Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/Ha2aIsE24z_1EZsUwFVaBMCEfdM.roa
File: Ha2aIsE24z_1EZsUwFVaBMCEfdM.roa (raw, json)
Hash identifier: xkTrIuXJyp+z7TixxHSY5VnwKcm94LBvzrBz6XRQmHA=
Subject key identifier: 1D:AD:9A:22:C1:36:E3:3F:F5:11:9B:14:C0:55:5A:04:C0:84:7D:D3
Certificate issuer: /CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Certificate serial: 019965EB9BBD08C91EF3560CA60184320ED4
Authority key identifier: B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/Ha2aIsE24z_1EZsUwFVaBMCEfdM.roa
Signing time: Sat 20 Sep 2025 06:59:23 +0000
ROA not before: Sat 20 Sep 2025 06:59:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57497
IP address blocks: 5.63.8.0/24 maxlen: 24
5.63.9.0/24 maxlen: 24
5.63.10.0/23 maxlen: 23
5.63.10.0/24 maxlen: 24
5.63.11.0/24 maxlen: 24
5.63.12.0/24 maxlen: 24
5.63.13.0/24 maxlen: 24
5.63.14.0/23 maxlen: 23
5.63.14.0/24 maxlen: 24
45.135.240.0/24 maxlen: 24
45.135.241.0/24 maxlen: 24
45.135.242.0/24 maxlen: 24
45.135.243.0/24 maxlen: 24
158.58.184.0/22 maxlen: 22
158.58.184.0/24 maxlen: 24
158.58.185.0/24 maxlen: 24
158.58.186.0/24 maxlen: 24
158.58.187.0/24 maxlen: 24
158.58.188.0/23 maxlen: 23
158.58.188.0/24 maxlen: 24
158.58.189.0/24 maxlen: 24
158.58.190.0/23 maxlen: 23
158.58.190.0/24 maxlen: 24
158.58.191.0/24 maxlen: 24
185.2.12.0/22 maxlen: 22
185.2.12.0/23 maxlen: 24
185.2.14.0/23 maxlen: 24
185.179.90.0/24 maxlen: 24
185.229.204.0/24 maxlen: 24
194.62.17.0/24 maxlen: 24
195.226.223.0/24 maxlen: 24
2a01:4ac0::/48 maxlen: 48
2a01:4ac0:1::/48 maxlen: 48
2a01:4ac0:2::/48 maxlen: 48
2a01:4ac0:3::/48 maxlen: 48
2a01:4ac0:4::/48 maxlen: 48
2a01:4ac0:5::/48 maxlen: 48
2a01:4ac0:6::/48 maxlen: 48
2a01:4ac0:7::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.mft
rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:65:eb:9b:bd:08:c9:1e:f3:56:0c:a6:01:84:32:0e:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b6c167dfa9882b2aa8f84595f58a97c305ca43c5
Validity
Not Before: Sep 20 06:59:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1dad9a22c136e33ff5119b14c0555a04c0847dd3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e0:87:3b:9d:3d:84:0b:19:55:31:c6:96:0d:
ca:97:c0:27:1b:9d:a9:9e:45:93:66:5c:17:1d:79:
78:49:2a:64:a4:91:b3:cc:6d:65:3f:b9:27:a5:dd:
46:47:9f:6b:25:5c:36:27:1d:85:bd:f8:66:70:9a:
d4:8f:18:fe:df:fb:e4:c3:d1:d9:47:26:37:d1:16:
42:da:90:0c:b0:ee:3e:3c:ef:8f:94:89:99:1a:e1:
4f:97:4b:11:7d:12:30:96:cb:73:50:2b:24:fc:e7:
29:e0:e3:51:3e:e3:a9:91:53:07:f9:c8:e4:0c:44:
75:3a:1c:f7:c6:fc:97:a2:c5:1f:de:c2:67:c8:1f:
64:52:24:08:f3:63:79:0e:fb:0d:b3:a5:1e:db:f2:
19:38:d4:21:56:e8:b5:c9:53:90:3c:cd:49:9e:ce:
fe:c0:36:f1:02:e3:70:92:48:1a:f5:ec:57:57:bf:
85:6e:72:39:4b:26:64:9f:2a:97:44:17:b9:27:8e:
e9:7d:6e:10:5c:43:81:79:bf:ec:be:f2:c4:09:cc:
7b:02:de:a5:fd:2e:af:6e:20:2e:a1:f6:1e:39:11:
75:e4:d9:c9:e5:71:71:95:63:6a:2c:b3:50:84:bc:
bf:07:f0:e3:d4:f7:02:18:9a:5e:2d:17:3d:62:27:
d4:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1D:AD:9A:22:C1:36:E3:3F:F5:11:9B:14:C0:55:5A:04:C0:84:7D:D3
X509v3 Authority Key Identifier:
keyid:B6:C1:67:DF:A9:88:2B:2A:A8:F8:45:95:F5:8A:97:C3:05:CA:43:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tsFn36mIKyqo-EWV9YqXwwXKQ8U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/Ha2aIsE24z_1EZsUwFVaBMCEfdM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2c/73beeb-6a05-4cca-86be-acfc3d2c2522/1/tsFn36mIKyqo-EWV9YqXwwXKQ8U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.63.8.0/21
45.135.240.0/22
158.58.184.0/21
185.2.12.0/22
185.179.90.0/24
185.229.204.0/24
194.62.17.0/24
195.226.223.0/24
IPv6:
2a01:4ac0::/45
Signature Algorithm: sha256WithRSAEncryption
a2:75:8e:42:61:38:c2:74:58:38:6c:cb:aa:4e:56:25:4f:3e:
2c:b1:cf:60:e3:88:b4:56:ab:a0:ee:17:ae:25:62:96:d4:d6:
14:ba:e1:80:2e:65:49:7f:f8:25:8f:5e:6d:ae:db:2b:27:e5:
ab:94:97:bc:cf:96:f8:dd:1e:55:99:7b:71:ce:13:0a:d7:19:
26:7c:55:37:e3:f3:ff:a0:5c:cc:c8:26:01:c0:85:c1:20:49:
8c:ca:c0:34:38:ed:51:98:e5:54:a0:70:70:9b:22:1c:84:d5:
8a:30:ef:5a:11:c9:9c:82:02:05:65:69:93:bb:a1:ac:6d:df:
3e:55:ff:6a:a4:df:d1:46:f5:6b:a7:15:b9:b6:09:3b:c9:45:
92:35:30:e7:73:61:fc:7b:fa:9f:27:44:76:ce:4c:d5:5b:1b:
14:92:57:ce:df:9c:18:5c:a5:27:dd:a9:cc:20:70:ea:a3:23:
ee:b4:f7:2f:29:db:a8:d1:82:09:8f:5c:91:d9:07:1d:cb:ac:
9d:7c:66:e4:8b:90:72:37:bb:5c:47:37:97:86:1c:d8:38:4f:
be:c5:4f:70:ad:d9:8f:8d:a2:7a:7b:69:6f:fc:da:dd:ec:5a:
f8:91:bd:87:04:df:9c:7c:8a:f6:55:cc:ea:9c:06:d8:3f:8d:
56:4e:7a:30
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZll65u9CMke81YMpgGEMg7UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2YzE2N2RmYTk4ODJiMmFhOGY4NDU5NWY1OGE5N2MzMDVj
YTQzYzUwHhcNMjUwOTIwMDY1OTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZGFkOWEyMmMxMzZlMzNmZjUxMTliMTRjMDU1NWEwNGMwODQ3ZGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+CHO509hAsZVTHGlg3Kl8AnG52p
nkWTZlwXHXl4SSpkpJGzzG1lP7knpd1GR59rJVw2Jx2FvfhmcJrUjxj+3/vkw9HZ
RyY30RZC2pAMsO4+PO+PlImZGuFPl0sRfRIwlstzUCsk/Ocp4ONRPuOpkVMH+cjk
DER1Ohz3xvyXosUf3sJnyB9kUiQI82N5DvsNs6Ue2/IZONQhVui1yVOQPM1Jns7+
wDbxAuNwkkga9exXV7+FbnI5SyZknyqXRBe5J47pfW4QXEOBeb/svvLECcx7At6l
/S6vbiAuofYeORF15NnJ5XFxlWNqLLNQhLy/B/Dj1PcCGJpeLRc9YifUswIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFB2tmiLBNuM/9RGbFMBVWgTAhH3TMB8GA1UdIwQY
MBaAFLbBZ9+piCsqqPhFlfWKl8MFykPFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUt
YWNmYzNkMmMyNTIyLzEvSGEyYUlzRTI0el8xRVpzVXdGVmFCTUNFZmRNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYy83M2JlZWItNmEwNS00Y2NhLTg2YmUtYWNmYzNkMmMyNTIy
LzEvdHNGbjM2bUlLeXFvLUVXVjlZcVh3d1hLUThVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA2BAIAATAwAwQDBT8IAwQC
LYfwAwQDnjq4AwQCuQIMAwQAubNaAwQAueXMAwQAwj4RAwQAw+LfMA8EAgACMAkD
BwMqAUrAAAAwDQYJKoZIhvcNAQELBQADggEBAKJ1jkJhOMJ0WDhsy6pOViVPPiyx
z2DjiLRWq6DuF64lYpbU1hS64YAuZUl/+CWPXm2u2ysn5auUl7zPlvjdHlWZe3HO
EwrXGSZ8VTfj8/+gXMzIJgHAhcEgSYzKwDQ47VGY5VSgcHCbIhyE1Yow71oRyZyC
AgVlaZO7oaxt3z5V/2qk39FG9WunFbm2CTvJRZI1MOdzYfx7+p8nRHbOTNVbGxSS
V87fnBhcpSfdqcwgcOqjI+609y8p26jRggmPXJHZBx3LrJ18ZuSLkHI3u1xHN5eG
HNg4T77FT3Ct2Y+Nonp7aW/82t3sWviRvYcE35x8ivZVzOqcBtg/jVZOejA=
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:09:00 2025 by rpki-client