Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/8FA7Lr1UFF21tJ7bN9B79K5CsTE.roa
File: 8FA7Lr1UFF21tJ7bN9B79K5CsTE.roa (raw, json)
Hash identifier: KI5VwKHEhwpayJ9GtFKeZk7WbRjdECwPDfzDbHJARBk=
Subject key identifier: F0:50:3B:2E:BD:54:14:5D:B5:B4:9E:DB:37:D0:7B:F4:AE:42:B1:31
Certificate issuer: /CN=05bfdbb6a4b1663369da407db97b021f73284a28
Certificate serial: 019A3BF85ACC68FE52A894570B8ECFA735B2
Authority key identifier: 05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/8FA7Lr1UFF21tJ7bN9B79K5CsTE.roa
Signing time: Fri 31 Oct 2025 20:32:03 +0000
ROA not before: Fri 31 Oct 2025 20:32:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42831
IP address blocks: 5.101.136.0/21 maxlen: 21
5.101.144.0/21 maxlen: 21
5.101.168.0/21 maxlen: 21
31.132.0.0/21 maxlen: 21
37.9.56.0/21 maxlen: 21
77.74.192.0/21 maxlen: 21
77.75.120.0/21 maxlen: 21
78.110.160.0/21 maxlen: 21
78.110.168.0/23 maxlen: 23
78.110.170.0/24 maxlen: 24
78.110.172.0/22 maxlen: 22
78.157.192.0/21 maxlen: 21
78.157.200.0/22 maxlen: 22
78.157.204.0/24 maxlen: 24
78.157.206.0/23 maxlen: 23
78.157.208.0/20 maxlen: 20
81.92.192.0/22 maxlen: 22
81.92.217.0/24 maxlen: 24
81.92.218.0/24 maxlen: 24
91.109.112.0/21 maxlen: 21
94.46.184.0/22 maxlen: 22
94.46.192.0/22 maxlen: 22
94.46.207.0/24 maxlen: 24
94.46.220.0/22 maxlen: 22
94.46.244.0/22 maxlen: 22
94.229.64.0/20 maxlen: 20
178.159.0.0/20 maxlen: 20
185.17.24.0/24 maxlen: 24
185.17.26.0/24 maxlen: 24
185.17.27.0/24 maxlen: 24
185.99.252.0/24 maxlen: 24
185.99.253.0/24 maxlen: 24
185.99.254.0/24 maxlen: 24
185.103.96.0/22 maxlen: 22
185.109.168.0/22 maxlen: 22
2a01:a500::/32 maxlen: 32
2a01:a500:1::/48 maxlen: 48
2a01:a500:1228::/48 maxlen: 48
2a01:a500:251a::/48 maxlen: 48
2a01:a500:251b::/48 maxlen: 48
2a01:a500:251c::/48 maxlen: 48
2a01:a500:2566::/48 maxlen: 48
2a01:a500:a517::/48 maxlen: 48
2a01:a500:b517::/48 maxlen: 48
2a01:a500:c517::/48 maxlen: 48
2a01:a500:d517::/48 maxlen: 48
2a01:a500:e517::/48 maxlen: 48
2a01:a500:f517::/48 maxlen: 48
2a01:a507::/32 maxlen: 32
2a01:a507:a::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.mft
rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 23:00:36 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:3b:f8:5a:cc:68:fe:52:a8:94:57:0b:8e:cf:a7:35:b2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=05bfdbb6a4b1663369da407db97b021f73284a28
Validity
Not Before: Oct 31 20:32:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f0503b2ebd54145db5b49edb37d07bf4ae42b131
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:cd:b3:d3:20:7f:7c:86:81:5d:8a:78:cf:52:
01:f5:bd:57:31:79:d8:e6:c6:12:c3:16:0c:87:88:
e0:48:29:95:2a:59:9b:a3:05:d1:be:9a:16:2f:56:
af:fd:45:bf:a6:ff:db:7a:8f:99:db:44:b2:9c:02:
9d:2f:f1:5e:6c:44:1e:ce:46:8d:96:95:b5:76:52:
39:5c:b0:b1:91:1b:a8:4c:da:f6:d4:29:72:f5:e5:
a3:50:82:2f:d2:0b:b2:3f:a0:9a:4b:eb:0e:b2:92:
14:8f:00:dd:04:34:f7:d6:c9:7e:ab:4a:c8:13:3c:
d3:62:27:31:95:01:22:c3:64:c5:ab:d5:a3:00:62:
af:34:e9:6b:b2:0d:62:39:e9:04:8c:9f:f2:eb:f8:
29:70:53:d9:a1:71:28:6b:ad:c8:a4:ae:c3:07:b7:
e5:23:94:98:4d:a5:ba:d4:b8:ce:8c:24:95:66:fd:
91:6b:12:7d:4f:36:50:e1:f3:f5:b3:c5:d1:8a:44:
b1:7e:1a:ce:62:42:c2:52:09:bf:96:35:51:fb:3f:
61:3a:ea:ff:ca:c0:bf:d9:54:fa:26:71:60:fe:a0:
c4:2f:2a:d7:0d:c1:52:1f:5a:f2:fa:5d:ab:7f:5c:
54:e5:bf:63:1c:fe:3d:7d:bb:6b:f8:da:4b:ab:ee:
7a:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F0:50:3B:2E:BD:54:14:5D:B5:B4:9E:DB:37:D0:7B:F4:AE:42:B1:31
X509v3 Authority Key Identifier:
keyid:05:BF:DB:B6:A4:B1:66:33:69:DA:40:7D:B9:7B:02:1F:73:28:4A:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Bb_btqSxZjNp2kB9uXsCH3MoSig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/8FA7Lr1UFF21tJ7bN9B79K5CsTE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a6/460c00-3e95-4274-bc9c-060dacfebe0f/1/Bb_btqSxZjNp2kB9uXsCH3MoSig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.101.136.0-5.101.151.255
5.101.168.0/21
31.132.0.0/21
37.9.56.0/21
77.74.192.0/21
77.75.120.0/21
78.110.160.0-78.110.170.255
78.110.172.0/22
78.157.192.0-78.157.204.255
78.157.206.0-78.157.223.255
81.92.192.0/22
81.92.217.0-81.92.218.255
91.109.112.0/21
94.46.184.0/22
94.46.192.0/22
94.46.207.0/24
94.46.220.0/22
94.46.244.0/22
94.229.64.0/20
178.159.0.0/20
185.17.24.0/24
185.17.26.0/23
185.99.252.0-185.99.254.255
185.103.96.0/22
185.109.168.0/22
IPv6:
2a01:a500::/32
2a01:a507::/32
Signature Algorithm: sha256WithRSAEncryption
63:f2:09:a6:2e:7b:99:1b:d1:ca:8e:f9:3d:fe:13:8c:f3:97:
df:bd:23:35:c6:fa:13:28:98:25:43:28:21:13:98:b3:69:0e:
a4:81:99:f4:6d:8f:3a:05:26:59:e7:eb:41:2f:82:9d:9d:7e:
86:53:1a:fd:65:4d:4c:86:6f:dc:de:cc:14:06:f9:72:d8:d1:
8e:a2:21:18:b1:29:ca:39:d4:19:31:b5:28:d6:df:e4:67:ee:
d7:5a:d5:32:39:a5:6e:0d:4b:4d:82:03:ad:af:f3:cc:7b:9d:
6e:d7:3e:cb:c5:f5:d4:bb:e5:cf:2b:4b:33:fa:6b:fd:d2:59:
1d:e1:34:73:92:62:52:d5:4f:3a:2f:a3:4d:9c:42:15:c1:ee:
bf:85:e5:b1:30:15:8a:30:42:05:6f:33:32:cb:5c:a7:f2:92:
93:4c:20:5f:dd:f7:da:cc:00:d3:06:ac:06:c9:20:fd:08:75:
7e:1a:b2:75:08:bf:fc:6d:1d:dc:64:6a:68:a3:b7:9c:a9:3e:
64:9e:aa:ee:5d:09:ab:2f:51:9b:2b:48:76:bd:78:7f:bf:a9:
fb:d1:6c:8c:5d:69:41:73:84:f8:e5:c3:91:01:04:63:a7:8f:
73:1f:bd:c2:e2:78:19:2c:cf:b7:b1:09:2f:4c:05:d7:5f:ba:
a2:d2:22:32
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZo7+FrMaP5SqJRXC47PpzWyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1YmZkYmI2YTRiMTY2MzM2OWRhNDA3ZGI5N2IwMjFmNzMy
ODRhMjgwHhcNMjUxMDMxMjAzMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmMDUwM2IyZWJkNTQxNDVkYjViNDllZGIzN2QwN2JmNGFlNDJiMTMxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnM2z0yB/fIaBXYp4z1IB9b1XMXnY
5sYSwxYMh4jgSCmVKlmbowXRvpoWL1av/UW/pv/beo+Z20SynAKdL/FebEQezkaN
lpW1dlI5XLCxkRuoTNr21Cly9eWjUIIv0guyP6CaS+sOspIUjwDdBDT31sl+q0rI
EzzTYicxlQEiw2TFq9WjAGKvNOlrsg1iOekEjJ/y6/gpcFPZoXEoa63IpK7DB7fl
I5SYTaW61LjOjCSVZv2RaxJ9TzZQ4fP1s8XRikSxfhrOYkLCUgm/ljVR+z9hOur/
ysC/2VT6JnFg/qDELyrXDcFSH1ry+l2rf1xU5b9jHP49fbtr+NpLq+565wIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFPBQOy69VBRdtbSe2zfQe/SuQrExMB8GA1UdIwQY
MBaAFAW/27aksWYzadpAfbl7Ah9zKEooMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMt
MDYwZGFjZmViZTBmLzEvOEZBN0xyMVVGRjIxdEo3Yk45Qjc5SzVDc1RFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNi80NjBjMDAtM2U5NS00Mjc0LWJjOWMtMDYwZGFjZmViZTBm
LzEvQmJfYnRxU3haak5wMmtCOXVYc0NIM01vU2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCBzQQCAAEwgcYwDAME
AwVliAMEAwVlkAMEAwVlqAMEAx+EAAMEAyUJOAMEA01KwAMEA01LeDAMAwQFTm6g
AwQATm6qAwQCTm6sMAwDBAZOncADBABOncwwDAMEAU6dzgMEBU6dwAMEAlFcwDAM
AwQAUVzZAwQAUVzaAwQDW21wAwQCXi64AwQCXi7AAwQAXi7PAwQCXi7cAwQCXi70
AwQEXuVAAwQEsp8AAwQAuREYAwQBuREaMAwDBAK5Y/wDBAC5Y/4DBAK5Z2ADBAK5
bagwFAQCAAIwDgMFACoBpQADBQAqAaUHMA0GCSqGSIb3DQEBCwUAA4IBAQBj8gmm
LnuZG9HKjvk9/hOM85ffvSM1xvoTKJglQyghE5izaQ6kgZn0bY86BSZZ5+tBL4Kd
nX6GUxr9ZU1Mhm/c3swUBvly2NGOoiEYsSnKOdQZMbUo1t/kZ+7XWtUyOaVuDUtN
ggOtr/PMe51u1z7LxfXUu+XPK0sz+mv90lkd4TRzkmJS1U86L6NNnEIVwe6/heWx
MBWKMEIFbzMyy1yn8pKTTCBf3ffazADTBqwGySD9CHV+GrJ1CL/8bR3cZGpoo7ec
qT5knqruXQmrL1GbK0h2vXh/v6n70WyMXWlBc4T45cORAQRjp49zH73C4ngZLM+3
sQkvTAXXX7qi0iIy
-----END CERTIFICATE-----
Generated at Wed Nov 5 09:25:25 2025 by rpki-client