Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5Z2anEl_BxIeei6mqHBvGo1tVnc.roa
File: 5Z2anEl_BxIeei6mqHBvGo1tVnc.roa (raw, json)
Hash identifier: DGBX0Z3vkXStOFd1ysQSqa7f7O/ggTmhs3x0KyV1OIo=
Subject key identifier: E5:9D:9A:9C:49:7F:07:12:1E:7A:2E:A6:A8:70:6F:1A:8D:6D:56:77
Certificate issuer: /CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Certificate serial: 019A344C8DFA0D8FA3023B8F6FB1B58F34D8
Authority key identifier: 7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5Z2anEl_BxIeei6mqHBvGo1tVnc.roa
Signing time: Thu 30 Oct 2025 08:47:03 +0000
ROA not before: Thu 30 Oct 2025 08:47:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 2.57.242.0/24 maxlen: 24
45.88.15.0/24 maxlen: 24
45.135.182.0/24 maxlen: 24
77.81.101.0/24 maxlen: 24
79.110.227.0/24 maxlen: 24
85.204.18.0/24 maxlen: 24
89.35.119.0/24 maxlen: 24
89.35.129.0/24 maxlen: 24
89.37.185.0/24 maxlen: 24
89.40.70.0/24 maxlen: 24
94.177.13.0/24 maxlen: 24
94.177.145.0/24 maxlen: 24
103.56.84.0/24 maxlen: 24
167.17.40.0/24 maxlen: 24
167.17.176.0/24 maxlen: 24
167.17.177.0/24 maxlen: 24
167.17.178.0/24 maxlen: 24
167.17.180.0/24 maxlen: 24
167.17.182.0/24 maxlen: 24
167.17.191.0/24 maxlen: 24
188.208.103.0/24 maxlen: 24
188.213.0.0/24 maxlen: 24
188.214.107.0/24 maxlen: 24
193.124.36.0/24 maxlen: 24
193.124.225.0/24 maxlen: 24
194.85.249.0/24 maxlen: 24
194.85.251.0/24 maxlen: 24
202.71.12.0/24 maxlen: 24
202.71.13.0/24 maxlen: 24
202.71.15.0/24 maxlen: 24
204.77.1.0/24 maxlen: 24
206.245.129.0/24 maxlen: 24
206.245.131.0/24 maxlen: 24
206.245.133.0/24 maxlen: 24
206.245.134.0/24 maxlen: 24
206.245.135.0/24 maxlen: 24
206.245.157.0/24 maxlen: 24
206.245.159.0/24 maxlen: 24
208.123.185.0/24 maxlen: 24
208.123.190.0/24 maxlen: 24
208.123.191.0/24 maxlen: 24
212.192.11.0/24 maxlen: 24
212.192.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.mft
rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 15:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:34:4c:8d:fa:0d:8f:a3:02:3b:8f:6f:b1:b5:8f:34:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7da5d32d5b09c93c1b5e3fc5a2aa20d746fcfed1
Validity
Not Before: Oct 30 08:47:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e59d9a9c497f07121e7a2ea6a8706f1a8d6d5677
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:1b:2a:65:2f:b8:aa:48:66:37:80:c7:36:b4:
ed:a7:5e:10:5e:c1:0d:b5:e9:22:54:7c:5a:f1:bf:
32:24:22:5f:2e:f4:2e:b1:c2:99:37:67:91:cc:43:
55:99:db:1a:1b:d6:11:d8:03:85:e9:d4:5f:83:7e:
d9:34:c4:4d:1f:2e:ba:5b:f1:06:87:41:84:cf:2f:
6b:e5:1f:96:f3:db:4f:8a:07:c6:a5:8f:ba:f8:a3:
d1:32:61:48:af:90:ad:0f:c3:be:42:66:60:3e:64:
92:00:cf:85:85:0d:16:6e:5a:c1:6e:6e:e1:90:68:
96:96:7b:83:b4:58:16:40:c6:9d:2f:89:42:f0:30:
2f:70:b6:46:db:df:6a:f5:95:2b:e0:f2:c5:ef:6a:
9f:44:65:b8:62:9d:ab:3d:a2:53:fc:48:82:c6:76:
c1:34:a4:80:de:0f:77:66:62:b5:17:55:a3:d8:56:
1b:c8:62:0e:bb:c0:91:6a:9c:9e:4f:b3:5e:bf:6a:
be:3d:e3:1b:24:4b:8f:44:a6:dc:7d:15:ee:62:41:
cb:83:a6:4b:4f:c3:1c:11:1b:67:8c:cc:13:9e:a3:
53:1a:d1:6c:62:8d:10:48:d2:b5:a5:70:93:b3:e3:
c9:e1:87:f1:21:95:f0:27:d0:a8:da:6a:61:d1:d9:
99:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E5:9D:9A:9C:49:7F:07:12:1E:7A:2E:A6:A8:70:6F:1A:8D:6D:56:77
X509v3 Authority Key Identifier:
keyid:7D:A5:D3:2D:5B:09:C9:3C:1B:5E:3F:C5:A2:AA:20:D7:46:FC:FE:D1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/faXTLVsJyTwbXj_Foqog10b8_tE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/5Z2anEl_BxIeei6mqHBvGo1tVnc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/4b18fb-d3ed-4b27-9bd0-e5839f43e583/1/faXTLVsJyTwbXj_Foqog10b8_tE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.242.0/24
45.88.15.0/24
45.135.182.0/24
77.81.101.0/24
79.110.227.0/24
85.204.18.0/24
89.35.119.0/24
89.35.129.0/24
89.37.185.0/24
89.40.70.0/24
94.177.13.0/24
94.177.145.0/24
103.56.84.0/24
167.17.40.0/24
167.17.176.0-167.17.178.255
167.17.180.0/24
167.17.182.0/24
167.17.191.0/24
188.208.103.0/24
188.213.0.0/24
188.214.107.0/24
193.124.36.0/24
193.124.225.0/24
194.85.249.0/24
194.85.251.0/24
202.71.12.0/23
202.71.15.0/24
204.77.1.0/24
206.245.129.0/24
206.245.131.0/24
206.245.133.0-206.245.135.255
206.245.157.0/24
206.245.159.0/24
208.123.185.0/24
208.123.190.0/23
212.192.11.0/24
212.192.212.0/24
Signature Algorithm: sha256WithRSAEncryption
53:cd:bd:07:a9:61:e2:62:76:be:8b:7f:7f:84:e1:b8:5c:bc:
36:0d:d3:04:6e:54:29:7d:2b:3f:f3:12:04:9b:80:10:c8:91:
e5:95:ae:65:ba:0c:07:4b:1e:9e:1d:7e:68:f2:ad:24:dc:b9:
43:73:86:c1:a7:7b:b0:33:1e:27:63:bc:c6:ed:53:e2:9f:d4:
26:44:1a:7b:71:d9:c3:54:da:53:f0:a5:b3:c8:62:38:e9:93:
72:2a:f1:71:54:9e:f3:e1:38:80:9a:bf:9b:15:a4:b4:8b:b5:
4c:26:0a:82:33:e1:46:d0:cf:98:5a:1c:4b:c3:fb:58:35:eb:
54:7c:ca:1c:d0:00:72:41:64:cf:a5:08:d2:1b:aa:0d:32:fb:
92:4c:7d:b0:56:a3:88:03:3a:1a:b4:7c:28:14:fa:ad:68:18:
46:52:46:0e:ca:22:9b:70:6c:bc:5a:3c:0d:66:e9:84:81:60:
63:81:8e:8a:09:37:c4:3a:6a:66:bb:57:17:c8:67:1c:76:f0:
cf:a4:54:56:11:2d:b8:e7:40:27:0c:32:fa:1c:bd:f9:0d:95:
5c:2c:20:53:2b:05:24:ba:47:c5:59:1c:ff:89:aa:5a:c0:07:
33:89:d4:ac:b4:e3:c2:14:1e:1b:4c:46:6d:34:eb:bc:ec:20:
8e:c5:9b:f0
-----BEGIN CERTIFICATE-----
MIIF6zCCBNOgAwIBAgISAZo0TI36DY+jAjuPb7G1jzTYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkYTVkMzJkNWIwOWM5M2MxYjVlM2ZjNWEyYWEyMGQ3NDZm
Y2ZlZDEwHhcNMjUxMDMwMDg0NzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlNTlkOWE5YzQ5N2YwNzEyMWU3YTJlYTZhODcwNmYxYThkNmQ1Njc3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0RsqZS+4qkhmN4DHNrTtp14QXsEN
tekiVHxa8b8yJCJfLvQuscKZN2eRzENVmdsaG9YR2AOF6dRfg37ZNMRNHy66W/EG
h0GEzy9r5R+W89tPigfGpY+6+KPRMmFIr5CtD8O+QmZgPmSSAM+FhQ0WblrBbm7h
kGiWlnuDtFgWQMadL4lC8DAvcLZG299q9ZUr4PLF72qfRGW4Yp2rPaJT/EiCxnbB
NKSA3g93ZmK1F1Wj2FYbyGIOu8CRapyeT7Nev2q+PeMbJEuPRKbcfRXuYkHLg6ZL
T8McERtnjMwTnqNTGtFsYo0QSNK1pXCTs+PJ4YfxIZXwJ9Co2mph0dmZ5wIDAQAB
o4IC9zCCAvMwHQYDVR0OBBYEFOWdmpxJfwcSHnoupqhwbxqNbVZ3MB8GA1UdIwQY
MBaAFH2l0y1bCck8G14/xaKqINdG/P7RMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAt
ZTU4MzlmNDNlNTgzLzEvNVoyYW5FbF9CeEllZWk2bXFIQnZHbzF0Vm5jLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni80YjE4ZmItZDNlZC00YjI3LTliZDAtZTU4MzlmNDNlNTgz
LzEvZmFYVExWc0p5VHdiWGpfRm9xb2cxMGI4X3RFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCwYIKwYBBQUHAQcBAf8EgfswgfgwgfUEAgABMIHuAwQA
AjnyAwQALVgPAwQALYe2AwQATVFlAwQAT27jAwQAVcwSAwQAWSN3AwQAWSOBAwQA
WSW5AwQAWShGAwQAXrENAwQAXrGRAwQAZzhUAwQApxEoMAwDBASnEbADBACnEbID
BACnEbQDBACnEbYDBACnEb8DBAC80GcDBAC81QADBAC81msDBADBfCQDBADBfOED
BADCVfkDBADCVfsDBAHKRwwDBADKRw8DBADMTQEDBADO9YEDBADO9YMwDAMEAM71
hQMEA871gAMEAM71nQMEAM71nwMEANB7uQMEAdB7vgMEANTACwMEANTA1DANBgkq
hkiG9w0BAQsFAAOCAQEAU829B6lh4mJ2vot/f4ThuFy8Ng3TBG5UKX0rP/MSBJuA
EMiR5ZWuZboMB0senh1+aPKtJNy5Q3OGwad7sDMeJ2O8xu1T4p/UJkQae3HZw1Ta
U/Cls8hiOOmTcirxcVSe8+E4gJq/mxWktIu1TCYKgjPhRtDPmFocS8P7WDXrVHzK
HNAAckFkz6UI0huqDTL7kkx9sFajiAM6GrR8KBT6rWgYRlJGDsoim3BsvFo8DWbp
hIFgY4GOigk3xDpqZrtXF8hnHHbwz6RUVhEtuOdAJwwy+hy9+Q2VXCwgUysFJLpH
xVkc/4mqWsAHM4nUrLTjwhQeG0xGbTTrvOwgjsWb8A==
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:36:13 2025 by rpki-client