Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/vAX6cMjo8la6961Io6NKSibrpLs.roa
File: vAX6cMjo8la6961Io6NKSibrpLs.roa (raw, json)
Hash identifier: QGc4CY1otQW+SDtxZLvjRsQAMwHLQ4AN0c1HPwQX50Y=
Subject key identifier: BC:05:FA:70:C8:E8:F2:56:BA:F7:AD:48:A3:A3:4A:4A:26:EB:A4:BB
Certificate issuer: /CN=237c83447d17183380f489bc946c8b9e300ffb1d
Certificate serial: 0198D3FB6472E75F1C865032D23E8A15BD9B
Authority key identifier: 23:7C:83:44:7D:17:18:33:80:F4:89:BC:94:6C:8B:9E:30:0F:FB:1D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/vAX6cMjo8la6961Io6NKSibrpLs.roa
Signing time: Fri 22 Aug 2025 22:52:04 +0000
ROA not before: Fri 22 Aug 2025 22:52:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54253
IP address blocks: 79.72.22.0/23 maxlen: 23
79.72.36.0/23 maxlen: 23
79.72.39.0/24 maxlen: 24
79.72.96.0/22 maxlen: 22
79.72.96.0/23 maxlen: 23
79.72.98.0/23 maxlen: 23
79.72.100.0/23 maxlen: 23
79.72.104.0/21 maxlen: 21
79.72.112.0/21 maxlen: 21
79.72.128.0/22 maxlen: 22
79.72.128.0/23 maxlen: 23
79.72.130.0/23 maxlen: 23
79.72.132.0/23 maxlen: 23
79.72.136.0/21 maxlen: 21
79.72.144.0/21 maxlen: 21
79.76.21.0/24 maxlen: 24
79.76.22.0/23 maxlen: 23
80.225.32.0/22 maxlen: 22
80.225.32.0/23 maxlen: 23
80.225.34.0/23 maxlen: 23
80.225.36.0/23 maxlen: 23
80.225.40.0/21 maxlen: 21
80.225.48.0/21 maxlen: 21
80.225.96.0/22 maxlen: 22
80.225.96.0/23 maxlen: 23
80.225.98.0/23 maxlen: 23
80.225.100.0/23 maxlen: 23
80.225.104.0/21 maxlen: 21
80.225.112.0/21 maxlen: 21
84.8.0.0/22 maxlen: 22
84.8.0.0/23 maxlen: 23
84.8.2.0/23 maxlen: 23
84.8.4.0/23 maxlen: 23
84.8.8.0/21 maxlen: 21
84.8.16.0/21 maxlen: 21
84.8.32.0/22 maxlen: 22
84.8.32.0/23 maxlen: 23
84.8.34.0/23 maxlen: 23
84.8.36.0/23 maxlen: 23
84.8.40.0/21 maxlen: 21
84.8.48.0/21 maxlen: 21
84.8.160.0/22 maxlen: 22
84.8.160.0/23 maxlen: 23
84.8.162.0/23 maxlen: 23
84.8.164.0/23 maxlen: 23
84.8.168.0/21 maxlen: 21
84.8.176.0/21 maxlen: 21
84.235.128.0/22 maxlen: 22
84.235.128.0/23 maxlen: 23
84.235.130.0/23 maxlen: 23
84.235.132.0/23 maxlen: 23
84.235.136.0/21 maxlen: 21
84.235.144.0/21 maxlen: 21
84.235.194.0/23 maxlen: 23
141.253.128.0/22 maxlen: 22
141.253.128.0/23 maxlen: 23
141.253.130.0/23 maxlen: 23
141.253.132.0/23 maxlen: 23
141.253.136.0/21 maxlen: 21
141.253.144.0/21 maxlen: 21
141.253.224.0/22 maxlen: 22
141.253.224.0/23 maxlen: 23
141.253.226.0/23 maxlen: 23
141.253.228.0/23 maxlen: 23
141.253.232.0/21 maxlen: 21
141.253.240.0/21 maxlen: 21
213.35.64.0/22 maxlen: 22
213.35.64.0/23 maxlen: 23
213.35.66.0/23 maxlen: 23
213.35.68.0/23 maxlen: 23
213.35.72.0/21 maxlen: 21
213.35.80.0/21 maxlen: 21
217.142.192.0/22 maxlen: 22
217.142.192.0/23 maxlen: 23
217.142.194.0/23 maxlen: 23
217.142.196.0/23 maxlen: 23
217.142.200.0/21 maxlen: 21
217.142.208.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.mft
rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 17:19:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d3:fb:64:72:e7:5f:1c:86:50:32:d2:3e:8a:15:bd:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=237c83447d17183380f489bc946c8b9e300ffb1d
Validity
Not Before: Aug 22 22:52:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bc05fa70c8e8f256baf7ad48a3a34a4a26eba4bb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:a2:f0:2a:37:7b:ca:3f:58:ed:5c:7e:80:0f:
09:0a:ea:86:79:e0:72:81:10:ee:65:b1:ec:1a:dc:
18:35:09:4a:f5:01:6a:21:ed:aa:ae:0b:f1:36:14:
83:c9:bf:20:11:81:c4:7b:f6:a3:9a:09:81:db:2d:
5c:54:e8:de:dd:b6:27:f9:bc:5c:ce:20:e1:1e:a1:
07:94:bb:a4:68:6d:f8:10:62:51:42:00:c4:44:68:
86:49:94:2b:6c:89:b2:41:c1:23:2a:48:9e:12:80:
2c:34:0d:7f:cd:10:b2:a6:3e:75:0c:bf:46:53:9a:
ea:1a:df:27:22:7f:dd:28:11:55:69:db:c1:5c:7d:
85:19:89:eb:04:51:94:76:bc:78:03:69:8e:2a:ca:
5e:b4:ba:53:41:19:58:5b:6a:42:cb:da:b8:9c:29:
fc:69:2e:ed:3e:ad:2d:cd:26:05:c7:36:bb:03:b1:
97:a9:11:fb:f9:2b:d9:fd:3a:4c:af:9c:b0:c8:19:
51:36:ba:b1:76:9d:1b:7d:9e:a1:59:90:9f:92:00:
38:74:fd:95:f4:05:19:be:a3:03:f9:91:78:02:f6:
5d:ad:36:16:5c:fb:07:07:3d:9e:6c:4b:e7:6f:31:
6d:8a:ec:4f:30:cd:85:c8:78:ae:17:96:70:17:55:
46:af
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BC:05:FA:70:C8:E8:F2:56:BA:F7:AD:48:A3:A3:4A:4A:26:EB:A4:BB
X509v3 Authority Key Identifier:
keyid:23:7C:83:44:7D:17:18:33:80:F4:89:BC:94:6C:8B:9E:30:0F:FB:1D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I3yDRH0XGDOA9Im8lGyLnjAP-x0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/vAX6cMjo8la6961Io6NKSibrpLs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/9d59e1-7a67-469d-b4da-8b3372234dc0/1/I3yDRH0XGDOA9Im8lGyLnjAP-x0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.72.22.0/23
79.72.36.0/23
79.72.39.0/24
79.72.96.0-79.72.101.255
79.72.104.0-79.72.119.255
79.72.128.0-79.72.133.255
79.72.136.0-79.72.151.255
79.76.21.0-79.76.23.255
80.225.32.0-80.225.37.255
80.225.40.0-80.225.55.255
80.225.96.0-80.225.101.255
80.225.104.0-80.225.119.255
84.8.0.0-84.8.5.255
84.8.8.0-84.8.23.255
84.8.32.0-84.8.37.255
84.8.40.0-84.8.55.255
84.8.160.0-84.8.165.255
84.8.168.0-84.8.183.255
84.235.128.0-84.235.133.255
84.235.136.0-84.235.151.255
84.235.194.0/23
141.253.128.0-141.253.133.255
141.253.136.0-141.253.151.255
141.253.224.0-141.253.229.255
141.253.232.0-141.253.247.255
213.35.64.0-213.35.69.255
213.35.72.0-213.35.87.255
217.142.192.0-217.142.197.255
217.142.200.0-217.142.215.255
Signature Algorithm: sha256WithRSAEncryption
24:12:fc:67:e3:e2:29:a4:82:e0:20:5d:df:7a:6e:0a:e3:11:
ce:c9:4e:42:62:5b:1a:59:b5:c4:28:a1:0d:b8:9b:16:48:fe:
7c:dc:3d:19:15:76:dd:ee:79:05:8d:4d:d8:c6:ee:99:a0:0b:
dc:40:5c:d6:fc:d3:6d:6e:18:65:1f:32:09:c1:87:65:ad:45:
85:cf:93:40:43:18:91:ff:d5:77:ee:ac:06:ca:88:c7:1d:69:
0e:e7:c1:a4:fc:d6:3a:3b:cf:04:f5:16:ed:fb:4f:f2:c1:37:
98:25:57:07:dd:55:b8:1c:2d:74:e6:0b:6c:17:7a:d0:7a:c1:
70:c6:16:f5:05:5a:01:a8:97:e8:8a:da:a4:5a:97:1f:c9:8c:
85:77:cc:27:d4:6c:78:8b:c9:26:65:43:5a:93:ce:50:45:17:
b4:11:f6:4f:18:fd:6d:f9:ef:fa:dd:68:d6:b8:fb:05:81:1c:
7e:ee:53:2e:c8:1b:0c:3d:96:5a:a9:36:71:cc:53:e8:94:e2:
21:ec:66:ad:44:66:8d:b6:a3:e6:0c:2a:1b:e1:79:99:e8:0f:
1b:fb:f7:8a:cb:3e:80:0b:c2:31:94:df:33:6f:07:98:a5:96:
e4:b5:35:06:de:66:22:aa:97:7c:3e:cf:80:24:84:f5:9b:67:
f7:30:15:7d
-----BEGIN CERTIFICATE-----
MIIGdjCCBV6gAwIBAgISAZjT+2Ry518chlAy0j6KFb2bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzN2M4MzQ0N2QxNzE4MzM4MGY0ODliYzk0NmM4YjllMzAw
ZmZiMWQwHhcNMjUwODIyMjI1MjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYzA1ZmE3MGM4ZThmMjU2YmFmN2FkNDhhM2EzNGE0YTI2ZWJhNGJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi6LwKjd7yj9Y7Vx+gA8JCuqGeeBy
gRDuZbHsGtwYNQlK9QFqIe2qrgvxNhSDyb8gEYHEe/ajmgmB2y1cVOje3bYn+bxc
ziDhHqEHlLukaG34EGJRQgDERGiGSZQrbImyQcEjKkieEoAsNA1/zRCypj51DL9G
U5rqGt8nIn/dKBFVadvBXH2FGYnrBFGUdrx4A2mOKspetLpTQRlYW2pCy9q4nCn8
aS7tPq0tzSYFxza7A7GXqRH7+SvZ/TpMr5ywyBlRNrqxdp0bfZ6hWZCfkgA4dP2V
9AUZvqMD+ZF4AvZdrTYWXPsHBz2ebEvnbzFtiuxPMM2FyHiuF5ZwF1VGrwIDAQAB
o4IDgjCCA34wHQYDVR0OBBYEFLwF+nDI6PJWuvetSKOjSkom66S7MB8GA1UdIwQY
MBaAFCN8g0R9FxgzgPSJvJRsi54wD/sdMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS85ZDU5ZTEtN2E2Ny00NjlkLWI0ZGEt
OGIzMzcyMjM0ZGMwLzEvdkFYNmNNam84bGE2OTYxSW82TktTaWJycExzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS85ZDU5ZTEtN2E2Ny00NjlkLWI0ZGEtOGIzMzcyMjM0ZGMw
LzEvSTN5RFJIMFhHRE9BOUltOGxHeUxuakFQLXgwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBlgYIKwYBBQUHAQcBAf8EggGFMIIBgTCCAX0EAgABMIIB
dQMEAU9IFgMEAU9IJAMEAE9IJzAMAwQFT0hgAwQBT0hkMAwDBANPSGgDBANPSHAw
DAMEB09IgAMEAU9IhDAMAwQDT0iIAwQDT0iQMAwDBABPTBUDBANPTBAwDAMEBVDh
IAMEAVDhJDAMAwQDUOEoAwQDUOEwMAwDBAVQ4WADBAFQ4WQwDAMEA1DhaAMEA1Dh
cDALAwMDVAgDBAFUCAQwDAMEA1QICAMEA1QIEDAMAwQFVAggAwQBVAgkMAwDBANU
CCgDBANUCDAwDAMEBVQIoAMEAVQIpDAMAwQDVAioAwQDVAiwMAwDBAdU64ADBAFU
64QwDAMEA1TriAMEA1TrkAMEAVTrwjAMAwQHjf2AAwQBjf2EMAwDBAON/YgDBAON
/ZAwDAMEBY394AMEAY395DAMAwQDjf3oAwQDjf3wMAwDBAbVI0ADBAHVI0QwDAME
A9UjSAMEA9UjUDAMAwQG2Y7AAwQB2Y7EMAwDBAPZjsgDBAPZjtAwDQYJKoZIhvcN
AQELBQADggEBACQS/Gfj4imkguAgXd96bgrjEc7JTkJiWxpZtcQooQ24mxZI/nzc
PRkVdt3ueQWNTdjG7pmgC9xAXNb8021uGGUfMgnBh2WtRYXPk0BDGJH/1XfurAbK
iMcdaQ7nwaT81jo7zwT1Fu37T/LBN5glVwfdVbgcLXTmC2wXetB6wXDGFvUFWgGo
l+iK2qRalx/JjIV3zCfUbHiLySZlQ1qTzlBFF7QR9k8Y/W357/rdaNa4+wWBHH7u
Uy7IGww9llqpNnHMU+iU4iHsZq1EZo22o+YMKhvheZnoDxv794rLPoALwjGU3zNv
B5illuS1NQbeZiKql3w+z4AkhPWbZ/cwFX0=
-----END CERTIFICATE-----
Generated at Sun Aug 24 03:17:50 2025 by rpki-client