Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/yw5vGp8F-wq8PHmMa9xy_6a1sNo.roa
File: yw5vGp8F-wq8PHmMa9xy_6a1sNo.roa (raw, json)
Hash identifier: +t/O1FCcNd8m1cdK/0R5uMlJp79H097Pt7F0twr+l3s=
Subject key identifier: CB:0E:6F:1A:9F:05:FB:0A:BC:3C:79:8C:6B:DC:72:FF:A6:B5:B0:DA
Certificate issuer: /CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Certificate serial: 0198A1734C88B99CD8EF4D51F37734CE962B
Authority key identifier: 69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/yw5vGp8F-wq8PHmMa9xy_6a1sNo.roa
Signing time: Wed 13 Aug 2025 03:22:24 +0000
ROA not before: Wed 13 Aug 2025 03:22:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 59711
IP address blocks: 5.149.248.0/23 maxlen: 23
5.149.254.0/23 maxlen: 23
77.83.196.0/24 maxlen: 24
77.83.197.0/24 maxlen: 24
77.83.198.0/24 maxlen: 24
79.141.164.0/23 maxlen: 23
79.141.174.0/23 maxlen: 23
85.158.108.0/24 maxlen: 24
85.158.109.0/24 maxlen: 24
85.158.110.0/24 maxlen: 24
89.150.40.0/24 maxlen: 24
89.150.45.0/24 maxlen: 24
89.150.48.0/24 maxlen: 24
89.150.57.0/24 maxlen: 24
91.193.18.0/24 maxlen: 24
91.220.8.0/24 maxlen: 24
185.40.86.0/24 maxlen: 24
185.80.52.0/23 maxlen: 23
185.80.54.0/23 maxlen: 23
185.81.114.0/23 maxlen: 23
185.81.114.0/24 maxlen: 24
185.81.115.0/24 maxlen: 24
185.104.192.0/24 maxlen: 24
185.104.193.0/24 maxlen: 24
185.104.194.0/24 maxlen: 24
185.117.88.0/23 maxlen: 23
185.117.90.0/23 maxlen: 23
185.123.102.0/24 maxlen: 24
185.174.133.0/24 maxlen: 24
185.174.135.0/24 maxlen: 24
185.221.222.0/24 maxlen: 24
185.221.223.0/24 maxlen: 24
185.235.137.0/24 maxlen: 24
185.235.138.0/24 maxlen: 24
185.253.116.0/24 maxlen: 24
185.253.117.0/24 maxlen: 24
185.253.118.0/24 maxlen: 24
193.42.36.0/24 maxlen: 24
193.42.39.0/24 maxlen: 24
193.111.208.0/24 maxlen: 24
195.95.155.0/24 maxlen: 24
2a01:8640::/48 maxlen: 48
2a01:8640:2::/48 maxlen: 48
2a01:8640:6::/48 maxlen: 48
2a01:8640:9::/48 maxlen: 48
2a01:8640:a::/48 maxlen: 48
2a01:8640:f::/48 maxlen: 48
2a01:8640:11::/48 maxlen: 48
2a01:8640:12::/48 maxlen: 48
2a01:8640:13::/48 maxlen: 48
2a01:8640:14::/48 maxlen: 48
2a01:8640:15::/48 maxlen: 48
2a01:8640:17::/48 maxlen: 48
2a01:8640:18::/48 maxlen: 48
2a01:8640:1a::/48 maxlen: 48
2a01:8640:1b::/48 maxlen: 48
2a01:8640:1c::/48 maxlen: 48
2a01:8640:1d::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.mft
rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 06:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a1:73:4c:88:b9:9c:d8:ef:4d:51:f3:77:34:ce:96:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=691242c33bc2e2e9e45850a0fc64ab2c7506a4b8
Validity
Not Before: Aug 13 03:22:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cb0e6f1a9f05fb0abc3c798c6bdc72ffa6b5b0da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:22:89:9c:d9:12:ad:37:a4:81:b7:32:30:e3:
a6:97:f9:bb:6e:70:07:23:b2:90:92:04:42:68:a4:
1c:13:21:2d:a8:d2:dc:bb:35:d1:1f:bc:c6:6a:36:
6f:55:18:32:30:81:27:0b:8c:2f:a3:8b:55:1e:f7:
bb:27:01:78:ee:34:0f:4e:d6:a2:d0:f0:d6:6e:38:
26:d9:d4:18:be:e5:d9:22:7f:81:4c:f9:d5:a6:1d:
eb:3a:18:20:27:78:bf:7d:26:6c:75:ef:60:a3:9d:
70:0e:2f:28:35:ac:18:c2:0d:bb:1a:1d:a0:37:f7:
94:ee:a2:c7:1f:98:b8:c9:b2:bd:78:1d:13:a6:6c:
ff:cd:ea:b6:e2:d4:20:02:00:56:5b:d6:de:f0:7a:
2c:2b:94:02:2a:d1:21:01:c6:d1:3e:e3:ed:9b:25:
59:f9:39:5d:c4:11:a4:75:cb:65:c4:4d:e0:0d:5b:
eb:b6:7d:c4:4b:2d:b5:ff:67:f7:04:5c:f3:ad:68:
ef:29:0e:fe:7f:40:68:e2:14:0c:25:16:8c:62:85:
fa:88:62:5c:15:72:9b:80:d7:8d:e1:9a:5c:a0:5d:
ce:21:a2:3c:72:09:70:e9:19:c5:67:c1:b6:95:52:
97:0d:e2:94:3d:12:69:b6:21:06:91:f7:4c:37:d5:
44:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CB:0E:6F:1A:9F:05:FB:0A:BC:3C:79:8C:6B:DC:72:FF:A6:B5:B0:DA
X509v3 Authority Key Identifier:
keyid:69:12:42:C3:3B:C2:E2:E9:E4:58:50:A0:FC:64:AB:2C:75:06:A4:B8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aRJCwzvC4unkWFCg_GSrLHUGpLg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/yw5vGp8F-wq8PHmMa9xy_6a1sNo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/6356b9-c49f-4b4d-8e29-362ffe8ee270/1/aRJCwzvC4unkWFCg_GSrLHUGpLg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.149.248.0/23
5.149.254.0/23
77.83.196.0-77.83.198.255
79.141.164.0/23
79.141.174.0/23
85.158.108.0-85.158.110.255
89.150.40.0/24
89.150.45.0/24
89.150.48.0/24
89.150.57.0/24
91.193.18.0/24
91.220.8.0/24
185.40.86.0/24
185.80.52.0/22
185.81.114.0/23
185.104.192.0-185.104.194.255
185.117.88.0/22
185.123.102.0/24
185.174.133.0/24
185.174.135.0/24
185.221.222.0/23
185.235.137.0-185.235.138.255
185.253.116.0-185.253.118.255
193.42.36.0/24
193.42.39.0/24
193.111.208.0/24
195.95.155.0/24
IPv6:
2a01:8640::/48
2a01:8640:2::/48
2a01:8640:6::/48
2a01:8640:9::-2a01:8640:a:ffff:ffff:ffff:ffff:ffff
2a01:8640:f::/48
2a01:8640:11::-2a01:8640:15:ffff:ffff:ffff:ffff:ffff
2a01:8640:17::-2a01:8640:18:ffff:ffff:ffff:ffff:ffff
2a01:8640:1a::-2a01:8640:1d:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
1d:d2:ca:ee:9c:63:7d:34:8d:72:b8:3e:f7:c3:e7:76:8d:07:
4d:9f:63:96:89:18:a6:e7:69:40:f7:c2:de:76:84:11:ca:5a:
ac:fe:40:97:54:5b:d4:03:75:ed:29:11:1f:4a:53:a0:89:5c:
30:bd:ee:b2:e1:21:25:08:cc:ab:de:c6:35:2a:4f:d8:10:e8:
7a:bb:4c:f5:8d:dd:7c:26:9e:28:7d:b9:b5:5e:53:82:6d:17:
6b:0b:42:51:32:94:d0:ff:f9:ec:68:83:2f:d7:c0:ce:b0:9c:
9b:16:68:71:bb:f3:4e:cc:01:f1:58:eb:1c:23:0a:c3:df:ec:
e9:97:38:86:e0:ef:a5:5a:bf:0b:f6:a5:ad:94:98:09:d0:ac:
af:5d:25:28:14:eb:54:f1:ec:a2:51:3b:5a:a5:e1:16:f3:d9:
72:dd:18:ce:c7:d4:d5:3b:38:ad:03:4e:dc:12:e8:b0:d5:d5:
24:f2:20:f4:3e:68:7a:da:36:c3:56:46:35:6b:a9:7f:74:91:
c0:bc:5a:2c:a3:73:37:a0:b6:08:a8:9b:a9:c8:6b:66:ac:27:
23:e2:ac:c1:7f:93:2d:45:3b:7a:f9:a5:03:4d:80:ec:16:51:
d2:9a:1f:dc:94:2a:6c:d6:8e:42:47:c9:d9:0f:c2:37:fb:9e:
c5:59:58:7e
-----BEGIN CERTIFICATE-----
MIIGRTCCBS2gAwIBAgISAZihc0yIuZzY701R83c0zpYrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5MTI0MmMzM2JjMmUyZTllNDU4NTBhMGZjNjRhYjJjNzUw
NmE0YjgwHhcNMjUwODEzMDMyMjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYjBlNmYxYTlmMDVmYjBhYmMzYzc5OGM2YmRjNzJmZmE2YjViMGRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjCKJnNkSrTekgbcyMOOml/m7bnAH
I7KQkgRCaKQcEyEtqNLcuzXRH7zGajZvVRgyMIEnC4wvo4tVHve7JwF47jQPTtai
0PDWbjgm2dQYvuXZIn+BTPnVph3rOhggJ3i/fSZsde9go51wDi8oNawYwg27Gh2g
N/eU7qLHH5i4ybK9eB0Tpmz/zeq24tQgAgBWW9be8HosK5QCKtEhAcbRPuPtmyVZ
+TldxBGkdctlxE3gDVvrtn3ESy21/2f3BFzzrWjvKQ7+f0Bo4hQMJRaMYoX6iGJc
FXKbgNeN4ZpcoF3OIaI8cglw6RnFZ8G2lVKXDeKUPRJptiEGkfdMN9VElwIDAQAB
o4IDUTCCA00wHQYDVR0OBBYEFMsObxqfBfsKvDx5jGvccv+mtbDaMB8GA1UdIwQY
MBaAFGkSQsM7wuLp5FhQoPxkqyx1BqS4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjkt
MzYyZmZlOGVlMjcwLzEveXc1dkdwOEYtd3E4UEhtTWE5eHlfNmExc05vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy82MzU2YjktYzQ5Zi00YjRkLThlMjktMzYyZmZlOGVlMjcw
LzEvYVJKQ3d6dkM0dW5rV0ZDZ19HU3JMSFVHcExnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZQYIKwYBBQUHAQcBAf8EggFUMIIBUDCB0QQCAAEwgcoD
BAEFlfgDBAEFlf4wDAMEAk1TxAMEAE1TxgMEAU+NpAMEAU+NrjAMAwQCVZ5sAwQA
VZ5uAwQAWZYoAwQAWZYtAwQAWZYwAwQAWZY5AwQAW8ESAwQAW9wIAwQAuShWAwQC
uVA0AwQBuVFyMAwDBAa5aMADBAC5aMIDBAK5dVgDBAC5e2YDBAC5roUDBAC5rocD
BAG53d4wDAMEALnriQMEALnrijAMAwQCuf10AwQAuf12AwQAwSokAwQAwSonAwQA
wW/QAwQAw1+bMHoEAgACMHQDBwAqAYZAAAADBwAqAYZAAAIDBwAqAYZAAAYwEgMH
ACoBhkAACQMHACoBhkAACgMHACoBhkAADzASAwcAKgGGQAARAwcBKgGGQAAUMBID
BwAqAYZAABcDBwAqAYZAABgwEgMHASoBhkAAGgMHASoBhkAAHDANBgkqhkiG9w0B
AQsFAAOCAQEAHdLK7pxjfTSNcrg+98Pndo0HTZ9jlokYpudpQPfC3naEEcparP5A
l1Rb1AN17SkRH0pToIlcML3usuEhJQjMq97GNSpP2BDoertM9Y3dfCaeKH25tV5T
gm0XawtCUTKU0P/57GiDL9fAzrCcmxZocbvzTswB8VjrHCMKw9/s6Zc4huDvpVq/
C/alrZSYCdCsr10lKBTrVPHsolE7WqXhFvPZct0YzsfU1Ts4rQNO3BLosNXVJPIg
9D5oeto2w1ZGNWupf3SRwLxaLKNzN6C2CKibqchrZqwnI+KswX+TLUU7evmlA02A
7BZR0pof3JQqbNaOQkfJ2Q/CN/uexVlYfg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:27:42 2025 by rpki-client