Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/j5EgrSQFNO5qiK2MQhAbkuBr0AM.roa
File: j5EgrSQFNO5qiK2MQhAbkuBr0AM.roa (raw, json)
Hash identifier: 3l8vc26sWxsBZ7GtQ/O2+xbOokopGZddgpM84WquKxU=
Subject key identifier: 8F:91:20:AD:24:05:34:EE:6A:88:AD:8C:42:10:1B:92:E0:6B:D0:03
Certificate issuer: /CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Certificate serial: 0198EB0B9F6E4ADF1C65073C3ED06C79E83F
Authority key identifier: DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/j5EgrSQFNO5qiK2MQhAbkuBr0AM.roa
Signing time: Wed 27 Aug 2025 10:21:04 +0000
ROA not before: Wed 27 Aug 2025 10:21:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 33874
IP address blocks: 37.75.32.0/19 maxlen: 19
37.75.32.0/20 maxlen: 20
37.75.48.0/20 maxlen: 20
77.25.128.0/17 maxlen: 17
77.25.128.0/19 maxlen: 19
77.25.192.0/22 maxlen: 22
77.25.196.0/22 maxlen: 22
77.25.200.0/22 maxlen: 22
77.25.204.0/22 maxlen: 22
77.25.220.0/22 maxlen: 22
77.25.248.0/22 maxlen: 22
77.243.64.0/22 maxlen: 22
77.243.68.0/23 maxlen: 23
77.243.70.0/23 maxlen: 23
77.243.72.0/22 maxlen: 22
77.243.76.0/23 maxlen: 23
77.243.78.0/23 maxlen: 23
80.85.96.0/20 maxlen: 20
80.85.96.0/23 maxlen: 23
80.85.98.0/24 maxlen: 24
80.85.99.0/24 maxlen: 24
80.85.100.0/24 maxlen: 24
80.85.101.0/24 maxlen: 24
80.85.102.0/24 maxlen: 24
80.85.103.0/24 maxlen: 24
80.85.104.0/24 maxlen: 24
80.85.105.0/24 maxlen: 24
80.85.106.0/24 maxlen: 24
80.85.107.0/24 maxlen: 24
80.85.108.0/24 maxlen: 24
80.85.109.0/24 maxlen: 24
80.85.110.0/24 maxlen: 24
80.85.111.0/24 maxlen: 24
109.200.32.0/19 maxlen: 19
109.200.32.0/20 maxlen: 20
109.200.48.0/21 maxlen: 21
109.200.56.0/22 maxlen: 22
159.20.24.0/21 maxlen: 21
159.20.24.0/24 maxlen: 24
159.20.25.0/24 maxlen: 24
159.20.26.0/24 maxlen: 24
159.20.28.0/24 maxlen: 24
159.20.29.0/24 maxlen: 24
159.20.30.0/24 maxlen: 24
159.20.31.0/24 maxlen: 24
185.5.48.0/24 maxlen: 24
188.172.0.0/19 maxlen: 19
188.172.0.0/20 maxlen: 20
188.172.16.0/21 maxlen: 21
188.172.24.0/22 maxlen: 22
188.172.32.0/19 maxlen: 19
188.172.32.0/20 maxlen: 20
188.172.48.0/21 maxlen: 21
188.172.56.0/22 maxlen: 22
188.172.64.0/19 maxlen: 19
188.172.64.0/21 maxlen: 21
188.172.72.0/22 maxlen: 22
188.172.80.0/21 maxlen: 21
188.172.88.0/22 maxlen: 22
2a10:5500::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.mft
rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 10:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:0b:9f:6e:4a:df:1c:65:07:3c:3e:d0:6c:79:e8:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dab53f9b21d13e078e3e844d645eea8580f1cce1
Validity
Not Before: Aug 27 10:21:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f9120ad240534ee6a88ad8c42101b92e06bd003
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:c1:c4:bd:7b:75:02:2b:8c:8e:11:b7:f2:07:
61:df:dd:68:73:79:67:fd:54:21:c7:32:2f:36:8a:
50:d5:de:89:10:4c:c4:15:a4:c1:dc:4a:6b:77:f2:
6d:b0:68:17:67:e4:aa:35:f4:aa:db:49:28:d2:0b:
26:38:8d:a6:34:ba:45:23:26:6e:fd:67:b9:42:af:
06:7f:bd:f0:83:6f:99:9e:7f:6e:a8:da:da:8a:0d:
d7:6f:f5:50:f3:4f:b5:c0:1b:e2:b3:4a:7e:23:81:
c1:32:51:9f:f8:1e:6e:5f:a3:2a:c7:5a:71:1a:fe:
e6:31:3c:45:52:12:60:39:a0:1a:ea:3f:5c:ec:44:
a5:90:80:4a:91:7d:2b:9c:34:20:2f:b2:72:4f:b8:
8c:ee:a0:b8:e1:f9:83:e9:00:7e:c8:a9:0a:e0:a5:
6f:a1:b8:2a:d1:18:93:c7:02:32:a1:fc:58:ad:0f:
8b:5e:45:f9:f3:88:d3:a8:6e:01:72:26:91:8b:15:
94:5e:3e:02:8c:78:05:8d:ae:14:d8:f5:fa:a2:5e:
66:4b:9f:67:e4:a0:7d:c6:d9:3b:76:46:71:a2:bb:
bb:83:2c:4d:a6:43:ad:ea:63:56:e5:5f:f8:6f:2f:
b2:93:6c:b4:6d:17:00:6b:cd:2a:84:cc:8c:46:53:
ae:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:91:20:AD:24:05:34:EE:6A:88:AD:8C:42:10:1B:92:E0:6B:D0:03
X509v3 Authority Key Identifier:
keyid:DA:B5:3F:9B:21:D1:3E:07:8E:3E:84:4D:64:5E:EA:85:80:F1:CC:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2rU_myHRPgeOPoRNZF7qhYDxzOE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/j5EgrSQFNO5qiK2MQhAbkuBr0AM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/7f9ab1-bc7c-4d0d-a970-5b8bc590b197/1/2rU_myHRPgeOPoRNZF7qhYDxzOE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.75.32.0/19
77.25.128.0/17
77.243.64.0/20
80.85.96.0/20
109.200.32.0/19
159.20.24.0/21
185.5.48.0/24
188.172.0.0-188.172.95.255
IPv6:
2a10:5500::/32
Signature Algorithm: sha256WithRSAEncryption
7c:06:93:77:fe:c2:85:34:01:66:b4:8e:8f:aa:64:0c:b5:db:
29:59:a5:c7:6d:d2:14:ba:22:06:df:dd:02:11:53:9e:98:4c:
92:5b:a8:b0:42:70:f4:a2:13:46:dc:85:9c:63:6f:1c:af:bc:
4b:c0:0d:f9:7e:2a:85:74:12:2b:d4:88:b0:7a:2b:cf:94:f4:
3b:73:bc:35:6b:f3:94:be:a4:68:23:03:12:45:09:2b:a3:64:
39:c6:16:b4:12:cc:23:cf:6c:5f:57:fd:6b:a0:41:00:f8:84:
74:a7:4b:0b:9b:93:f1:d4:c2:77:63:f9:ee:84:b8:ae:15:68:
c4:16:5d:12:5d:03:29:3b:f4:86:53:04:23:62:f2:9f:66:80:
31:68:cb:3b:1b:5c:2a:35:7d:ed:77:23:ad:92:16:18:de:a7:
1f:5c:58:d1:83:3c:f7:38:90:1a:1f:fa:3d:4e:c5:63:34:c3:
a2:e1:03:b5:11:eb:7f:43:0f:ff:21:3e:5c:83:cf:9f:d1:fb:
19:0f:4a:72:49:97:61:34:51:7f:b4:41:a0:32:f5:df:63:a9:
89:76:de:65:6c:5c:e5:31:7d:57:1a:88:82:f7:42:18:e8:37:
13:d1:f8:0a:de:76:de:11:13:79:69:d6:dc:cc:0b:5e:c2:20:
c9:8f:64:40
-----BEGIN CERTIFICATE-----
MIIFPTCCBCWgAwIBAgISAZjrC59uSt8cZQc8PtBseeg/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRhYjUzZjliMjFkMTNlMDc4ZTNlODQ0ZDY0NWVlYTg1ODBm
MWNjZTEwHhcNMjUwODI3MTAyMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjkxMjBhZDI0MDUzNGVlNmE4OGFkOGM0MjEwMWI5MmUwNmJkMDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4cHEvXt1AiuMjhG38gdh391oc3ln
/VQhxzIvNopQ1d6JEEzEFaTB3Eprd/JtsGgXZ+SqNfSq20ko0gsmOI2mNLpFIyZu
/We5Qq8Gf73wg2+Znn9uqNraig3Xb/VQ80+1wBvis0p+I4HBMlGf+B5uX6Mqx1px
Gv7mMTxFUhJgOaAa6j9c7ESlkIBKkX0rnDQgL7JyT7iM7qC44fmD6QB+yKkK4KVv
obgq0RiTxwIyofxYrQ+LXkX584jTqG4BciaRixWUXj4CjHgFja4U2PX6ol5mS59n
5KB9xtk7dkZxoru7gyxNpkOt6mNW5V/4by+yk2y0bRcAa80qhMyMRlOuVQIDAQAB
o4ICSTCCAkUwHQYDVR0OBBYEFI+RIK0kBTTuaoitjEIQG5Lga9ADMB8GA1UdIwQY
MBaAFNq1P5sh0T4Hjj6ETWRe6oWA8czhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAt
NWI4YmM1OTBiMTk3LzEvajVFZ3JTUUZOTzVxaUsyTVFoQWJrdUJyMEFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi83ZjlhYjEtYmM3Yy00ZDBkLWE5NzAtNWI4YmM1OTBiMTk3
LzEvMnJVX215SFJQZ2VPUG9STlpGN3FoWUR4ek9FLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF8GCCsGAQUFBwEHAQH/BFAwTjA9BAIAATA3AwQFJUsgAwQH
TRmAAwQETfNAAwQEUFVgAwQFbcggAwQDnxQYAwQAuQUwMAsDAwK8rAMEBbysQDAN
BAIAAjAHAwUAKhBVADANBgkqhkiG9w0BAQsFAAOCAQEAfAaTd/7ChTQBZrSOj6pk
DLXbKVmlx23SFLoiBt/dAhFTnphMkluosEJw9KITRtyFnGNvHK+8S8AN+X4qhXQS
K9SIsHorz5T0O3O8NWvzlL6kaCMDEkUJK6NkOcYWtBLMI89sX1f9a6BBAPiEdKdL
C5uT8dTCd2P57oS4rhVoxBZdEl0DKTv0hlMEI2Lyn2aAMWjLOxtcKjV97XcjrZIW
GN6nH1xY0YM89ziQGh/6PU7FYzTDouEDtRHrf0MP/yE+XIPPn9H7GQ9KckmXYTRR
f7RBoDL132OpiXbeZWxc5TF9VxqIgvdCGOg3E9H4Ct523hETeWnW3MwLXsIgyY9k
QA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 16:52:37 2025 by rpki-client