Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/p5sda-HwuWNCoJb8ZwZwGaKEMGY.roa
File: p5sda-HwuWNCoJb8ZwZwGaKEMGY.roa (raw, json)
Hash identifier: aNaLV+OqbrfnfcABJDi26qGq5f1GualuPpkp1NT1+Pg=
Subject key identifier: A7:9B:1D:6B:E1:F0:B9:63:42:A0:96:FC:67:06:70:19:A2:84:30:66
Certificate issuer: /CN=5e95fdfd28cdc03d89d214e4ad3a6c5fb3ebacbf
Certificate serial: 0197A6EB30CD9E7E0BE2F9785D4C2D521E27
Authority key identifier: 5E:95:FD:FD:28:CD:C0:3D:89:D2:14:E4:AD:3A:6C:5F:B3:EB:AC:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XpX9_SjNwD2J0hTkrTpsX7PrrL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/p5sda-HwuWNCoJb8ZwZwGaKEMGY.roa
Signing time: Wed 25 Jun 2025 11:48:40 +0000
ROA not before: Wed 25 Jun 2025 11:48:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21350
IP address blocks: 80.244.160.0/21 maxlen: 21
80.244.160.0/24 maxlen: 24
80.244.161.0/24 maxlen: 24
80.244.163.0/24 maxlen: 24
80.244.164.0/24 maxlen: 24
80.244.165.0/24 maxlen: 24
80.244.166.0/24 maxlen: 24
80.244.168.0/24 maxlen: 24
80.244.169.0/24 maxlen: 24
80.244.170.0/24 maxlen: 24
80.244.171.0/24 maxlen: 24
80.244.172.0/23 maxlen: 23
95.175.32.0/20 maxlen: 20
95.175.38.0/24 maxlen: 24
95.175.45.0/24 maxlen: 24
95.175.48.0/24 maxlen: 24
95.175.49.0/24 maxlen: 24
95.175.51.0/24 maxlen: 24
95.175.52.0/22 maxlen: 22
95.175.52.0/24 maxlen: 24
95.175.53.0/24 maxlen: 24
95.175.56.0/21 maxlen: 21
95.175.60.0/24 maxlen: 24
95.175.61.0/24 maxlen: 24
95.175.62.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/XpX9_SjNwD2J0hTkrTpsX7PrrL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/XpX9_SjNwD2J0hTkrTpsX7PrrL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/XpX9_SjNwD2J0hTkrTpsX7PrrL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 20:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a6:eb:30:cd:9e:7e:0b:e2:f9:78:5d:4c:2d:52:1e:27
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5e95fdfd28cdc03d89d214e4ad3a6c5fb3ebacbf
Validity
Not Before: Jun 25 11:48:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a79b1d6be1f0b96342a096fc67067019a2843066
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cf:d5:a6:44:ca:0a:69:f7:87:8d:12:1a:52:e7:
57:1a:8d:7d:c0:9d:bb:0c:8f:f4:41:6c:c9:ba:83:
79:a7:e1:b2:08:b1:1a:48:92:1d:d9:0f:f8:cd:07:
48:08:5b:26:19:af:63:49:a6:0a:fb:79:b1:18:2e:
a8:5f:f5:cc:88:de:3b:8a:64:7d:fd:5a:8f:f3:07:
22:d8:4f:e7:0a:a1:b5:bd:b4:c6:bb:30:0b:05:40:
64:54:e5:d1:cc:f6:d1:4e:58:06:ae:b9:25:05:b5:
77:c3:10:01:8f:5a:f2:e1:9d:7b:50:87:16:12:a8:
86:e8:df:6a:51:6f:0c:5c:d2:68:71:74:81:b1:9d:
17:5d:84:f5:b1:ec:bc:b7:1f:8b:f4:27:4f:75:f6:
4f:2a:20:db:97:75:ca:2b:02:23:b7:8d:ab:a4:dc:
bf:1a:4d:66:9b:d1:fc:1f:d8:e6:26:1d:a6:3b:a4:
b3:6b:92:30:52:90:b7:0d:d1:6b:86:c7:8e:81:5e:
10:ce:97:c7:49:ff:ec:db:95:51:32:0b:7b:3c:58:
73:d8:1a:df:cf:0d:1a:86:94:aa:3e:07:7d:d7:01:
93:88:c9:55:26:32:9e:f0:2d:f0:27:e8:d3:54:63:
4a:89:89:c4:81:be:8f:dd:45:74:ec:0b:d9:f7:77:
c1:e5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A7:9B:1D:6B:E1:F0:B9:63:42:A0:96:FC:67:06:70:19:A2:84:30:66
X509v3 Authority Key Identifier:
keyid:5E:95:FD:FD:28:CD:C0:3D:89:D2:14:E4:AD:3A:6C:5F:B3:EB:AC:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XpX9_SjNwD2J0hTkrTpsX7PrrL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/p5sda-HwuWNCoJb8ZwZwGaKEMGY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/56/7bff3e-03aa-4e0a-b2fc-4a7ddf2d86bd/1/XpX9_SjNwD2J0hTkrTpsX7PrrL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.244.160.0-80.244.173.255
95.175.32.0-95.175.49.255
95.175.51.0-95.175.63.255
Signature Algorithm: sha256WithRSAEncryption
12:bc:4b:1a:b1:ee:bc:e8:62:bf:82:4d:c8:e0:4f:05:44:2f:
b7:57:db:1b:c6:02:d8:6d:1c:12:9a:46:90:5e:a4:08:8c:6e:
88:92:11:63:d3:26:63:a9:93:4d:a6:00:1d:37:fc:2b:0d:74:
e0:fb:bd:5a:dc:4a:d9:af:d9:3b:9f:30:29:63:1c:60:88:7e:
6a:d3:8b:f5:04:da:92:4c:d7:41:37:36:81:f7:5b:ab:30:37:
8b:b2:76:c6:41:12:c9:7b:16:ea:1e:66:95:8f:15:27:c0:ca:
3a:b4:57:d6:02:e1:b0:55:4d:49:f4:d3:c2:91:2a:90:e9:68:
ca:f2:d6:ed:da:0b:c3:2b:c9:ac:1b:42:0f:e8:54:e9:ba:58:
b9:7e:f6:d7:18:bf:c2:f2:8e:f0:cb:21:d9:ac:60:79:b0:a4:
1f:4f:14:2d:c5:39:3a:73:a2:05:a7:7d:1e:99:d6:3e:ba:31:
b2:75:56:09:13:c7:31:4e:23:d2:1b:99:db:ae:a4:ea:74:33:
90:f8:b4:4f:e6:39:fc:a9:ee:95:c7:17:b0:1a:7d:8f:53:a2:
6b:a7:01:34:91:4d:76:00:35:15:b5:48:0e:bb:ab:d7:b4:fc:
9d:2b:94:e7:2d:ee:44:f2:35:71:82:d5:37:d5:b1:58:67:10:
b8:4e:93:8a
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZem6zDNnn4L4vl4XUwtUh4nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlOTVmZGZkMjhjZGMwM2Q4OWQyMTRlNGFkM2E2YzVmYjNl
YmFjYmYwHhcNMjUwNjI1MTE0ODQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNzliMWQ2YmUxZjBiOTYzNDJhMDk2ZmM2NzA2NzAxOWEyODQzMDY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAz9WmRMoKafeHjRIaUudXGo19wJ27
DI/0QWzJuoN5p+GyCLEaSJId2Q/4zQdICFsmGa9jSaYK+3mxGC6oX/XMiN47imR9
/VqP8wci2E/nCqG1vbTGuzALBUBkVOXRzPbRTlgGrrklBbV3wxABj1ry4Z17UIcW
EqiG6N9qUW8MXNJocXSBsZ0XXYT1sey8tx+L9CdPdfZPKiDbl3XKKwIjt42rpNy/
Gk1mm9H8H9jmJh2mO6Sza5IwUpC3DdFrhseOgV4QzpfHSf/s25VRMgt7PFhz2Brf
zw0ahpSqPgd91wGTiMlVJjKe8C3wJ+jTVGNKiYnEgb6P3UV07AvZ93fB5QIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFKebHWvh8LljQqCW/GcGcBmihDBmMB8GA1UdIwQY
MBaAFF6V/f0ozcA9idIU5K06bF+z66y/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHBYOV9Tak53RDJKMGhUa3JUcHNYN1Byckw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ni83YmZmM2UtMDNhYS00ZTBhLWIyZmMt
NGE3ZGRmMmQ4NmJkLzEvcDVzZGEtSHd1V05Db0piOFp3WndHYUtFTUdZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ni83YmZmM2UtMDNhYS00ZTBhLWIyZmMtNGE3ZGRmMmQ4NmJk
LzEvWHBYOV9Tak53RDJKMGhUa3JUcHNYN1Byckw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqMAwDBAVQ9KAD
BAFQ9KwwDAMEBV+vIAMEAV+vMDAMAwQAX68zAwQGX68AMA0GCSqGSIb3DQEBCwUA
A4IBAQASvEsase686GK/gk3I4E8FRC+3V9sbxgLYbRwSmkaQXqQIjG6IkhFj0yZj
qZNNpgAdN/wrDXTg+71a3ErZr9k7nzApYxxgiH5q04v1BNqSTNdBNzaB91urMDeL
snbGQRLJexbqHmaVjxUnwMo6tFfWAuGwVU1J9NPCkSqQ6WjK8tbt2gvDK8msG0IP
6FTpuli5fvbXGL/C8o7wyyHZrGB5sKQfTxQtxTk6c6IFp30emdY+ujGydVYJE8cx
TiPSG5nbrqTqdDOQ+LRP5jn8qe6VxxewGn2PU6JrpwE0kU12ADUVtUgOu6vXtPyd
K5TnLe5E8jVxgtU31bFYZxC4TpOK
-----END CERTIFICATE-----
Generated at Thu Jul 3 05:14:23 2025 by rpki-client