Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/78skVgZisWOTuIWvaAFuOhftj7w.roa
File: 78skVgZisWOTuIWvaAFuOhftj7w.roa (raw, json)
Hash identifier: vKruKdJmNyFWq/KWJgTSdRBXoy9H3Shg3kLQKfQ1kHI=
Subject key identifier: EF:CB:24:56:06:62:B1:63:93:B8:85:AF:68:01:6E:3A:17:ED:8F:BC
Certificate issuer: /CN=297c508d23b38315bbf45b726d22050a46127b8c
Certificate serial: 01975C48B3127C488E74D03E960DD3F1E037
Authority key identifier: 29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/78skVgZisWOTuIWvaAFuOhftj7w.roa
Signing time: Tue 10 Jun 2025 23:59:17 +0000
ROA not before: Tue 10 Jun 2025 23:59:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34177
IP address blocks: 5.133.68.0/22 maxlen: 22
62.193.32.0/19 maxlen: 19
62.244.84.0/22 maxlen: 22
62.244.86.0/23 maxlen: 23
62.244.88.0/23 maxlen: 23
62.244.89.0/24 maxlen: 24
62.244.96.0/22 maxlen: 22
62.244.112.0/22 maxlen: 22
62.244.117.0/24 maxlen: 24
62.244.119.0/24 maxlen: 24
78.31.40.0/21 maxlen: 21
78.109.240.0/20 maxlen: 20
79.98.16.0/21 maxlen: 24
80.74.64.0/20 maxlen: 24
80.245.16.0/20 maxlen: 20
82.210.0.0/19 maxlen: 19
82.210.32.0/19 maxlen: 19
83.118.192.0/19 maxlen: 19
83.142.144.0/21 maxlen: 21
84.239.64.0/18 maxlen: 24
91.90.96.0/21 maxlen: 21
94.228.176.0/20 maxlen: 20
95.141.96.0/20 maxlen: 20
141.101.56.0/22 maxlen: 24
159.180.224.0/19 maxlen: 19
176.57.32.0/21 maxlen: 21
178.16.160.0/20 maxlen: 20
185.4.44.0/22 maxlen: 24
185.5.108.0/22 maxlen: 22
185.10.176.0/22 maxlen: 24
185.18.208.0/22 maxlen: 22
185.19.48.0/22 maxlen: 22
185.41.4.0/22 maxlen: 22
185.47.240.0/22 maxlen: 24
185.81.52.0/22 maxlen: 22
185.132.116.0/22 maxlen: 22
185.137.254.0/23 maxlen: 24
185.156.80.0/22 maxlen: 22
185.163.28.0/22 maxlen: 22
185.171.156.0/22 maxlen: 22
185.180.244.0/22 maxlen: 22
185.191.92.0/22 maxlen: 22
185.211.24.0/22 maxlen: 22
185.213.160.0/22 maxlen: 22
185.218.248.0/22 maxlen: 22
185.249.28.0/22 maxlen: 22
194.213.124.0/23 maxlen: 23
195.15.128.0/18 maxlen: 18
195.49.132.0/22 maxlen: 22
195.200.160.0/19 maxlen: 19
212.106.96.0/19 maxlen: 19
2001:ab8::/29 maxlen: 32
2a00:6900::/29 maxlen: 48
2a01:4e00::/32 maxlen: 32
2a03:5d40::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.mft
rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 16 Jun 2025 11:00:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5c:48:b3:12:7c:48:8e:74:d0:3e:96:0d:d3:f1:e0:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=297c508d23b38315bbf45b726d22050a46127b8c
Validity
Not Before: Jun 10 23:59:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=efcb24560662b16393b885af68016e3a17ed8fbc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:78:ab:0a:1e:f7:06:f4:7f:37:a2:ee:4b:67:
ee:d0:1b:97:b3:e2:62:5a:5f:17:fc:40:2f:3e:d3:
49:1f:23:3b:2e:c3:3b:17:9a:88:02:ec:36:02:34:
f6:c2:ed:18:5a:52:a8:5d:ee:e2:8c:10:a2:ba:5a:
5a:89:9e:d5:da:02:62:be:03:d5:71:67:c3:9d:73:
dc:f6:d7:13:a7:23:60:cd:e1:8a:5b:41:e8:45:33:
c1:ca:12:76:39:f2:0c:bc:7f:6d:a9:3f:25:a2:e0:
d9:94:32:5c:62:a1:43:cb:6a:0a:2e:fa:4c:33:42:
e1:47:37:05:55:15:55:45:e0:c4:9d:96:29:f3:d9:
f8:8a:b7:b8:c1:8c:44:ae:b9:62:3a:5f:71:ce:7b:
35:fb:ba:de:c2:89:7f:57:df:f4:57:d0:69:16:81:
02:bf:80:d1:a8:8b:03:c6:af:4e:7a:c4:3a:c1:fb:
1d:47:94:d6:cf:3c:2a:86:3c:06:47:34:30:0d:09:
17:63:ba:40:77:e4:44:7f:5d:1e:ce:dc:67:bf:cd:
e8:fd:4c:1f:ff:a5:f7:fa:8a:bb:a9:e7:d4:b0:57:
37:db:d9:3a:b9:01:7b:a0:5b:0a:0a:35:c0:7e:a7:
f0:2f:af:61:4d:f9:5a:da:f3:35:1a:d8:44:db:27:
17:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:CB:24:56:06:62:B1:63:93:B8:85:AF:68:01:6E:3A:17:ED:8F:BC
X509v3 Authority Key Identifier:
keyid:29:7C:50:8D:23:B3:83:15:BB:F4:5B:72:6D:22:05:0A:46:12:7B:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KXxQjSOzgxW79FtybSIFCkYSe4w.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/78skVgZisWOTuIWvaAFuOhftj7w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/00/8abeed-f53b-4776-a8e2-36e9a79bd950/1/KXxQjSOzgxW79FtybSIFCkYSe4w.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.68.0/22
62.193.32.0/19
62.244.84.0-62.244.89.255
62.244.96.0/22
62.244.112.0/22
62.244.117.0/24
62.244.119.0/24
78.31.40.0/21
78.109.240.0/20
79.98.16.0/21
80.74.64.0/20
80.245.16.0/20
82.210.0.0/18
83.118.192.0/19
83.142.144.0/21
84.239.64.0/18
91.90.96.0/21
94.228.176.0/20
95.141.96.0/20
141.101.56.0/22
159.180.224.0/19
176.57.32.0/21
178.16.160.0/20
185.4.44.0/22
185.5.108.0/22
185.10.176.0/22
185.18.208.0/22
185.19.48.0/22
185.41.4.0/22
185.47.240.0/22
185.81.52.0/22
185.132.116.0/22
185.137.254.0/23
185.156.80.0/22
185.163.28.0/22
185.171.156.0/22
185.180.244.0/22
185.191.92.0/22
185.211.24.0/22
185.213.160.0/22
185.218.248.0/22
185.249.28.0/22
194.213.124.0/23
195.15.128.0/18
195.49.132.0/22
195.200.160.0/19
212.106.96.0/19
IPv6:
2001:ab8::/29
2a00:6900::/29
2a01:4e00::/32
2a03:5d40::/32
Signature Algorithm: sha256WithRSAEncryption
46:ab:d2:f8:9c:06:a4:7d:bd:b9:39:f1:c8:10:73:a4:2f:c3:
1d:63:a6:75:1b:37:2a:6d:cf:5c:37:7f:3b:60:72:cc:08:22:
ba:04:1f:9c:96:eb:9e:6a:1d:db:18:a6:03:a7:3b:a0:77:57:
63:55:40:01:bb:98:e4:c8:72:6d:f4:07:04:44:c7:d8:38:83:
0c:56:16:18:31:7d:6d:db:d1:47:42:58:b5:6d:db:41:45:16:
9a:ed:6a:a2:22:ab:c0:59:3a:cb:56:c9:fc:5a:a2:6e:56:37:
ad:1d:43:46:4a:78:9b:56:a1:55:c6:bd:66:9c:45:06:54:c9:
d7:02:5f:db:62:96:1a:44:dc:01:54:06:32:43:36:a1:05:95:
08:01:a9:66:54:6b:f8:65:79:e5:57:69:6b:3e:f4:71:54:61:
2b:58:1a:49:9d:a4:fa:a7:7c:fd:53:33:f3:d4:33:69:77:c0:
96:be:71:2f:62:3b:2b:f7:d8:53:05:02:c6:36:5e:08:57:cc:
aa:f8:02:32:3f:13:92:42:7d:de:7b:3b:4d:bd:aa:63:e0:4b:
eb:30:97:0d:60:69:e6:55:92:27:38:7e:ed:1b:38:b0:64:9c:
32:7a:b3:44:e9:67:d4:7e:3a:82:9f:11:ec:aa:48:63:c7:dc:
c8:ab:77:57
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZdcSLMSfEiOdNA+lg3T8eA3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI5N2M1MDhkMjNiMzgzMTViYmY0NWI3MjZkMjIwNTBhNDYx
MjdiOGMwHhcNMjUwNjEwMjM1OTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZmNiMjQ1NjA2NjJiMTYzOTNiODg1YWY2ODAxNmUzYTE3ZWQ4ZmJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy3irCh73BvR/N6LuS2fu0BuXs+Ji
Wl8X/EAvPtNJHyM7LsM7F5qIAuw2AjT2wu0YWlKoXe7ijBCiulpaiZ7V2gJivgPV
cWfDnXPc9tcTpyNgzeGKW0HoRTPByhJ2OfIMvH9tqT8louDZlDJcYqFDy2oKLvpM
M0LhRzcFVRVVReDEnZYp89n4ire4wYxErrliOl9xzns1+7rewol/V9/0V9BpFoEC
v4DRqIsDxq9OesQ6wfsdR5TWzzwqhjwGRzQwDQkXY7pAd+REf10eztxnv83o/Uwf
/6X3+oq7qefUsFc329k6uQF7oFsKCjXAfqfwL69hTfla2vM1GthE2ycXtQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFO/LJFYGYrFjk7iFr2gBbjoX7Y+8MB8GA1UdIwQY
MBaAFCl8UI0js4MVu/Rbcm0iBQpGEnuMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTIt
MzZlOWE3OWJkOTUwLzEvNzhza1ZnWmlzV09UdUlXdmFBRnVPaGZ0ajd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMC84YWJlZWQtZjUzYi00Nzc2LWE4ZTItMzZlOWE3OWJkOTUw
LzEvS1h4UWpTT3pneFc3OUZ0eWJTSUZDa1lTZTR3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCASoEAgABMIIB
IgMEAgWFRAMEBT7BIDAMAwQCPvRUAwQBPvRYAwQCPvRgAwQCPvRwAwQAPvR1AwQA
PvR3AwQDTh8oAwQETm3wAwQDT2IQAwQEUEpAAwQEUPUQAwQGUtIAAwQFU3bAAwQD
U46QAwQGVO9AAwQDW1pgAwQEXuSwAwQEX41gAwQCjWU4AwQFn7TgAwQDsDkgAwQE
shCgAwQCuQQsAwQCuQVsAwQCuQqwAwQCuRLQAwQCuRMwAwQCuSkEAwQCuS/wAwQC
uVE0AwQCuYR0AwQBuYn+AwQCuZxQAwQCuaMcAwQCuaucAwQCubT0AwQCub9cAwQC
udMYAwQCudWgAwQCudr4AwQCufkcAwQBwtV8AwQGww+AAwQCwzGEAwQFw8igAwQF
1GpgMCIEAgACMBwDBQMgAQq4AwUDKgBpAAMFACoBTgADBQAqA11AMA0GCSqGSIb3
DQEBCwUAA4IBAQBGq9L4nAakfb25OfHIEHOkL8MdY6Z1Gzcqbc9cN387YHLMCCK6
BB+cluueah3bGKYDpzugd1djVUABu5jkyHJt9AcERMfYOIMMVhYYMX1t29FHQli1
bdtBRRaa7WqiIqvAWTrLVsn8WqJuVjetHUNGSnibVqFVxr1mnEUGVMnXAl/bYpYa
RNwBVAYyQzahBZUIAalmVGv4ZXnlV2lrPvRxVGErWBpJnaT6p3z9UzPz1DNpd8CW
vnEvYjsr99hTBQLGNl4IV8yq+AIyPxOSQn3eeztNvapj4EvrMJcNYGnmVZInOH7t
GziwZJwyerNE6WfUfjqCnxHsqkhjx9zIq3dX
-----END CERTIFICATE-----
Generated at Sun Jun 15 20:48:06 2025 by rpki-client