Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/TtR0csYqYQUGmaJtYJ6I1Sb4jtA.roa
File: TtR0csYqYQUGmaJtYJ6I1Sb4jtA.roa (raw, json)
Hash identifier: /RrNIRwEKfIWdjBmKgKNDu3bdN5NswYfyOudqPj07dM=
Subject key identifier: 4E:D4:74:72:C6:2A:61:05:06:99:A2:6D:60:9E:88:D5:26:F8:8E:D0
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 0197A6A295F9F95139E474EBA185F48700CB
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/TtR0csYqYQUGmaJtYJ6I1Sb4jtA.roa
Signing time: Wed 25 Jun 2025 10:29:22 +0000
ROA not before: Wed 25 Jun 2025 10:29:22 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42908
IP address blocks: 5.102.48.0/20 maxlen: 20
31.10.56.0/21 maxlen: 21
45.159.116.0/22 maxlen: 22
46.183.56.0/21 maxlen: 21
46.231.72.0/21 maxlen: 21
77.95.192.0/21 maxlen: 21
78.136.128.0/18 maxlen: 18
80.78.136.0/22 maxlen: 22
80.79.0.0/22 maxlen: 22
80.87.176.0/20 maxlen: 20
80.90.128.0/20 maxlen: 20
80.243.236.0/22 maxlen: 22
80.251.240.0/20 maxlen: 20
88.81.64.0/19 maxlen: 19
91.187.32.0/19 maxlen: 19
92.61.80.0/20 maxlen: 20
93.92.48.0/21 maxlen: 21
93.93.32.0/21 maxlen: 21
94.241.64.0/18 maxlen: 18
109.108.96.0/19 maxlen: 19
176.102.128.0/19 maxlen: 19
178.17.80.0/20 maxlen: 20
185.78.12.0/22 maxlen: 22
185.82.236.0/22 maxlen: 22
185.108.60.0/22 maxlen: 22
185.157.240.0/22 maxlen: 22
188.119.96.0/22 maxlen: 22
193.42.128.0/22 maxlen: 22
193.107.252.0/22 maxlen: 22
213.19.0.0/17 maxlen: 17
213.155.32.0/19 maxlen: 19
213.250.192.0/18 maxlen: 18
217.170.96.0/20 maxlen: 20
217.196.112.0/20 maxlen: 20
217.197.144.0/20 maxlen: 20
2a00:e4c0::/32 maxlen: 32
2a01:9f40::/29 maxlen: 29
2a02:2428::/32 maxlen: 32
2a02:2588::/29 maxlen: 29
2a03:1600::/32 maxlen: 32
2a03:7a00::/32 maxlen: 32
2a03:a820::/32 maxlen: 32
2a07:cc80::/29 maxlen: 29
2a0c:8b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 01:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:a2:95:f9:f9:51:39:e4:74:eb:a1:85:f4:87:00:cb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Jun 25 10:29:22 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ed47472c62a61050699a26d609e88d526f88ed0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:20:64:bb:70:e2:35:09:af:a7:bf:5b:86:a5:
2f:4c:f2:8d:68:7c:df:f5:37:3e:75:e3:2b:12:0b:
a7:4a:6b:06:99:fc:43:3d:f6:13:5e:de:de:16:b4:
b8:39:59:72:0a:dc:3b:1e:ca:49:68:db:13:66:26:
a0:97:34:5c:00:a5:18:fa:16:e3:79:e0:66:a6:8c:
5d:84:e8:b2:c9:2d:05:da:0a:4e:c8:d5:af:91:95:
41:d6:c6:bb:be:94:03:e7:8e:3c:b9:80:f7:d6:e9:
8d:08:74:7b:4d:a2:08:c3:2d:03:7e:f3:a8:c2:13:
22:c1:62:52:35:29:04:78:f3:6a:3e:d7:b0:34:90:
ca:1a:c7:30:87:e1:99:64:cb:05:6b:4e:8c:53:36:
fc:b9:f5:fa:ac:30:cf:bf:dc:70:bb:44:dc:48:9a:
f7:a8:4c:bf:15:e6:16:f0:98:bb:ab:fe:8f:38:6e:
ae:34:98:34:ca:bc:58:05:b0:4d:d2:40:68:5d:26:
26:96:2c:e6:66:b6:54:33:1a:c5:0f:c5:82:3d:56:
d7:23:ce:a4:4e:79:41:4c:b7:71:a4:f1:e6:a1:6b:
c5:c0:a3:19:b6:a7:79:dd:1f:5b:93:c7:88:20:96:
30:dd:d1:09:71:6e:86:05:22:c2:ce:71:fe:95:f9:
9a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:D4:74:72:C6:2A:61:05:06:99:A2:6D:60:9E:88:D5:26:F8:8E:D0
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/TtR0csYqYQUGmaJtYJ6I1Sb4jtA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.102.48.0/20
31.10.56.0/21
45.159.116.0/22
46.183.56.0/21
46.231.72.0/21
77.95.192.0/21
78.136.128.0/18
80.78.136.0/22
80.79.0.0/22
80.87.176.0/20
80.90.128.0/20
80.243.236.0/22
80.251.240.0/20
88.81.64.0/19
91.187.32.0/19
92.61.80.0/20
93.92.48.0/21
93.93.32.0/21
94.241.64.0/18
109.108.96.0/19
176.102.128.0/19
178.17.80.0/20
185.78.12.0/22
185.82.236.0/22
185.108.60.0/22
185.157.240.0/22
188.119.96.0/22
193.42.128.0/22
193.107.252.0/22
213.19.0.0/17
213.155.32.0/19
213.250.192.0/18
217.170.96.0/20
217.196.112.0/20
217.197.144.0/20
IPv6:
2a00:e4c0::/32
2a01:9f40::/29
2a02:2428::/32
2a02:2588::/29
2a03:1600::/32
2a03:7a00::/32
2a03:a820::/32
2a07:cc80::/29
2a0c:8b40::/29
Signature Algorithm: sha256WithRSAEncryption
28:3b:b6:4d:c6:ae:4d:bf:d8:33:f5:04:d7:03:52:d1:ea:9c:
d6:dc:9f:bd:02:3d:ed:a2:17:ab:1f:4c:1d:ee:2e:9e:30:7c:
40:b4:15:f1:e2:b3:fc:65:f2:5a:3c:21:20:36:a1:84:d1:4f:
36:10:36:48:05:60:f4:93:b2:bd:28:ab:d8:67:19:f6:73:7d:
ff:e6:7f:d6:77:14:9c:92:56:48:ba:4b:d4:56:a5:08:ff:79:
b7:ea:1b:36:da:44:fa:39:bf:d9:05:28:7b:72:00:f5:55:7a:
13:20:f3:ee:11:13:fc:90:7b:33:68:ea:88:eb:dc:92:6b:c0:
35:fa:90:a2:28:6d:76:a1:dc:e6:b8:37:a2:33:84:91:e6:c4:
31:17:2f:c7:bc:37:ed:3f:21:6d:7c:62:64:8d:c5:6b:ed:18:
ee:45:13:a3:de:81:15:3a:d0:d8:38:f2:ae:0e:f2:c6:f5:0f:
7f:de:15:e5:15:99:e0:d7:5a:6b:c1:88:04:16:ff:65:4b:6e:
a8:10:00:52:e1:61:0a:78:df:8a:ab:c8:28:c8:da:1d:0a:9a:
7f:ca:e1:6e:74:a6:fb:a7:77:77:08:2b:61:16:9e:a7:0f:ba:
50:27:76:09:3d:06:17:04:83:0f:8b:b8:e5:a6:4f:03:a7:1a:
56:bc:a6:d9
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAZemopX5+VE55HTroYX0hwDLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwNjI1MTAyOTIyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWQ0NzQ3MmM2MmE2MTA1MDY5OWEyNmQ2MDllODhkNTI2Zjg4ZWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtSBku3DiNQmvp79bhqUvTPKNaHzf
9Tc+deMrEgunSmsGmfxDPfYTXt7eFrS4OVlyCtw7HspJaNsTZiaglzRcAKUY+hbj
eeBmpoxdhOiyyS0F2gpOyNWvkZVB1sa7vpQD5448uYD31umNCHR7TaIIwy0DfvOo
whMiwWJSNSkEePNqPtewNJDKGscwh+GZZMsFa06MUzb8ufX6rDDPv9xwu0TcSJr3
qEy/FeYW8Ji7q/6POG6uNJg0yrxYBbBN0kBoXSYmlizmZrZUMxrFD8WCPVbXI86k
TnlBTLdxpPHmoWvFwKMZtqd53R9bk8eIIJYw3dEJcW6GBSLCznH+lfmaKQIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFE7UdHLGKmEFBpmibWCeiNUm+I7QMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvVHRSMGNzWXFZUVVHbWFKdFlKNkkxU2I0anRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOAYIKwYBBQUHAQcBAf8EggEnMIIBIzCB2QQCAAEwgdID
BAQFZjADBAMfCjgDBAItn3QDBAMutzgDBAMu50gDBANNX8ADBAZOiIADBAJQTogD
BAJQTwADBARQV7ADBARQWoADBAJQ8+wDBARQ+/ADBAVYUUADBAVbuyADBARcPVAD
BANdXDADBANdXSADBAZe8UADBAVtbGADBAWwZoADBASyEVADBAK5TgwDBAK5UuwD
BAK5bDwDBAK5nfADBAK8d2ADBALBKoADBALBa/wDBAfVEwADBAXVmyADBAbV+sAD
BATZqmADBATZxHADBATZxZAwRQQCAAIwPwMFACoA5MADBQMqAZ9AAwUAKgIkKAMF
AyoCJYgDBQAqAxYAAwUAKgN6AAMFACoDqCADBQMqB8yAAwUDKgyLQDANBgkqhkiG
9w0BAQsFAAOCAQEAKDu2TcauTb/YM/UE1wNS0eqc1tyfvQI97aIXqx9MHe4unjB8
QLQV8eKz/GXyWjwhIDahhNFPNhA2SAVg9JOyvSir2GcZ9nN9/+Z/1ncUnJJWSLpL
1FalCP95t+obNtpE+jm/2QUoe3IA9VV6EyDz7hET/JB7M2jqiOvckmvANfqQoiht
dqHc5rg3ojOEkebEMRcvx7w37T8hbXxiZI3Fa+0Y7kUTo96BFTrQ2Djyrg7yxvUP
f94V5RWZ4Ndaa8GIBBb/ZUtuqBAAUuFhCnjfiqvIKMjaHQqaf8rhbnSm+6d3dwgr
YRaepw+6UCd2CT0GFwSDD4u45aZPA6caVrym2Q==
-----END CERTIFICATE-----
Generated at Wed Jul 2 06:15:18 2025 by rpki-client