Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/706-tHxpJxqqgnkIB80yIowIT-k.roa
File: 706-tHxpJxqqgnkIB80yIowIT-k.roa (raw, json)
Hash identifier: tEgSlzE4QMPw8ymsTN2HXz06cmmqo0/llcxcWjbgUt4=
Subject key identifier: EF:4E:BE:B4:7C:69:27:1A:AA:82:79:08:07:CD:32:22:8C:08:4F:E9
Certificate issuer: /CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Certificate serial: 0198793FEBE57E95AC3F972B2A33E5803CF4
Authority key identifier: 59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/706-tHxpJxqqgnkIB80yIowIT-k.roa
Signing time: Tue 05 Aug 2025 08:01:29 +0000
ROA not before: Tue 05 Aug 2025 08:01:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 84.37.11.0/24 maxlen: 24
84.37.13.0/24 maxlen: 24
84.37.24.0/24 maxlen: 24
84.37.29.0/24 maxlen: 24
84.37.49.0/24 maxlen: 24
84.37.50.0/24 maxlen: 24
84.37.53.0/24 maxlen: 24
84.37.58.0/23 maxlen: 24
84.37.62.0/24 maxlen: 24
84.37.66.0/24 maxlen: 24
84.37.74.0/23 maxlen: 24
84.37.78.0/23 maxlen: 24
84.37.90.0/23 maxlen: 24
84.37.94.0/23 maxlen: 24
84.37.98.0/24 maxlen: 24
84.37.102.0/23 maxlen: 24
84.37.104.0/24 maxlen: 24
84.37.110.0/24 maxlen: 24
84.37.113.0/24 maxlen: 24
84.37.117.0/24 maxlen: 24
84.37.123.0/24 maxlen: 24
84.37.130.0/23 maxlen: 24
84.37.134.0/24 maxlen: 24
84.37.141.0/24 maxlen: 24
84.37.149.0/24 maxlen: 24
84.37.150.0/23 maxlen: 24
84.37.154.0/23 maxlen: 24
84.37.158.0/23 maxlen: 24
84.37.162.0/23 maxlen: 24
84.37.166.0/23 maxlen: 24
84.37.168.0/24 maxlen: 24
84.37.170.0/23 maxlen: 24
84.37.174.0/23 maxlen: 24
84.37.188.0/23 maxlen: 24
84.37.252.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.mft
rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 23:02:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:3f:eb:e5:7e:95:ac:3f:97:2b:2a:33:e5:80:3c:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5954b6183e459748c89ee5431b8f31de692ae3b7
Validity
Not Before: Aug 5 08:01:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef4ebeb47c69271aaa82790807cd32228c084fe9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:b4:ef:44:3d:98:2e:97:29:0d:3f:42:20:4b:
c6:07:4d:de:9f:3b:74:a8:ea:6b:09:0f:fa:6c:10:
a0:07:a1:da:be:40:d1:57:bc:77:db:a8:c6:80:bd:
b9:58:60:f6:b5:fd:0d:e2:f6:95:c5:b7:6f:78:46:
e9:4d:5d:c9:a5:93:e2:75:cd:d0:c1:87:a8:32:b6:
36:c1:11:e1:eb:d3:1e:b1:b8:a5:31:3d:cf:3b:14:
88:82:f9:47:88:32:a4:2c:95:95:8d:d4:67:97:98:
0f:17:0c:27:fa:96:a2:a7:94:c8:76:c6:50:04:59:
26:04:d9:af:b2:3f:34:fc:19:9d:12:5c:f0:50:82:
f3:63:f3:98:74:08:30:3a:d1:05:26:63:8d:d0:6e:
40:1c:8d:31:d8:47:ff:3d:d9:8b:6d:1c:ed:ee:58:
71:52:3d:b5:08:20:59:2c:cd:b7:a6:f5:5f:09:42:
a2:d7:b8:42:36:b5:a8:05:20:29:62:c5:95:0e:e0:
41:30:b0:ab:c7:96:2b:0e:84:b8:bc:07:56:1b:a7:
a9:d8:51:35:6a:71:de:a1:c9:7a:75:07:5f:b8:bb:
6a:1f:db:15:3a:d0:f7:02:fd:4c:5e:28:3c:33:29:
5a:2d:2a:ba:09:42:5d:5e:f0:81:a7:78:4c:63:6d:
9a:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:4E:BE:B4:7C:69:27:1A:AA:82:79:08:07:CD:32:22:8C:08:4F:E9
X509v3 Authority Key Identifier:
keyid:59:54:B6:18:3E:45:97:48:C8:9E:E5:43:1B:8F:31:DE:69:2A:E3:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WVS2GD5Fl0jInuVDG48x3mkq47c.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/706-tHxpJxqqgnkIB80yIowIT-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7de65c-90f5-4def-b873-d2adeed755d8/1/WVS2GD5Fl0jInuVDG48x3mkq47c.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
84.37.11.0/24
84.37.13.0/24
84.37.24.0/24
84.37.29.0/24
84.37.49.0-84.37.50.255
84.37.53.0/24
84.37.58.0/23
84.37.62.0/24
84.37.66.0/24
84.37.74.0/23
84.37.78.0/23
84.37.90.0/23
84.37.94.0/23
84.37.98.0/24
84.37.102.0-84.37.104.255
84.37.110.0/24
84.37.113.0/24
84.37.117.0/24
84.37.123.0/24
84.37.130.0/23
84.37.134.0/24
84.37.141.0/24
84.37.149.0-84.37.151.255
84.37.154.0/23
84.37.158.0/23
84.37.162.0/23
84.37.166.0-84.37.168.255
84.37.170.0/23
84.37.174.0/23
84.37.188.0/23
84.37.252.0/23
Signature Algorithm: sha256WithRSAEncryption
11:cd:8b:04:d6:97:f6:3e:83:40:6c:23:d4:56:bd:09:b2:15:
0e:72:de:17:d1:ba:93:97:42:97:f4:dc:fa:5f:92:45:e2:c9:
39:ec:4c:7d:e9:88:47:e5:27:f7:41:a7:3c:55:23:67:01:92:
30:fc:cf:c6:0c:b8:4d:4d:d9:db:b1:f3:4b:89:85:ae:c9:1b:
5d:41:c9:c8:1a:f2:23:41:92:03:09:06:0e:fc:85:6f:1b:e6:
99:58:d4:20:13:f8:62:c4:a4:d3:98:d1:e8:b6:9f:7c:be:06:
51:5f:fe:33:15:6e:cd:43:50:f9:47:18:4f:76:57:6b:cd:ba:
22:ce:04:8f:97:f8:3a:6d:6f:b7:66:87:e6:72:38:11:f2:e9:
97:14:85:e7:0f:ae:61:e0:89:96:fa:63:43:16:2b:10:c9:b9:
c4:91:ed:9c:53:67:58:a7:75:92:da:5b:a0:e7:1e:f9:98:ec:
72:ad:61:90:10:df:d2:45:3a:73:80:ba:73:cd:d0:c1:56:1b:
58:fb:bc:75:0d:b6:b4:59:7b:36:b3:7f:60:34:2b:32:fb:23:
7a:f0:cc:68:b8:40:23:a2:8b:2b:fe:9f:84:33:68:88:38:e9:
6c:a3:ea:53:8e:7e:24:b4:4c:67:bd:9f:d0:92:31:57:27:99:
f4:7c:91:83
-----BEGIN CERTIFICATE-----
MIIF1jCCBL6gAwIBAgISAZh5P+vlfpWsP5crKjPlgDz0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU5NTRiNjE4M2U0NTk3NDhjODllZTU0MzFiOGYzMWRlNjky
YWUzYjcwHhcNMjUwODA1MDgwMTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjRlYmViNDdjNjkyNzFhYWE4Mjc5MDgwN2NkMzIyMjhjMDg0ZmU5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwbTvRD2YLpcpDT9CIEvGB03enzt0
qOprCQ/6bBCgB6HavkDRV7x326jGgL25WGD2tf0N4vaVxbdveEbpTV3JpZPidc3Q
wYeoMrY2wRHh69MesbilMT3POxSIgvlHiDKkLJWVjdRnl5gPFwwn+paip5TIdsZQ
BFkmBNmvsj80/BmdElzwUILzY/OYdAgwOtEFJmON0G5AHI0x2Ef/PdmLbRzt7lhx
Uj21CCBZLM23pvVfCUKi17hCNrWoBSApYsWVDuBBMLCrx5YrDoS4vAdWG6ep2FE1
anHeocl6dQdfuLtqH9sVOtD3Av1MXig8MylaLSq6CUJdXvCBp3hMY22atQIDAQAB
o4IC4jCCAt4wHQYDVR0OBBYEFO9OvrR8aScaqoJ5CAfNMiKMCE/pMB8GA1UdIwQY
MBaAFFlUthg+RZdIyJ7lQxuPMd5pKuO3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMt
ZDJhZGVlZDc1NWQ4LzEvNzA2LXRIeHBKeHFxZ25rSUI4MHlJb3dJVC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83ZGU2NWMtOTBmNS00ZGVmLWI4NzMtZDJhZGVlZDc1NWQ4
LzEvV1ZTMkdENUZsMGpJbnVWREc0OHgzbWtxNDdjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH3BggrBgEFBQcBBwEB/wSB5zCB5DCB4QQCAAEwgdoDBABU
JQsDBABUJQ0DBABUJRgDBABUJR0wDAMEAFQlMQMEAFQlMgMEAFQlNQMEAVQlOgME
AFQlPgMEAFQlQgMEAVQlSgMEAVQlTgMEAVQlWgMEAVQlXgMEAFQlYjAMAwQBVCVm
AwQAVCVoAwQAVCVuAwQAVCVxAwQAVCV1AwQAVCV7AwQBVCWCAwQAVCWGAwQAVCWN
MAwDBABUJZUDBANUJZADBAFUJZoDBAFUJZ4DBAFUJaIwDAMEAVQlpgMEAFQlqAME
AVQlqgMEAVQlrgMEAVQlvAMEAVQl/DANBgkqhkiG9w0BAQsFAAOCAQEAEc2LBNaX
9j6DQGwj1Fa9CbIVDnLeF9G6k5dCl/Tc+l+SReLJOexMfemIR+Un90GnPFUjZwGS
MPzPxgy4TU3Z27HzS4mFrskbXUHJyBryI0GSAwkGDvyFbxvmmVjUIBP4YsSk05jR
6LaffL4GUV/+MxVuzUNQ+UcYT3ZXa826Is4Ej5f4Om1vt2aH5nI4EfLplxSF5w+u
YeCJlvpjQxYrEMm5xJHtnFNnWKd1ktpboOce+Zjscq1hkBDf0kU6c4C6c83QwVYb
WPu8dQ22tFl7NrN/YDQrMvsjevDMaLhAI6KLK/6fhDNoiDjpbKPqU45+JLRMZ72f
0JIxVyeZ9HyRgw==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:53:41 2025 by rpki-client