Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/yXyHyUciMlXcXjcenr1TUrD7i8k.roa
File: yXyHyUciMlXcXjcenr1TUrD7i8k.roa (raw, json)
Hash identifier: d9ok+mML2m4czXnRfsRnkqCrtKjymbnxAuG9XAiMcCU=
Subject key identifier: C9:7C:87:C9:47:22:32:55:DC:5E:37:1E:9E:BD:53:52:B0:FB:8B:C9
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 0198CBC81549279700D660BBC21A9B938E21
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/yXyHyUciMlXcXjcenr1TUrD7i8k.roa
Signing time: Thu 21 Aug 2025 08:39:04 +0000
ROA not before: Thu 21 Aug 2025 08:39:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60187
IP address blocks: 5.150.22.0/24 maxlen: 24
5.150.23.0/24 maxlen: 24
5.150.62.0/24 maxlen: 24
5.150.64.0/24 maxlen: 24
5.150.65.0/24 maxlen: 24
5.150.66.0/24 maxlen: 24
5.150.67.0/24 maxlen: 24
5.150.68.0/24 maxlen: 24
5.150.69.0/24 maxlen: 24
5.150.70.0/24 maxlen: 24
5.150.71.0/24 maxlen: 24
5.150.74.0/24 maxlen: 24
5.150.76.0/24 maxlen: 24
5.150.80.0/20 maxlen: 20
5.150.96.0/22 maxlen: 22
5.150.100.0/22 maxlen: 22
5.150.104.0/22 maxlen: 22
5.150.108.0/22 maxlen: 22
5.150.112.0/22 maxlen: 22
5.150.116.0/22 maxlen: 22
5.150.120.0/22 maxlen: 22
5.150.124.0/22 maxlen: 24
171.33.192.0/21 maxlen: 21
171.33.192.0/22 maxlen: 22
171.33.196.0/22 maxlen: 22
171.33.200.0/21 maxlen: 21
171.33.208.0/21 maxlen: 21
171.33.215.0/24 maxlen: 24
171.33.216.0/21 maxlen: 21
2a02:af40::/29 maxlen: 29
2a02:af40::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:c8:15:49:27:97:00:d6:60:bb:c2:1a:9b:93:8e:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Aug 21 08:39:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c97c87c947223255dc5e371e9ebd5352b0fb8bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:bb:05:c8:8c:95:9f:24:ae:2e:50:48:3f:ba:
c6:3f:46:96:1b:46:05:3f:b1:83:23:4c:da:69:fe:
40:be:1f:6c:95:85:18:8c:83:e4:2a:89:2e:17:0a:
ab:aa:93:09:c0:c5:0a:7a:66:2a:79:f6:a7:d9:b2:
44:81:81:16:be:a5:1b:21:32:76:55:09:3d:2a:02:
1a:7a:c9:7b:98:db:a2:80:f5:a1:79:15:ac:e4:43:
ff:9a:c7:8b:7c:85:4e:86:f4:99:75:7a:a0:6d:0b:
36:09:80:3f:0a:2b:4f:38:93:30:4c:b0:32:38:9d:
7b:26:13:aa:f2:20:8b:44:f0:04:9e:0f:f6:d7:47:
77:a8:7d:8d:1f:29:e5:f2:72:10:75:35:28:46:db:
47:b6:37:d5:fb:25:82:19:d5:05:96:4b:c8:f1:05:
b4:49:b4:1b:92:d5:f7:af:6f:98:44:90:79:7d:21:
67:7d:f1:bd:eb:8e:6d:b2:73:98:54:e7:a6:76:0d:
2d:64:62:42:f9:90:c8:1f:a2:06:3e:92:20:4b:df:
e8:ac:15:de:40:ec:5d:86:cb:39:97:be:28:d8:08:
14:91:20:45:c7:5c:af:1f:fc:79:a3:f9:ca:16:a3:
8c:dc:1e:67:38:c6:5c:c8:98:e0:99:9d:ff:b5:49:
cc:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C9:7C:87:C9:47:22:32:55:DC:5E:37:1E:9E:BD:53:52:B0:FB:8B:C9
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/yXyHyUciMlXcXjcenr1TUrD7i8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.22.0/23
5.150.62.0/24
5.150.64.0/21
5.150.74.0/24
5.150.76.0/24
5.150.80.0-5.150.127.255
171.33.192.0/19
IPv6:
2a02:af40::/29
Signature Algorithm: sha256WithRSAEncryption
24:f8:ee:85:4f:d3:bc:c0:39:e2:a2:b5:d2:1b:e4:af:da:2e:
b6:c8:38:21:25:96:1b:bb:bb:26:01:6b:72:32:0a:14:e7:48:
8c:c1:73:25:3e:a9:4e:fd:8b:27:45:d6:17:47:f1:9a:6d:f4:
a1:9e:b1:b1:70:d3:f6:3c:be:af:39:50:76:48:e9:ff:1a:8e:
9e:72:2c:0d:81:44:ea:cf:9d:75:01:5c:90:e3:26:92:77:2a:
70:65:1e:cf:7b:58:df:65:b9:4a:8c:bc:e6:0a:26:69:c6:cd:
8f:eb:73:b4:31:42:32:a2:9b:04:45:6b:a1:72:20:b5:71:71:
a2:3a:61:3d:01:27:0f:51:56:d7:bb:15:61:f0:47:db:e4:95:
15:d0:6a:c4:b1:dd:78:4e:ba:99:a8:87:8b:25:8d:db:84:0e:
01:7e:a1:14:0c:fd:66:40:82:bf:1d:f6:68:b9:d4:0d:7c:78:
3a:64:86:bd:7d:32:58:e0:b2:bf:e9:36:e9:b3:16:fd:e2:18:
fd:26:26:7d:57:8c:f7:37:2b:4e:bd:f4:e9:5b:1c:20:aa:42:
31:89:6c:b1:6f:91:8d:99:5f:c5:18:f8:95:61:e4:13:95:93:
7c:28:04:de:86:a4:ce:50:0b:02:68:58:8c:c7:70:48:86:c4:
e0:25:e1:d8
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZjLyBVJJ5cA1mC7whqbk44hMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjUwODIxMDgzOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjOTdjODdjOTQ3MjIzMjU1ZGM1ZTM3MWU5ZWJkNTM1MmIwZmI4YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbsFyIyVnySuLlBIP7rGP0aWG0YF
P7GDI0zaaf5Avh9slYUYjIPkKokuFwqrqpMJwMUKemYqefan2bJEgYEWvqUbITJ2
VQk9KgIaesl7mNuigPWheRWs5EP/mseLfIVOhvSZdXqgbQs2CYA/CitPOJMwTLAy
OJ17JhOq8iCLRPAEng/210d3qH2NHynl8nIQdTUoRttHtjfV+yWCGdUFlkvI8QW0
SbQbktX3r2+YRJB5fSFnffG9645tsnOYVOemdg0tZGJC+ZDIH6IGPpIgS9/orBXe
QOxdhss5l74o2AgUkSBFx1yvH/x5o/nKFqOM3B5nOMZcyJjgmZ3/tUnMfQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFMl8h8lHIjJV3F43Hp69U1Kw+4vJMB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEveVh5SHlVY2lNbFhjWGpjZW5yMVRVckQ3aThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQBBZYWAwQA
BZY+AwQDBZZAAwQABZZKAwQABZZMMAwDBAQFllADBAcFlgADBAWrIcAwDQQCAAIw
BwMFAyoCr0AwDQYJKoZIhvcNAQELBQADggEBACT47oVP07zAOeKitdIb5K/aLrbI
OCEllhu7uyYBa3IyChTnSIzBcyU+qU79iydF1hdH8Zpt9KGesbFw0/Y8vq85UHZI
6f8ajp5yLA2BROrPnXUBXJDjJpJ3KnBlHs97WN9luUqMvOYKJmnGzY/rc7QxQjKi
mwRFa6FyILVxcaI6YT0BJw9RVte7FWHwR9vklRXQasSx3XhOupmoh4sljduEDgF+
oRQM/WZAgr8d9mi51A18eDpkhr19Mljgsr/pNumzFv3iGP0mJn1XjPc3K0699Olb
HCCqQjGJbLFvkY2ZX8UY+JVh5BOVk3woBN6GpM5QCwJoWIzHcEiGxOAl4dg=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:17:59 2025 by rpki-client