
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/tnDBwukw0h8yvmfKynq161ze7HM.roa
File: tnDBwukw0h8yvmfKynq161ze7HM.roa (raw, json)
Hash identifier: hhJlzz8ox0/NR3tX5f2QrfPo2aePRzJGPcnJfHw1RMM=
Subject key identifier: B6:70:C1:C2:E9:30:D2:1F:32:BE:67:CA:CA:7A:B5:EB:5C:DE:EC:73
Certificate issuer: /CN=26f36b5c6ca7a1698e7421a27e3d4a6b7648148d
Certificate serial: 0199513953DB0B6B084E80DB576170914A5C
Authority key identifier: 26:F3:6B:5C:6C:A7:A1:69:8E:74:21:A2:7E:3D:4A:6B:76:48:14:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/tnDBwukw0h8yvmfKynq161ze7HM.roa
Signing time: Tue 16 Sep 2025 06:32:15 +0000
ROA not before: Tue 16 Sep 2025 06:32:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58243
IP address blocks: 5.61.128.0/18 maxlen: 18
5.61.128.0/19 maxlen: 19
5.61.128.0/20 maxlen: 20
5.61.128.0/23 maxlen: 23
5.61.130.0/23 maxlen: 23
5.61.130.0/24 maxlen: 24
5.61.131.0/24 maxlen: 24
5.61.132.0/22 maxlen: 24
5.61.134.0/23 maxlen: 23
5.61.136.0/21 maxlen: 24
5.61.138.0/23 maxlen: 23
5.61.140.0/22 maxlen: 22
5.61.144.0/20 maxlen: 24
5.61.144.0/22 maxlen: 22
5.61.144.0/24 maxlen: 24
5.61.145.0/24 maxlen: 24
5.61.146.0/24 maxlen: 24
5.61.147.0/24 maxlen: 24
5.61.148.0/24 maxlen: 24
5.61.150.0/24 maxlen: 24
5.61.151.0/24 maxlen: 24
5.61.152.0/22 maxlen: 22
5.61.152.0/23 maxlen: 23
5.61.156.0/24 maxlen: 24
5.61.157.0/24 maxlen: 24
5.61.158.0/23 maxlen: 23
5.61.160.0/19 maxlen: 19
5.61.160.0/20 maxlen: 20
5.61.160.0/24 maxlen: 24
5.61.163.0/24 maxlen: 24
5.61.164.0/22 maxlen: 22
5.61.164.0/24 maxlen: 24
5.61.165.0/24 maxlen: 24
5.61.166.0/23 maxlen: 23
5.61.168.0/21 maxlen: 21
5.61.168.0/23 maxlen: 23
5.61.170.0/23 maxlen: 23
5.61.172.0/22 maxlen: 22
5.61.175.0/24 maxlen: 24
5.61.176.0/20 maxlen: 20
5.61.176.0/21 maxlen: 21
5.61.184.0/23 maxlen: 23
5.61.186.0/24 maxlen: 24
5.61.187.0/24 maxlen: 24
5.61.188.0/23 maxlen: 23
5.61.190.0/23 maxlen: 23
5.61.190.0/24 maxlen: 24
185.78.252.0/22 maxlen: 22
185.78.255.0/24 maxlen: 24
207.89.64.0/18 maxlen: 18
207.89.64.0/19 maxlen: 19
207.89.64.0/20 maxlen: 20
207.89.64.0/24 maxlen: 24
207.89.65.0/24 maxlen: 24
207.89.66.0/23 maxlen: 23
207.89.67.0/24 maxlen: 24
207.89.68.0/24 maxlen: 24
207.89.70.0/23 maxlen: 23
207.89.72.0/22 maxlen: 22
207.89.72.0/23 maxlen: 23
207.89.74.0/23 maxlen: 23
207.89.76.0/24 maxlen: 24
207.89.77.0/24 maxlen: 24
207.89.78.0/23 maxlen: 23
207.89.80.0/20 maxlen: 20
207.89.80.0/23 maxlen: 23
207.89.82.0/24 maxlen: 24
207.89.83.0/24 maxlen: 24
207.89.86.0/23 maxlen: 23
207.89.88.0/22 maxlen: 22
207.89.92.0/22 maxlen: 22
207.89.92.0/24 maxlen: 24
207.89.96.0/19 maxlen: 24
207.89.96.0/20 maxlen: 20
207.89.96.0/24 maxlen: 24
207.89.101.0/24 maxlen: 24
207.89.108.0/24 maxlen: 24
207.89.109.0/24 maxlen: 24
207.89.112.0/20 maxlen: 20
207.89.116.0/23 maxlen: 23
207.89.118.0/23 maxlen: 23
207.89.120.0/21 maxlen: 21
2a01:5240::/29 maxlen: 29
2a01:5240::/30 maxlen: 30
2a01:5241::/39 maxlen: 39
2a01:5244::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/JvNrXGynoWmOdCGifj1Ka3ZIFI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/JvNrXGynoWmOdCGifj1Ka3ZIFI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:51:39:53:db:0b:6b:08:4e:80:db:57:61:70:91:4a:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=26f36b5c6ca7a1698e7421a27e3d4a6b7648148d
Validity
Not Before: Sep 16 06:32:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b670c1c2e930d21f32be67caca7ab5eb5cdeec73
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:9d:d2:c6:91:70:04:aa:7c:a3:e3:68:f7:9c:
49:7b:a7:5b:12:ed:c7:eb:0d:84:20:cc:aa:73:02:
bd:d8:71:be:c4:e4:38:7e:2b:38:e5:aa:50:eb:12:
96:9f:ac:ed:4b:54:cf:5a:7c:5b:6d:8c:fb:43:de:
d0:d7:72:ec:39:92:83:54:3f:6d:ef:9c:fe:d0:bd:
1e:59:a2:c7:28:67:3a:2d:ec:81:34:f5:0e:16:89:
e1:b6:07:01:f0:fc:fa:74:57:89:0e:00:63:1a:af:
9d:e0:e8:6b:25:3e:ad:17:ae:06:5a:32:4b:cb:86:
3c:2f:b5:53:04:6c:42:f9:97:e2:f4:f3:74:3a:c0:
39:27:78:37:c1:a4:2b:91:be:35:a2:1f:f8:ac:9a:
7d:57:aa:2a:aa:4f:cb:9a:45:79:4f:dd:d1:9a:b0:
53:51:10:a0:21:65:04:17:bd:a7:91:85:84:b5:66:
4f:c6:5e:4e:eb:21:05:b9:87:f7:4c:c3:3c:57:a1:
62:04:be:67:25:37:6b:4b:17:57:e3:9f:bb:41:36:
ad:ea:dd:6d:a7:ee:03:87:4e:34:d9:d4:ec:b8:d2:
57:26:f0:2f:5d:b5:0b:ac:ab:06:a6:44:f8:9b:62:
ca:ec:80:31:86:c2:04:d9:4e:a3:b1:e3:87:67:ea:
6c:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:70:C1:C2:E9:30:D2:1F:32:BE:67:CA:CA:7A:B5:EB:5C:DE:EC:73
X509v3 Authority Key Identifier:
keyid:26:F3:6B:5C:6C:A7:A1:69:8E:74:21:A2:7E:3D:4A:6B:76:48:14:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JvNrXGynoWmOdCGifj1Ka3ZIFI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/tnDBwukw0h8yvmfKynq161ze7HM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/7cc0f6-74ef-423a-a696-4a2bf4ab199d/1/JvNrXGynoWmOdCGifj1Ka3ZIFI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.128.0/18
185.78.252.0/22
207.89.64.0/18
IPv6:
2a01:5240::/29
Signature Algorithm: sha256WithRSAEncryption
3c:d3:12:96:ea:24:b0:60:11:3b:c9:3d:ca:55:b1:af:a6:76:
bb:57:04:aa:2e:1a:73:f1:51:b8:fe:92:bc:b2:87:60:17:7b:
04:e6:6c:c9:b4:85:42:c6:11:7d:89:43:f3:dd:9e:76:16:3d:
b3:16:bc:6e:33:59:ea:1a:61:6a:ab:8a:3c:81:7a:1b:5f:0d:
ed:81:5c:69:9b:e8:2d:54:2c:f8:ab:41:13:7d:8b:0e:03:f2:
80:11:28:73:1f:a6:d2:bc:65:ed:45:fe:b8:27:46:97:6f:6f:
45:ad:8e:aa:83:56:e5:a2:b5:fa:4c:8b:1d:1c:ba:83:12:58:
0f:45:7e:0f:56:cb:fa:87:dc:a4:9e:ef:fa:38:5f:68:9a:4a:
9f:15:ce:eb:c7:18:1c:14:08:09:b9:25:2e:91:4e:be:a0:f8:
57:29:7d:df:ee:37:f2:70:b0:fb:79:3d:b4:25:dd:68:65:6f:
ed:da:e6:37:e2:1c:ff:a6:5c:da:5e:f2:c0:c2:50:76:e6:a4:
18:79:34:00:14:69:4b:b1:71:60:c0:47:ba:62:a0:67:19:dd:
47:77:86:8c:39:b1:fa:ac:fb:0a:a4:28:03:78:4c:e1:7e:ee:
2c:ef:f6:b1:a6:cf:59:cf:bc:09:a7:a4:7a:72:ab:b0:3b:57:
e4:c7:e7:6f
-----BEGIN CERTIFICATE-----
MIIFGDCCBACgAwIBAgISAZlROVPbC2sIToDbV2FwkUpcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2ZjM2YjVjNmNhN2ExNjk4ZTc0MjFhMjdlM2Q0YTZiNzY0
ODE0OGQwHhcNMjUwOTE2MDYzMjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNjcwYzFjMmU5MzBkMjFmMzJiZTY3Y2FjYTdhYjVlYjVjZGVlYzczMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJ3SxpFwBKp8o+No95xJe6dbEu3H
6w2EIMyqcwK92HG+xOQ4fis45apQ6xKWn6ztS1TPWnxbbYz7Q97Q13LsOZKDVD9t
75z+0L0eWaLHKGc6LeyBNPUOFonhtgcB8Pz6dFeJDgBjGq+d4OhrJT6tF64GWjJL
y4Y8L7VTBGxC+Zfi9PN0OsA5J3g3waQrkb41oh/4rJp9V6oqqk/LmkV5T93RmrBT
URCgIWUEF72nkYWEtWZPxl5O6yEFuYf3TMM8V6FiBL5nJTdrSxdX45+7QTat6t1t
p+4Dh0402dTsuNJXJvAvXbULrKsGpkT4m2LK7IAxhsIE2U6jseOHZ+psmwIDAQAB
o4ICJDCCAiAwHQYDVR0OBBYEFLZwwcLpMNIfMr5nysp6tetc3uxzMB8GA1UdIwQY
MBaAFCbza1xsp6FpjnQhon49Smt2SBSNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSnZOclhHeW5vV21PZENHaWZqMUthM1pJRkkwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS83Y2MwZjYtNzRlZi00MjNhLWE2OTYt
NGEyYmY0YWIxOTlkLzEvdG5EQnd1a3cwaDh5dm1mS3lucTE2MXplN0hNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS83Y2MwZjYtNzRlZi00MjNhLWE2OTYtNGEyYmY0YWIxOTlk
LzEvSnZOclhHeW5vV21PZENHaWZqMUthM1pJRkkwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDoGCCsGAQUFBwEHAQH/BCswKTAYBAIAATASAwQGBT2AAwQC
uU78AwQGz1lAMA0EAgACMAcDBQMqAVJAMA0GCSqGSIb3DQEBCwUAA4IBAQA80xKW
6iSwYBE7yT3KVbGvpna7VwSqLhpz8VG4/pK8sodgF3sE5mzJtIVCxhF9iUPz3Z52
Fj2zFrxuM1nqGmFqq4o8gXobXw3tgVxpm+gtVCz4q0ETfYsOA/KAEShzH6bSvGXt
Rf64J0aXb29FrY6qg1blorX6TIsdHLqDElgPRX4PVsv6h9yknu/6OF9omkqfFc7r
xxgcFAgJuSUukU6+oPhXKX3f7jfycLD7eT20Jd1oZW/t2uY34hz/plzaXvLAwlB2
5qQYeTQAFGlLsXFgwEe6YqBnGd1Hd4aMObH6rPsKpCgDeEzhfu4s7/axps9Zz7wJ
p6R6cquwO1fkx+dv
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:51:16 2025 by rpki-client