Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/m44GNveevFDTA8nmcPYOXfbfye0.roa
File: m44GNveevFDTA8nmcPYOXfbfye0.roa (raw, json)
Hash identifier: LxZ8Y1vKBLraQ0pr7LBU+yQaRz7ynKnNqrqFmveq5Fk=
Subject key identifier: 9B:8E:06:36:F7:9E:BC:50:D3:03:C9:E6:70:F6:0E:5D:F6:DF:C9:ED
Certificate issuer: /CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Certificate serial: 01988936C4351B9775F684E19D168A00B963
Authority key identifier: 05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/m44GNveevFDTA8nmcPYOXfbfye0.roa
Signing time: Fri 08 Aug 2025 10:25:24 +0000
ROA not before: Fri 08 Aug 2025 10:25:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60187
IP address blocks: 5.150.22.0/24 maxlen: 24
5.150.23.0/24 maxlen: 24
5.150.62.0/24 maxlen: 24
5.150.64.0/24 maxlen: 24
5.150.65.0/24 maxlen: 24
5.150.66.0/24 maxlen: 24
5.150.67.0/24 maxlen: 24
5.150.68.0/24 maxlen: 24
5.150.69.0/24 maxlen: 24
5.150.70.0/24 maxlen: 24
5.150.71.0/24 maxlen: 24
5.150.74.0/24 maxlen: 24
5.150.76.0/24 maxlen: 24
5.150.80.0/20 maxlen: 20
5.150.96.0/22 maxlen: 22
5.150.100.0/22 maxlen: 22
5.150.104.0/22 maxlen: 22
5.150.108.0/22 maxlen: 22
5.150.112.0/22 maxlen: 22
5.150.116.0/22 maxlen: 22
5.150.120.0/22 maxlen: 22
5.150.124.0/22 maxlen: 24
171.33.192.0/21 maxlen: 21
171.33.192.0/22 maxlen: 22
171.33.196.0/22 maxlen: 22
171.33.200.0/21 maxlen: 21
171.33.208.0/21 maxlen: 21
171.33.216.0/21 maxlen: 21
2a02:af40::/29 maxlen: 29
2a02:af40::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.mft
rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 14 Aug 2025 13:39:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:36:c4:35:1b:97:75:f6:84:e1:9d:16:8a:00:b9:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bcde319a3dca2cf6744d2881ca91b83db9bdea
Validity
Not Before: Aug 8 10:25:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9b8e0636f79ebc50d303c9e670f60e5df6dfc9ed
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:c4:77:37:d5:e0:90:4c:fe:3f:ad:04:cd:1b:
c4:99:ea:25:93:03:c5:cf:5b:ab:7b:f8:97:42:b1:
d7:e4:cb:74:cc:c5:b8:af:b8:9d:89:25:1c:42:b3:
22:f2:c9:0e:e7:6e:9d:fb:e1:85:6f:b3:08:52:3b:
69:32:5c:e7:70:8b:c5:5f:8e:1a:c9:d4:ce:a2:8c:
ff:b8:c0:ff:fc:43:a4:b1:0c:69:55:bb:f0:f1:03:
0a:94:61:d4:16:84:d7:43:50:f7:20:e9:e3:ca:7b:
06:5c:ad:e5:76:84:62:bf:3b:45:6f:17:b6:4e:7b:
98:08:4a:2a:43:67:92:1f:50:3e:1c:23:b7:ca:51:
64:d6:88:7e:f8:bd:b2:28:ee:40:a1:3c:0d:be:a6:
dd:43:32:fd:0f:05:fa:05:37:df:e8:42:5b:f6:7e:
7e:26:ca:30:4a:51:b2:33:90:67:85:1f:e1:d6:ba:
ef:a5:f6:4d:69:42:c3:14:e1:a7:2b:1c:0f:b5:e7:
52:65:9e:21:c5:0c:7a:23:95:4a:4c:af:07:8f:60:
7b:f8:3b:1d:4e:9d:2d:b4:e7:8c:6e:e6:54:3e:7d:
46:ee:3a:13:f5:72:d0:c7:7a:c2:03:3b:d1:0a:01:
40:e8:c0:e7:12:72:76:cc:b6:2e:8a:da:56:1a:a0:
f2:95
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9B:8E:06:36:F7:9E:BC:50:D3:03:C9:E6:70:F6:0E:5D:F6:DF:C9:ED
X509v3 Authority Key Identifier:
keyid:05:BC:DE:31:9A:3D:CA:2C:F6:74:4D:28:81:CA:91:B8:3D:B9:BD:EA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BbzeMZo9yiz2dE0ogcqRuD25veo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/m44GNveevFDTA8nmcPYOXfbfye0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/ed28d5-78d3-45e2-a7d3-6867c4ae3161/1/BbzeMZo9yiz2dE0ogcqRuD25veo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.150.22.0/23
5.150.62.0/24
5.150.64.0/21
5.150.74.0/24
5.150.76.0/24
5.150.80.0-5.150.127.255
171.33.192.0/19
IPv6:
2a02:af40::/29
Signature Algorithm: sha256WithRSAEncryption
17:56:7f:d9:fa:a3:fe:39:76:57:dc:94:fa:ae:22:e0:87:1a:
4e:0a:38:5d:53:a0:63:4f:ba:a8:42:f6:29:2a:ba:cc:12:3b:
41:e0:11:8e:05:4e:cc:91:af:cf:c8:a8:a4:a1:b3:15:3a:93:
e7:44:b8:61:a2:50:71:a8:31:cd:6c:f6:fd:27:fb:7e:9c:c8:
6d:b1:3e:38:e5:46:d9:6d:b8:4c:cf:46:55:85:70:38:73:90:
63:b1:33:e3:65:14:e9:bc:4a:1c:f4:3d:1c:80:dd:4f:a1:e7:
26:23:86:94:0f:5f:87:d5:c3:69:e5:f2:88:7b:76:1f:14:18:
d5:42:07:56:24:c6:c9:69:29:dc:33:79:b7:71:d5:ba:56:db:
e8:18:3f:be:66:5e:f7:ad:b8:74:f0:79:eb:b1:75:c7:8b:1c:
08:54:39:17:7d:44:11:09:c2:e4:ea:9c:31:0c:64:f4:da:47:
d4:71:2b:9f:74:da:e2:3b:13:0f:05:e5:5d:d6:e9:65:6a:cd:
9c:04:46:8a:8b:0a:46:78:90:f1:9f:48:42:44:00:a8:f2:e7:
35:f5:00:9d:b4:3d:00:c8:43:68:44:3a:7b:03:e2:21:e2:ba:
8c:38:99:54:9c:a9:58:d8:5a:d0:f5:86:90:a6:b4:64:f1:0e:
1d:12:e8:22
-----BEGIN CERTIFICATE-----
MIIFODCCBCCgAwIBAgISAZiJNsQ1G5d19oThnRaKALljMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmNkZTMxOWEzZGNhMmNmNjc0NGQyODgxY2E5MWI4M2Ri
OWJkZWEwHhcNMjUwODA4MTAyNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5YjhlMDYzNmY3OWViYzUwZDMwM2M5ZTY3MGY2MGU1ZGY2ZGZjOWVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuMR3N9XgkEz+P60EzRvEmeolkwPF
z1ure/iXQrHX5Mt0zMW4r7idiSUcQrMi8skO526d++GFb7MIUjtpMlzncIvFX44a
ydTOooz/uMD//EOksQxpVbvw8QMKlGHUFoTXQ1D3IOnjynsGXK3ldoRivztFbxe2
TnuYCEoqQ2eSH1A+HCO3ylFk1oh++L2yKO5AoTwNvqbdQzL9DwX6BTff6EJb9n5+
JsowSlGyM5BnhR/h1rrvpfZNaULDFOGnKxwPtedSZZ4hxQx6I5VKTK8Hj2B7+Dsd
Tp0ttOeMbuZUPn1G7joT9XLQx3rCAzvRCgFA6MDnEnJ2zLYuitpWGqDylQIDAQAB
o4ICRDCCAkAwHQYDVR0OBBYEFJuOBjb3nrxQ0wPJ5nD2Dl3238ntMB8GA1UdIwQY
MBaAFAW83jGaPcos9nRNKIHKkbg9ub3qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMt
Njg2N2M0YWUzMTYxLzEvbTQ0R052ZWV2RkRUQThubWNQWU9YZmJmeWUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9lZDI4ZDUtNzhkMy00NWUyLWE3ZDMtNjg2N2M0YWUzMTYx
LzEvQmJ6ZU1abzl5aXoyZEUwb2djcVJ1RDI1dmVvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFoGCCsGAQUFBwEHAQH/BEswSTA4BAIAATAyAwQBBZYWAwQA
BZY+AwQDBZZAAwQABZZKAwQABZZMMAwDBAQFllADBAcFlgADBAWrIcAwDQQCAAIw
BwMFAyoCr0AwDQYJKoZIhvcNAQELBQADggEBABdWf9n6o/45dlfclPquIuCHGk4K
OF1ToGNPuqhC9ikquswSO0HgEY4FTsyRr8/IqKShsxU6k+dEuGGiUHGoMc1s9v0n
+36cyG2xPjjlRtltuEzPRlWFcDhzkGOxM+NlFOm8Shz0PRyA3U+h5yYjhpQPX4fV
w2nl8oh7dh8UGNVCB1YkxslpKdwzebdx1bpW2+gYP75mXvetuHTweeuxdceLHAhU
ORd9RBEJwuTqnDEMZPTaR9RxK5902uI7Ew8F5V3W6WVqzZwERoqLCkZ4kPGfSEJE
AKjy5zX1AJ20PQDIQ2hEOnsD4iHiuow4mVScqVjYWtD1hpCmtGTxDh0S6CI=
-----END CERTIFICATE-----
Generated at Wed Aug 13 19:39:46 2025 by rpki-client