Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/N08_DDOO7U8iY029s5ruX5IbQVo.roa
File: N08_DDOO7U8iY029s5ruX5IbQVo.roa (raw, json)
Hash identifier: e1LMDaz5/YMh4r5P938vactrZpSr6e0IbKW7mJfF7P8=
Subject key identifier: 37:4F:3F:0C:33:8E:ED:4F:22:63:4D:BD:B3:9A:EE:5F:92:1B:41:5A
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B45755307457C78B1883FF51B65288
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/N08_DDOO7U8iY029s5ruX5IbQVo.roa
Signing time: Mon 14 Jul 2025 16:11:10 +0000
ROA not before: Mon 14 Jul 2025 16:11:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204997
IP address blocks: 45.144.64.0/24 maxlen: 24
45.144.65.0/24 maxlen: 24
45.144.66.0/24 maxlen: 24
45.144.67.0/24 maxlen: 24
46.17.104.0/24 maxlen: 24
91.217.81.0/24 maxlen: 24
139.28.222.0/24 maxlen: 24
139.28.223.0/24 maxlen: 24
147.78.64.0/24 maxlen: 24
147.78.65.0/24 maxlen: 24
147.78.66.0/24 maxlen: 24
147.78.67.0/24 maxlen: 24
185.17.3.0/24 maxlen: 24
185.104.248.0/24 maxlen: 24
185.104.249.0/24 maxlen: 24
185.139.68.0/24 maxlen: 24
185.139.69.0/24 maxlen: 24
185.139.70.0/24 maxlen: 24
185.139.71.0/24 maxlen: 24
185.180.231.0/24 maxlen: 24
185.188.182.0/24 maxlen: 24
185.188.183.0/24 maxlen: 24
185.195.24.0/24 maxlen: 24
185.195.25.0/24 maxlen: 24
185.195.26.0/24 maxlen: 24
185.195.27.0/24 maxlen: 24
185.204.0.0/24 maxlen: 24
185.204.2.0/24 maxlen: 24
185.204.3.0/24 maxlen: 24
185.212.148.0/24 maxlen: 24
185.244.172.0/24 maxlen: 24
185.244.173.0/24 maxlen: 24
185.252.146.0/24 maxlen: 24
185.252.147.0/24 maxlen: 24
185.255.132.0/24 maxlen: 24
185.255.133.0/24 maxlen: 24
185.255.134.0/24 maxlen: 24
185.255.135.0/24 maxlen: 24
193.109.78.0/24 maxlen: 24
193.109.79.0/24 maxlen: 24
195.66.114.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 22 Jul 2025 06:00:50 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b4:57:55:30:74:57:c7:8b:18:83:ff:51:b6:52:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:11:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=374f3f0c338eed4f22634dbdb39aee5f921b415a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:fd:29:a9:8c:16:2e:81:4b:32:f4:24:7e:73:
cb:7e:74:42:af:14:87:2d:a5:cd:1e:a1:7b:c3:b4:
d9:e3:c7:17:5c:19:bc:c1:1c:d8:a3:b3:28:9b:a6:
42:5e:e2:23:e9:a4:68:70:cd:06:98:1a:ad:c9:a1:
66:cf:1e:68:47:4b:43:5a:d0:69:02:60:06:ae:d9:
eb:14:0b:4d:fd:2a:c8:6e:d8:66:6c:63:eb:b2:02:
08:54:8d:b8:07:71:b8:88:57:f7:85:2c:46:e7:bf:
c1:48:4d:c8:f0:05:2a:e5:e9:23:91:c6:49:2e:63:
b9:c4:4c:5c:3d:57:27:ad:4f:c5:8d:c2:6a:20:0a:
bb:ba:29:0d:9a:fb:15:dc:f6:a2:03:c8:53:47:de:
b9:99:fd:80:57:d5:62:25:68:d6:e6:ef:b2:ea:4e:
24:da:dc:2e:f8:1a:94:fd:ab:ec:94:09:59:54:36:
b7:38:9d:50:15:3a:8c:02:84:4f:15:d5:57:be:df:
d6:c7:46:56:98:86:be:7f:4c:d3:06:57:6f:63:80:
2e:c7:72:22:e4:90:20:ce:b6:d0:57:ec:2f:b7:5f:
43:50:97:b9:6a:09:67:fc:53:1d:80:fb:fa:7c:47:
34:6e:dc:64:b8:7d:ed:87:54:4d:8d:b3:f2:97:3b:
94:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
37:4F:3F:0C:33:8E:ED:4F:22:63:4D:BD:B3:9A:EE:5F:92:1B:41:5A
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/N08_DDOO7U8iY029s5ruX5IbQVo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.144.64.0/22
46.17.104.0/24
91.217.81.0/24
139.28.222.0/23
147.78.64.0/22
185.17.3.0/24
185.104.248.0/23
185.139.68.0/22
185.180.231.0/24
185.188.182.0/23
185.195.24.0/22
185.204.0.0/24
185.204.2.0/23
185.212.148.0/24
185.244.172.0/23
185.252.146.0/23
185.255.132.0/22
193.109.78.0/23
195.66.114.0/24
Signature Algorithm: sha256WithRSAEncryption
c8:4b:38:47:6e:1d:67:ac:24:9f:e0:41:3a:db:16:df:79:b8:
d8:0f:6b:d5:4e:59:67:17:38:7f:41:d2:70:bd:01:67:91:92:
e0:df:be:b9:91:c5:9b:cd:27:ca:64:f1:aa:db:f9:21:21:1b:
29:c3:94:4e:4f:30:76:0c:f9:ce:03:4a:d1:30:b5:1c:f3:08:
9d:27:1f:27:17:65:b3:1e:b8:91:d0:c7:c3:ff:f4:d7:02:51:
e4:cc:ee:24:f6:fc:a1:45:71:05:8d:33:5d:a5:ec:66:e1:e5:
06:0e:1c:fd:31:28:39:1b:ec:68:33:04:a3:f0:95:fe:29:f4:
ff:02:ef:f1:88:3d:fe:de:96:d0:f5:ac:d8:04:4c:b4:7b:38:
8c:0a:e7:c0:36:98:66:a0:b7:e1:58:7c:02:de:ce:7c:d3:be:
e9:80:a7:0c:9f:f0:ff:d0:3e:b5:27:50:f2:fa:dc:bc:e1:28:
55:28:8e:0e:6f:f2:38:1a:ce:0a:a9:5b:6b:8d:8e:bd:72:1f:
a6:53:95:0f:6b:10:06:8e:e2:12:f0:5b:e4:f9:f2:00:c3:c8:
3f:13:4f:ae:f9:c6:3d:f5:ba:f5:fb:19:9b:42:4d:59:4c:4e:
32:d2:3d:8a:6e:07:23:c3:06:a3:8a:51:f4:ad:01:a7:e3:44:
ce:31:95:84
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZgJtFdVMHRXx4sYg/9RtlKIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMTEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNzRmM2YwYzMzOGVlZDRmMjI2MzRkYmRiMzlhZWU1ZjkyMWI0MTVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0P0pqYwWLoFLMvQkfnPLfnRCrxSH
LaXNHqF7w7TZ48cXXBm8wRzYo7Mom6ZCXuIj6aRocM0GmBqtyaFmzx5oR0tDWtBp
AmAGrtnrFAtN/SrIbthmbGPrsgIIVI24B3G4iFf3hSxG57/BSE3I8AUq5ekjkcZJ
LmO5xExcPVcnrU/FjcJqIAq7uikNmvsV3PaiA8hTR965mf2AV9ViJWjW5u+y6k4k
2twu+BqU/avslAlZVDa3OJ1QFTqMAoRPFdVXvt/Wx0ZWmIa+f0zTBldvY4Aux3Ii
5JAgzrbQV+wvt19DUJe5agln/FMdgPv6fEc0btxkuH3th1RNjbPylzuURQIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFDdPPwwzju1PImNNvbOa7l+SG0FaMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvTjA4X0RET083VThpWTAyOXM1cnVYNUliUVZvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAi2QQAME
AC4RaAMEAFvZUQMEAYsc3gMEApNOQAMEALkRAwMEAblo+AMEArmLRAMEALm05wME
Abm8tgMEArnDGAMEALnMAAMEAbnMAgMEALnUlAMEAbn0rAMEAbn8kgMEArn/hAME
AcFtTgMEAMNCcjANBgkqhkiG9w0BAQsFAAOCAQEAyEs4R24dZ6wkn+BBOtsW33m4
2A9r1U5ZZxc4f0HScL0BZ5GS4N++uZHFm80nymTxqtv5ISEbKcOUTk8wdgz5zgNK
0TC1HPMInScfJxdlsx64kdDHw//01wJR5MzuJPb8oUVxBY0zXaXsZuHlBg4c/TEo
ORvsaDMEo/CV/in0/wLv8Yg9/t6W0PWs2ARMtHs4jArnwDaYZqC34Vh8At7OfNO+
6YCnDJ/w/9A+tSdQ8vrcvOEoVSiODm/yOBrOCqlba42OvXIfplOVD2sQBo7iEvBb
5PnyAMPIPxNPrvnGPfW69fsZm0JNWUxOMtI9im4HI8MGo4pR9K0Bp+NEzjGVhA==
-----END CERTIFICATE-----
Generated at Mon Jul 21 12:41:39 2025 by rpki-client