Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Xh5sljusme-a5168zOA_Qoh1nqM.roa
File: Xh5sljusme-a5168zOA_Qoh1nqM.roa (raw, json)
Hash identifier: SCrnvepcA5q+v9pudE90mYTsMwfBB9I3ZOeLK/tRmkU=
Subject key identifier: 5E:1E:6C:96:3B:AC:99:EF:9A:E7:5E:BC:CC:E0:3F:42:88:75:9E:A3
Certificate issuer: /CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Certificate serial: 0198CCA4BA04CCCFF0458580EF90159EA191
Authority key identifier: 19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Xh5sljusme-a5168zOA_Qoh1nqM.roa
Signing time: Thu 21 Aug 2025 12:40:04 +0000
ROA not before: Thu 21 Aug 2025 12:40:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 13213
IP address blocks: 31.24.224.0/21 maxlen: 24
37.123.112.0/21 maxlen: 24
37.123.112.0/24 maxlen: 24
46.23.64.0/21 maxlen: 21
46.23.72.0/22 maxlen: 22
46.23.76.0/22 maxlen: 24
77.92.64.0/21 maxlen: 21
77.92.72.0/22 maxlen: 22
77.92.76.0/23 maxlen: 23
77.92.78.0/23 maxlen: 23
77.92.80.0/20 maxlen: 20
82.163.72.0/21 maxlen: 24
83.170.64.0/18 maxlen: 18
83.170.69.0/24 maxlen: 24
88.202.176.0/23 maxlen: 23
88.202.177.0/24 maxlen: 24
88.202.178.0/24 maxlen: 24
88.202.179.0/24 maxlen: 24
88.202.180.0/22 maxlen: 22
88.202.184.0/24 maxlen: 24
88.202.185.0/24 maxlen: 24
88.202.186.0/23 maxlen: 23
88.202.188.0/22 maxlen: 22
88.202.224.0/21 maxlen: 24
91.109.240.0/21 maxlen: 21
109.123.64.0/19 maxlen: 24
109.123.96.0/20 maxlen: 24
109.123.112.0/20 maxlen: 20
176.67.160.0/21 maxlen: 21
176.67.169.0/24 maxlen: 24
176.67.171.0/24 maxlen: 24
176.67.172.0/22 maxlen: 24
185.7.224.0/22 maxlen: 24
2a02:2498::/47 maxlen: 47
2a02:2498:4::/48 maxlen: 48
2a02:2498:5::/48 maxlen: 48
2a02:2498:16::/48 maxlen: 48
2a02:2498:1000::/36 maxlen: 36
2a02:2498:257b::/48 maxlen: 48
2a02:2498:53aa::/48 maxlen: 48
2a02:2498:6d7b::/48 maxlen: 48
2a02:2498:8000::/36 maxlen: 36
2a02:2498:9000::/36 maxlen: 36
2a02:2498:a000::/36 maxlen: 36
2a02:2498:b000::/36 maxlen: 36
2a02:2498:e000::/36 maxlen: 36
2a02:2498:f000::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.mft
rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cc:a4:ba:04:cc:cf:f0:45:85:80:ef:90:15:9e:a1:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=19ffff289f2dad0fc08456b0bad54d7ba449a492
Validity
Not Before: Aug 21 12:40:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5e1e6c963bac99ef9ae75ebccce03f4288759ea3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:09:55:ff:84:30:fa:5a:5a:0e:94:68:17:44:
14:05:cc:e2:11:68:12:07:3a:2f:1e:5d:46:94:7f:
66:17:b4:5e:02:aa:67:c8:c8:89:34:e2:3b:3a:cf:
df:f7:06:01:8f:ad:cb:68:8c:3f:39:cb:95:e4:d7:
02:c3:eb:e5:3d:4b:e5:78:fc:de:fc:79:7d:34:5e:
06:d7:db:74:b5:58:26:b9:db:a5:31:78:5b:c7:3b:
48:20:2e:a9:63:e2:0f:ce:f2:76:23:21:9d:f7:62:
50:18:30:6b:08:c3:6e:62:c1:a5:26:c7:94:c6:68:
07:97:75:8e:23:ea:ea:78:20:eb:f0:f9:7a:26:b8:
35:73:a8:7a:05:ca:1d:c1:7b:bb:bc:0b:85:b9:f9:
01:bb:5e:d8:20:9b:bb:3e:f1:df:9e:05:78:7e:af:
2a:12:3b:26:76:35:13:6e:5f:81:6c:f5:64:07:b7:
ab:87:a5:f9:dd:13:83:85:47:31:32:6c:1a:84:fa:
9d:0f:64:4c:1e:2c:57:af:e9:ac:50:18:23:bd:e9:
ea:93:fe:ba:ca:ab:96:64:7f:0d:fc:97:1b:10:00:
18:fc:56:12:74:8e:07:12:77:1d:4f:3e:dd:d0:0f:
b9:e0:06:6a:cb:99:0e:50:b9:7e:ca:4c:f1:7a:f1:
00:07
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5E:1E:6C:96:3B:AC:99:EF:9A:E7:5E:BC:CC:E0:3F:42:88:75:9E:A3
X509v3 Authority Key Identifier:
keyid:19:FF:FF:28:9F:2D:AD:0F:C0:84:56:B0:BA:D5:4D:7B:A4:49:A4:92
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Gf__KJ8trQ_AhFawutVNe6RJpJI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Xh5sljusme-a5168zOA_Qoh1nqM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d4/c11c87-efbb-45e8-9b03-d525718aa44a/1/Gf__KJ8trQ_AhFawutVNe6RJpJI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.24.224.0/21
37.123.112.0/21
46.23.64.0/20
77.92.64.0/19
82.163.72.0/21
83.170.64.0/18
88.202.176.0/20
88.202.224.0/21
91.109.240.0/21
109.123.64.0/18
176.67.160.0/21
176.67.169.0/24
176.67.171.0-176.67.175.255
185.7.224.0/22
IPv6:
2a02:2498::/47
2a02:2498:4::/47
2a02:2498:16::/48
2a02:2498:1000::/36
2a02:2498:257b::/48
2a02:2498:53aa::/48
2a02:2498:6d7b::/48
2a02:2498:8000::/34
2a02:2498:e000::/35
Signature Algorithm: sha256WithRSAEncryption
b6:71:72:1b:65:92:49:40:63:33:97:a7:cf:05:e6:97:6c:5e:
19:a0:01:a7:94:ac:e3:cb:b9:13:45:1e:a7:b5:a0:fa:3b:90:
23:e5:7c:13:d6:bc:f3:e3:06:4e:f3:29:ad:97:0e:b9:69:77:
91:71:95:d3:81:28:85:44:bc:b1:f5:19:39:b3:e4:6b:41:bb:
03:cb:d3:7c:d8:8b:0b:1f:b7:1e:cc:9a:34:6a:0c:eb:42:f7:
ba:6d:2c:71:50:bc:3a:f0:e3:8f:8d:8a:c0:c8:41:39:8d:1f:
e7:1a:04:25:40:b6:dc:2b:33:88:b9:b2:b2:66:6f:fb:6b:1d:
11:e9:6a:62:c2:85:81:0d:0a:4a:7c:d1:bc:e9:ad:b0:92:8d:
08:24:a9:62:66:59:ad:b0:97:15:6f:31:c7:39:36:13:0f:9f:
28:ca:47:e6:45:5c:d5:78:58:3c:4a:21:46:9c:a1:76:27:d3:
18:7c:83:30:48:80:e7:e5:e8:b0:58:8e:7c:41:a3:d2:29:7f:
4f:9f:4d:6f:be:ef:02:e1:d8:e1:9f:d1:3f:d4:b5:6f:f2:f8:
3d:d6:c7:23:96:58:e8:d9:44:c6:0b:35:86:30:78:8d:3e:5c:
f4:fe:aa:49:37:96:94:5f:fe:5d:84:95:63:a1:08:98:2c:0c:
19:b5:46:6b
-----BEGIN CERTIFICATE-----
MIIFrDCCBJSgAwIBAgISAZjMpLoEzM/wRYWA75AVnqGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE5ZmZmZjI4OWYyZGFkMGZjMDg0NTZiMGJhZDU0ZDdiYTQ0
OWE0OTIwHhcNMjUwODIxMTI0MDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ZTFlNmM5NjNiYWM5OWVmOWFlNzVlYmNjY2UwM2Y0Mjg4NzU5ZWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwQlV/4Qw+lpaDpRoF0QUBcziEWgS
BzovHl1GlH9mF7ReAqpnyMiJNOI7Os/f9wYBj63LaIw/OcuV5NcCw+vlPUvlePze
/Hl9NF4G19t0tVgmudulMXhbxztIIC6pY+IPzvJ2IyGd92JQGDBrCMNuYsGlJseU
xmgHl3WOI+rqeCDr8Pl6Jrg1c6h6BcodwXu7vAuFufkBu17YIJu7PvHfngV4fq8q
EjsmdjUTbl+BbPVkB7erh6X53RODhUcxMmwahPqdD2RMHixXr+msUBgjvenqk/66
yquWZH8N/JcbEAAY/FYSdI4HEncdTz7d0A+54AZqy5kOULl+ykzxevEABwIDAQAB
o4ICuDCCArQwHQYDVR0OBBYEFF4ebJY7rJnvmudevMzgP0KIdZ6jMB8GA1UdIwQY
MBaAFBn//yifLa0PwIRWsLrVTXukSaSSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMt
ZDUyNTcxOGFhNDRhLzEvWGg1c2xqdXNtZS1hNTE2OHpPQV9Rb2gxbnFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNC9jMTFjODctZWZiYi00NWU4LTliMDMtZDUyNTcxOGFhNDRh
LzEvR2ZfX0tKOHRyUV9BaEZhd3V0Vk5lNlJKcEpJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHNBggrBgEFBQcBBwEB/wSBvTCBujBiBAIAATBcAwQDHxjg
AwQDJXtwAwQELhdAAwQFTVxAAwQDUqNIAwQGU6pAAwQEWMqwAwQDWMrgAwQDW23w
AwQGbXtAAwQDsEOgAwQAsEOpMAwDBACwQ6sDBASwQ6ADBAK5B+AwVAQCAAIwTgMH
ASoCJJgAAAMHASoCJJgABAMHACoCJJgAFgMGBCoCJJgQAwcAKgIkmCV7AwcAKgIk
mFOqAwcAKgIkmG17AwYGKgIkmIADBgUqAiSY4DANBgkqhkiG9w0BAQsFAAOCAQEA
tnFyG2WSSUBjM5enzwXml2xeGaABp5Ss48u5E0Uep7Wg+juQI+V8E9a88+MGTvMp
rZcOuWl3kXGV04EohUS8sfUZObPka0G7A8vTfNiLCx+3HsyaNGoM60L3um0scVC8
OvDjj42KwMhBOY0f5xoEJUC23CsziLmysmZv+2sdEelqYsKFgQ0KSnzRvOmtsJKN
CCSpYmZZrbCXFW8xxzk2Ew+fKMpH5kVc1XhYPEohRpyhdifTGHyDMEiA5+XosFiO
fEGj0il/T59Nb77vAuHY4Z/RP9S1b/L4PdbHI5ZY6NlExgs1hjB4jT5c9P6qSTeW
lF/+XYSVY6EImCwMGbVGaw==
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:07:24 2025 by rpki-client