Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/PimO5b5KbIpbyY6X7dBeo4nzGfo.roa
File: PimO5b5KbIpbyY6X7dBeo4nzGfo.roa (raw, json)
Hash identifier: XRrn0aWk97wVb/B9B+cfXVdA4L+ijYSy1XLqIddxODg=
Subject key identifier: 3E:29:8E:E5:BE:4A:6C:8A:5B:C9:8E:97:ED:D0:5E:A3:89:F3:19:FA
Certificate issuer: /CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Certificate serial: 0199BC56FE9BE478C82DF28E7C529761CEBB
Authority key identifier: 5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/PimO5b5KbIpbyY6X7dBeo4nzGfo.roa
Signing time: Tue 07 Oct 2025 01:44:01 +0000
ROA not before: Tue 07 Oct 2025 01:44:01 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13037
IP address blocks: 51.148.0.0/16 maxlen: 24
51.148.64.0/21 maxlen: 21
51.155.0.0/16 maxlen: 16
62.3.64.0/18 maxlen: 21
62.3.88.0/21 maxlen: 21
77.104.128.0/18 maxlen: 18
82.68.0.0/15 maxlen: 15
82.71.0.0/16 maxlen: 24
82.71.240.0/20 maxlen: 20
88.97.0.0/18 maxlen: 18
88.97.64.0/20 maxlen: 20
88.97.88.0/22 maxlen: 22
88.97.96.0/20 maxlen: 20
88.98.0.0/20 maxlen: 20
88.98.16.0/23 maxlen: 23
88.98.18.0/24 maxlen: 24
88.98.21.0/24 maxlen: 24
88.98.22.0/23 maxlen: 23
88.98.24.0/21 maxlen: 21
88.98.32.0/19 maxlen: 23
88.98.64.0/19 maxlen: 24
88.98.128.0/19 maxlen: 19
88.98.160.0/21 maxlen: 21
88.98.170.0/23 maxlen: 23
88.98.172.0/22 maxlen: 22
88.98.176.0/20 maxlen: 20
146.66.64.0/18 maxlen: 18
212.23.0.0/19 maxlen: 23
212.23.0.0/23 maxlen: 23
217.155.0.0/16 maxlen: 24
2a02:8010::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.mft
rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bc:56:fe:9b:e4:78:c8:2d:f2:8e:7c:52:97:61:ce:bb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5cf4501b755002d9143e8fa6736815e9f0f93695
Validity
Not Before: Oct 7 01:44:01 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3e298ee5be4a6c8a5bc98e97edd05ea389f319fa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:32:e4:55:7d:ae:db:9e:1f:81:6a:bc:e0:c9:
76:84:bc:f4:be:d6:05:68:6c:96:0d:e3:4b:a1:2c:
a7:d8:18:53:4e:fd:7d:27:fc:6d:39:fa:90:79:2a:
80:c0:c6:98:e0:97:3e:bc:ad:cb:7f:c9:3d:c4:db:
e6:57:48:cd:2f:24:c7:07:3f:bf:05:6d:34:e4:41:
be:f1:4c:91:1e:f5:c6:b6:c5:9f:ed:e8:41:d4:cc:
d2:4f:01:31:db:2b:71:e3:0b:72:2c:07:29:61:21:
26:f5:06:9e:e7:1b:ad:93:53:72:fe:e7:af:f8:7d:
0c:71:09:ee:85:79:e3:90:12:61:83:bd:d9:7c:c2:
25:97:65:90:7f:ae:a6:14:de:26:a4:e2:74:3e:26:
a0:a7:ad:fd:97:31:39:b8:42:fc:1b:6f:8d:34:33:
95:2d:64:90:e9:d6:8e:f1:f4:5b:e9:e6:b1:db:4c:
39:23:c1:b1:0e:62:f8:82:0f:e1:65:36:af:ad:48:
48:81:85:b0:03:b3:a3:8c:a2:0e:a7:f3:ae:54:6f:
20:28:3f:8d:fd:64:af:1b:45:9a:ab:23:06:cb:c6:
cf:e9:0f:f8:3f:20:93:84:8d:94:3f:7f:ce:89:7a:
8f:89:9b:8b:5e:31:28:30:79:50:7e:22:77:03:9a:
0f:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:29:8E:E5:BE:4A:6C:8A:5B:C9:8E:97:ED:D0:5E:A3:89:F3:19:FA
X509v3 Authority Key Identifier:
keyid:5C:F4:50:1B:75:50:02:D9:14:3E:8F:A6:73:68:15:E9:F0:F9:36:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XPRQG3VQAtkUPo-mc2gV6fD5NpU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/PimO5b5KbIpbyY6X7dBeo4nzGfo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/c1ca07-9658-4446-8cb5-60cf9ab1b13e/1/XPRQG3VQAtkUPo-mc2gV6fD5NpU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
51.148.0.0/16
51.155.0.0/16
62.3.64.0/18
77.104.128.0/18
82.68.0.0/15
82.71.0.0/16
88.97.0.0-88.97.79.255
88.97.88.0/22
88.97.96.0/20
88.98.0.0-88.98.18.255
88.98.21.0-88.98.95.255
88.98.128.0-88.98.167.255
88.98.170.0-88.98.191.255
146.66.64.0/18
212.23.0.0/19
217.155.0.0/16
IPv6:
2a02:8010::/29
Signature Algorithm: sha256WithRSAEncryption
67:95:08:0c:a2:a4:8c:5b:c7:f6:f1:ff:da:e0:63:0e:0f:02:
69:2b:8b:4e:18:fb:ad:54:3f:b1:38:f6:37:23:14:f7:f7:a0:
56:f2:fb:49:6d:42:93:36:79:d0:72:4b:dd:e5:dd:7b:38:2b:
84:73:4f:02:dd:0e:b9:57:0f:04:c3:25:a5:28:63:07:6e:f1:
1c:6b:92:cf:27:be:26:89:65:8b:65:c5:a0:7f:72:b4:46:fd:
6e:7e:68:ee:fe:b2:04:f9:64:62:f3:9b:bc:46:01:53:e5:29:
66:0b:a9:66:a6:1d:a3:a5:8b:9f:02:55:28:a6:d3:3a:f7:7e:
f1:1e:85:2c:2a:0d:80:a1:fb:12:aa:99:34:8e:2e:c4:3c:31:
0d:6d:17:ff:d7:80:db:aa:e5:8d:b5:5d:75:f9:b8:c5:da:88:
51:65:d9:63:ab:af:8a:98:0f:2a:03:de:ef:27:55:54:50:9a:
84:08:0c:cf:ff:36:b7:e5:70:54:d9:07:87:fe:aa:0a:53:60:
d4:5b:9b:af:1f:03:9d:21:49:29:bf:1d:25:2e:d3:06:f0:b1:
b5:5a:88:91:84:56:69:55:b2:01:02:23:33:1e:50:9f:9d:2f:
62:99:0f:61:14:a9:db:d9:ec:b9:4d:7b:a6:bd:c9:5b:c1:3d:
77:1b:91:8d
-----BEGIN CERTIFICATE-----
MIIFjDCCBHSgAwIBAgISAZm8Vv6b5HjILfKOfFKXYc67MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVjZjQ1MDFiNzU1MDAyZDkxNDNlOGZhNjczNjgxNWU5ZjBm
OTM2OTUwHhcNMjUxMDA3MDE0NDAxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZTI5OGVlNWJlNGE2YzhhNWJjOThlOTdlZGQwNWVhMzg5ZjMxOWZhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqDLkVX2u254fgWq84Ml2hLz0vtYF
aGyWDeNLoSyn2BhTTv19J/xtOfqQeSqAwMaY4Jc+vK3Lf8k9xNvmV0jNLyTHBz+/
BW005EG+8UyRHvXGtsWf7ehB1MzSTwEx2ytx4wtyLAcpYSEm9Qae5xutk1Ny/uev
+H0McQnuhXnjkBJhg73ZfMIll2WQf66mFN4mpOJ0Piagp639lzE5uEL8G2+NNDOV
LWSQ6daO8fRb6eax20w5I8GxDmL4gg/hZTavrUhIgYWwA7OjjKIOp/OuVG8gKD+N
/WSvG0WaqyMGy8bP6Q/4PyCThI2UP3/OiXqPiZuLXjEoMHlQfiJ3A5oPjQIDAQAB
o4ICmDCCApQwHQYDVR0OBBYEFD4pjuW+SmyKW8mOl+3QXqOJ8xn6MB8GA1UdIwQY
MBaAFFz0UBt1UALZFD6PpnNoFenw+TaVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUt
NjBjZjlhYjFiMTNlLzEvUGltTzViNUtiSXBieVk2WDdkQmVvNG56R2ZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi9jMWNhMDctOTY1OC00NDQ2LThjYjUtNjBjZjlhYjFiMTNl
LzEvWFBSUUczVlFBdGtVUG8tbWMyZ1Y2ZkQ1TnBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGtBggrBgEFBQcBBwEB/wSBnTCBmjCBiAQCAAEwgYEDAwAz
lAMDADObAwQGPgNAAwQGTWiAAwMBUkQDAwBSRzALAwMAWGEDBARYYUADBAJYYVgD
BARYYWAwCwMDAVhiAwQAWGISMAwDBABYYhUDBAVYYkAwDAMEB1higAMEA1hioDAM
AwQBWGKqAwQGWGKAAwQGkkJAAwQF1BcAAwMA2ZswDQQCAAIwBwMFAyoCgBAwDQYJ
KoZIhvcNAQELBQADggEBAGeVCAyipIxbx/bx/9rgYw4PAmkri04Y+61UP7E49jcj
FPf3oFby+0ltQpM2edByS93l3Xs4K4RzTwLdDrlXDwTDJaUoYwdu8Rxrks8nviaJ
ZYtlxaB/crRG/W5+aO7+sgT5ZGLzm7xGAVPlKWYLqWamHaOli58CVSim0zr3fvEe
hSwqDYCh+xKqmTSOLsQ8MQ1tF//XgNuq5Y21XXX5uMXaiFFl2WOrr4qYDyoD3u8n
VVRQmoQIDM//NrflcFTZB4f+qgpTYNRbm68fA50hSSm/HSUu0wbwsbVaiJGEVmlV
sgECIzMeUJ+dL2KZD2EUqdvZ7LlNe6a9yVvBPXcbkY0=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:46 2025 by rpki-client