Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/7sgM8jQey0hzU8RbkK0fpr8zuWE.roa
File: 7sgM8jQey0hzU8RbkK0fpr8zuWE.roa (raw, json)
Hash identifier: gY/oXRN1rQWRXTj4ibW7nW6LN4SdHlM7BLUYysL1ewo=
Subject key identifier: EE:C8:0C:F2:34:1E:CB:48:73:53:C4:5B:90:AD:1F:A6:BF:33:B9:61
Certificate issuer: /CN=505127723ea0cfd0724713b291734caa353e20ea
Certificate serial: 01979CDA53D5BAB4A75E3B7257321DE4CE70
Authority key identifier: 50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/7sgM8jQey0hzU8RbkK0fpr8zuWE.roa
Signing time: Mon 23 Jun 2025 12:54:03 +0000
ROA not before: Mon 23 Jun 2025 12:54:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 46261
IP address blocks: 5.44.255.0/24 maxlen: 24
59.152.124.0/22 maxlen: 24
61.14.224.0/22 maxlen: 24
62.106.64.0/24 maxlen: 24
79.110.176.0/21 maxlen: 24
79.110.181.0/24 maxlen: 24
85.8.148.0/22 maxlen: 24
85.202.172.0/22 maxlen: 24
85.202.173.0/24 maxlen: 24
91.132.84.0/22 maxlen: 24
91.132.84.0/23 maxlen: 23
91.132.86.0/24 maxlen: 24
91.132.87.0/24 maxlen: 24
103.203.40.0/22 maxlen: 24
103.205.84.0/22 maxlen: 24
103.207.160.0/22 maxlen: 24
103.207.163.0/24 maxlen: 24
121.46.124.0/22 maxlen: 24
160.238.96.0/22 maxlen: 24
185.105.10.0/24 maxlen: 24
185.118.132.0/22 maxlen: 24
185.118.135.0/24 maxlen: 24
185.145.44.0/22 maxlen: 24
185.147.156.0/22 maxlen: 24
185.147.158.0/24 maxlen: 24
185.157.232.0/22 maxlen: 24
185.158.136.0/22 maxlen: 24
185.176.88.0/22 maxlen: 24
185.176.90.0/24 maxlen: 24
185.190.56.0/22 maxlen: 24
185.196.24.0/23 maxlen: 24
185.196.26.0/23 maxlen: 24
185.202.44.0/23 maxlen: 24
185.202.46.0/23 maxlen: 24
185.206.20.0/23 maxlen: 24
185.206.20.0/24 maxlen: 24
185.206.22.0/23 maxlen: 24
185.209.128.0/23 maxlen: 24
185.209.128.0/24 maxlen: 24
185.209.130.0/23 maxlen: 24
185.213.16.0/23 maxlen: 24
185.213.18.0/23 maxlen: 24
185.214.140.0/22 maxlen: 24
185.214.142.0/23 maxlen: 24
185.214.240.0/23 maxlen: 24
185.214.240.0/24 maxlen: 24
185.214.242.0/23 maxlen: 24
185.219.20.0/22 maxlen: 24
185.219.23.0/24 maxlen: 24
185.225.12.0/23 maxlen: 24
185.225.14.0/23 maxlen: 24
185.227.252.0/23 maxlen: 24
185.227.252.0/24 maxlen: 24
185.227.254.0/23 maxlen: 24
185.227.254.0/24 maxlen: 24
185.228.44.0/22 maxlen: 24
185.235.120.0/22 maxlen: 24
185.235.122.0/24 maxlen: 24
185.235.123.0/24 maxlen: 24
185.238.115.0/24 maxlen: 24
185.242.185.0/24 maxlen: 24
193.3.16.0/24 maxlen: 24
193.31.112.0/22 maxlen: 24
193.31.114.0/24 maxlen: 24
193.163.35.0/24 maxlen: 24
193.176.116.0/22 maxlen: 24
193.187.180.0/22 maxlen: 24
194.50.192.0/22 maxlen: 24
195.216.148.0/22 maxlen: 24
195.245.74.0/23 maxlen: 24
217.18.56.0/22 maxlen: 24
2a07:4580::/29 maxlen: 29
2a07:4580::/32 maxlen: 48
2a07:4580:b0d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.mft
rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:da:53:d5:ba:b4:a7:5e:3b:72:57:32:1d:e4:ce:70
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=505127723ea0cfd0724713b291734caa353e20ea
Validity
Not Before: Jun 23 12:54:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=eec80cf2341ecb487353c45b90ad1fa6bf33b961
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:fb:fb:03:14:73:c2:5e:d1:05:2d:12:dd:da:
a2:b7:1a:c5:b8:0b:2f:58:4b:77:ef:0e:54:40:d7:
22:9b:b6:ab:b0:f5:1b:02:40:82:5e:38:d2:1b:2f:
b2:5c:ba:1b:1c:a9:28:bc:f2:1c:e3:da:cf:a7:ff:
4d:87:34:b3:e7:be:d7:72:f6:5a:2d:07:cd:58:b8:
eb:5f:cd:4e:b8:c1:0c:15:03:6a:a8:77:ba:93:82:
46:47:71:fd:42:a0:af:56:ad:16:5e:08:fd:4d:e1:
7e:78:ce:12:0f:cf:9c:c8:fb:e7:c7:59:5a:55:55:
a0:0c:51:30:61:7e:75:c6:7b:54:4c:1a:db:b6:93:
5d:23:fa:3c:6a:54:7c:fc:47:a3:90:cf:50:f8:13:
23:24:41:98:28:1e:22:03:51:f0:9c:79:fa:18:04:
ca:ac:b0:6f:2f:dd:87:23:e3:5e:ed:a4:08:03:87:
95:90:c2:95:b3:81:1c:76:f0:ae:dc:95:72:a5:23:
50:38:72:65:ad:63:47:92:18:e8:af:cc:a0:6b:37:
ce:9d:eb:ff:11:c8:d7:13:55:9e:31:14:91:30:c3:
fe:fe:61:fb:e0:34:1d:0e:fa:91:fa:c8:e8:18:6f:
dd:01:44:8a:c3:db:3f:92:24:27:3d:af:29:00:89:
f4:7d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EE:C8:0C:F2:34:1E:CB:48:73:53:C4:5B:90:AD:1F:A6:BF:33:B9:61
X509v3 Authority Key Identifier:
keyid:50:51:27:72:3E:A0:CF:D0:72:47:13:B2:91:73:4C:AA:35:3E:20:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/UFEncj6gz9ByRxOykXNMqjU-IOo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/7sgM8jQey0hzU8RbkK0fpr8zuWE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/a90423-0b4b-499f-be66-55608b694456/1/UFEncj6gz9ByRxOykXNMqjU-IOo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.255.0/24
59.152.124.0/22
61.14.224.0/22
62.106.64.0/24
79.110.176.0/21
85.8.148.0/22
85.202.172.0/22
91.132.84.0/22
103.203.40.0/22
103.205.84.0/22
103.207.160.0/22
121.46.124.0/22
160.238.96.0/22
185.105.10.0/24
185.118.132.0/22
185.145.44.0/22
185.147.156.0/22
185.157.232.0/22
185.158.136.0/22
185.176.88.0/22
185.190.56.0/22
185.196.24.0/22
185.202.44.0/22
185.206.20.0/22
185.209.128.0/22
185.213.16.0/22
185.214.140.0/22
185.214.240.0/22
185.219.20.0/22
185.225.12.0/22
185.227.252.0/22
185.228.44.0/22
185.235.120.0/22
185.238.115.0/24
185.242.185.0/24
193.3.16.0/24
193.31.112.0/22
193.163.35.0/24
193.176.116.0/22
193.187.180.0/22
194.50.192.0/22
195.216.148.0/22
195.245.74.0/23
217.18.56.0/22
IPv6:
2a07:4580::/29
Signature Algorithm: sha256WithRSAEncryption
6c:92:00:a1:32:68:95:6a:42:13:21:a9:17:fe:e8:fc:69:c0:
b7:41:7a:52:7e:7e:04:10:06:62:c7:7f:fc:0d:45:f0:05:bf:
dd:84:f6:bc:c8:68:46:22:16:7a:29:fa:bb:36:53:d3:5d:eb:
81:ae:a2:37:82:16:62:e1:e8:5d:f1:0d:49:49:a4:f9:0c:27:
f2:01:36:74:9b:81:19:3f:af:4c:06:4a:45:e8:2b:b4:4e:7f:
1a:01:5c:1d:7a:2e:63:6d:0f:b3:20:95:da:2f:fa:23:ac:c7:
a9:84:8d:58:c9:70:2b:5d:a6:cb:a5:c7:cc:6c:64:95:12:05:
c3:b6:48:66:35:ad:d8:ec:05:43:36:ad:ee:70:75:61:ec:19:
fb:11:de:e9:70:1f:22:b3:db:12:a4:c2:15:b8:65:05:66:99:
76:21:7b:09:98:b8:28:2d:06:d8:1a:96:f6:69:f6:f0:87:b2:
4f:b7:31:f9:23:51:b4:b6:af:b3:b0:15:d8:78:58:d1:e6:8d:
c8:55:45:1b:2b:16:c3:e6:5b:fc:44:1a:53:68:e0:15:9a:3d:
38:29:f4:00:38:78:95:a1:48:5b:51:89:16:54:c4:d1:1c:88:
a8:51:c6:71:ce:45:5b:04:87:5a:f2:49:74:e2:12:65:e5:42:
fb:46:ed:55
-----BEGIN CERTIFICATE-----
MIIGGDCCBQCgAwIBAgISAZec2lPVurSnXjtyVzId5M5wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUwNTEyNzcyM2VhMGNmZDA3MjQ3MTNiMjkxNzM0Y2FhMzUz
ZTIwZWEwHhcNMjUwNjIzMTI1NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZWM4MGNmMjM0MWVjYjQ4NzM1M2M0NWI5MGFkMWZhNmJmMzNiOTYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn/v7AxRzwl7RBS0S3dqitxrFuAsv
WEt37w5UQNcim7arsPUbAkCCXjjSGy+yXLobHKkovPIc49rPp/9NhzSz577XcvZa
LQfNWLjrX81OuMEMFQNqqHe6k4JGR3H9QqCvVq0WXgj9TeF+eM4SD8+cyPvnx1la
VVWgDFEwYX51xntUTBrbtpNdI/o8alR8/EejkM9Q+BMjJEGYKB4iA1HwnHn6GATK
rLBvL92HI+Ne7aQIA4eVkMKVs4EcdvCu3JVypSNQOHJlrWNHkhjor8ygazfOnev/
EcjXE1WeMRSRMMP+/mH74DQdDvqR+sjoGG/dAUSKw9s/kiQnPa8pAIn0fQIDAQAB
o4IDJDCCAyAwHQYDVR0OBBYEFO7IDPI0HstIc1PEW5CtH6a/M7lhMB8GA1UdIwQY
MBaAFFBRJ3I+oM/QckcTspFzTKo1PiDqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYt
NTU2MDhiNjk0NDU2LzEvN3NnTThqUWV5MGh6VThSYmtLMGZwcjh6dVdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC9hOTA0MjMtMGI0Yi00OTlmLWJlNjYtNTU2MDhiNjk0NDU2
LzEvVUZFbmNqNmd6OUJ5UnhPeWtYTk1xalUtSU9vLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOAYIKwYBBQUHAQcBAf8EggEnMIIBIzCCARAEAgABMIIB
CAMEAAUs/wMEAjuYfAMEAj0O4AMEAD5qQAMEA09usAMEAlUIlAMEAlXKrAMEAluE
VAMEAmfLKAMEAmfNVAMEAmfPoAMEAnkufAMEAqDuYAMEALlpCgMEArl2hAMEArmR
LAMEArmTnAMEArmd6AMEArmeiAMEArmwWAMEArm+OAMEArnEGAMEArnKLAMEArnO
FAMEArnRgAMEArnVEAMEArnWjAMEArnW8AMEArnbFAMEArnhDAMEArnj/AMEArnk
LAMEArnreAMEALnucwMEALnyuQMEAMEDEAMEAsEfcAMEAMGjIwMEAsGwdAMEAsG7
tAMEAsIywAMEAsPYlAMEAcP1SgMEAtkSODANBAIAAjAHAwUDKgdFgDANBgkqhkiG
9w0BAQsFAAOCAQEAbJIAoTJolWpCEyGpF/7o/GnAt0F6Un5+BBAGYsd//A1F8AW/
3YT2vMhoRiIWein6uzZT013rga6iN4IWYuHoXfENSUmk+Qwn8gE2dJuBGT+vTAZK
RegrtE5/GgFcHXouY20PsyCV2i/6I6zHqYSNWMlwK12my6XHzGxklRIFw7ZIZjWt
2OwFQzat7nB1YewZ+xHe6XAfIrPbEqTCFbhlBWaZdiF7CZi4KC0G2BqW9mn28Iey
T7cx+SNRtLavs7AV2HhY0eaNyFVFGysWw+Zb/EQaU2jgFZo9OCn0ADh4laFIW1GJ
FlTE0RyIqFHGcc5FWwSHWvJJdOISZeVC+0btVQ==
-----END CERTIFICATE-----
Generated at Thu Jul 3 02:57:58 2025 by rpki-client