Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/pKtDdvzS9t5TmM3s8mh55AtTLGs.roa
File: pKtDdvzS9t5TmM3s8mh55AtTLGs.roa (raw, json)
Hash identifier: hiJ60M7lvGJnFwYlIduexZG4mGUpSxkwR4Z5pNI3DU8=
Subject key identifier: A4:AB:43:76:FC:D2:F6:DE:53:98:CD:EC:F2:68:79:E4:0B:53:2C:6B
Certificate issuer: /CN=93b76ac9f7a84ad790ad57c880bc9f862ad4c9e7
Certificate serial: 019740589B5FA171ED659167E2DF3A25AECB
Authority key identifier: 93:B7:6A:C9:F7:A8:4A:D7:90:AD:57:C8:80:BC:9F:86:2A:D4:C9:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7dqyfeoSteQrVfIgLyfhirUyec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/pKtDdvzS9t5TmM3s8mh55AtTLGs.roa
Signing time: Thu 05 Jun 2025 13:47:17 +0000
ROA not before: Thu 05 Jun 2025 13:47:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49765
IP address blocks: 5.226.56.0/21 maxlen: 21
5.226.56.0/24 maxlen: 24
5.226.57.0/24 maxlen: 24
5.226.58.0/23 maxlen: 23
5.226.60.0/24 maxlen: 24
5.226.61.0/24 maxlen: 24
5.226.62.0/24 maxlen: 24
5.226.63.0/24 maxlen: 24
91.102.56.0/21 maxlen: 21
91.102.56.0/24 maxlen: 24
91.102.57.0/24 maxlen: 24
91.102.58.0/23 maxlen: 23
91.102.60.0/22 maxlen: 22
91.102.60.0/24 maxlen: 24
91.102.61.0/24 maxlen: 24
91.102.62.0/23 maxlen: 23
109.72.16.0/20 maxlen: 20
109.72.16.0/24 maxlen: 24
109.72.17.0/24 maxlen: 24
109.72.18.0/24 maxlen: 24
109.72.19.0/24 maxlen: 24
109.72.21.0/24 maxlen: 24
109.72.22.0/24 maxlen: 24
109.72.23.0/24 maxlen: 24
109.72.24.0/24 maxlen: 24
109.72.25.0/24 maxlen: 24
109.72.26.0/24 maxlen: 24
109.72.27.0/24 maxlen: 24
109.72.28.0/24 maxlen: 24
109.72.30.0/24 maxlen: 24
109.72.31.0/24 maxlen: 24
137.221.0.0/23 maxlen: 23
137.221.6.0/24 maxlen: 24
137.221.10.0/23 maxlen: 23
137.221.22.0/24 maxlen: 24
185.48.108.0/24 maxlen: 24
185.48.109.0/24 maxlen: 24
185.48.110.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/k7dqyfeoSteQrVfIgLyfhirUyec.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/k7dqyfeoSteQrVfIgLyfhirUyec.mft
rsync://rpki.ripe.net/repository/DEFAULT/k7dqyfeoSteQrVfIgLyfhirUyec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:40:58:9b:5f:a1:71:ed:65:91:67:e2:df:3a:25:ae:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b76ac9f7a84ad790ad57c880bc9f862ad4c9e7
Validity
Not Before: Jun 5 13:47:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4ab4376fcd2f6de5398cdecf26879e40b532c6b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:a6:9f:dc:95:5f:ce:10:69:21:19:6b:a0:
8b:df:9a:ae:38:cf:2b:14:39:e5:a4:da:b9:db:90:
19:97:69:58:3f:90:7b:fa:80:38:42:58:56:f9:a5:
6a:af:e1:41:1b:ad:cd:07:de:43:04:16:46:1a:52:
c0:a4:76:66:73:53:5a:e5:f9:a6:0d:01:46:c9:7d:
e6:c4:3e:3f:c5:65:12:15:43:ba:47:80:ae:da:7c:
12:bb:7c:d8:eb:ec:a0:91:d3:b4:90:37:ad:9e:b7:
b5:9f:48:2d:53:79:84:25:b6:24:14:a0:c6:30:4d:
d0:88:55:65:62:2f:0b:7f:0a:e7:20:52:86:b6:5a:
d7:77:67:fd:e3:8d:7e:f6:30:36:d7:17:3a:f1:50:
12:c7:72:7f:6d:a8:1b:01:73:a5:9e:d4:de:54:8d:
a2:15:cb:c9:6f:21:b5:6a:69:e1:f2:4d:a6:d2:41:
06:4a:f0:62:87:de:f0:ed:15:fa:f5:ce:ca:f8:b9:
3d:7c:2f:c6:02:cd:2f:df:de:e0:86:38:b7:e7:79:
b7:e8:f0:fb:e3:0a:3c:87:67:01:72:30:ff:c6:ee:
f4:71:d7:58:3e:ce:94:14:bf:08:cb:c8:cc:f9:84:
5a:ce:d7:72:33:dd:e0:ba:ab:5d:c7:f0:a7:3e:0c:
fb:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:AB:43:76:FC:D2:F6:DE:53:98:CD:EC:F2:68:79:E4:0B:53:2C:6B
X509v3 Authority Key Identifier:
keyid:93:B7:6A:C9:F7:A8:4A:D7:90:AD:57:C8:80:BC:9F:86:2A:D4:C9:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7dqyfeoSteQrVfIgLyfhirUyec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/pKtDdvzS9t5TmM3s8mh55AtTLGs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/k7dqyfeoSteQrVfIgLyfhirUyec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.56.0/21
91.102.56.0/21
109.72.16.0/20
137.221.0.0/23
137.221.6.0/24
137.221.10.0/23
137.221.22.0/24
185.48.108.0/22
Signature Algorithm: sha256WithRSAEncryption
8f:2e:58:ab:3b:99:06:9b:45:44:a9:30:02:56:65:1d:22:58:
fb:c9:0f:49:34:af:db:3d:cd:22:b4:0a:58:59:c7:d5:b0:b6:
f6:e8:f3:87:e3:c3:23:26:1a:42:6b:49:ae:41:f0:38:ec:ef:
42:f1:99:77:02:f6:d1:e5:48:46:87:04:cd:0b:74:79:71:9c:
12:19:93:e3:c9:8c:47:cb:5c:6b:c4:c0:7b:58:05:f3:dc:a9:
0b:f3:8f:55:5a:99:79:f1:d1:8b:6c:82:1f:9d:ca:6a:90:e1:
d3:4d:d2:d3:30:b8:94:e4:ec:db:5e:50:17:63:eb:c7:ab:f1:
ff:8f:e8:8b:2c:ce:f7:23:4d:79:11:8e:aa:e2:1c:39:57:2a:
0a:ed:b7:48:8c:9a:58:66:e5:aa:0d:0f:f5:95:d6:fa:0f:e6:
ff:40:58:57:06:12:9a:a5:f8:f2:3f:c9:85:ab:a9:72:0a:f0:
f4:54:1c:e7:47:28:c1:a0:0b:5b:2a:13:e6:5b:c1:f4:82:4e:
f5:95:58:b5:f1:48:51:e0:bb:31:5d:da:3c:77:a7:3a:27:d1:
1a:87:1d:69:c6:13:e4:b6:a9:32:8c:25:67:b7:36:96:d3:6b:
6a:a9:b0:17:5c:45:bd:c3:5d:f3:ad:17:45:ae:55:12:d9:d5:
3f:dd:9b:45
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZdAWJtfoXHtZZFn4t86Ja7LMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjc2YWM5ZjdhODRhZDc5MGFkNTdjODgwYmM5Zjg2MmFk
NGM5ZTcwHhcNMjUwNjA1MTM0NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNGFiNDM3NmZjZDJmNmRlNTM5OGNkZWNmMjY4NzllNDBiNTMyYzZiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl92mn9yVX84QaSEZa6CL35quOM8r
FDnlpNq525AZl2lYP5B7+oA4QlhW+aVqr+FBG63NB95DBBZGGlLApHZmc1Na5fmm
DQFGyX3mxD4/xWUSFUO6R4Cu2nwSu3zY6+ygkdO0kDetnre1n0gtU3mEJbYkFKDG
ME3QiFVlYi8LfwrnIFKGtlrXd2f9441+9jA21xc68VASx3J/bagbAXOlntTeVI2i
FcvJbyG1amnh8k2m0kEGSvBih97w7RX69c7K+Lk9fC/GAs0v397ghji353m36PD7
4wo8h2cBcjD/xu70cddYPs6UFL8Iy8jM+YRaztdyM93guqtdx/CnPgz7IQIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFKSrQ3b80vbeU5jN7PJoeeQLUyxrMB8GA1UdIwQY
MBaAFJO3asn3qErXkK1XyIC8n4Yq1MnnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdkcXlmZW9TdGVRclZmSWdMeWZoaXJVeWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kMzNjZTAtNjlhMC00YmEzLWIzYzkt
OTk4Mjc4ZjRmYmIyLzEvcEt0RGR2elM5dDVUbU0zczhtaDU1QXRUTEdzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kMzNjZTAtNjlhMC00YmEzLWIzYzktOTk4Mjc4ZjRmYmIy
LzEvazdkcXlmZW9TdGVRclZmSWdMeWZoaXJVeWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODA2BAIAATAwAwQDBeI4AwQD
W2Y4AwQEbUgQAwQBid0AAwQAid0GAwQBid0KAwQAid0WAwQCuTBsMA0GCSqGSIb3
DQEBCwUAA4IBAQCPLlirO5kGm0VEqTACVmUdIlj7yQ9JNK/bPc0itApYWcfVsLb2
6POH48MjJhpCa0muQfA47O9C8Zl3AvbR5UhGhwTNC3R5cZwSGZPjyYxHy1xrxMB7
WAXz3KkL849VWpl58dGLbIIfncpqkOHTTdLTMLiU5OzbXlAXY+vHq/H/j+iLLM73
I015EY6q4hw5VyoK7bdIjJpYZuWqDQ/1ldb6D+b/QFhXBhKapfjyP8mFq6lyCvD0
VBznRyjBoAtbKhPmW8H0gk71lVi18UhR4LsxXdo8d6c6J9Eahx1pxhPktqkyjCVn
tzaW02tqqbAXXEW9w13zrRdFrlUS2dU/3ZtF
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:20:11 2025 by rpki-client