Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/bMezNCNwdlOYbtIsPbacYgXs4mE.roa
File: bMezNCNwdlOYbtIsPbacYgXs4mE.roa (raw, json)
Hash identifier: fCSTVZLdEaGUz9Qyuwvw4wOBBUSjrK0cS/P0VURH6XA=
Subject key identifier: 6C:C7:B3:34:23:70:76:53:98:6E:D2:2C:3D:B6:9C:62:05:EC:E2:61
Certificate issuer: /CN=0c90c356e2864f43894857443555d8b5c0352819
Certificate serial: 019962058F6BC200E0A2F0AF7414D556F043
Authority key identifier: 0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/bMezNCNwdlOYbtIsPbacYgXs4mE.roa
Signing time: Fri 19 Sep 2025 12:49:15 +0000
ROA not before: Fri 19 Sep 2025 12:49:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44395
IP address blocks: 5.77.128.0/17 maxlen: 24
37.157.209.0/24 maxlen: 24
37.157.210.0/23 maxlen: 23
37.157.210.0/24 maxlen: 24
37.157.212.0/24 maxlen: 24
37.157.213.0/24 maxlen: 24
37.157.214.0/24 maxlen: 24
37.157.215.0/24 maxlen: 24
37.157.216.0/24 maxlen: 24
37.157.217.0/24 maxlen: 24
37.157.218.0/24 maxlen: 24
37.157.219.0/24 maxlen: 24
37.157.220.0/24 maxlen: 24
37.157.221.0/24 maxlen: 24
37.157.222.0/24 maxlen: 24
37.157.223.0/24 maxlen: 24
37.252.64.0/19 maxlen: 24
46.36.112.0/20 maxlen: 24
46.162.192.0/18 maxlen: 24
46.241.128.0/17 maxlen: 24
81.16.0.0/20 maxlen: 24
82.199.192.0/21 maxlen: 24
92.43.136.0/21 maxlen: 24
92.43.136.0/22 maxlen: 24
92.43.140.0/22 maxlen: 24
109.75.34.0/23 maxlen: 24
109.75.36.0/22 maxlen: 24
109.75.40.0/21 maxlen: 24
141.136.64.0/19 maxlen: 24
178.78.128.0/18 maxlen: 24
185.59.68.0/22 maxlen: 24
185.86.195.0/24 maxlen: 24
188.115.192.0/18 maxlen: 24
212.34.224.0/19 maxlen: 24
212.34.232.0/21 maxlen: 24
212.34.240.0/20 maxlen: 24
212.34.240.0/21 maxlen: 24
2a00:cc40::/29 maxlen: 48
2a00:cc40::/32 maxlen: 32
2a00:cc40::/48 maxlen: 48
2a01:4a00::/32 maxlen: 32
2a03:1080::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.mft
rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:62:05:8f:6b:c2:00:e0:a2:f0:af:74:14:d5:56:f0:43
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0c90c356e2864f43894857443555d8b5c0352819
Validity
Not Before: Sep 19 12:49:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6cc7b33423707653986ed22c3db69c6205ece261
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:cc:97:9f:2a:1c:08:59:94:56:bc:f4:45:39:
7d:17:ac:b7:c4:3f:7e:70:d0:a2:30:a3:81:bd:05:
66:df:6a:a0:19:ad:ae:bf:21:a7:7a:9e:6a:d1:d8:
f0:2d:cf:34:cd:00:fb:87:73:a3:7e:b5:ae:97:2f:
31:8c:af:ec:6a:35:25:33:c5:34:83:74:21:aa:5a:
95:0d:71:d7:d3:e4:66:35:a7:5e:b4:fb:05:c2:3f:
1e:45:52:09:1e:e1:a7:25:3f:08:39:39:81:e3:45:
d6:7e:c9:f1:db:21:47:99:4e:5b:d6:7f:39:f7:34:
a8:a8:23:a1:52:c3:59:57:26:ff:72:2e:ca:40:42:
7d:78:d6:37:99:33:9a:2c:1f:6a:79:43:18:1e:49:
36:d2:23:5d:7b:90:45:bf:61:cb:ff:e3:09:1e:80:
07:ca:f9:8b:80:f1:b7:37:76:b6:a0:a5:85:a5:78:
19:ee:5b:cd:d1:70:fb:1e:16:1a:d8:09:01:9d:10:
5e:9d:b6:a8:4d:e6:8e:1e:b5:1c:9c:53:7a:2a:ba:
43:65:f7:55:30:f7:a8:7a:98:4a:d8:5c:3b:2a:57:
97:37:3f:c9:63:6d:28:7d:60:78:f6:15:6d:58:b0:
93:1a:02:2f:5d:f4:98:4d:d3:da:60:c4:e4:0d:92:
53:6b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:C7:B3:34:23:70:76:53:98:6E:D2:2C:3D:B6:9C:62:05:EC:E2:61
X509v3 Authority Key Identifier:
keyid:0C:90:C3:56:E2:86:4F:43:89:48:57:44:35:55:D8:B5:C0:35:28:19
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DJDDVuKGT0OJSFdENVXYtcA1KBk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/bMezNCNwdlOYbtIsPbacYgXs4mE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/ac5a56-163a-497a-9547-e3799ade9dfe/1/DJDDVuKGT0OJSFdENVXYtcA1KBk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.77.128.0/17
37.157.209.0-37.157.223.255
37.252.64.0/19
46.36.112.0/20
46.162.192.0/18
46.241.128.0/17
81.16.0.0/20
82.199.192.0/21
92.43.136.0/21
109.75.34.0-109.75.47.255
141.136.64.0/19
178.78.128.0/18
185.59.68.0/22
185.86.195.0/24
188.115.192.0/18
212.34.224.0/19
IPv6:
2a00:cc40::/29
2a01:4a00::/32
2a03:1080::/32
Signature Algorithm: sha256WithRSAEncryption
74:e6:36:eb:5c:03:f3:e7:09:cb:01:93:6b:84:a6:5d:47:d0:
ad:bb:9b:ab:1a:77:c9:20:91:f9:37:b7:42:6b:a0:39:9c:92:
f2:9f:58:81:20:d6:8c:66:55:67:ef:53:f4:2a:c7:6c:5f:6c:
6c:90:08:d5:67:c1:82:1f:97:90:6c:e2:9a:65:1c:bd:23:7b:
54:9d:c2:a1:a0:c9:c2:7d:90:9c:8c:40:fc:f8:e7:c4:bc:c7:
ea:c0:64:d4:dc:a2:67:c1:9e:49:11:f7:5f:fb:1d:72:65:9f:
ef:7a:7a:51:3a:63:24:3d:61:a8:8c:b6:04:a6:98:99:10:7d:
1d:2c:70:d7:43:df:f5:84:df:7a:aa:dd:5c:1b:80:9f:80:15:
5e:42:b9:56:37:cb:51:12:04:25:56:34:2c:ca:3f:70:3f:d6:
e7:63:83:9d:ca:45:d6:4e:64:7b:67:a0:e2:f3:93:b5:2b:0a:
05:fd:f2:ea:8d:7b:8d:cc:d9:e4:da:db:19:3a:db:b0:76:dc:
41:aa:bd:0d:98:19:8c:2a:0c:87:6e:aa:13:59:3c:1f:40:3a:
ba:43:7a:39:4d:a2:65:df:1c:fc:05:f3:3b:06:21:e1:6f:bf:
25:31:be:2b:44:62:f7:a5:76:ed:9a:3e:f3:e2:c5:86:7b:3e:
83:a3:16:7b
-----BEGIN CERTIFICATE-----
MIIFhzCCBG+gAwIBAgISAZliBY9rwgDgovCvdBTVVvBDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjOTBjMzU2ZTI4NjRmNDM4OTQ4NTc0NDM1NTVkOGI1YzAz
NTI4MTkwHhcNMjUwOTE5MTI0OTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2M3YjMzNDIzNzA3NjUzOTg2ZWQyMmMzZGI2OWM2MjA1ZWNlMjYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAucyXnyocCFmUVrz0RTl9F6y3xD9+
cNCiMKOBvQVm32qgGa2uvyGnep5q0djwLc80zQD7h3OjfrWuly8xjK/sajUlM8U0
g3QhqlqVDXHX0+RmNadetPsFwj8eRVIJHuGnJT8IOTmB40XWfsnx2yFHmU5b1n85
9zSoqCOhUsNZVyb/ci7KQEJ9eNY3mTOaLB9qeUMYHkk20iNde5BFv2HL/+MJHoAH
yvmLgPG3N3a2oKWFpXgZ7lvN0XD7HhYa2AkBnRBenbaoTeaOHrUcnFN6KrpDZfdV
MPeoephK2Fw7KleXNz/JY20ofWB49hVtWLCTGgIvXfSYTdPaYMTkDZJTawIDAQAB
o4ICkzCCAo8wHQYDVR0OBBYEFGzHszQjcHZTmG7SLD22nGIF7OJhMB8GA1UdIwQY
MBaAFAyQw1bihk9DiUhXRDVV2LXANSgZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDct
ZTM3OTlhZGU5ZGZlLzEvYk1lek5DTndkbE9ZYnRJc1BiYWNZZ1hzNG1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9hYzVhNTYtMTYzYS00OTdhLTk1NDctZTM3OTlhZGU5ZGZl
LzEvREpERFZ1S0dUME9KU0ZkRU5WWFl0Y0ExS0JrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGoBggrBgEFBQcBBwEB/wSBmDCBlTB2BAIAATBwAwQHBU2A
MAwDBAAlndEDBAUlncADBAUl/EADBAQuJHADBAYuosADBAcu8YADBARREAADBANS
x8ADBANcK4gwDAMEAW1LIgMEBG1LIAMEBY2IQAMEBrJOgAMEArk7RAMEALlWwwME
BrxzwAMEBdQi4DAbBAIAAjAVAwUDKgDMQAMFACoBSgADBQAqAxCAMA0GCSqGSIb3
DQEBCwUAA4IBAQB05jbrXAPz5wnLAZNrhKZdR9Ctu5urGnfJIJH5N7dCa6A5nJLy
n1iBINaMZlVn71P0KsdsX2xskAjVZ8GCH5eQbOKaZRy9I3tUncKhoMnCfZCcjED8
+OfEvMfqwGTU3KJnwZ5JEfdf+x1yZZ/venpROmMkPWGojLYEppiZEH0dLHDXQ9/1
hN96qt1cG4CfgBVeQrlWN8tREgQlVjQsyj9wP9bnY4OdykXWTmR7Z6Di85O1KwoF
/fLqjXuNzNnk2tsZOtuwdtxBqr0NmBmMKgyHbqoTWTwfQDq6Q3o5TaJl3xz8BfM7
BiHhb78lMb4rRGL3pXbtmj7z4sWGez6DoxZ7
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:10:21 2025 by rpki-client