Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XABzVZi8G-G-d8VqQsT1mze1LLU.roa
File: XABzVZi8G-G-d8VqQsT1mze1LLU.roa (raw, json)
Hash identifier: 0uLOGBQZg3swFUIL+cnkZY5plrWbfrGRkkJN1DGdXoU=
Subject key identifier: 5C:00:73:55:98:BC:1B:E1:BE:77:C5:6A:42:C4:F5:9B:37:B5:2C:B5
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0198BF3F296FDEB1D1A9F0FC3E989547C910
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XABzVZi8G-G-d8VqQsT1mze1LLU.roa
Signing time: Mon 18 Aug 2025 22:14:04 +0000
ROA not before: Mon 18 Aug 2025 22:14:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.88.136.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
91.223.110.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 32
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 32
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:50:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bf:3f:29:6f:de:b1:d1:a9:f0:fc:3e:98:95:47:c9:10
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Aug 18 22:14:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5c00735598bc1be1be77c56a42c4f59b37b52cb5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:98:c8:f5:09:a9:f7:69:f5:cb:78:7c:f4:c9:
1e:73:97:f8:b8:63:7a:c8:69:1d:33:cb:e8:3c:2f:
85:96:93:ae:88:7f:83:62:cc:27:50:f8:c1:07:aa:
c2:fb:3c:40:47:92:33:78:89:f8:22:8f:9e:2c:0c:
a1:2b:7e:2f:a6:4b:66:2d:d6:ef:f9:d4:49:bd:62:
79:9d:e7:16:3b:c2:51:17:89:3e:f3:5a:8c:ed:9b:
cb:7f:42:4a:c8:d4:07:57:5b:d8:e9:ff:1c:05:87:
5f:3e:97:dd:a1:ce:e1:2b:16:58:4d:68:a1:ad:1d:
d3:0c:35:74:20:34:9e:47:c0:60:cf:b6:f2:06:4c:
be:27:d1:ff:54:10:b5:50:e6:65:07:5b:06:b5:1b:
43:83:76:5f:e2:1d:54:9a:0c:aa:12:3c:bf:75:e4:
a6:10:e0:5c:e4:c8:b5:4b:a3:db:f2:dd:ca:82:38:
49:da:48:4b:61:2d:14:fd:f7:26:b3:c1:f9:2d:94:
a3:9d:9a:33:27:ff:5f:3c:cf:2a:ee:e8:f3:3c:ea:
be:88:69:9c:6a:22:ee:5f:fb:60:40:8a:74:95:0e:
f9:11:7c:1c:45:4b:ca:4c:1d:3a:60:50:03:51:07:
ff:16:63:8c:ee:2d:95:55:49:4e:db:a8:a1:1f:1d:
c2:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5C:00:73:55:98:BC:1B:E1:BE:77:C5:6A:42:C4:F5:9B:37:B5:2C:B5
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/XABzVZi8G-G-d8VqQsT1mze1LLU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.88.136.0/24
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
91.223.110.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
44:40:48:b8:d2:ba:fa:ec:8a:d0:4b:ce:81:a1:c0:3f:c1:41:
2f:75:96:c4:0d:57:fe:52:b3:63:0e:28:74:63:bf:4c:30:9a:
64:3f:7d:aa:73:ca:e9:e5:05:1b:4d:98:16:ce:53:be:63:ee:
00:6c:1f:c8:85:85:1b:47:02:67:ac:d9:18:62:8d:4c:ff:0d:
fa:fe:c7:49:be:aa:03:b3:9a:60:7a:3b:e5:b6:8a:4c:e8:65:
bb:f6:65:ac:ab:a0:a4:eb:b5:83:df:97:77:85:ab:f8:b6:25:
d4:49:7a:93:d0:45:2f:ee:8f:00:73:95:a2:ff:cf:15:97:1a:
ce:30:13:3d:48:0a:88:6b:94:19:6f:d2:e5:77:ee:65:37:59:
8a:7f:bb:8c:66:af:aa:3a:cf:80:4d:26:e9:2d:56:38:09:0e:
9c:ef:c7:1b:c9:1d:8b:f2:99:a9:66:7a:8c:71:f2:13:d0:eb:
9d:29:8f:fb:f3:d0:41:60:f8:ab:3f:44:8d:36:24:b4:04:9c:
a4:c9:54:71:ed:3c:55:84:aa:97:de:3c:5f:a2:3f:05:8f:95:
a2:86:e9:26:61:5b:f5:60:be:f3:c3:3d:e5:d8:cd:e3:e7:e9:
6e:0d:c7:f5:34:0b:71:50:f7:db:be:40:b2:9e:32:70:33:b5:
e2:9c:c8:fe
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZi/Pylv3rHRqfD8PpiVR8kQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUwODE4MjIxNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YzAwNzM1NTk4YmMxYmUxYmU3N2M1NmE0MmM0ZjU5YjM3YjUyY2I1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpjI9Qmp92n1y3h89Mkec5f4uGN6
yGkdM8voPC+FlpOuiH+DYswnUPjBB6rC+zxAR5IzeIn4Io+eLAyhK34vpktmLdbv
+dRJvWJ5necWO8JRF4k+81qM7ZvLf0JKyNQHV1vY6f8cBYdfPpfdoc7hKxZYTWih
rR3TDDV0IDSeR8Bgz7byBky+J9H/VBC1UOZlB1sGtRtDg3Zf4h1UmgyqEjy/deSm
EOBc5Mi1S6Pb8t3KgjhJ2khLYS0U/fcms8H5LZSjnZozJ/9fPM8q7ujzPOq+iGmc
aiLuX/tgQIp0lQ75EXwcRUvKTB06YFADUQf/FmOM7i2VVUlO26ihHx3C6QIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFFwAc1WYvBvhvnfFakLE9Zs3tSy1MB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvWEFCelZaaThHLUctZDhWcVFzVDFtemUxTExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCBhwQCAAEwgYAD
BAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1YiAMEAC1eqwMEAC2E
tAMEAS2EtgMEAFvfbgMEAJITfQMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe
8gMEAME5KwMEAMLyYAMEAcLyYgMEAsOxXAMEAsPTvDB2BAIAAjBwAwUAKgFxIAMF
AyoHkgADBQAqCQNAAwUAKgkDQgMFACoJA0YDBQAqCcRAAwUAKgxdQAMFAyoMpYAD
BQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUAKhEqgAMFACoROQADBQAqEdaA
AwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAREBIuNK6+uyK0EvOgaHAP8FBL3WW
xA1X/lKzYw4odGO/TDCaZD99qnPK6eUFG02YFs5TvmPuAGwfyIWFG0cCZ6zZGGKN
TP8N+v7HSb6qA7OaYHo75baKTOhlu/ZlrKugpOu1g9+Xd4Wr+LYl1El6k9BFL+6P
AHOVov/PFZcazjATPUgKiGuUGW/S5XfuZTdZin+7jGavqjrPgE0m6S1WOAkOnO/H
G8kdi/KZqWZ6jHHyE9DrnSmP+/PQQWD4qz9EjTYktAScpMlUce08VYSql948X6I/
BY+VoobpJmFb9WC+88M95djN4+fpbg3H9TQLcVD3275Asp4ycDO14pzI/g==
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:53:56 2025 by rpki-client