Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/68xSrt4NnRoWrJn5FS2JYNTMyaM.roa
File: 68xSrt4NnRoWrJn5FS2JYNTMyaM.roa (raw, json)
Hash identifier: SsukY7gM+xi6mGj/n1AZssxs1Ds7Aj+6sLMAfwRw1a8=
Subject key identifier: EB:CC:52:AE:DE:0D:9D:1A:16:AC:99:F9:15:2D:89:60:D4:CC:C9:A3
Certificate issuer: /CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Certificate serial: 0198CD10C224D249F9FE3B9D9B6D2AE68A48
Authority key identifier: D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/68xSrt4NnRoWrJn5FS2JYNTMyaM.roa
Signing time: Thu 21 Aug 2025 14:38:04 +0000
ROA not before: Thu 21 Aug 2025 14:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 5.57.16.0/24 maxlen: 24
5.57.17.0/24 maxlen: 24
5.57.18.0/24 maxlen: 24
5.57.19.0/24 maxlen: 24
5.57.20.0/24 maxlen: 24
5.57.21.0/24 maxlen: 24
5.57.23.0/24 maxlen: 24
37.10.0.0/24 maxlen: 24
37.10.1.0/24 maxlen: 24
37.10.3.0/24 maxlen: 24
37.10.4.0/22 maxlen: 22
37.10.4.0/24 maxlen: 24
37.10.5.0/24 maxlen: 24
37.10.6.0/24 maxlen: 24
37.10.7.0/24 maxlen: 24
37.10.30.0/24 maxlen: 24
37.10.31.0/24 maxlen: 24
37.10.63.0/24 maxlen: 24
185.28.220.0/24 maxlen: 24
185.28.221.0/24 maxlen: 24
185.28.222.0/24 maxlen: 24
185.28.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.mft
rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cd:10:c2:24:d2:49:f9:fe:3b:9d:9b:6d:2a:e6:8a:48
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d79785de62dcf9e7930babd7b1d39c5853d1944f
Validity
Not Before: Aug 21 14:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ebcc52aede0d9d1a16ac99f9152d8960d4ccc9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:0e:d5:37:68:86:8b:77:da:25:22:96:dc:5c:
0c:99:7b:70:d8:8b:ee:7d:ee:c6:6c:61:01:96:27:
13:f9:c3:9d:2c:31:2e:a4:a3:7b:84:1f:69:62:1a:
98:44:7d:6f:89:c2:96:e5:3a:2d:d2:f0:ca:c5:f8:
e6:9d:b9:03:bf:47:80:3b:49:f4:73:78:76:57:ef:
ba:92:c9:df:3f:b8:a3:01:a4:0e:00:12:f2:8d:a2:
51:ac:f0:a9:b5:aa:33:c3:91:3d:a8:20:96:77:12:
ee:03:1e:58:9d:8e:b2:3f:57:a7:99:91:ff:3f:94:
62:53:7f:4d:6a:17:79:d4:48:67:87:23:94:08:d4:
e7:66:3f:3b:44:e0:f5:16:53:3b:85:c2:43:db:90:
21:2d:49:3d:42:1f:36:5b:1c:bb:17:56:cd:3a:b6:
fb:32:6c:6c:23:2b:c0:ce:08:ca:56:fe:b4:c8:dd:
22:a5:ec:1e:5b:01:a6:cd:82:b5:1b:e7:6c:c8:2a:
7d:e0:53:ff:13:c7:95:5f:c0:f1:6d:92:fc:e9:67:
81:ed:30:2f:3f:dc:2a:22:97:86:c5:c6:81:b0:e5:
dc:d7:64:d3:2a:b8:9d:95:78:c5:35:44:aa:c4:9a:
99:45:cc:43:51:12:dc:7a:af:18:6c:fb:fa:43:dc:
f3:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EB:CC:52:AE:DE:0D:9D:1A:16:AC:99:F9:15:2D:89:60:D4:CC:C9:A3
X509v3 Authority Key Identifier:
keyid:D7:97:85:DE:62:DC:F9:E7:93:0B:AB:D7:B1:D3:9C:58:53:D1:94:4F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/15eF3mLc-eeTC6vXsdOcWFPRlE8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/68xSrt4NnRoWrJn5FS2JYNTMyaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/af/7f9728-9559-4263-bcfa-75855db7151f/1/15eF3mLc-eeTC6vXsdOcWFPRlE8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.16.0-5.57.21.255
5.57.23.0/24
37.10.0.0/23
37.10.3.0-37.10.7.255
37.10.30.0/23
37.10.63.0/24
185.28.220.0/22
Signature Algorithm: sha256WithRSAEncryption
f0:04:a6:64:13:8f:20:97:e5:ff:cf:cf:c4:09:09:3b:af:49:
59:81:a5:db:e6:66:71:3d:94:70:24:70:de:e2:ad:bd:9a:f4:
ed:07:53:66:d6:db:57:cb:15:0c:53:bf:9d:a7:a5:2b:a7:27:
44:49:19:17:87:26:02:37:74:cb:1c:47:d7:52:7a:d5:41:b7:
63:0b:22:ba:bc:03:f5:5b:08:76:79:43:72:c3:60:a9:06:5d:
77:53:30:cd:9f:88:9f:73:cc:71:e4:30:d4:e1:ce:c3:56:49:
e6:f4:14:50:a0:02:93:94:a6:a6:22:36:9c:c3:05:27:b2:d9:
67:ac:af:01:b3:1f:9f:ad:53:51:aa:53:4f:6f:99:9b:39:6f:
58:48:45:05:fd:a8:97:1b:35:b2:2c:69:de:c2:86:ac:1b:0a:
c2:80:83:68:0f:bc:68:d7:05:20:2b:2e:a2:60:b1:4c:e4:42:
ad:99:f4:54:61:84:ba:61:2e:09:9a:3c:45:de:e4:ae:b4:c8:
e9:e7:8d:48:db:a0:6f:4e:89:3a:4a:c9:50:cb:8f:75:5a:da:
32:64:78:67:96:64:d3:5c:30:59:58:aa:9b:fd:f4:77:7b:20:
4d:1e:07:c8:63:80:24:aa:06:1d:06:95:47:55:db:e2:ad:9f:
5c:85:d0:a1
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZjNEMIk0kn5/judm20q5opIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3OTc4NWRlNjJkY2Y5ZTc5MzBiYWJkN2IxZDM5YzU4NTNk
MTk0NGYwHhcNMjUwODIxMTQzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYmNjNTJhZWRlMGQ5ZDFhMTZhYzk5ZjkxNTJkODk2MGQ0Y2NjOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3g7VN2iGi3faJSKW3FwMmXtw2Ivu
fe7GbGEBlicT+cOdLDEupKN7hB9pYhqYRH1vicKW5Tot0vDKxfjmnbkDv0eAO0n0
c3h2V++6ksnfP7ijAaQOABLyjaJRrPCptaozw5E9qCCWdxLuAx5YnY6yP1enmZH/
P5RiU39Nahd51EhnhyOUCNTnZj87ROD1FlM7hcJD25AhLUk9Qh82Wxy7F1bNOrb7
MmxsIyvAzgjKVv60yN0ipeweWwGmzYK1G+dsyCp94FP/E8eVX8DxbZL86WeB7TAv
P9wqIpeGxcaBsOXc12TTKridlXjFNUSqxJqZRcxDURLceq8YbPv6Q9zzNwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFOvMUq7eDZ0aFqyZ+RUtiWDUzMmjMB8GA1UdIwQY
MBaAFNeXhd5i3Pnnkwur17HTnFhT0ZRPMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEt
NzU4NTVkYjcxNTFmLzEvNjh4U3J0NE5uUm9XckpuNUZTMkpZTlRNeWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZi83Zjk3MjgtOTU1OS00MjYzLWJjZmEtNzU4NTVkYjcxNTFm
LzEvMTVlRjNtTGMtZWVUQzZ2WHNkT2NXRlBSbEU4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6MAwDBAQFORAD
BAEFORQDBAAFORcDBAElCgAwDAMEACUKAwMEAyUKAAMEASUKHgMEACUKPwMEArkc
3DANBgkqhkiG9w0BAQsFAAOCAQEA8ASmZBOPIJfl/8/PxAkJO69JWYGl2+ZmcT2U
cCRw3uKtvZr07QdTZtbbV8sVDFO/naelK6cnREkZF4cmAjd0yxxH11J61UG3Ywsi
urwD9VsIdnlDcsNgqQZdd1MwzZ+In3PMceQw1OHOw1ZJ5vQUUKACk5SmpiI2nMMF
J7LZZ6yvAbMfn61TUapTT2+ZmzlvWEhFBf2olxs1sixp3sKGrBsKwoCDaA+8aNcF
ICsuomCxTORCrZn0VGGEumEuCZo8Rd7krrTI6eeNSNugb06JOkrJUMuPdVraMmR4
Z5Zk01wwWViqm/30d3sgTR4HyGOAJKoGHQaVR1Xb4q2fXIXQoQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 06:53:46 2025 by rpki-client