Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/AYZF24EgOrNz6WZhkXpTDIKj7Uw.roa
File: AYZF24EgOrNz6WZhkXpTDIKj7Uw.roa (raw, json)
Hash identifier: XuYEiMGlP57vEAu/M5jaVByOWmDwAZB50X25JNOPTpo=
Subject key identifier: 01:86:45:DB:81:20:3A:B3:73:E9:66:61:91:7A:53:0C:82:A3:ED:4C
Certificate issuer: /CN=c5e14070210627bfca4654b42de797acd6d2c4f4
Certificate serial: 01989E9B73F760BADCC6CD0586395669C268
Authority key identifier: C5:E1:40:70:21:06:27:BF:CA:46:54:B4:2D:E7:97:AC:D6:D2:C4:F4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/AYZF24EgOrNz6WZhkXpTDIKj7Uw.roa
Signing time: Tue 12 Aug 2025 14:07:24 +0000
ROA not before: Tue 12 Aug 2025 14:07:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205081
IP address blocks: 5.133.190.0/24 maxlen: 24
46.33.12.0/24 maxlen: 24
153.92.27.0/24 maxlen: 24
155.133.192.0/23 maxlen: 23
185.136.216.0/22 maxlen: 22
185.136.216.0/24 maxlen: 24
185.136.217.0/24 maxlen: 24
185.136.218.0/24 maxlen: 24
185.136.219.0/24 maxlen: 24
2a0c:5500::/48 maxlen: 48
2a0c:5500:1::/48 maxlen: 48
2a0c:5500:2::/48 maxlen: 48
2a0c:5500:3::/48 maxlen: 48
2a0c:5500:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Aug 2025 13:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9e:9b:73:f7:60:ba:dc:c6:cd:05:86:39:56:69:c2:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c5e14070210627bfca4654b42de797acd6d2c4f4
Validity
Not Before: Aug 12 14:07:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=018645db81203ab373e96661917a530c82a3ed4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:bf:94:f5:74:dc:3c:76:c2:16:84:85:1b:
2a:73:00:6b:3c:bb:74:34:76:b6:6a:f2:33:3d:28:
aa:ed:4d:88:1d:e4:20:22:52:0a:e8:a0:09:c8:13:
42:55:c7:15:3d:c8:fd:df:68:28:46:57:13:86:ba:
39:68:f9:9d:ba:f3:e9:1b:8a:0f:0b:ee:ad:44:1e:
5a:f2:32:ca:95:66:24:75:48:b9:e9:c5:05:3c:01:
62:66:8f:dc:56:9f:3c:b6:98:bf:23:5b:ad:d3:cb:
23:ef:7f:87:6c:e9:a5:9a:01:9d:6e:4e:86:c7:80:
d7:19:bb:39:7b:dc:53:f5:2b:ca:80:f3:de:7c:b4:
e2:a0:43:5e:fa:40:72:65:cd:54:29:f1:04:73:c8:
7c:07:ca:01:9e:1d:c2:cf:b7:37:af:fe:2d:7c:fd:
0f:99:cd:90:91:90:d9:26:a3:ef:e2:8d:92:4f:2e:
fc:f3:4a:ea:9d:b7:b7:c4:5a:23:e0:de:7a:13:e9:
58:f9:44:af:b8:65:4a:1b:b6:4d:18:b0:29:50:15:
78:27:e7:8b:1e:f6:64:0d:3e:51:71:21:f7:7a:65:
39:4b:4c:16:a1:86:b9:5a:0d:8d:53:fe:7e:c6:b0:
8b:b0:69:ae:89:2a:46:3c:06:16:7f:d0:c9:2f:99:
ed:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:86:45:DB:81:20:3A:B3:73:E9:66:61:91:7A:53:0C:82:A3:ED:4C
X509v3 Authority Key Identifier:
keyid:C5:E1:40:70:21:06:27:BF:CA:46:54:B4:2D:E7:97:AC:D6:D2:C4:F4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/AYZF24EgOrNz6WZhkXpTDIKj7Uw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/4bd500-5d4f-4889-9142-3c4839c8e851/1/xeFAcCEGJ7_KRlS0LeeXrNbSxPQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.133.190.0/24
46.33.12.0/24
153.92.27.0/24
155.133.192.0/23
185.136.216.0/22
IPv6:
2a0c:5500::-2a0c:5500:4:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
2d:ec:7d:fb:23:3d:25:f0:7d:b6:03:d9:af:a1:33:45:8c:e3:
b4:ac:d3:2a:40:3a:92:50:10:b7:33:ab:9e:7f:9f:b9:30:a9:
1b:d1:a4:85:47:8a:41:94:b3:ae:c4:df:32:e6:4a:12:ce:bd:
3b:85:83:2c:f1:9d:41:eb:4d:90:99:6b:78:f4:d0:d1:f9:b3:
35:30:8e:06:2a:20:cf:9c:42:8e:b7:cd:53:85:92:f3:ba:b7:
b7:ab:a2:dc:81:89:31:c2:2e:2f:ab:99:71:91:4e:75:2d:cc:
07:aa:cc:39:e0:ec:b8:3e:bc:7f:56:f8:cd:21:95:f3:f1:f3:
c6:07:ca:42:5a:77:15:47:8e:e6:69:2c:b0:fa:9a:41:51:82:
ff:4d:41:3a:43:74:bf:a5:58:bf:ae:08:12:04:15:99:6c:d5:
3a:86:86:1e:17:cf:7e:7b:b3:37:4c:6f:15:5a:13:1a:5f:33:
71:bd:e8:5d:e4:b0:f1:b8:11:be:0a:f2:f4:8e:62:0a:b0:7c:
e8:3c:96:4e:8d:3e:c8:06:9a:24:ad:f0:80:f0:81:0c:35:91:
72:27:41:5f:65:33:1c:85:84:e5:8c:7a:9b:05:b2:d1:1e:26:
56:34:ed:de:74:01:44:bc:42:a0:d5:5d:eb:fd:d8:cc:47:3b:
b2:9d:e9:08
-----BEGIN CERTIFICATE-----
MIIFLjCCBBagAwIBAgISAZiem3P3YLrcxs0FhjlWacJoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM1ZTE0MDcwMjEwNjI3YmZjYTQ2NTRiNDJkZTc5N2FjZDZk
MmM0ZjQwHhcNMjUwODEyMTQwNzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTg2NDVkYjgxMjAzYWIzNzNlOTY2NjE5MTdhNTMwYzgyYTNlZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXq/lPV03Dx2whaEhRsqcwBrPLt0
NHa2avIzPSiq7U2IHeQgIlIK6KAJyBNCVccVPcj932goRlcThro5aPmduvPpG4oP
C+6tRB5a8jLKlWYkdUi56cUFPAFiZo/cVp88tpi/I1ut08sj73+HbOmlmgGdbk6G
x4DXGbs5e9xT9SvKgPPefLTioENe+kByZc1UKfEEc8h8B8oBnh3Cz7c3r/4tfP0P
mc2QkZDZJqPv4o2STy7880rqnbe3xFoj4N56E+lY+USvuGVKG7ZNGLApUBV4J+eL
HvZkDT5RcSH3emU5S0wWoYa5Wg2NU/5+xrCLsGmuiSpGPAYWf9DJL5ntpQIDAQAB
o4ICOjCCAjYwHQYDVR0OBBYEFAGGRduBIDqzc+lmYZF6UwyCo+1MMB8GA1UdIwQY
MBaAFMXhQHAhBie/ykZUtC3nl6zW0sT0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveGVGQWNDRUdKN19LUmxTMExlZVhyTmJTeFBRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS80YmQ1MDAtNWQ0Zi00ODg5LTkxNDIt
M2M0ODM5YzhlODUxLzEvQVlaRjI0RWdPck56NldaaGtYcFRESUtqN1V3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS80YmQ1MDAtNWQ0Zi00ODg5LTkxNDItM2M0ODM5YzhlODUx
LzEveGVGQWNDRUdKN19LUmxTMExlZVhyTmJTeFBRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFAGCCsGAQUFBwEHAQH/BEEwPzAkBAIAATAeAwQABYW+AwQA
LiEMAwQAmVwbAwQBm4XAAwQCuYjYMBcEAgACMBEwDwMEACoMVQMHACoMVQAABDAN
BgkqhkiG9w0BAQsFAAOCAQEALex9+yM9JfB9tgPZr6EzRYzjtKzTKkA6klAQtzOr
nn+fuTCpG9GkhUeKQZSzrsTfMuZKEs69O4WDLPGdQetNkJlrePTQ0fmzNTCOBiog
z5xCjrfNU4WS87q3t6ui3IGJMcIuL6uZcZFOdS3MB6rMOeDsuD68f1b4zSGV8/Hz
xgfKQlp3FUeO5mkssPqaQVGC/01BOkN0v6VYv64IEgQVmWzVOoaGHhfPfnuzN0xv
FVoTGl8zcb3oXeSw8bgRvgry9I5iCrB86DyWTo0+yAaaJK3wgPCBDDWRcidBX2Uz
HIWE5Yx6mwWy0R4mVjTt3nQBRLxCoNVd6/3YzEc7sp3pCA==
-----END CERTIFICATE-----
Generated at Wed Aug 13 19:44:06 2025 by rpki-client