Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/jrWekfKR9PtlyNevk73NQ13-Gdw.roa
File: jrWekfKR9PtlyNevk73NQ13-Gdw.roa (raw, json)
Hash identifier: Z5v+TrRP7ACqPME/rzSX779jbLqoXhfyRurRL0Mtb+8=
Subject key identifier: 8E:B5:9E:91:F2:91:F4:FB:65:C8:D7:AF:93:BD:CD:43:5D:FE:19:DC
Certificate issuer: /CN=93b76ac9f7a84ad790ad57c880bc9f862ad4c9e7
Certificate serial: 01976881F8F7B90F3D76B7D96A919B1531AB
Authority key identifier: 93:B7:6A:C9:F7:A8:4A:D7:90:AD:57:C8:80:BC:9F:86:2A:D4:C9:E7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/k7dqyfeoSteQrVfIgLyfhirUyec.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/jrWekfKR9PtlyNevk73NQ13-Gdw.roa
Signing time: Fri 13 Jun 2025 08:57:17 +0000
ROA not before: Fri 13 Jun 2025 08:57:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49765
IP address blocks: 5.226.56.0/21 maxlen: 21
5.226.56.0/24 maxlen: 24
5.226.57.0/24 maxlen: 24
5.226.58.0/23 maxlen: 23
5.226.60.0/24 maxlen: 24
5.226.61.0/24 maxlen: 24
5.226.62.0/24 maxlen: 24
5.226.63.0/24 maxlen: 24
91.102.56.0/21 maxlen: 21
91.102.56.0/24 maxlen: 24
91.102.57.0/24 maxlen: 24
91.102.58.0/23 maxlen: 23
91.102.60.0/22 maxlen: 22
91.102.60.0/24 maxlen: 24
91.102.61.0/24 maxlen: 24
91.102.62.0/23 maxlen: 23
109.72.16.0/20 maxlen: 20
109.72.16.0/24 maxlen: 24
109.72.17.0/24 maxlen: 24
109.72.18.0/24 maxlen: 24
109.72.19.0/24 maxlen: 24
109.72.21.0/24 maxlen: 24
109.72.22.0/24 maxlen: 24
109.72.23.0/24 maxlen: 24
109.72.24.0/24 maxlen: 24
109.72.25.0/24 maxlen: 24
109.72.26.0/24 maxlen: 24
109.72.27.0/24 maxlen: 24
109.72.28.0/24 maxlen: 24
109.72.30.0/24 maxlen: 24
109.72.31.0/24 maxlen: 24
137.221.0.0/23 maxlen: 23
137.221.2.0/24 maxlen: 24
137.221.3.0/24 maxlen: 24
137.221.6.0/24 maxlen: 24
137.221.10.0/23 maxlen: 23
137.221.12.0/24 maxlen: 24
137.221.22.0/24 maxlen: 24
185.48.108.0/24 maxlen: 24
185.48.109.0/24 maxlen: 24
185.48.110.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/k7dqyfeoSteQrVfIgLyfhirUyec.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/k7dqyfeoSteQrVfIgLyfhirUyec.mft
rsync://rpki.ripe.net/repository/DEFAULT/k7dqyfeoSteQrVfIgLyfhirUyec.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 08:00:52 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:68:81:f8:f7:b9:0f:3d:76:b7:d9:6a:91:9b:15:31:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=93b76ac9f7a84ad790ad57c880bc9f862ad4c9e7
Validity
Not Before: Jun 13 08:57:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8eb59e91f291f4fb65c8d7af93bdcd435dfe19dc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d6:b5:be:6e:89:4c:6e:8b:26:f2:6d:ca:d8:2a:
60:f6:4d:3f:ca:db:b7:f6:e1:6c:96:a9:18:51:5e:
82:90:0c:28:5e:53:0d:ea:c8:0b:64:8d:ab:10:8f:
61:94:40:c6:91:06:9e:75:c6:e0:a7:e2:6e:95:9f:
65:7f:23:cb:8c:7a:6f:5e:d6:22:01:23:86:33:6d:
fc:33:ad:5a:3e:58:39:97:c4:2c:78:01:1f:a5:37:
2a:f6:40:06:8d:7b:a7:67:44:b5:68:da:08:ee:7f:
e0:de:14:94:b7:19:06:ba:6c:54:19:fe:f3:a9:e5:
eb:87:2a:6c:46:0f:ec:d2:48:06:77:ff:a2:95:58:
fa:14:ed:32:92:3f:67:46:fe:29:67:de:ee:c3:a0:
77:be:5f:86:1a:03:e6:d2:ce:5b:78:7f:77:c6:7e:
dd:9d:2b:04:0f:2f:5f:f5:95:82:63:5c:f9:b6:5d:
b3:f9:5d:fd:64:37:63:08:8d:dd:2f:e8:29:0f:13:
a3:27:55:cf:a6:55:e5:33:cf:08:64:83:bf:89:92:
2c:71:32:74:8f:90:17:bd:23:82:e7:dc:31:1c:07:
96:14:8f:e2:c1:d9:60:95:52:b3:97:1d:67:e9:80:
0f:8c:e5:a0:ef:8e:2c:92:43:dc:e4:85:1b:81:16:
33:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8E:B5:9E:91:F2:91:F4:FB:65:C8:D7:AF:93:BD:CD:43:5D:FE:19:DC
X509v3 Authority Key Identifier:
keyid:93:B7:6A:C9:F7:A8:4A:D7:90:AD:57:C8:80:BC:9F:86:2A:D4:C9:E7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/k7dqyfeoSteQrVfIgLyfhirUyec.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/jrWekfKR9PtlyNevk73NQ13-Gdw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/d33ce0-69a0-4ba3-b3c9-998278f4fbb2/1/k7dqyfeoSteQrVfIgLyfhirUyec.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.226.56.0/21
91.102.56.0/21
109.72.16.0/20
137.221.0.0/22
137.221.6.0/24
137.221.10.0-137.221.12.255
137.221.22.0/24
185.48.108.0/22
Signature Algorithm: sha256WithRSAEncryption
91:22:82:59:eb:28:f3:a8:d2:73:0f:da:6a:d8:cf:c1:0c:e9:
45:be:42:c7:66:fc:06:d9:d1:8e:4a:f8:5c:33:eb:7e:9a:1f:
79:9c:a4:47:4e:e4:b7:72:c5:8d:bb:4f:9d:7a:de:d7:2b:b2:
68:22:e8:b4:8f:98:d0:ed:01:20:42:45:95:10:21:97:38:81:
38:9b:a8:78:77:58:e0:2f:66:a0:90:8a:55:f2:0b:03:3a:6f:
e9:ca:e9:16:e5:41:a8:15:e7:83:8f:e3:dd:9f:ae:aa:22:9c:
70:10:b3:41:62:68:f3:d9:74:df:0a:dd:9b:a8:47:6e:ad:66:
5c:a9:52:fa:88:d3:0e:d3:35:b4:7d:ab:e4:33:fa:95:b9:30:
b1:0b:f0:0b:ea:35:a8:1a:0c:da:25:f7:c3:a0:c2:ff:7b:f7:
54:b5:2b:0f:ea:1e:8d:e1:08:62:87:fc:1c:df:14:0e:e5:2b:
e0:8e:a8:ad:d6:36:18:4b:2e:9d:5a:35:03:ac:33:19:51:0e:
65:86:d9:f1:a5:37:07:76:08:e2:f3:f5:32:75:d8:ad:fb:2a:
c5:54:5e:3f:cd:30:5d:54:05:f0:95:48:d5:88:7c:aa:7b:57:
10:a3:ac:c6:0c:b8:47:ef:15:50:ce:6e:ba:e4:9d:7e:be:e6:
6c:aa:3b:1c
-----BEGIN CERTIFICATE-----
MIIFLzCCBBegAwIBAgISAZdogfj3uQ89drfZapGbFTGrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkzYjc2YWM5ZjdhODRhZDc5MGFkNTdjODgwYmM5Zjg2MmFk
NGM5ZTcwHhcNMjUwNjEzMDg1NzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZWI1OWU5MWYyOTFmNGZiNjVjOGQ3YWY5M2JkY2Q0MzVkZmUxOWRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1rW+bolMbosm8m3K2Cpg9k0/ytu3
9uFslqkYUV6CkAwoXlMN6sgLZI2rEI9hlEDGkQaedcbgp+JulZ9lfyPLjHpvXtYi
ASOGM238M61aPlg5l8QseAEfpTcq9kAGjXunZ0S1aNoI7n/g3hSUtxkGumxUGf7z
qeXrhypsRg/s0kgGd/+ilVj6FO0ykj9nRv4pZ97uw6B3vl+GGgPm0s5beH93xn7d
nSsEDy9f9ZWCY1z5tl2z+V39ZDdjCI3dL+gpDxOjJ1XPplXlM88IZIO/iZIscTJ0
j5AXvSOC59wxHAeWFI/iwdlglVKzlx1n6YAPjOWg744skkPc5IUbgRYzEQIDAQAB
o4ICOzCCAjcwHQYDVR0OBBYEFI61npHykfT7ZcjXr5O9zUNd/hncMB8GA1UdIwQY
MBaAFJO3asn3qErXkK1XyIC8n4Yq1MnnMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvazdkcXlmZW9TdGVRclZmSWdMeWZoaXJVeWVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9kMzNjZTAtNjlhMC00YmEzLWIzYzkt
OTk4Mjc4ZjRmYmIyLzEvanJXZWtmS1I5UHRseU5ldms3M05RMTMtR2R3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9kMzNjZTAtNjlhMC00YmEzLWIzYzktOTk4Mjc4ZjRmYmIy
LzEvazdkcXlmZW9TdGVRclZmSWdMeWZoaXJVeWVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFEGCCsGAQUFBwEHAQH/BEIwQDA+BAIAATA4AwQDBeI4AwQD
W2Y4AwQEbUgQAwQCid0AAwQAid0GMAwDBAGJ3QoDBACJ3QwDBACJ3RYDBAK5MGww
DQYJKoZIhvcNAQELBQADggEBAJEiglnrKPOo0nMP2mrYz8EM6UW+Qsdm/AbZ0Y5K
+Fwz636aH3mcpEdO5LdyxY27T5163tcrsmgi6LSPmNDtASBCRZUQIZc4gTibqHh3
WOAvZqCQilXyCwM6b+nK6RblQagV54OP492frqoinHAQs0FiaPPZdN8K3ZuoR26t
ZlypUvqI0w7TNbR9q+Qz+pW5MLEL8AvqNagaDNol98Ogwv9791S1Kw/qHo3hCGKH
/BzfFA7lK+COqK3WNhhLLp1aNQOsMxlRDmWG2fGlNwd2COLz9TJ12K37KsVUXj/N
MF1UBfCVSNWIfKp7VxCjrMYMuEfvFVDObrrknX6+5myqOxw=
-----END CERTIFICATE-----
Generated at Mon Jun 16 16:49:41 2025 by rpki-client