Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/PJpQsAx7vQOkruizw9oJjs9yf3o.roa
File: PJpQsAx7vQOkruizw9oJjs9yf3o.roa (raw, json)
Hash identifier: H3FDg9FnIY3IpKu45RkiuSwDyvB6KzzpVZF3krmK5JQ=
Subject key identifier: 3C:9A:50:B0:0C:7B:BD:03:A4:AE:E8:B3:C3:DA:09:8E:CF:72:7F:7A
Certificate issuer: /CN=dd64166a91179308f253a9175616ccc6828c4463
Certificate serial: 0197BFE1583272A08DDE1944E8F479BF0401
Authority key identifier: DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/PJpQsAx7vQOkruizw9oJjs9yf3o.roa
Signing time: Mon 30 Jun 2025 08:08:25 +0000
ROA not before: Mon 30 Jun 2025 08:08:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8193
IP address blocks: 5.133.120.0/22 maxlen: 22
45.150.24.0/22 maxlen: 22
83.222.6.0/23 maxlen: 23
84.54.64.0/19 maxlen: 19
84.54.66.0/23 maxlen: 23
84.54.70.0/23 maxlen: 23
84.54.70.0/24 maxlen: 24
84.54.71.0/24 maxlen: 24
84.54.72.0/23 maxlen: 23
84.54.72.0/24 maxlen: 24
84.54.73.0/24 maxlen: 24
84.54.76.0/23 maxlen: 23
84.54.78.0/23 maxlen: 23
84.54.80.0/23 maxlen: 23
84.54.84.0/23 maxlen: 23
84.54.86.0/23 maxlen: 23
84.54.90.0/23 maxlen: 23
84.54.92.0/23 maxlen: 23
84.54.94.0/23 maxlen: 23
84.54.96.0/20 maxlen: 20
84.54.103.0/24 maxlen: 24
84.54.104.0/24 maxlen: 24
84.54.115.0/24 maxlen: 24
84.54.116.0/23 maxlen: 23
84.54.118.0/23 maxlen: 23
84.54.118.0/24 maxlen: 24
84.54.120.0/23 maxlen: 23
84.54.122.0/23 maxlen: 23
86.62.0.0/22 maxlen: 22
86.62.1.0/24 maxlen: 24
89.104.102.0/24 maxlen: 24
89.223.3.0/24 maxlen: 24
89.249.60.0/22 maxlen: 22
89.249.62.0/24 maxlen: 24
89.249.63.0/24 maxlen: 24
90.156.160.0/24 maxlen: 24
90.156.161.0/24 maxlen: 24
90.156.162.0/24 maxlen: 24
90.156.163.0/24 maxlen: 24
90.156.164.0/24 maxlen: 24
90.156.165.0/24 maxlen: 24
90.156.166.0/24 maxlen: 24
90.156.167.0/24 maxlen: 24
90.156.192.0/21 maxlen: 21
93.188.80.0/21 maxlen: 21
93.188.84.0/22 maxlen: 22
94.230.232.0/24 maxlen: 24
109.94.174.0/24 maxlen: 24
109.94.175.0/24 maxlen: 24
185.4.160.0/22 maxlen: 22
185.203.236.0/22 maxlen: 22
185.203.236.0/24 maxlen: 24
185.203.237.0/24 maxlen: 24
194.93.24.0/22 maxlen: 22
198.163.192.0/20 maxlen: 20
198.163.192.0/23 maxlen: 23
198.163.192.0/24 maxlen: 24
198.163.193.0/24 maxlen: 24
198.163.194.0/23 maxlen: 23
198.163.194.0/24 maxlen: 24
198.163.195.0/24 maxlen: 24
198.163.196.0/24 maxlen: 24
198.163.197.0/24 maxlen: 24
198.163.198.0/24 maxlen: 24
198.163.199.0/24 maxlen: 24
198.163.200.0/24 maxlen: 24
198.163.201.0/24 maxlen: 24
198.163.202.0/24 maxlen: 24
198.163.203.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.mft
rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 14:01:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:bf:e1:58:32:72:a0:8d:de:19:44:e8:f4:79:bf:04:01
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd64166a91179308f253a9175616ccc6828c4463
Validity
Not Before: Jun 30 08:08:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3c9a50b00c7bbd03a4aee8b3c3da098ecf727f7a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:0a:06:ef:ab:d8:42:29:03:8f:73:87:af:98:
55:2a:29:91:0c:08:9d:1c:d9:ce:d8:4f:87:72:7d:
af:e7:ea:17:b2:4f:aa:83:f7:e9:67:a3:d7:77:ca:
0c:31:7a:83:53:80:4a:37:33:35:61:83:67:6c:f2:
84:07:5b:2b:11:be:2a:ee:21:5b:10:f7:84:2c:3a:
2e:a3:52:bf:e0:5a:60:1a:82:cc:64:04:4e:cc:f5:
d1:b0:70:97:f0:73:20:b4:39:1c:6e:51:f1:04:ff:
3b:75:45:ef:de:b7:0f:43:8b:70:6c:49:bf:33:a9:
aa:8b:9a:83:6f:28:c2:31:48:f8:df:11:21:1e:68:
26:21:7e:b5:90:21:f2:9b:80:58:12:1f:2b:4b:d8:
74:df:e7:42:29:6e:eb:76:ba:c4:b0:9f:7d:15:2c:
b6:73:2a:3d:57:c2:32:7a:ae:79:b7:4c:57:45:79:
ac:44:d7:04:b5:f1:af:bd:39:cc:54:70:f6:42:12:
cd:e7:71:fd:7d:58:47:ba:05:7b:91:fa:c3:15:8c:
5a:07:59:f8:89:ba:32:08:49:d5:2a:5a:be:90:58:
ef:b3:11:21:9b:55:8c:5f:8f:cf:82:d4:a7:b1:06:
0c:0e:a2:0c:52:9e:6d:03:62:59:91:3a:75:71:3f:
03:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:9A:50:B0:0C:7B:BD:03:A4:AE:E8:B3:C3:DA:09:8E:CF:72:7F:7A
X509v3 Authority Key Identifier:
keyid:DD:64:16:6A:91:17:93:08:F2:53:A9:17:56:16:CC:C6:82:8C:44:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3WQWapEXkwjyU6kXVhbMxoKMRGM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/PJpQsAx7vQOkruizw9oJjs9yf3o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/0a489b-9d9e-4f6a-87c7-74de258a76f8/1/3WQWapEXkwjyU6kXVhbMxoKMRGM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.120.0/22
45.150.24.0/22
83.222.6.0/23
84.54.64.0-84.54.111.255
84.54.115.0-84.54.123.255
86.62.0.0/22
89.104.102.0/24
89.223.3.0/24
89.249.60.0/22
90.156.160.0/21
90.156.192.0/21
93.188.80.0/21
94.230.232.0/24
109.94.174.0/23
185.4.160.0/22
185.203.236.0/22
194.93.24.0/22
198.163.192.0/20
Signature Algorithm: sha256WithRSAEncryption
5a:15:73:57:e2:f7:f6:2a:82:a5:67:82:b9:09:36:1b:9c:69:
fc:a7:8a:a4:9a:9f:ea:15:a7:7a:d7:8f:22:3e:8b:f8:e1:58:
5b:ea:85:74:32:21:91:c2:fe:8e:62:27:65:a9:1f:10:bb:0e:
f6:74:5e:bd:e5:96:5d:51:59:70:5b:d1:00:e3:b3:0f:0e:d6:
ad:2f:e9:24:d7:d4:a0:65:06:c2:7c:ee:88:ab:fb:3c:1a:01:
5b:2b:b2:c7:98:45:b9:c7:f3:cb:dd:7f:4b:97:ac:bc:bd:08:
5c:81:74:fc:1c:3e:b0:94:16:54:48:4a:34:c1:a9:c8:ac:58:
aa:72:05:ae:66:86:b1:2a:45:13:41:bb:ae:ce:a1:4a:31:17:
a6:e5:ab:3e:a2:d9:c7:09:8b:dd:07:95:a1:5a:72:2d:f4:7d:
c7:1d:8f:37:d0:99:e1:d7:5a:7f:61:33:f8:82:c6:d4:f0:fe:
ac:36:cb:54:1c:69:c1:3e:1d:f2:0b:4e:e9:1d:1d:9f:e0:e0:
98:c4:c2:0e:9a:05:5a:74:13:69:b9:31:08:e8:24:ac:b8:c5:
bd:e9:7d:55:e3:57:08:3f:18:79:73:c3:86:64:4c:56:40:d2:
5c:81:be:14:44:1d:b0:54:c3:c6:de:dc:35:c3:89:ca:dc:21:
7d:33:1d:ed
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZe/4VgycqCN3hlE6PR5vwQBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkNjQxNjZhOTExNzkzMDhmMjUzYTkxNzU2MTZjY2M2ODI4
YzQ0NjMwHhcNMjUwNjMwMDgwODI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYzlhNTBiMDBjN2JiZDAzYTRhZWU4YjNjM2RhMDk4ZWNmNzI3ZjdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7goG76vYQikDj3OHr5hVKimRDAid
HNnO2E+Hcn2v5+oXsk+qg/fpZ6PXd8oMMXqDU4BKNzM1YYNnbPKEB1srEb4q7iFb
EPeELDouo1K/4FpgGoLMZAROzPXRsHCX8HMgtDkcblHxBP87dUXv3rcPQ4twbEm/
M6mqi5qDbyjCMUj43xEhHmgmIX61kCHym4BYEh8rS9h03+dCKW7rdrrEsJ99FSy2
cyo9V8Iyeq55t0xXRXmsRNcEtfGvvTnMVHD2QhLN53H9fVhHugV7kfrDFYxaB1n4
iboyCEnVKlq+kFjvsxEhm1WMX4/PgtSnsQYMDqIMUp5tA2JZkTp1cT8DDwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFDyaULAMe70DpK7os8PaCY7Pcn96MB8GA1UdIwQY
MBaAFN1kFmqRF5MI8lOpF1YWzMaCjERjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1dRV2FwRVhrd2p5VTZrWFZoYk14b0tNUkdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC8wYTQ4OWItOWQ5ZS00ZjZhLTg3Yzct
NzRkZTI1OGE3NmY4LzEvUEpwUXNBeDd2UU9rcnVpenc5b0pqczl5ZjNvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC8wYTQ4OWItOWQ5ZS00ZjZhLTg3YzctNzRkZTI1OGE3NmY4
LzEvM1dRV2FwRVhrd2p5VTZrWFZoYk14b0tNUkdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTCBggQCAAEwfAMEAgWF
eAMEAi2WGAMEAVPeBjAMAwQGVDZAAwQEVDZgMAwDBABUNnMDBAJUNngDBAJWPgAD
BABZaGYDBABZ3wMDBAJZ+TwDBANanKADBANanMADBANdvFADBABe5ugDBAFtXq4D
BAK5BKADBAK5y+wDBALCXRgDBATGo8AwDQYJKoZIhvcNAQELBQADggEBAFoVc1fi
9/YqgqVngrkJNhucafyniqSan+oVp3rXjyI+i/jhWFvqhXQyIZHC/o5iJ2WpHxC7
DvZ0Xr3lll1RWXBb0QDjsw8O1q0v6STX1KBlBsJ87oir+zwaAVsrsseYRbnH88vd
f0uXrLy9CFyBdPwcPrCUFlRISjTBqcisWKpyBa5mhrEqRRNBu67OoUoxF6blqz6i
2ccJi90HlaFaci30fccdjzfQmeHXWn9hM/iCxtTw/qw2y1QcacE+HfILTukdHZ/g
4JjEwg6aBVp0E2m5MQjoJKy4xb3pfVXjVwg/GHlzw4ZkTFZA0lyBvhREHbBUw8be
3DXDicrcIX0zHe0=
-----END CERTIFICATE-----
Generated at Thu Jul 3 00:44:01 2025 by rpki-client