Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/RaE5smqHwTpdBVtd89_5CUvQKsE.roa
File: RaE5smqHwTpdBVtd89_5CUvQKsE.roa (raw, json)
Hash identifier: UtehD4VO0l8o+LKAy2Z/geys1UM7QHPafm/iIQaT0/U=
Subject key identifier: 45:A1:39:B2:6A:87:C1:3A:5D:05:5B:5D:F3:DF:F9:09:4B:D0:2A:C1
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 01979BEC4A4C734BDD54CDC7FA2D26A67A39
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/RaE5smqHwTpdBVtd89_5CUvQKsE.roa
Signing time: Mon 23 Jun 2025 08:34:03 +0000
ROA not before: Mon 23 Jun 2025 08:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58065
IP address blocks: 5.157.6.0/24 maxlen: 24
5.157.11.0/24 maxlen: 24
5.157.19.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
5.157.23.0/24 maxlen: 24
5.157.24.0/24 maxlen: 24
5.157.26.0/24 maxlen: 24
5.157.29.0/24 maxlen: 24
5.157.32.0/24 maxlen: 24
5.157.33.0/24 maxlen: 24
5.157.34.0/24 maxlen: 24
5.157.37.0/24 maxlen: 24
5.157.43.0/24 maxlen: 24
5.157.51.0/24 maxlen: 24
5.157.53.0/24 maxlen: 24
5.157.55.0/24 maxlen: 24
5.157.57.0/24 maxlen: 24
23.92.115.0/24 maxlen: 24
23.92.116.0/24 maxlen: 24
23.92.126.0/24 maxlen: 24
37.72.186.0/24 maxlen: 24
104.160.11.0/24 maxlen: 24
104.160.16.0/24 maxlen: 24
104.160.17.0/24 maxlen: 24
107.150.64.0/24 maxlen: 24
107.150.65.0/24 maxlen: 24
107.150.67.0/24 maxlen: 24
107.150.69.0/24 maxlen: 24
107.150.70.0/24 maxlen: 24
107.150.71.0/24 maxlen: 24
107.150.88.0/24 maxlen: 24
107.150.89.0/24 maxlen: 24
107.150.90.0/24 maxlen: 24
107.150.91.0/24 maxlen: 24
130.185.153.0/24 maxlen: 24
151.237.188.0/24 maxlen: 24
162.212.168.0/24 maxlen: 24
162.212.169.0/24 maxlen: 24
162.212.170.0/24 maxlen: 24
162.212.171.0/24 maxlen: 24
162.212.172.0/24 maxlen: 24
162.212.173.0/24 maxlen: 24
162.212.174.0/24 maxlen: 24
162.212.175.0/24 maxlen: 24
2a02:5740:4::/48 maxlen: 48
2a02:5740:9::/48 maxlen: 48
2a02:5740:14::/48 maxlen: 48
2a02:5740:24::/48 maxlen: 48
2a02:5740:26::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9b:ec:4a:4c:73:4b:dd:54:cd:c7:fa:2d:26:a6:7a:39
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Jun 23 08:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45a139b26a87c13a5d055b5df3dff9094bd02ac1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f0:3c:98:e9:44:59:e1:c9:e7:9e:a6:d8:c0:b5:
c4:56:0a:37:f1:cd:bc:85:b8:5f:b6:47:fb:12:de:
41:f7:85:9a:4f:0c:e7:2c:46:ec:72:74:52:65:97:
01:9d:3a:af:12:f4:84:b3:41:d2:2b:89:0c:a2:19:
51:2a:16:84:c6:0e:0f:06:ab:c7:de:b4:8e:aa:43:
7a:d5:c0:2f:1e:a5:e3:b9:8c:ed:f7:84:96:c1:16:
05:47:f3:0c:d1:90:38:10:08:bc:e8:cf:56:87:0c:
1f:1c:da:0b:fc:c5:f4:87:c4:d4:cb:b1:b6:db:ef:
6e:aa:99:41:44:cb:38:9f:22:07:cb:bc:69:02:5d:
47:d6:33:39:08:e7:35:a3:92:8b:60:f0:99:fd:25:
90:b5:90:f1:b5:a5:bd:9b:b7:36:3a:45:b4:05:c0:
35:1d:70:35:b3:b4:b7:bb:e2:49:02:e7:04:46:f5:
c9:33:ad:d1:bd:48:bb:51:42:61:7c:a8:4d:86:e7:
10:71:b4:e6:f5:20:0f:48:aa:72:a4:92:59:68:b3:
50:b2:46:42:12:b6:33:83:f8:3d:ff:9b:99:88:9b:
32:4c:81:bb:ee:dd:58:02:76:fc:89:54:ec:f4:4e:
6a:2d:00:39:e3:a8:a2:1e:52:92:80:b1:dd:f6:0e:
ce:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:A1:39:B2:6A:87:C1:3A:5D:05:5B:5D:F3:DF:F9:09:4B:D0:2A:C1
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/RaE5smqHwTpdBVtd89_5CUvQKsE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.6.0/24
5.157.11.0/24
5.157.19.0/24
5.157.21.0/24
5.157.23.0-5.157.24.255
5.157.26.0/24
5.157.29.0/24
5.157.32.0-5.157.34.255
5.157.37.0/24
5.157.43.0/24
5.157.51.0/24
5.157.53.0/24
5.157.55.0/24
5.157.57.0/24
23.92.115.0-23.92.116.255
23.92.126.0/24
37.72.186.0/24
104.160.11.0/24
104.160.16.0/23
107.150.64.0/23
107.150.67.0/24
107.150.69.0-107.150.71.255
107.150.88.0/22
130.185.153.0/24
151.237.188.0/24
162.212.168.0/21
IPv6:
2a02:5740:4::/48
2a02:5740:9::/48
2a02:5740:14::/48
2a02:5740:24::/48
2a02:5740:26::/48
Signature Algorithm: sha256WithRSAEncryption
75:37:96:63:4d:e0:3e:d9:81:20:87:f7:22:a3:3b:87:f5:88:
11:a8:85:56:68:e5:eb:cb:67:8c:08:42:7a:35:8b:c0:0c:9d:
cd:4b:da:b6:c2:ba:0d:db:fc:72:49:e5:36:44:ea:d2:bd:43:
3e:e1:23:5c:38:33:fd:5d:2d:30:1e:b5:61:b8:e7:d2:5e:e9:
f2:7a:d5:17:b8:21:87:64:af:79:20:c6:d6:9f:01:50:95:cf:
de:65:b7:cd:93:78:81:31:61:fd:8d:13:e7:61:50:59:db:2e:
76:4e:26:a1:2d:94:7e:ea:f5:f2:19:8e:d3:1e:5f:55:b6:73:
75:c2:a3:18:fe:da:36:a7:8c:62:a2:2c:dd:80:57:1c:6a:bc:
4c:29:8a:8e:f6:24:34:5f:6e:e0:2e:19:81:17:c7:3b:ed:16:
ec:1b:d4:43:93:97:d6:e5:2e:d4:7e:af:54:e2:5f:63:dd:e4:
d8:c2:d8:14:15:9b:7d:55:6f:18:ba:c7:54:f4:40:d2:c5:b0:
27:e4:d5:84:81:ea:71:08:c8:23:16:c7:fb:c5:3a:c8:9b:90:
c2:2f:a0:c6:fa:f9:82:46:24:c4:ae:c7:8e:58:33:59:3c:3a:
d6:09:49:37:e4:cc:93:b7:9c:80:4e:f5:73:9a:58:dd:ef:56:
7e:44:12:64
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZeb7EpMc0vdVM3H+i0mpno5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwNjIzMDgzNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWExMzliMjZhODdjMTNhNWQwNTViNWRmM2RmZjkwOTRiZDAyYWMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8DyY6URZ4cnnnqbYwLXEVgo38c28
hbhftkf7Et5B94WaTwznLEbscnRSZZcBnTqvEvSEs0HSK4kMohlRKhaExg4PBqvH
3rSOqkN61cAvHqXjuYzt94SWwRYFR/MM0ZA4EAi86M9WhwwfHNoL/MX0h8TUy7G2
2+9uqplBRMs4nyIHy7xpAl1H1jM5COc1o5KLYPCZ/SWQtZDxtaW9m7c2OkW0BcA1
HXA1s7S3u+JJAucERvXJM63RvUi7UUJhfKhNhucQcbTm9SAPSKpypJJZaLNQskZC
ErYzg/g9/5uZiJsyTIG77t1YAnb8iVTs9E5qLQA546iiHlKSgLHd9g7OiwIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFEWhObJqh8E6XQVbXfPf+QlL0CrBMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvUmFFNXNtcUh3VHBkQlZ0ZDg5XzVDVXZRS3NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgcMEAgABMIG8AwQA
BZ0GAwQABZ0LAwQABZ0TAwQABZ0VMAwDBAAFnRcDBAAFnRgDBAAFnRoDBAAFnR0w
DAMEBQWdIAMEAAWdIgMEAAWdJQMEAAWdKwMEAAWdMwMEAAWdNQMEAAWdNwMEAAWd
OTAMAwQAF1xzAwQAF1x0AwQAF1x+AwQAJUi6AwQAaKALAwQBaKAQAwQBa5ZAAwQA
a5ZDMAwDBABrlkUDBANrlkADBAJrllgDBACCuZkDBACX7bwDBAOi1KgwMwQCAAIw
LQMHACoCV0AABAMHACoCV0AACQMHACoCV0AAFAMHACoCV0AAJAMHACoCV0AAJjAN
BgkqhkiG9w0BAQsFAAOCAQEAdTeWY03gPtmBIIf3IqM7h/WIEaiFVmjl68tnjAhC
ejWLwAydzUvatsK6Ddv8cknlNkTq0r1DPuEjXDgz/V0tMB61Ybjn0l7p8nrVF7gh
h2SveSDG1p8BUJXP3mW3zZN4gTFh/Y0T52FQWdsudk4moS2Ufur18hmO0x5fVbZz
dcKjGP7aNqeMYqIs3YBXHGq8TCmKjvYkNF9u4C4ZgRfHO+0W7BvUQ5OX1uUu1H6v
VOJfY93k2MLYFBWbfVVvGLrHVPRA0sWwJ+TVhIHqcQjIIxbH+8U6yJuQwi+gxvr5
gkYkxK7HjlgzWTw61glJN+TMk7ecgE71c5pY3e9WfkQSZA==
-----END CERTIFICATE-----
Generated at Sun Jun 29 05:22:54 2025 by rpki-client