Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/H053Wy1QhrY8__zrTCLE21aJSR0.roa
File: H053Wy1QhrY8__zrTCLE21aJSR0.roa (raw, json)
Hash identifier: XFp0BCIN9PEU3N2q5lPY5D5IjnQztsPMN//9DZ1mPWQ=
Subject key identifier: 1F:4E:77:5B:2D:50:86:B6:3C:FF:FC:EB:4C:22:C4:DB:56:89:49:1D
Certificate issuer: /CN=b4425cf5501344ac5acc307abd0af013fac67073
Certificate serial: 0198B20DC7809C1F316C58BAC563C81AD38D
Authority key identifier: B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/H053Wy1QhrY8__zrTCLE21aJSR0.roa
Signing time: Sat 16 Aug 2025 08:45:04 +0000
ROA not before: Sat 16 Aug 2025 08:45:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202709
IP address blocks: 5.61.216.0/21 maxlen: 21
45.82.132.0/22 maxlen: 22
185.58.132.0/22 maxlen: 22
185.119.228.0/22 maxlen: 22
185.142.20.0/24 maxlen: 24
193.25.255.0/24 maxlen: 24
193.26.0.0/24 maxlen: 24
193.26.2.0/24 maxlen: 24
193.26.12.0/24 maxlen: 24
194.48.180.0/22 maxlen: 22
2a02:63e0::/32 maxlen: 32
2a0e:6b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl
rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.mft
rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b2:0d:c7:80:9c:1f:31:6c:58:ba:c5:63:c8:1a:d3:8d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b4425cf5501344ac5acc307abd0af013fac67073
Validity
Not Before: Aug 16 08:45:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f4e775b2d5086b63cfffceb4c22c4db5689491d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:82:5c:d1:aa:9d:b9:d9:84:b9:0a:ad:70:5d:
99:a1:21:73:2c:13:02:8b:97:aa:98:5c:92:58:f3:
1c:d0:16:4c:be:68:08:9d:d3:1c:38:d4:c3:1d:41:
52:36:67:e6:1b:82:bc:64:51:c8:06:1f:80:13:d8:
18:24:80:0a:90:51:ef:8f:23:55:47:31:68:4e:ab:
a1:bd:bf:30:6a:5b:e1:56:59:f6:7a:e2:f6:f8:8e:
e1:c1:af:be:4d:13:15:c6:b4:a9:0f:5b:ed:2c:ed:
8d:83:8e:2a:f5:e3:bc:60:9e:d2:63:54:68:d8:45:
df:82:da:11:56:08:93:60:eb:09:23:bc:69:f1:cd:
fc:fa:7d:0a:7c:b0:aa:02:5d:43:c8:0f:f2:0c:27:
29:24:40:64:46:cf:24:a6:0e:65:ad:d9:31:61:63:
15:96:5a:c1:47:2d:12:76:b1:d2:12:c9:3e:74:5b:
93:96:5c:0d:1e:97:32:59:9a:d7:d4:de:1d:0f:01:
71:22:c4:01:27:5e:7e:6b:f1:d1:1b:64:a8:cd:b7:
59:c5:1b:8c:8e:c3:40:14:43:ba:32:d6:b4:30:f3:
97:45:2b:b1:47:35:40:83:f7:0e:ce:e7:39:49:f5:
4e:b4:a9:9b:9f:cc:00:d0:54:1b:f4:10:32:d8:a3:
23:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:4E:77:5B:2D:50:86:B6:3C:FF:FC:EB:4C:22:C4:DB:56:89:49:1D
X509v3 Authority Key Identifier:
keyid:B4:42:5C:F5:50:13:44:AC:5A:CC:30:7A:BD:0A:F0:13:FA:C6:70:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tEJc9VATRKxazDB6vQrwE_rGcHM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/H053Wy1QhrY8__zrTCLE21aJSR0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5e/6ac0a2-5c6c-4357-97e4-ceb8ab6d112e/1/tEJc9VATRKxazDB6vQrwE_rGcHM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.216.0/21
45.82.132.0/22
185.58.132.0/22
185.119.228.0/22
185.142.20.0/24
193.25.255.0-193.26.0.255
193.26.2.0/24
193.26.12.0/24
194.48.180.0/22
IPv6:
2a02:63e0::/32
2a0e:6b80::/29
Signature Algorithm: sha256WithRSAEncryption
3c:0a:1d:70:a0:8d:57:07:83:35:a9:4c:e5:ca:2a:84:18:94:
3a:1a:9d:4c:f9:c3:a1:68:05:8f:b7:8c:1d:e1:6e:2c:3c:c9:
8b:f5:44:b8:19:95:bc:88:95:d2:8b:82:f3:3c:54:a7:37:12:
da:20:85:eb:b9:16:b4:8d:5f:bb:b4:e5:c2:11:c4:52:e2:4e:
ee:97:f5:6c:a6:c6:0e:f9:61:33:b3:80:fd:6e:e3:c1:83:dd:
b8:d1:90:f4:48:6e:ad:d5:df:27:26:6b:8a:da:9c:01:e1:05:
8e:2c:17:28:91:c9:c5:f3:31:44:9b:ae:5c:5e:20:6a:7c:a2:
d4:89:48:4c:c8:4e:83:85:6f:1e:d4:49:59:5d:46:d1:72:6c:
7c:30:76:46:83:5d:6b:8b:85:68:91:04:95:95:6e:e5:11:8e:
2c:1a:e4:26:cb:cc:64:af:e5:d5:47:01:d4:63:92:88:c9:95:
8f:d9:51:a9:1b:b2:89:94:3d:d1:27:ab:ba:b2:22:dc:8d:90:
61:d1:86:20:53:32:b4:f3:ca:79:ce:a6:0c:b5:87:c2:6f:b1:
35:e0:4a:83:e8:83:63:0b:56:31:55:3b:66:8f:57:85:83:a7:
69:cd:17:41:d3:46:92:33:4b:83:d1:d5:4d:3f:5b:4b:fd:8f:
3c:84:23:83
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZiyDceAnB8xbFi6xWPIGtONMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0NDI1Y2Y1NTAxMzQ0YWM1YWNjMzA3YWJkMGFmMDEzZmFj
NjcwNzMwHhcNMjUwODE2MDg0NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjRlNzc1YjJkNTA4NmI2M2NmZmZjZWI0YzIyYzRkYjU2ODk0OTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwYJc0aqdudmEuQqtcF2ZoSFzLBMC
i5eqmFySWPMc0BZMvmgIndMcONTDHUFSNmfmG4K8ZFHIBh+AE9gYJIAKkFHvjyNV
RzFoTquhvb8walvhVln2euL2+I7hwa++TRMVxrSpD1vtLO2Ng44q9eO8YJ7SY1Ro
2EXfgtoRVgiTYOsJI7xp8c38+n0KfLCqAl1DyA/yDCcpJEBkRs8kpg5lrdkxYWMV
llrBRy0SdrHSEsk+dFuTllwNHpcyWZrX1N4dDwFxIsQBJ15+a/HRG2SozbdZxRuM
jsNAFEO6Mta0MPOXRSuxRzVAg/cOzuc5SfVOtKmbn8wA0FQb9BAy2KMjZwIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFB9Od1stUIa2PP/860wixNtWiUkdMB8GA1UdIwQY
MBaAFLRCXPVQE0SsWswwer0K8BP6xnBzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQt
Y2ViOGFiNmQxMTJlLzEvSDA1M1d5MVFoclk4X196clRDTEUyMWFKU1IwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZS82YWMwYTItNWM2Yy00MzU3LTk3ZTQtY2ViOGFiNmQxMTJl
LzEvdEVKYzlWQVRSS3hhekRCNnZRcndFX3JHY0hNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBEBAIAATA+AwQDBT3YAwQC
LVKEAwQCuTqEAwQCuXfkAwQAuY4UMAwDBADBGf8DBADBGgADBADBGgIDBADBGgwD
BALCMLQwFAQCAAIwDgMFACoCY+ADBQMqDmuAMA0GCSqGSIb3DQEBCwUAA4IBAQA8
Ch1woI1XB4M1qUzlyiqEGJQ6Gp1M+cOhaAWPt4wd4W4sPMmL9US4GZW8iJXSi4Lz
PFSnNxLaIIXruRa0jV+7tOXCEcRS4k7ul/VspsYO+WEzs4D9buPBg9240ZD0SG6t
1d8nJmuK2pwB4QWOLBcokcnF8zFEm65cXiBqfKLUiUhMyE6DhW8e1ElZXUbRcmx8
MHZGg11ri4VokQSVlW7lEY4sGuQmy8xkr+XVRwHUY5KIyZWP2VGpG7KJlD3RJ6u6
siLcjZBh0YYgUzK088p5zqYMtYfCb7E14EqD6INjC1YxVTtmj1eFg6dpzRdB00aS
M0uD0dVNP1tL/Y88hCOD
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:04:57 2025 by rpki-client