Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/06SLQj8M0JloqOLLSJQsS9Mvvt8.roa
File: 06SLQj8M0JloqOLLSJQsS9Mvvt8.roa (raw, json)
Hash identifier: pOdJZOCbzwERcaHXTxoPc47TuC69tCgfLF74nW59Yqg=
Subject key identifier: D3:A4:8B:42:3F:0C:D0:99:68:A8:E2:CB:48:94:2C:4B:D3:2F:BE:DF
Certificate issuer: /CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Certificate serial: 01987F093E82CCFEBD2FA252B59A9419CC04
Authority key identifier: 02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/06SLQj8M0JloqOLLSJQsS9Mvvt8.roa
Signing time: Wed 06 Aug 2025 10:59:28 +0000
ROA not before: Wed 06 Aug 2025 10:59:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198589
IP address blocks: 5.62.128.0/21 maxlen: 21
5.62.128.0/24 maxlen: 24
5.62.129.0/24 maxlen: 24
5.62.130.0/23 maxlen: 23
5.62.130.0/24 maxlen: 24
5.62.131.0/24 maxlen: 24
5.62.132.0/23 maxlen: 23
5.62.132.0/24 maxlen: 24
5.62.133.0/24 maxlen: 24
5.62.134.0/23 maxlen: 23
5.62.134.0/24 maxlen: 24
5.62.135.0/24 maxlen: 24
5.62.136.0/24 maxlen: 24
5.62.137.0/24 maxlen: 24
5.62.138.0/23 maxlen: 23
5.62.138.0/24 maxlen: 24
5.62.139.0/24 maxlen: 24
5.62.140.0/23 maxlen: 23
5.62.140.0/24 maxlen: 24
5.62.141.0/24 maxlen: 24
5.62.142.0/23 maxlen: 23
5.62.142.0/24 maxlen: 24
5.62.143.0/24 maxlen: 24
5.62.144.0/21 maxlen: 21
5.62.144.0/23 maxlen: 23
5.62.144.0/24 maxlen: 24
5.62.145.0/24 maxlen: 24
5.62.146.0/23 maxlen: 23
5.62.146.0/24 maxlen: 24
5.62.147.0/24 maxlen: 24
5.62.148.0/23 maxlen: 23
5.62.148.0/24 maxlen: 24
5.62.149.0/24 maxlen: 24
5.62.150.0/23 maxlen: 23
5.62.150.0/24 maxlen: 24
5.62.151.0/24 maxlen: 24
31.7.80.0/24 maxlen: 24
31.7.81.0/24 maxlen: 24
31.7.82.0/24 maxlen: 24
31.7.83.0/24 maxlen: 24
31.7.84.0/24 maxlen: 24
31.7.85.0/24 maxlen: 24
31.7.86.0/24 maxlen: 24
31.7.87.0/24 maxlen: 24
37.77.48.0/21 maxlen: 21
37.77.49.0/24 maxlen: 24
37.77.50.0/24 maxlen: 24
37.77.51.0/24 maxlen: 24
37.77.52.0/24 maxlen: 24
37.77.53.0/24 maxlen: 24
37.77.54.0/24 maxlen: 24
37.77.55.0/24 maxlen: 24
185.69.4.0/22 maxlen: 22
185.69.4.0/24 maxlen: 24
185.69.5.0/24 maxlen: 24
185.69.6.0/23 maxlen: 23
185.69.6.0/24 maxlen: 24
185.69.7.0/24 maxlen: 24
2a00:c9e0::/32 maxlen: 32
2a00:c9e0:1::/48 maxlen: 48
2a00:c9e0:5::/48 maxlen: 48
2a00:c9e0:8::/48 maxlen: 48
2a00:c9e0:b::/48 maxlen: 48
2a00:c9e0:c::/48 maxlen: 48
2a00:c9e0:8000::/48 maxlen: 48
2a00:c9e0:8001::/48 maxlen: 48
2a00:c9e0:8002::/48 maxlen: 48
2a00:c9e7:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 12 Aug 2025 02:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7f:09:3e:82:cc:fe:bd:2f:a2:52:b5:9a:94:19:cc:04
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=02bbd4f865a12d79a09a034486ce61ba023882c7
Validity
Not Before: Aug 6 10:59:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d3a48b423f0cd09968a8e2cb48942c4bd32fbedf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a6:d9:54:9e:65:0b:9f:c9:af:ec:27:17:b1:
3d:1b:b0:21:3f:61:fb:15:8a:31:67:f0:6f:f1:ca:
e5:b2:b6:1a:6a:f7:f3:f8:7b:87:74:bf:ee:35:03:
ca:cc:19:0c:bf:ba:77:e7:b6:af:a3:a8:b1:cc:01:
31:c0:b9:5b:46:9b:18:8b:4b:3e:71:27:07:f8:97:
93:97:83:84:49:a0:c8:b8:a7:24:be:b1:df:2e:d6:
87:b3:68:f5:46:80:83:a3:b4:02:fe:56:36:08:f7:
3f:a7:8d:f9:8d:df:85:fe:6e:01:18:f1:ba:6b:c4:
69:9e:65:50:2b:bb:05:a5:4e:d7:76:c5:2a:b4:74:
13:8e:44:ea:96:91:18:9c:43:0a:a1:2e:e8:f4:2f:
23:d4:57:80:dd:9f:2e:74:ac:b0:69:3a:4a:ca:9b:
d5:d4:a6:30:01:10:37:05:28:98:82:1c:f7:99:0c:
49:eb:ad:80:0f:c0:67:8a:db:d3:49:7e:91:54:ba:
7c:e1:44:a6:6a:9e:85:46:42:05:b3:52:5a:d0:ec:
11:66:b8:77:ac:27:48:ab:ca:89:5e:40:c6:ad:d7:
34:fb:f6:0a:9c:32:40:04:50:46:2c:ae:9d:69:93:
fb:23:49:28:0b:e5:60:f9:bb:23:0f:28:41:30:f4:
67:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:A4:8B:42:3F:0C:D0:99:68:A8:E2:CB:48:94:2C:4B:D3:2F:BE:DF
X509v3 Authority Key Identifier:
keyid:02:BB:D4:F8:65:A1:2D:79:A0:9A:03:44:86:CE:61:BA:02:38:82:C7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ArvU-GWhLXmgmgNEhs5hugI4gsc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/06SLQj8M0JloqOLLSJQsS9Mvvt8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/cb83b2-33b5-4560-8935-0a98048cdf72/1/ArvU-GWhLXmgmgNEhs5hugI4gsc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.62.128.0-5.62.151.255
31.7.80.0/21
37.77.48.0/21
185.69.4.0/22
IPv6:
2a00:c9e0::/32
2a00:c9e7:1::/48
Signature Algorithm: sha256WithRSAEncryption
b6:10:8b:a9:34:1b:48:f9:9b:62:8f:30:19:eb:36:42:87:fa:
38:f0:6b:26:10:16:bc:e4:98:d4:d6:b1:c2:31:6e:cf:df:84:
9f:c8:b5:9d:56:6f:20:e9:8a:67:fb:4d:50:0f:85:5b:94:b1:
14:ea:71:db:90:22:1e:1c:78:2b:26:b6:da:20:78:25:ef:a8:
ac:3a:70:15:2a:48:67:e6:cd:3b:ae:3d:be:0e:79:47:83:32:
8d:b2:c5:34:84:f1:60:72:b4:39:23:7d:da:1f:e1:06:74:5f:
b1:f5:f7:59:83:65:13:9f:80:55:9d:5a:4b:4b:89:91:f9:7c:
2a:56:e5:16:9e:a7:41:2b:97:95:41:5a:19:29:b7:db:e4:8d:
b3:6c:fc:fe:73:c4:ca:16:7e:04:e2:f7:90:39:67:db:43:61:
ee:97:23:1d:de:cc:84:10:93:73:a8:29:b1:00:cc:03:24:0a:
f9:8d:d9:5a:a0:83:d4:e5:b2:66:10:55:77:96:06:43:ae:6f:
6d:f2:48:0b:23:f2:e6:08:cf:6d:8c:82:1e:c2:73:5e:7d:65:
dc:80:9d:5c:13:20:7b:c7:21:43:55:8c:1e:a1:71:96:89:44:
41:b2:fe:82:48:91:17:d4:1a:63:91:4b:08:88:fa:8e:42:ab:
13:bd:99:92
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZh/CT6CzP69L6JStZqUGcwEMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAyYmJkNGY4NjVhMTJkNzlhMDlhMDM0NDg2Y2U2MWJhMDIz
ODgyYzcwHhcNMjUwODA2MTA1OTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkM2E0OGI0MjNmMGNkMDk5NjhhOGUyY2I0ODk0MmM0YmQzMmZiZWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6bZVJ5lC5/Jr+wnF7E9G7AhP2H7
FYoxZ/Bv8crlsrYaavfz+HuHdL/uNQPKzBkMv7p357avo6ixzAExwLlbRpsYi0s+
cScH+JeTl4OESaDIuKckvrHfLtaHs2j1RoCDo7QC/lY2CPc/p435jd+F/m4BGPG6
a8RpnmVQK7sFpU7XdsUqtHQTjkTqlpEYnEMKoS7o9C8j1FeA3Z8udKywaTpKypvV
1KYwARA3BSiYghz3mQxJ662AD8BnitvTSX6RVLp84USmap6FRkIFs1Ja0OwRZrh3
rCdIq8qJXkDGrdc0+/YKnDJABFBGLK6daZP7I0koC+Vg+bsjDyhBMPRncQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFNOki0I/DNCZaKjiy0iULEvTL77fMB8GA1UdIwQY
MBaAFAK71PhloS15oJoDRIbOYboCOILHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUt
MGE5ODA0OGNkZjcyLzEvMDZTTFFqOE0wSmxvcU9MTFNKUXNTOU12dnQ4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9jYjgzYjItMzNiNS00NTYwLTg5MzUtMGE5ODA0OGNkZjcy
LzEvQXJ2VS1HV2hMWG1nbWdORWhzNWh1Z0k0Z3NjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDAmBAIAATAgMAwDBAcFPoAD
BAMFPpADBAMfB1ADBAMlTTADBAK5RQQwFgQCAAIwEAMFACoAyeADBwAqAMnnAAEw
DQYJKoZIhvcNAQELBQADggEBALYQi6k0G0j5m2KPMBnrNkKH+jjwayYQFrzkmNTW
scIxbs/fhJ/ItZ1WbyDpimf7TVAPhVuUsRTqcduQIh4ceCsmttogeCXvqKw6cBUq
SGfmzTuuPb4OeUeDMo2yxTSE8WBytDkjfdof4QZ0X7H191mDZROfgFWdWktLiZH5
fCpW5Raep0Erl5VBWhkpt9vkjbNs/P5zxMoWfgTi95A5Z9tDYe6XIx3ezIQQk3Oo
KbEAzAMkCvmN2Vqgg9TlsmYQVXeWBkOub23ySAsj8uYIz22Mgh7Cc159ZdyAnVwT
IHvHIUNVjB6hcZaJREGy/oJIkRfUGmORSwiI+o5CqxO9mZI=
-----END CERTIFICATE-----
Generated at Mon Aug 11 08:47:57 2025 by rpki-client