Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/22JyNAfhGFKyW-OjhsbqHEMaQuM.roa
File: 22JyNAfhGFKyW-OjhsbqHEMaQuM.roa (raw, json)
Hash identifier: to4vfGRXP3CjXcYN648pHesAbOteHKy/iJ2SoS6zPkM=
Subject key identifier: DB:62:72:34:07:E1:18:52:B2:5B:E3:A3:86:C6:EA:1C:43:1A:42:E3
Certificate issuer: /CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Certificate serial: 01985CB0873A409B0141906EE2E2E5CE528E
Authority key identifier: 09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/22JyNAfhGFKyW-OjhsbqHEMaQuM.roa
Signing time: Wed 30 Jul 2025 18:55:29 +0000
ROA not before: Wed 30 Jul 2025 18:55:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 5.42.220.0/24 maxlen: 24
45.91.238.0/24 maxlen: 24
80.68.156.0/24 maxlen: 24
185.211.170.0/24 maxlen: 24
195.206.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.mft
rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5c:b0:87:3a:40:9b:01:41:90:6e:e2:e2:e5:ce:52:8e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=093353c1fabe896af8b85fe7600e4634968fcc4c
Validity
Not Before: Jul 30 18:55:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=db62723407e11852b25be3a386c6ea1c431a42e3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:28:b4:0d:14:e9:73:f4:d3:4a:d9:ac:98:4c:
29:2e:7d:71:7a:11:d5:37:c8:a9:1a:53:42:f9:4d:
3a:fa:35:74:76:87:11:b5:90:f7:66:ef:71:11:ed:
f7:c3:de:fd:a4:39:52:15:08:58:56:ed:9d:06:b2:
cc:38:5d:0e:61:5f:40:1c:d8:41:64:af:b1:a1:8f:
da:cd:aa:ea:18:ba:a3:ea:40:6e:08:51:e7:fb:26:
2f:e3:d0:71:3e:09:b5:38:83:fc:6d:62:d6:c0:f7:
88:8c:32:36:a2:17:71:04:16:cf:43:59:59:eb:89:
00:07:45:8e:19:d1:f1:2e:63:a7:e8:cf:af:be:22:
ab:0e:00:54:29:9f:8b:f1:cf:b1:07:eb:9e:9f:bf:
ba:c5:cc:cb:1f:95:b2:5f:55:fd:31:37:c9:ae:0d:
d0:88:78:df:0f:87:d3:ac:87:73:bb:f9:95:63:a6:
0a:e3:59:4a:f1:33:f0:e4:57:c8:73:d1:61:c5:6f:
0c:34:70:19:dc:07:f2:b4:7b:54:58:25:ac:bc:81:
19:9e:03:bb:51:d0:0b:6c:8b:72:15:9a:a3:e2:5b:
ab:d1:79:32:1f:09:30:78:b1:7e:09:66:3d:bd:b4:
30:d0:58:6f:7f:fd:b9:81:3d:17:aa:15:a7:44:5f:
2b:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DB:62:72:34:07:E1:18:52:B2:5B:E3:A3:86:C6:EA:1C:43:1A:42:E3
X509v3 Authority Key Identifier:
keyid:09:33:53:C1:FA:BE:89:6A:F8:B8:5F:E7:60:0E:46:34:96:8F:CC:4C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CTNTwfq-iWr4uF_nYA5GNJaPzEw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/22JyNAfhGFKyW-OjhsbqHEMaQuM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5b/7b9336-e9f8-4e27-af4b-239d2fe398b1/1/CTNTwfq-iWr4uF_nYA5GNJaPzEw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.42.220.0/24
45.91.238.0/24
80.68.156.0/24
185.211.170.0/24
195.206.243.0/24
Signature Algorithm: sha256WithRSAEncryption
2e:e6:a6:01:ba:0b:68:d3:d2:05:29:f3:0d:9b:cb:cb:d9:1e:
aa:ec:79:2c:cb:2f:4e:19:e0:04:38:0b:92:78:72:4f:42:ed:
0a:71:c6:81:7d:71:ac:3a:01:7b:98:8c:8e:e9:c6:51:f5:9e:
40:96:b8:e0:5d:e2:82:1d:66:a3:88:3e:4f:60:5e:29:e7:d8:
be:8b:a7:61:b5:62:65:cd:f6:c6:54:4b:30:aa:e1:10:f6:0f:
dc:60:91:a4:7b:18:8b:db:b6:79:0b:d9:9c:55:06:c1:42:a2:
28:bc:c3:2e:36:0d:31:e1:95:c7:1b:cf:db:33:50:ef:a5:53:
86:19:51:59:59:32:90:d6:0e:dc:aa:22:ae:e1:d4:a5:15:93:
72:36:8c:a1:75:c8:e6:48:6e:36:b2:d9:c6:c8:e1:ea:2f:93:
3a:bc:6b:94:b2:dc:91:b3:24:0c:76:e5:2f:63:d9:4a:91:a7:
a2:f3:29:d9:b9:69:e8:ec:4e:73:b3:91:2a:d6:b7:48:4f:ba:
31:96:b4:bf:51:30:6a:f2:69:da:f4:bd:77:7b:ef:5c:33:d2:
f3:48:e4:04:d4:2a:6f:30:7f:5f:84:96:cf:cf:12:05:74:07:
69:01:a4:11:26:9c:80:26:96:8a:d8:09:fa:d6:49:61:ed:38:
03:5f:af:0d
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZhcsIc6QJsBQZBu4uLlzlKOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA5MzM1M2MxZmFiZTg5NmFmOGI4NWZlNzYwMGU0NjM0OTY4
ZmNjNGMwHhcNMjUwNzMwMTg1NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkYjYyNzIzNDA3ZTExODUyYjI1YmUzYTM4NmM2ZWExYzQzMWE0MmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCi0DRTpc/TTStmsmEwpLn1xehHV
N8ipGlNC+U06+jV0docRtZD3Zu9xEe33w979pDlSFQhYVu2dBrLMOF0OYV9AHNhB
ZK+xoY/azarqGLqj6kBuCFHn+yYv49BxPgm1OIP8bWLWwPeIjDI2ohdxBBbPQ1lZ
64kAB0WOGdHxLmOn6M+vviKrDgBUKZ+L8c+xB+uen7+6xczLH5WyX1X9MTfJrg3Q
iHjfD4fTrIdzu/mVY6YK41lK8TPw5FfIc9FhxW8MNHAZ3AfytHtUWCWsvIEZngO7
UdALbItyFZqj4lur0XkyHwkweLF+CWY9vbQw0Fhvf/25gT0XqhWnRF8r8wIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFNticjQH4RhSslvjo4bG6hxDGkLjMB8GA1UdIwQY
MBaAFAkzU8H6volq+Lhf52AORjSWj8xMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGIt
MjM5ZDJmZTM5OGIxLzEvMjJKeU5BZmhHRkt5Vy1PamhzYnFIRU1hUXVNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Yi83YjkzMzYtZTlmOC00ZTI3LWFmNGItMjM5ZDJmZTM5OGIx
LzEvQ1ROVHdmcS1pV3I0dUZfbllBNUdOSmFQekV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABSrcAwQA
LVvuAwQAUEScAwQAudOqAwQAw87zMA0GCSqGSIb3DQEBCwUAA4IBAQAu5qYBugto
09IFKfMNm8vL2R6q7Hksyy9OGeAEOAuSeHJPQu0KccaBfXGsOgF7mIyO6cZR9Z5A
lrjgXeKCHWajiD5PYF4p59i+i6dhtWJlzfbGVEswquEQ9g/cYJGkexiL27Z5C9mc
VQbBQqIovMMuNg0x4ZXHG8/bM1DvpVOGGVFZWTKQ1g7cqiKu4dSlFZNyNoyhdcjm
SG42stnGyOHqL5M6vGuUstyRsyQMduUvY9lKkaei8ynZuWno7E5zs5Eq1rdIT7ox
lrS/UTBq8mna9L13e+9cM9LzSOQE1CpvMH9fhJbPzxIFdAdpAaQRJpyAJpaK2An6
1klh7TgDX68N
-----END CERTIFICATE-----
Generated at Thu Aug 7 05:08:29 2025 by rpki-client