbi9i9X4mpfa
e60HzRvKlQxT3KC8HK8AYyLMrsOmpdEnyX1Ko34qoIIbujhazhjClxFlIreYZ2Gl
Shg8eqndiXSXVWBPbQvgxiXgD8ieupD/lwBeT7vpw0hd3l7kJt7WjlGFTlMlx4Jy
EqXlcbYkIW79Aprwwc5uX81jDz/x8wV/5g6whxm0Jo28nRcX0WQqZPs/AWRTzo4q
nCGftbY5Ay3yB/qZXQmRSG4=
-----END CERTIFICATE-----
Generated at Thu Sep 18 03:34:37 2025 by rpki-client