Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/U5brV2wu1x_E4LYsBJQzT_Q5MOM.roa
File: U5brV2wu1x_E4LYsBJQzT_Q5MOM.roa (raw, json)
Hash identifier: ETh8nXKXUOu2Azl2VyxOp9oStSQiBL2JNlN9c3tCXQ0=
Subject key identifier: 53:96:EB:57:6C:2E:D7:1F:C4:E0:B6:2C:04:94:33:4F:F4:39:30:E3
Certificate issuer: /CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Certificate serial: 01972A4CF11AD0E2FE54C5F9CAD75F66085F
Authority key identifier: 92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/U5brV2wu1x_E4LYsBJQzT_Q5MOM.roa
Signing time: Sun 01 Jun 2025 07:02:54 +0000
ROA not before: Sun 01 Jun 2025 07:02:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59588
IP address blocks: 45.153.116.0/23 maxlen: 23
45.153.116.0/24 maxlen: 24
45.153.117.0/24 maxlen: 24
45.153.118.0/23 maxlen: 23
45.153.118.0/24 maxlen: 24
45.153.119.0/24 maxlen: 24
151.236.160.0/23 maxlen: 23
151.236.160.0/24 maxlen: 24
151.236.161.0/24 maxlen: 24
151.236.162.0/23 maxlen: 23
151.236.162.0/24 maxlen: 24
151.236.163.0/24 maxlen: 24
151.236.164.0/23 maxlen: 23
151.236.164.0/24 maxlen: 24
151.236.165.0/24 maxlen: 24
151.236.166.0/23 maxlen: 23
151.236.166.0/24 maxlen: 24
151.236.167.0/24 maxlen: 24
151.236.168.0/23 maxlen: 23
151.236.168.0/24 maxlen: 24
151.236.169.0/24 maxlen: 24
151.236.170.0/23 maxlen: 23
151.236.170.0/24 maxlen: 24
151.236.171.0/24 maxlen: 24
151.236.172.0/23 maxlen: 23
151.236.172.0/24 maxlen: 24
151.236.173.0/24 maxlen: 24
151.236.174.0/23 maxlen: 23
151.236.174.0/24 maxlen: 24
151.236.175.0/24 maxlen: 24
151.236.176.0/23 maxlen: 23
151.236.176.0/24 maxlen: 24
151.236.177.0/24 maxlen: 24
151.236.178.0/23 maxlen: 23
151.236.178.0/24 maxlen: 24
151.236.179.0/24 maxlen: 24
151.236.180.0/23 maxlen: 23
151.236.180.0/24 maxlen: 24
151.236.181.0/24 maxlen: 24
151.236.182.0/23 maxlen: 24
151.236.182.0/24 maxlen: 24
151.236.183.0/24 maxlen: 24
151.236.186.0/24 maxlen: 24
151.236.188.0/23 maxlen: 23
151.236.188.0/24 maxlen: 24
151.236.189.0/24 maxlen: 24
151.236.190.0/23 maxlen: 23
151.236.190.0/24 maxlen: 24
151.236.191.0/24 maxlen: 24
198.160.165.0/24 maxlen: 24
198.160.166.0/24 maxlen: 24
198.160.168.0/23 maxlen: 23
198.160.168.0/24 maxlen: 24
198.160.169.0/24 maxlen: 24
198.176.116.0/23 maxlen: 23
198.176.116.0/24 maxlen: 24
198.176.117.0/24 maxlen: 24
2a10:2200:1::/48 maxlen: 48
2a10:2200:2::/48 maxlen: 48
2a10:2200:3::/48 maxlen: 48
2a10:2200:b::/48 maxlen: 48
2a10:2200:c::/48 maxlen: 48
2a10:2200:d::/48 maxlen: 48
2a10:2200:f::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.mft
rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 09 Jun 2025 01:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:2a:4c:f1:1a:d0:e2:fe:54:c5:f9:ca:d7:5f:66:08:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92192e8d785581f72b18644224bd8c3fa8a2d11b
Validity
Not Before: Jun 1 07:02:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5396eb576c2ed71fc4e0b62c0494334ff43930e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:eb:e3:ce:87:04:f5:eb:fd:80:99:da:4f:72:2d:
cc:61:ca:5a:c2:19:f0:9e:81:93:9d:b6:6b:6b:5a:
86:a0:dd:b4:69:c7:69:08:2c:0c:f0:e7:bb:da:15:
0c:15:d5:84:88:b8:4e:95:d3:ff:4d:21:18:6d:b2:
4b:78:ad:3e:4b:87:df:ec:09:59:79:6d:1a:e0:25:
a0:04:df:0a:fe:73:7f:7a:cd:4f:a4:f8:eb:e9:40:
61:d0:e7:6a:d4:8e:c7:a6:25:10:f1:c6:c0:95:83:
fb:66:a6:12:b4:44:cb:12:68:83:d3:f9:ff:a2:e4:
9f:fe:03:ff:6d:08:0f:05:c6:5e:d3:95:61:b7:a4:
02:e9:6f:dc:fc:ba:40:2f:90:19:b3:b4:a3:40:16:
82:a4:84:d1:32:19:d6:c6:9f:28:c8:49:d5:dd:db:
95:59:41:ec:00:20:10:e5:7c:00:35:55:3c:ca:69:
73:d0:20:b7:30:28:65:d1:e4:bd:ac:ad:47:4b:9d:
64:1b:59:64:e7:6b:d8:3f:4b:7f:ba:53:58:49:0a:
94:30:c7:bb:4b:7c:9c:5d:24:02:14:de:17:e4:76:
3d:9c:49:a9:f4:f7:83:2f:59:92:95:c8:a3:00:bd:
9c:8f:7e:b4:cb:a7:2e:df:af:01:c2:0b:b3:a0:5d:
65:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
53:96:EB:57:6C:2E:D7:1F:C4:E0:B6:2C:04:94:33:4F:F4:39:30:E3
X509v3 Authority Key Identifier:
keyid:92:19:2E:8D:78:55:81:F7:2B:18:64:42:24:BD:8C:3F:A8:A2:D1:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/khkujXhVgfcrGGRCJL2MP6ii0Rs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/U5brV2wu1x_E4LYsBJQzT_Q5MOM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/d9b397-e105-4ac9-8537-0085a365a25f/1/khkujXhVgfcrGGRCJL2MP6ii0Rs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.153.116.0/22
151.236.160.0-151.236.183.255
151.236.186.0/24
151.236.188.0/22
198.160.165.0-198.160.166.255
198.160.168.0/23
198.176.116.0/23
IPv6:
2a10:2200:1::-2a10:2200:3:ffff:ffff:ffff:ffff:ffff
2a10:2200:b::-2a10:2200:d:ffff:ffff:ffff:ffff:ffff
2a10:2200:f::/48
Signature Algorithm: sha256WithRSAEncryption
89:43:61:e1:86:2f:3a:30:c3:2b:2a:7b:97:14:cc:0a:cc:95:
8c:a7:9a:9e:6c:17:34:e9:24:cd:da:ae:c0:e7:38:b8:8a:9c:
7e:8f:d5:f7:21:7e:ab:e4:9f:bd:d2:a5:c9:7c:cf:b6:89:29:
5f:6e:ea:a8:88:bd:74:e9:23:d2:f5:c4:05:c3:69:48:df:51:
26:2c:5b:c9:54:a6:72:25:13:b2:de:ab:62:43:39:7c:9d:4a:
00:85:f6:be:26:6d:45:45:9f:7e:37:0d:b0:0e:55:2f:66:9e:
95:f8:fe:da:bc:4c:70:f6:f5:5d:bb:f6:7d:55:41:31:b8:79:
af:b0:f4:38:12:4f:49:bf:66:4e:32:a9:91:de:cf:62:e9:89:
f3:8f:27:ef:b5:5f:42:1d:c8:d3:59:b6:e3:ff:8d:01:1b:70:
f6:09:a4:65:c3:e6:3c:98:90:3c:ec:53:69:3d:14:b0:50:6f:
a0:d2:3b:b0:dd:f9:c8:7b:7d:c9:5b:f4:1b:47:47:bc:57:e8:
10:d5:f0:da:f8:ad:d1:af:b0:5e:78:ae:00:b7:51:0e:eb:5b:
1c:32:9b:87:ce:a6:cb:6c:18:32:08:38:49:e1:fd:ca:a0:ca:
98:d9:05:94:28:e8:1d:ab:f2:d6:2b:47:d4:d0:e5:df:0f:52:
50:ff:79:31
-----BEGIN CERTIFICATE-----
MIIFazCCBFOgAwIBAgISAZcqTPEa0OL+VMX5ytdfZghfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMTkyZThkNzg1NTgxZjcyYjE4NjQ0MjI0YmQ4YzNmYThh
MmQxMWIwHhcNMjUwNjAxMDcwMjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1Mzk2ZWI1NzZjMmVkNzFmYzRlMGI2MmMwNDk0MzM0ZmY0MzkzMGUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6+POhwT16/2AmdpPci3MYcpawhnw
noGTnbZra1qGoN20acdpCCwM8Oe72hUMFdWEiLhOldP/TSEYbbJLeK0+S4ff7AlZ
eW0a4CWgBN8K/nN/es1PpPjr6UBh0Odq1I7HpiUQ8cbAlYP7ZqYStETLEmiD0/n/
ouSf/gP/bQgPBcZe05Vht6QC6W/c/LpAL5AZs7SjQBaCpITRMhnWxp8oyEnV3duV
WUHsACAQ5XwANVU8ymlz0CC3MChl0eS9rK1HS51kG1lk52vYP0t/ulNYSQqUMMe7
S3ycXSQCFN4X5HY9nEmp9PeDL1mSlcijAL2cj360y6cu368BwguzoF1ljwIDAQAB
o4ICdzCCAnMwHQYDVR0OBBYEFFOW61dsLtcfxOC2LASUM0/0OTDjMB8GA1UdIwQY
MBaAFJIZLo14VYH3KxhkQiS9jD+ootEbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1Mzct
MDA4NWEzNjVhMjVmLzEvVTViclYyd3UxeF9FNExZc0JKUXpUX1E1TU9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9kOWIzOTctZTEwNS00YWM5LTg1MzctMDA4NWEzNjVhMjVm
LzEva2hrdWpYaFZnZmNyR0dSQ0pMMk1QNmlpMFJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGMBggrBgEFBQcBBwEB/wR9MHswQAQCAAEwOgMEAi2ZdDAM
AwQFl+ygAwQDl+ywAwQAl+y6AwQCl+y8MAwDBADGoKUDBADGoKYDBAHGoKgDBAHG
sHQwNwQCAAIwMTASAwcAKhAiAAABAwcCKhAiAAAAMBIDBwAqECIAAAsDBwEqECIA
AAwDBwAqECIAAA8wDQYJKoZIhvcNAQELBQADggEBAIlDYeGGLzowwysqe5cUzArM
lYynmp5sFzTpJM3arsDnOLiKnH6P1fchfqvkn73Spcl8z7aJKV9u6qiIvXTpI9L1
xAXDaUjfUSYsW8lUpnIlE7Leq2JDOXydSgCF9r4mbUVFn343DbAOVS9mnpX4/tq8
THD29V279n1VQTG4ea+w9DgST0m/Zk4yqZHez2LpifOPJ++1X0IdyNNZtuP/jQEb
cPYJpGXD5jyYkDzsU2k9FLBQb6DSO7Dd+ch7fclb9BtHR7xX6BDV8Nr4rdGvsF54
rgC3UQ7rWxwym4fOpstsGDIIOEnh/cqgypjZBZQo6B2r8tYrR9TQ5d8PUlD/eTE=
-----END CERTIFICATE-----
Generated at Sun Jun 8 08:56:11 2025 by rpki-client