Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/6MoDovb85gsc33BqCCkbPNQWP1U.roa
File: 6MoDovb85gsc33BqCCkbPNQWP1U.roa (raw, json)
Hash identifier: 1RImcsgD4pBgfw1iXWIukE1oXT/AN/WjUPCnMVqomR8=
Subject key identifier: E8:CA:03:A2:F6:FC:E6:0B:1C:DF:70:6A:08:29:1B:3C:D4:16:3F:55
Certificate issuer: /CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Certificate serial: 0198CBC64048B439926288F9CD8644D1ADDD
Authority key identifier: 20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/6MoDovb85gsc33BqCCkbPNQWP1U.roa
Signing time: Thu 21 Aug 2025 08:37:04 +0000
ROA not before: Thu 21 Aug 2025 08:37:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60404
IP address blocks: 5.2.64.0/20 maxlen: 20
5.2.67.0/24 maxlen: 24
5.2.70.0/24 maxlen: 24
5.255.96.0/19 maxlen: 19
103.251.164.0/22 maxlen: 22
150.129.8.0/22 maxlen: 22
150.129.8.0/24 maxlen: 24
150.129.9.0/24 maxlen: 24
150.129.10.0/24 maxlen: 24
185.31.172.0/22 maxlen: 22
192.76.150.0/24 maxlen: 24
192.76.153.0/24 maxlen: 24
192.76.160.0/24 maxlen: 24
192.76.163.0/24 maxlen: 24
2a01:6340::/29 maxlen: 29
2a04:52c0::/32 maxlen: 32
2a04:52c0:1::/48 maxlen: 64
2a04:52c0:138::/48 maxlen: 64
2a04:52c0:139::/48 maxlen: 64
2a04:52c0:1000::/48 maxlen: 64
2a04:52c0:5001::/48 maxlen: 64
2a04:52c0:6000::/36 maxlen: 64
2a04:52c0:7000::/36 maxlen: 64
2a0f:6bc0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.mft
rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:c6:40:48:b4:39:92:62:88:f9:cd:86:44:d1:ad:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2037512e5355e815acf064603f8ae3f5528a5e3b
Validity
Not Before: Aug 21 08:37:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e8ca03a2f6fce60b1cdf706a08291b3cd4163f55
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:18:88:15:77:5b:92:72:bd:19:d9:94:c4:23:
fc:11:85:88:c0:ab:01:34:ca:c2:4f:19:62:e7:f4:
91:11:67:81:08:62:5e:b0:7e:ed:56:e8:31:20:c6:
81:15:25:58:f3:b5:12:eb:40:e5:d4:a8:c5:92:d2:
1a:c0:2a:9f:ca:12:2b:43:7d:98:fb:52:f2:c5:4f:
48:27:8d:00:45:c8:93:9d:b4:b7:f1:e2:ab:9f:59:
9c:0c:1a:81:55:e1:a8:4e:8b:3c:8e:91:41:a5:c4:
d2:28:c6:da:ea:f8:4e:ef:8a:e8:e7:06:bb:6e:5f:
31:43:6c:45:b6:78:05:63:2c:8c:12:03:41:56:48:
02:af:b6:e9:e5:d8:45:52:6b:5c:43:75:56:8c:16:
0d:15:11:10:c0:87:95:06:fa:22:cf:2f:af:93:3d:
17:6a:03:b9:85:7b:a4:e6:c3:c1:11:64:1c:62:13:
74:2d:6d:4d:6f:a7:a5:7a:a7:38:6a:1c:ca:a8:ec:
ba:30:7f:90:9a:8a:39:36:14:12:7c:25:c9:b2:b0:
bc:c4:64:77:2e:43:e6:73:ff:d5:ce:93:af:a3:05:
ac:02:a0:b1:db:3e:08:1d:11:f3:f6:3c:26:c7:f0:
7a:73:63:f9:ec:dd:51:84:59:c3:5a:dd:0e:56:b4:
db:bb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E8:CA:03:A2:F6:FC:E6:0B:1C:DF:70:6A:08:29:1B:3C:D4:16:3F:55
X509v3 Authority Key Identifier:
keyid:20:37:51:2E:53:55:E8:15:AC:F0:64:60:3F:8A:E3:F5:52:8A:5E:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IDdRLlNV6BWs8GRgP4rj9VKKXjs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/6MoDovb85gsc33BqCCkbPNQWP1U.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/46/b1475d-fcc2-48bb-ae01-c2ba24653f7b/1/IDdRLlNV6BWs8GRgP4rj9VKKXjs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.64.0/20
5.255.96.0/19
103.251.164.0/22
150.129.8.0/22
185.31.172.0/22
192.76.150.0/24
192.76.153.0/24
192.76.160.0/24
192.76.163.0/24
IPv6:
2a01:6340::/29
2a04:52c0::/32
2a0f:6bc0::/29
Signature Algorithm: sha256WithRSAEncryption
38:22:f8:54:cc:0b:6e:c7:93:ef:79:60:a1:ba:16:a6:b7:4c:
2f:59:a7:0e:d1:bc:50:35:ce:46:34:a3:54:e2:bc:73:00:bf:
49:26:77:ad:d2:3a:f8:5b:43:02:9e:20:89:01:02:86:57:1f:
57:fe:84:0d:c3:5a:6d:72:90:2f:56:17:21:c4:57:41:5c:e6:
76:71:45:f1:f9:f6:e1:88:0a:ef:c5:e7:cd:24:66:09:5d:28:
ff:7a:77:a3:fa:9a:d3:59:09:96:c8:a3:aa:8b:42:15:cf:bd:
d3:5b:32:93:2a:64:c4:d6:ac:ea:9e:aa:3c:f9:a8:d9:f9:bc:
37:6f:2e:70:aa:b5:8b:0b:2e:ff:8f:42:57:f1:70:c9:f6:72:
fb:41:3e:c8:96:da:8d:e7:09:0c:21:52:65:13:c2:34:54:f9:
0a:cf:a1:7b:f8:4e:74:e7:99:e2:c9:b0:12:84:b7:02:c6:93:
67:c1:29:a4:62:32:8f:d1:ca:5b:0d:35:a7:2d:5d:71:d2:16:
9e:db:e1:a0:a5:a9:fc:7e:da:85:6b:31:39:a2:fa:51:8a:9e:
dc:2e:ec:e9:31:4d:15:c1:aa:14:7d:b4:6d:4f:d2:6e:79:fa:
90:4f:39:90:b2:a2:e9:be:46:26:b7:e8:3f:54:79:70:38:e4:
b4:63:d2:bb
-----BEGIN CERTIFICATE-----
MIIFSjCCBDKgAwIBAgISAZjLxkBItDmSYoj5zYZE0a3dMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwMzc1MTJlNTM1NWU4MTVhY2YwNjQ2MDNmOGFlM2Y1NTI4
YTVlM2IwHhcNMjUwODIxMDgzNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlOGNhMDNhMmY2ZmNlNjBiMWNkZjcwNmEwODI5MWIzY2Q0MTYzZjU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRiIFXdbknK9GdmUxCP8EYWIwKsB
NMrCTxli5/SREWeBCGJesH7tVugxIMaBFSVY87US60Dl1KjFktIawCqfyhIrQ32Y
+1LyxU9IJ40ARciTnbS38eKrn1mcDBqBVeGoTos8jpFBpcTSKMba6vhO74ro5wa7
bl8xQ2xFtngFYyyMEgNBVkgCr7bp5dhFUmtcQ3VWjBYNFREQwIeVBvoizy+vkz0X
agO5hXuk5sPBEWQcYhN0LW1Nb6eleqc4ahzKqOy6MH+Qmoo5NhQSfCXJsrC8xGR3
LkPmc//VzpOvowWsAqCx2z4IHRHz9jwmx/B6c2P57N1RhFnDWt0OVrTbuwIDAQAB
o4ICVjCCAlIwHQYDVR0OBBYEFOjKA6L2/OYLHN9waggpGzzUFj9VMB8GA1UdIwQY
MBaAFCA3US5TVegVrPBkYD+K4/VSil47MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEt
YzJiYTI0NjUzZjdiLzEvNk1vRG92Yjg1Z3NjMzNCcUNDa2JQTlFXUDFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Ni9iMTQ3NWQtZmNjMi00OGJiLWFlMDEtYzJiYTI0NjUzZjdi
LzEvSURkUkxsTlY2QldzOEdSZ1A0cmo5VktLWGpzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGwGCCsGAQUFBwEHAQH/BF0wWzA8BAIAATA2AwQEBQJAAwQF
Bf9gAwQCZ/ukAwQCloEIAwQCuR+sAwQAwEyWAwQAwEyZAwQAwEygAwQAwEyjMBsE
AgACMBUDBQMqAWNAAwUAKgRSwAMFAyoPa8AwDQYJKoZIhvcNAQELBQADggEBADgi
+FTMC27Hk+95YKG6Fqa3TC9Zpw7RvFA1zkY0o1TivHMAv0kmd63SOvhbQwKeIIkB
AoZXH1f+hA3DWm1ykC9WFyHEV0Fc5nZxRfH59uGICu/F580kZgldKP96d6P6mtNZ
CZbIo6qLQhXPvdNbMpMqZMTWrOqeqjz5qNn5vDdvLnCqtYsLLv+PQlfxcMn2cvtB
PsiW2o3nCQwhUmUTwjRU+QrPoXv4TnTnmeLJsBKEtwLGk2fBKaRiMo/RylsNNact
XXHSFp7b4aClqfx+2oVrMTmi+lGKntwu7OkxTRXBqhR9tG1P0m55+pBPOZCyoum+
Ria36D9UeXA45LRj0rs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:14:45 2025 by rpki-client