Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/g5O-sJkZnNA68mGJtGD2tO2hre0.roa
File: g5O-sJkZnNA68mGJtGD2tO2hre0.roa (raw, json)
Hash identifier: w9zj7kKoXrvbGgUWDgKatfpf3enPGG2iU/OVqfPxOKA=
Subject key identifier: 83:93:BE:B0:99:19:9C:D0:3A:F2:61:89:B4:60:F6:B4:ED:A1:AD:ED
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 0198F5F1B90162A0D77CDE1506E76DB677D3
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/g5O-sJkZnNA68mGJtGD2tO2hre0.roa
Signing time: Fri 29 Aug 2025 13:08:36 +0000
ROA not before: Fri 29 Aug 2025 13:08:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60187
IP address blocks: 5.150.22.0/24 maxlen: 24
5.150.23.0/24 maxlen: 24
5.150.62.0/24 maxlen: 24
5.150.64.0/24 maxlen: 24
5.150.65.0/24 maxlen: 24
5.150.66.0/24 maxlen: 24
5.150.67.0/24 maxlen: 24
5.150.68.0/24 maxlen: 24
5.150.69.0/24 maxlen: 24
5.150.70.0/24 maxlen: 24
5.150.71.0/24 maxlen: 24
5.150.74.0/24 maxlen: 24
5.150.76.0/24 maxlen: 24
5.150.80.0/20 maxlen: 20
5.150.96.0/22 maxlen: 22
5.150.96.0/24 maxlen: 24
5.150.97.0/24 maxlen: 24
5.150.98.0/24 maxlen: 24
5.150.99.0/24 maxlen: 24
5.150.100.0/22 maxlen: 22
5.150.100.0/24 maxlen: 24
5.150.101.0/24 maxlen: 24
5.150.102.0/24 maxlen: 24
5.150.103.0/24 maxlen: 24
5.150.104.0/22 maxlen: 22
5.150.104.0/24 maxlen: 24
5.150.105.0/24 maxlen: 24
5.150.106.0/24 maxlen: 24
5.150.107.0/24 maxlen: 24
5.150.108.0/22 maxlen: 22
5.150.108.0/24 maxlen: 24
5.150.109.0/24 maxlen: 24
5.150.110.0/24 maxlen: 24
5.150.111.0/24 maxlen: 24
5.150.112.0/22 maxlen: 22
5.150.112.0/24 maxlen: 24
5.150.113.0/24 maxlen: 24
5.150.114.0/24 maxlen: 24
5.150.115.0/24 maxlen: 24
5.150.116.0/22 maxlen: 22
5.150.116.0/24 maxlen: 24
5.150.117.0/24 maxlen: 24
5.150.118.0/24 maxlen: 24
5.150.119.0/24 maxlen: 24
5.150.120.0/22 maxlen: 22
5.150.120.0/24 maxlen: 24
5.150.121.0/24 maxlen: 24
5.150.122.0/24 maxlen: 24
5.150.123.0/24 maxlen: 24
5.150.124.0/22 maxlen: 24
5.150.124.0/24 maxlen: 24
5.150.125.0/24 maxlen: 24
5.150.126.0/24 maxlen: 24
5.150.127.0/24 maxlen: 24
171.33.192.0/21 maxlen: 21
171.33.192.0/22 maxlen: 22
171.33.192.0/24 maxlen: 24
171.33.193.0/24 maxlen: 24
171.33.194.0/24 maxlen: 24
171.33.195.0/24 maxlen: 24
171.33.196.0/22 maxlen: 22
171.33.196.0/24 maxlen: 24
171.33.197.0/24 maxlen: 24
171.33.198.0/24 maxlen: 24
171.33.199.0/24 maxlen: 24
171.33.200.0/21 maxlen: 21
171.33.200.0/24 maxlen: 24
171.33.201.0/24 maxlen: 24
171.33.202.0/24 maxlen: 24
171.33.203.0/24 maxlen: 24
171.33.204.0/24 maxlen: 24
171.33.205.0/24 maxlen: 24
171.33.206.0/24 maxlen: 24
171.33.207.0/24 maxlen: 24
171.33.208.0/21 maxlen: 21
171.33.208.0/24 maxlen: 24
171.33.209.0/24 maxlen: 24
171.33.210.0/24 maxlen: 24
171.33.211.0/24 maxlen: 24
171.33.212.0/24 maxlen: 24
171.33.213.0/24 maxlen: 24
171.33.214.0/24 maxlen: 24
171.33.215.0/24 maxlen: 24
171.33.216.0/21 maxlen: 21
2a02:af40::/29 maxlen: 29
2a02:af40::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f5:f1:b9:01:62:a0:d7:7c:de:15:06:e7:6d:b6:77:d3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Aug 29 13:08:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8393beb099199cd03af26189b460f6b4eda1aded
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:2d:89:b0:fa:c1:d9:0b:3c:94:2a:0d:9b:f9:
3e:45:bd:54:1c:5e:97:43:14:b0:ce:12:2b:c4:df:
48:9a:7a:ce:ce:5d:4c:72:48:a4:f0:58:fe:c4:c6:
64:55:cb:e8:66:c7:9f:20:ed:dc:cf:d7:d2:7e:0b:
a8:91:8c:16:46:17:16:5b:77:b0:1c:59:50:83:d7:
ba:2f:e7:49:8f:79:91:75:26:ab:8e:9e:19:03:d0:
b2:68:91:5f:b4:de:b6:37:16:62:88:8f:8c:4b:09:
c1:13:6b:b4:9c:f1:e9:b1:68:da:db:fd:90:22:a4:
93:46:6b:83:ea:7c:03:fd:f2:f7:9e:24:71:bd:aa:
04:27:0b:0c:ca:07:ea:de:19:6d:08:49:1a:3f:43:
39:8e:d6:0b:d7:2c:aa:62:79:6d:50:9c:28:c7:28:
3a:95:d2:1c:ba:f9:cd:fe:00:40:9e:2e:49:da:2c:
9e:d4:ae:41:29:71:90:72:8d:0c:e4:0e:00:96:eb:
ca:66:d3:87:36:f0:a3:c5:f6:9c:6d:a6:67:22:7f:
a4:de:7c:55:0b:8c:48:9b:24:38:d1:4d:66:20:73:
c6:96:40:09:97:4a:3f:7c:a6:aa:d4:ea:d8:de:88:
81:17:02:1b:9b:18:3c:6d:b7:2e:b8:b2:fd:83:fc:
98:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:93:BE:B0:99:19:9C:D0:3A:F2:61:89:B4:60:F6:B4:ED:A1:AD:ED
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/g5O-sJkZnNA68mGJtGD2tO2hre0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.22.0/23
5.150.62.0/24
5.150.64.0/21
5.150.74.0/24
5.150.76.0/24
5.150.80.0-5.150.127.255
171.33.192.0/19
IPv6:
2a02:af40::/29
Signature Algorithm: sha256WithRSAEncryption
82:8c:39:58:7e:ff:27:29:2f:e0:1d:2d:02:e8:5c:3c:21:c4:
a6:ca:57:9a:03:8f:e4:19:61:8f:28:eb:17:8e:fc:8e:af:07:
5a:58:c9:3a:78:5d:67:00:2d:9d:fd:b1:8f:5e:c4:34:21:cb:
ca:fa:3b:05:15:bc:a9:4a:4b:d3:a9:29:91:d0:bb:ed:05:ad:
94:7b:cf:df:53:80:e8:2c:b8:1e:b5:19:67:89:72:2a:46:6e:
95:9d:d0:72:f0:00:18:c6:7b:07:62:ec:7f:3c:7f:19:07:2e:
9f:85:89:40:22:49:5f:7c:2a:70:5a:17:d5:9f:ea:16:49:dc:
75:51:78:38:50:6b:ee:68:10:04:d5:bf:47:3e:ca:4b:9a:7c:
84:a9:92:9e:7a:0d:4b:fd:96:17:d9:4b:94:38:84:45:8f:16:
39:d4:eb:71:93:05:30:98:db:1e:44:b5:2a:ce:9c:28:28:9a:
21:6d:53:82:5d:63:72:af:87:36:8f:af:15:2e:e1:ce:11:e5:
d1:4f:7a:9e:b1:19:4d:9e:0c:53:e8:0a:65:f6:c1:6a:b0:da:
32:d9:e8:0f:bd:7b:a4:f6:b2:8a:cd:4b:4a:17:44:51:0b:23:
bb:84:c5:a1:07:74:88:ae:7c:74:ee:88:a3:56:81:ce:41:bb:
a0:0b:1b:b3
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZj18bkBYqDXfN4VBudttnfTMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjUwODI5MTMwODM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzkzYmViMDk5MTk5Y2QwM2FmMjYxODliNDYwZjZiNGVkYTFhZGVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5S2JsPrB2Qs8lCoNm/k+Rb1UHF6X
QxSwzhIrxN9ImnrOzl1Mckik8Fj+xMZkVcvoZsefIO3cz9fSfguokYwWRhcWW3ew
HFlQg9e6L+dJj3mRdSarjp4ZA9CyaJFftN62NxZiiI+MSwnBE2u0nPHpsWja2/2Q
IqSTRmuD6nwD/fL3niRxvaoEJwsMygfq3hltCEkaP0M5jtYL1yyqYnltUJwoxyg6
ldIcuvnN/gBAni5J2iye1K5BKXGQco0M5A4AluvKZtOHNvCjxfacbaZnIn+k3nxV
C4xImyQ40U1mIHPGlkAJl0o/fKaq1OrY3oiBFwIbmxg8bbcuuLL9g/yYzQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFIOTvrCZGZzQOvJhibRg9rTtoa3tMB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEvZzVPLXNKa1puTkE2OG1HSnRHRDJ0TzJocmUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQBBZYWAwQA
BZY+AwQDBZZAAwQABZZKAwQABZZMMAwDBAQFllADBAcFlgADBAWrIcAwDQQCAAIw
BwMFAyoCr0AwDQYJKoZIhvcNAQELBQADggEBAIKMOVh+/ycpL+AdLQLoXDwhxKbK
V5oDj+QZYY8o6xeO/I6vB1pYyTp4XWcALZ39sY9exDQhy8r6OwUVvKlKS9OpKZHQ
u+0FrZR7z99TgOgsuB61GWeJcipGbpWd0HLwABjGewdi7H88fxkHLp+FiUAiSV98
KnBaF9Wf6hZJ3HVReDhQa+5oEATVv0c+ykuafISpkp56DUv9lhfZS5Q4hEWPFjnU
63GTBTCY2x5EtSrOnCgomiFtU4JdY3KvhzaPrxUu4c4R5dFPep6xGU2eDFPoCmX2
wWqw2jLZ6A+9e6T2sorNS0oXRFELI7uExaEHdIiufHTuiKNWgc5Bu6ALG7M=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:52 2025 by rpki-client