
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/X3vNtvsomO27Kd2vA5pm18uPmdU.roa
File: X3vNtvsomO27Kd2vA5pm18uPmdU.roa (raw, json)
Hash identifier: qr4mzjHU/2+nlh+IYLU51D2SlEL1XSnDydpL/wjE4BM=
Subject key identifier: 5F:7B:CD:B6:FB:28:98:ED:BB:29:DD:AF:03:9A:66:D7:CB:8F:99:D5
Certificate issuer: /CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Certificate serial: 019956E47043400492621E634ED0408B8CA0
Authority key identifier: D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/X3vNtvsomO27Kd2vA5pm18uPmdU.roa
Signing time: Wed 17 Sep 2025 08:57:15 +0000
ROA not before: Wed 17 Sep 2025 08:57:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58065
IP address blocks: 5.157.6.0/24 maxlen: 24
5.157.11.0/24 maxlen: 24
5.157.19.0/24 maxlen: 24
5.157.21.0/24 maxlen: 24
5.157.23.0/24 maxlen: 24
5.157.24.0/24 maxlen: 24
5.157.26.0/24 maxlen: 24
5.157.29.0/24 maxlen: 24
5.157.32.0/24 maxlen: 24
5.157.33.0/24 maxlen: 24
5.157.34.0/24 maxlen: 24
5.157.37.0/24 maxlen: 24
5.157.43.0/24 maxlen: 24
5.157.51.0/24 maxlen: 24
5.157.53.0/24 maxlen: 24
5.157.55.0/24 maxlen: 24
5.157.57.0/24 maxlen: 24
23.92.115.0/24 maxlen: 24
23.92.116.0/24 maxlen: 24
23.92.126.0/24 maxlen: 24
37.72.186.0/24 maxlen: 24
104.160.3.0/24 maxlen: 24
104.160.11.0/24 maxlen: 24
104.160.16.0/24 maxlen: 24
104.160.17.0/24 maxlen: 24
107.150.64.0/24 maxlen: 24
107.150.65.0/24 maxlen: 24
107.150.67.0/24 maxlen: 24
107.150.69.0/24 maxlen: 24
107.150.70.0/24 maxlen: 24
107.150.71.0/24 maxlen: 24
107.150.88.0/24 maxlen: 24
107.150.89.0/24 maxlen: 24
107.150.90.0/24 maxlen: 24
107.150.91.0/24 maxlen: 24
130.185.153.0/24 maxlen: 24
151.237.188.0/24 maxlen: 24
162.212.168.0/24 maxlen: 24
162.212.169.0/24 maxlen: 24
162.212.170.0/24 maxlen: 24
162.212.171.0/24 maxlen: 24
162.212.172.0/24 maxlen: 24
162.212.173.0/24 maxlen: 24
162.212.174.0/24 maxlen: 24
162.212.175.0/24 maxlen: 24
2a02:5740:4::/48 maxlen: 48
2a02:5740:9::/48 maxlen: 48
2a02:5740:14::/48 maxlen: 48
2a02:5740:24::/48 maxlen: 48
2a02:5740:26::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.mft
rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:56:e4:70:43:40:04:92:62:1e:63:4e:d0:40:8b:8c:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d82cb43ca3c0c57816cee360478d0cf882207fd2
Validity
Not Before: Sep 17 08:57:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5f7bcdb6fb2898edbb29ddaf039a66d7cb8f99d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:67:64:18:05:0f:37:7b:de:fe:bf:9a:89:53:
42:33:ce:cf:90:ca:4c:18:47:5a:c5:3d:d8:15:9d:
31:42:2e:d4:45:13:f4:ca:37:db:73:22:48:5c:0c:
ac:5c:6e:09:34:66:01:69:72:1e:45:d5:86:5b:35:
76:c6:1f:83:e6:2b:a4:3f:b5:37:3e:02:70:22:33:
f0:69:ee:9c:a9:53:4f:51:6f:36:39:b7:34:94:3f:
72:9b:2e:8d:1b:63:90:ed:34:92:3f:02:3d:e2:ef:
36:5b:1d:bb:36:4e:94:d3:81:70:44:79:b9:a1:8b:
f9:8e:12:ba:db:36:65:15:df:6e:be:aa:f2:04:41:
bb:6f:a4:7d:f3:08:a7:83:1c:e2:4f:f7:85:1a:2d:
85:4b:16:b6:98:9e:ec:57:33:bf:ec:3d:88:08:0d:
16:73:45:6c:20:2a:37:1d:f0:12:0e:cf:0b:8f:8c:
e8:60:6e:91:37:7a:48:ff:15:f5:27:1c:e8:fe:1a:
7b:d2:90:fe:6a:1c:9e:de:4c:8f:5f:f8:0d:45:19:
9c:50:cf:3a:38:6d:77:78:12:7c:62:fa:6a:ec:e3:
25:5a:16:50:73:df:93:bc:7c:35:9d:b7:2b:31:11:
03:11:26:93:5a:01:02:18:1c:aa:d6:98:1c:ff:9e:
19:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5F:7B:CD:B6:FB:28:98:ED:BB:29:DD:AF:03:9A:66:D7:CB:8F:99:D5
X509v3 Authority Key Identifier:
keyid:D8:2C:B4:3C:A3:C0:C5:78:16:CE:E3:60:47:8D:0C:F8:82:20:7F:D2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/2Cy0PKPAxXgWzuNgR40M-IIgf9I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/X3vNtvsomO27Kd2vA5pm18uPmdU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/57/3b51b8-10c6-438b-a120-15f13e3f7d85/1/2Cy0PKPAxXgWzuNgR40M-IIgf9I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.157.6.0/24
5.157.11.0/24
5.157.19.0/24
5.157.21.0/24
5.157.23.0-5.157.24.255
5.157.26.0/24
5.157.29.0/24
5.157.32.0-5.157.34.255
5.157.37.0/24
5.157.43.0/24
5.157.51.0/24
5.157.53.0/24
5.157.55.0/24
5.157.57.0/24
23.92.115.0-23.92.116.255
23.92.126.0/24
37.72.186.0/24
104.160.3.0/24
104.160.11.0/24
104.160.16.0/23
107.150.64.0/23
107.150.67.0/24
107.150.69.0-107.150.71.255
107.150.88.0/22
130.185.153.0/24
151.237.188.0/24
162.212.168.0/21
IPv6:
2a02:5740:4::/48
2a02:5740:9::/48
2a02:5740:14::/48
2a02:5740:24::/48
2a02:5740:26::/48
Signature Algorithm: sha256WithRSAEncryption
02:8b:c3:f0:25:e1:86:91:24:ad:79:4f:25:7e:89:62:b2:e2:
77:b4:db:5a:0c:05:94:4a:f9:0b:f9:88:c0:0b:6c:2e:7a:f0:
b7:67:ff:ca:b1:57:7a:60:bc:7e:38:37:af:97:ce:6f:da:4a:
9f:04:a5:00:01:30:a1:8b:fc:47:6f:29:df:c4:7a:cf:ff:6b:
a3:c2:31:73:07:5c:bc:b5:1d:c0:7a:68:36:d4:b8:43:f5:f0:
e0:b0:64:18:b4:04:4c:46:f3:42:09:c2:0d:2d:31:89:8f:a4:
30:5d:f0:6c:96:61:82:4d:20:04:88:87:e0:f5:ad:c9:df:e9:
16:38:a6:d5:f1:2b:22:ae:75:61:ef:ec:29:89:b5:e7:a7:ca:
83:c1:6e:55:f7:2a:e6:d5:94:13:6f:af:d8:9e:23:c2:d4:c4:
76:94:d0:03:be:e1:a4:8a:d5:92:1f:d4:b2:40:17:a7:29:a2:
9f:b3:16:9c:15:24:07:49:d0:a6:97:21:e2:47:cb:90:96:24:
5d:ed:da:3f:65:bf:d4:d6:c7:db:38:ea:aa:92:a1:41:9a:73:
1d:1f:25:b9:4f:b5:f8:41:68:78:87:61:6d:dd:57:03:ea:19:
1e:2e:a4:9f:6d:2b:7d:7b:cc:84:8b:2b:b9:d4:7a:47:1e:7e:
6c:d2:12:c1
-----BEGIN CERTIFICATE-----
MIIF9jCCBN6gAwIBAgISAZlW5HBDQASSYh5jTtBAi4ygMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ4MmNiNDNjYTNjMGM1NzgxNmNlZTM2MDQ3OGQwY2Y4ODIy
MDdmZDIwHhcNMjUwOTE3MDg1NzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZjdiY2RiNmZiMjg5OGVkYmIyOWRkYWYwMzlhNjZkN2NiOGY5OWQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl2dkGAUPN3ve/r+aiVNCM87PkMpM
GEdaxT3YFZ0xQi7URRP0yjfbcyJIXAysXG4JNGYBaXIeRdWGWzV2xh+D5iukP7U3
PgJwIjPwae6cqVNPUW82Obc0lD9ymy6NG2OQ7TSSPwI94u82Wx27Nk6U04FwRHm5
oYv5jhK62zZlFd9uvqryBEG7b6R98wingxziT/eFGi2FSxa2mJ7sVzO/7D2ICA0W
c0VsICo3HfASDs8Lj4zoYG6RN3pI/xX1Jxzo/hp70pD+ahye3kyPX/gNRRmcUM86
OG13eBJ8Yvpq7OMlWhZQc9+TvHw1nbcrMREDESaTWgECGByq1pgc/54ZvwIDAQAB
o4IDAjCCAv4wHQYDVR0OBBYEFF97zbb7KJjtuyndrwOaZtfLj5nVMB8GA1UdIwQY
MBaAFNgstDyjwMV4Fs7jYEeNDPiCIH/SMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAt
MTVmMTNlM2Y3ZDg1LzEvWDN2TnR2c29tTzI3S2QydkE1cG0xOHVQbWRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Ny8zYjUxYjgtMTBjNi00MzhiLWExMjAtMTVmMTNlM2Y3ZDg1
LzEvMkN5MFBLUEF4WGdXenVOZ1I0ME0tSUlnZjlJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFgYIKwYBBQUHAQcBAf8EggEFMIIBATCByQQCAAEwgcID
BAAFnQYDBAAFnQsDBAAFnRMDBAAFnRUwDAMEAAWdFwMEAAWdGAMEAAWdGgMEAAWd
HTAMAwQFBZ0gAwQABZ0iAwQABZ0lAwQABZ0rAwQABZ0zAwQABZ01AwQABZ03AwQA
BZ05MAwDBAAXXHMDBAAXXHQDBAAXXH4DBAAlSLoDBABooAMDBABooAsDBAFooBAD
BAFrlkADBABrlkMwDAMEAGuWRQMEA2uWQAMEAmuWWAMEAIK5mQMEAJftvAMEA6LU
qDAzBAIAAjAtAwcAKgJXQAAEAwcAKgJXQAAJAwcAKgJXQAAUAwcAKgJXQAAkAwcA
KgJXQAAmMA0GCSqGSIb3DQEBCwUAA4IBAQACi8PwJeGGkSSteU8lfolisuJ3tNta
DAWUSvkL+YjAC2wuevC3Z//KsVd6YLx+ODevl85v2kqfBKUAATChi/xHbynfxHrP
/2ujwjFzB1y8tR3Aemg21LhD9fDgsGQYtARMRvNCCcINLTGJj6QwXfBslmGCTSAE
iIfg9a3J3+kWOKbV8SsirnVh7+wpibXnp8qDwW5V9yrm1ZQTb6/YniPC1MR2lNAD
vuGkitWSH9SyQBenKaKfsxacFSQHSdCmlyHiR8uQliRd7do/Zb/U1sfbOOqqkqFB
mnMdHyW5T7X4QWh4h2Ft3VcD6hkeLqSfbSt9e8yEiyu51HpHHn5s0hLB
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:29:26 2025 by rpki-client