Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7b/d59246-953e-423a-9704-931414101a01/1/66i9VQv85h4cdWrREDgIRU9Jei8.roa
File: 66i9VQv85h4cdWrREDgIRU9Jei8.roa (raw, json)
Hash identifier: 934EnLFeuIOeKbVZK8z3+Pf5MO8fsJyxyX8CTCcWy6I=
Subject key identifier: EB:A8:BD:55:0B:FC:E6:1E:1C:75:6A:D1:10:38:08:45:4F:49:7A:2F
Certificate issuer: /CN=fa5755762dfe4c70cd83b30a13b782c4ffc15f5a
Certificate serial: 019A006CC2B8C9099192C937AFA108614F20
Authority key identifier: FA:57:55:76:2D:FE:4C:70:CD:83:B3:0A:13:B7:82:C4:FF:C1:5F:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-ldVdi3-THDNg7MKE7eCxP_BX1o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7b/d59246-953e-423a-9704-931414101a01/1/66i9VQv85h4cdWrREDgIRU9Jei8.roa
Signing time: Mon 20 Oct 2025 07:01:58 +0000
ROA not before: Mon 20 Oct 2025 07:01:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51681
IP address blocks: 5.181.222.0/24 maxlen: 24
5.181.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7b/d59246-953e-423a-9704-931414101a01/1/1-ldVdi3-THDNg7MKE7eCxP_BX1o.crl
rsync://rpki.ripe.net/repository/DEFAULT/7b/d59246-953e-423a-9704-931414101a01/1/1-ldVdi3-THDNg7MKE7eCxP_BX1o.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-ldVdi3-THDNg7MKE7eCxP_BX1o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 08:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:00:6c:c2:b8:c9:09:91:92:c9:37:af:a1:08:61:4f:20
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fa5755762dfe4c70cd83b30a13b782c4ffc15f5a
Validity
Not Before: Oct 20 07:01:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eba8bd550bfce61e1c756ad1103808454f497a2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:15:fb:d6:b6:d0:2d:6d:16:98:9a:c6:58:52:
7c:1d:38:17:f3:46:bf:01:d1:59:b5:11:f4:1d:0c:
16:df:ad:55:08:74:e7:3f:95:7d:11:7f:53:1f:17:
d7:8c:51:84:81:ad:c3:67:5b:bf:39:c9:ec:63:6a:
fb:c5:f4:23:a8:89:4c:83:e3:c4:b1:08:8d:7d:67:
3c:34:97:cb:65:13:94:3d:a6:d2:f6:50:97:5a:db:
6e:e6:3b:a4:45:12:73:10:2e:f5:65:a2:7e:fb:64:
83:af:87:59:1e:06:fd:75:61:86:51:48:27:d9:0c:
48:12:06:ed:85:43:f8:6b:e1:c9:89:8c:fe:eb:ea:
de:97:3f:2c:58:27:f0:33:5d:0e:ba:a2:5c:d9:95:
04:02:ae:25:ee:1a:32:41:48:cf:ae:b1:c2:c0:30:
dd:c0:41:4b:58:7a:07:58:27:cf:74:ef:33:1f:37:
4c:16:d3:0f:73:fb:8b:01:8e:c2:52:d8:8f:dc:0c:
7c:85:18:26:c5:d5:77:b6:32:3f:16:32:24:e5:bc:
37:4e:7e:13:8a:ad:40:e2:35:e5:af:c7:9a:b3:f0:
dc:2f:5a:e9:58:c5:50:bd:fd:61:4e:42:c2:07:7e:
1f:7c:3f:19:69:57:76:8d:3c:64:d1:a5:dc:f0:3e:
07:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:A8:BD:55:0B:FC:E6:1E:1C:75:6A:D1:10:38:08:45:4F:49:7A:2F
X509v3 Authority Key Identifier:
keyid:FA:57:55:76:2D:FE:4C:70:CD:83:B3:0A:13:B7:82:C4:FF:C1:5F:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-ldVdi3-THDNg7MKE7eCxP_BX1o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d59246-953e-423a-9704-931414101a01/1/66i9VQv85h4cdWrREDgIRU9Jei8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7b/d59246-953e-423a-9704-931414101a01/1/1-ldVdi3-THDNg7MKE7eCxP_BX1o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.222.0/23
Signature Algorithm: sha256WithRSAEncryption
70:a0:b1:e5:1e:ca:d7:22:e0:f6:11:01:cd:97:08:cb:0c:06:
e4:95:fb:6b:75:21:8e:ff:d8:1a:63:4d:ec:64:44:d0:37:b8:
36:ff:23:7f:0c:d8:ea:6e:b5:d8:7c:20:6b:7e:98:0e:03:7c:
f0:7c:b3:c8:2e:f0:0c:7c:c9:45:6e:8c:1d:9f:08:db:77:a1:
ab:23:85:d6:6a:91:22:b4:5b:b7:b5:c5:59:12:f0:83:27:fb:
c2:ca:12:a6:a5:27:c5:a7:5e:56:ff:de:e7:51:90:c1:5b:80:
2d:9f:33:f9:9b:6b:19:8d:2a:5c:7e:3d:d9:fc:8c:51:f9:6b:
e9:70:2f:45:01:f0:d7:0b:15:9e:5d:af:7f:70:0a:09:f0:80:
86:e1:ba:0a:f2:50:14:f2:1e:ad:55:ab:ea:fc:ba:51:91:42:
32:de:b1:9c:e0:e5:03:1f:92:65:9f:8a:ef:98:8b:62:bb:7f:
b5:44:66:dc:60:71:f9:67:45:87:c2:c1:9c:e7:48:4a:d7:54:
46:16:0e:93:1e:03:69:8e:8d:f9:81:b3:2a:63:a2:82:78:6c:
fe:aa:c6:65:82:7a:e1:58:0c:d4:65:d0:98:49:41:10:ae:d4:
df:2f:9e:c0:80:d5:65:b2:c1:b5:b9:10:c7:6b:f8:61:86:ad:
8d:0a:35:57
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZoAbMK4yQmRksk3r6EIYU8gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZhNTc1NTc2MmRmZTRjNzBjZDgzYjMwYTEzYjc4MmM0ZmZj
MTVmNWEwHhcNMjUxMDIwMDcwMTU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmE4YmQ1NTBiZmNlNjFlMWM3NTZhZDExMDM4MDg0NTRmNDk3YTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuRX71rbQLW0WmJrGWFJ8HTgX80a/
AdFZtRH0HQwW361VCHTnP5V9EX9THxfXjFGEga3DZ1u/OcnsY2r7xfQjqIlMg+PE
sQiNfWc8NJfLZROUPabS9lCXWttu5jukRRJzEC71ZaJ++2SDr4dZHgb9dWGGUUgn
2QxIEgbthUP4a+HJiYz+6+relz8sWCfwM10OuqJc2ZUEAq4l7hoyQUjPrrHCwDDd
wEFLWHoHWCfPdO8zHzdMFtMPc/uLAY7CUtiP3Ax8hRgmxdV3tjI/FjIk5bw3Tn4T
iq1A4jXlr8eas/DcL1rpWMVQvf1hTkLCB34ffD8ZaVd2jTxk0aXc8D4HHwIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFOuovVUL/OYeHHVq0RA4CEVPSXovMB8GA1UdIwQY
MBaAFPpXVXYt/kxwzYOzChO3gsT/wV9aMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1sZFZkaTMtVEhETmc3TUtFN2VDeFBfQlgxby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvN2IvZDU5MjQ2LTk1M2UtNDIzYS05NzA0
LTkzMTQxNDEwMWEwMS8xLzY2aTlWUXY4NWg0Y2RXclJFRGdJUlU5SmVpOC5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvN2IvZDU5MjQ2LTk1M2UtNDIzYS05NzA0LTkzMTQxNDEwMWEw
MS8xLzEtbGRWZGkzLVRIRE5nN01LRTdlQ3hQX0JYMW8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBAEFtd4w
DQYJKoZIhvcNAQELBQADggEBAHCgseUeytci4PYRAc2XCMsMBuSV+2t1IY7/2Bpj
TexkRNA3uDb/I38M2Oputdh8IGt+mA4DfPB8s8gu8Ax8yUVujB2fCNt3oasjhdZq
kSK0W7e1xVkS8IMn+8LKEqalJ8WnXlb/3udRkMFbgC2fM/mbaxmNKlx+Pdn8jFH5
a+lwL0UB8NcLFZ5dr39wCgnwgIbhugryUBTyHq1Vq+r8ulGRQjLesZzg5QMfkmWf
iu+Yi2K7f7VEZtxgcflnRYfCwZznSErXVEYWDpMeA2mOjfmBsypjooJ4bP6qxmWC
euFYDNRl0JhJQRCu1N8vnsCA1WWywbW5EMdr+GGGrY0KNVc=
-----END CERTIFICATE-----
Generated at Fri Oct 24 17:48:33 2025 by rpki-client