Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/gwFVjdypHt92SnNjH3CPIGBy4IU.roa
File: gwFVjdypHt92SnNjH3CPIGBy4IU.roa (raw, json)
Hash identifier: A+nUMyJSXdQmd/89bdD8zIpglwBAwvZFLnTEgF64ozg=
Subject key identifier: 83:01:55:8D:DC:A9:1E:DF:76:4A:73:63:1F:70:8F:20:60:72:E0:85
Certificate issuer: /CN=a87090c275c34c05c306f3b36063893a0d72782a
Certificate serial: 019809B53BC9AE030C28F2154F2C19518BAD
Authority key identifier: A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/gwFVjdypHt92SnNjH3CPIGBy4IU.roa
Signing time: Mon 14 Jul 2025 16:12:08 +0000
ROA not before: Mon 14 Jul 2025 16:12:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205090
IP address blocks: 45.9.73.0/24 maxlen: 24
45.9.75.0/24 maxlen: 24
45.89.65.0/24 maxlen: 24
45.90.216.0/24 maxlen: 24
45.90.217.0/24 maxlen: 24
45.90.218.0/24 maxlen: 24
45.90.219.0/24 maxlen: 24
45.95.202.0/24 maxlen: 24
45.95.203.0/24 maxlen: 24
45.132.255.0/24 maxlen: 24
84.252.73.0/24 maxlen: 24
84.252.74.0/24 maxlen: 24
84.252.75.0/24 maxlen: 24
85.209.2.0/24 maxlen: 24
185.102.139.0/24 maxlen: 24
185.103.109.0/24 maxlen: 24
185.104.251.0/24 maxlen: 24
185.112.101.0/24 maxlen: 24
185.112.102.0/24 maxlen: 24
185.112.103.0/24 maxlen: 24
185.217.198.0/24 maxlen: 24
185.217.199.0/24 maxlen: 24
185.221.162.0/24 maxlen: 24
185.232.169.0/24 maxlen: 24
185.233.83.0/24 maxlen: 24
185.233.200.0/24 maxlen: 24
193.162.143.0/24 maxlen: 24
193.168.227.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.mft
rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 12:00:51 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:b5:3b:c9:ae:03:0c:28:f2:15:4f:2c:19:51:8b:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a87090c275c34c05c306f3b36063893a0d72782a
Validity
Not Before: Jul 14 16:12:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8301558ddca91edf764a73631f708f206072e085
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:a3:39:f9:ff:f6:24:f8:f8:e1:9a:02:e5:09:
44:6a:33:3e:bf:a9:37:62:21:f8:af:17:5f:30:61:
d2:98:3b:d5:22:58:3b:e5:63:42:eb:43:f9:43:cd:
11:b7:8f:cc:9c:79:b6:7d:72:a9:56:c7:d9:af:ac:
99:11:e3:87:68:1a:0c:92:98:16:a2:9d:18:6f:a6:
6d:d6:03:b1:6e:10:c9:dc:98:2f:57:ba:a9:73:68:
ac:2e:52:82:71:24:5c:29:8b:f9:e5:c2:13:28:1f:
1d:a4:57:0a:8b:88:2f:29:21:8a:cc:a9:9d:48:c0:
c2:5e:4c:75:78:0a:f3:a4:12:e4:97:1c:44:34:d9:
d2:f1:55:dc:0c:41:56:1e:b0:2b:33:5b:13:7a:6a:
fd:66:15:79:a4:dd:2e:01:18:2a:7e:4c:92:17:9d:
70:7b:d6:5f:28:95:85:5d:65:08:cc:8b:91:1e:ec:
b8:f2:b1:35:80:f0:41:f0:4c:3e:cd:aa:37:05:dc:
27:03:2a:09:4f:a0:d0:56:2e:0d:bf:ab:de:1f:e0:
2f:1b:a0:6d:da:8d:6c:9b:f7:4f:a3:fe:e2:0c:cb:
9c:32:e2:e6:11:37:02:c8:8d:c6:1a:86:f1:d3:f5:
af:28:f7:13:fc:45:43:82:fb:66:94:29:d7:7a:6e:
05:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:01:55:8D:DC:A9:1E:DF:76:4A:73:63:1F:70:8F:20:60:72:E0:85
X509v3 Authority Key Identifier:
keyid:A8:70:90:C2:75:C3:4C:05:C3:06:F3:B3:60:63:89:3A:0D:72:78:2A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qHCQwnXDTAXDBvOzYGOJOg1yeCo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/gwFVjdypHt92SnNjH3CPIGBy4IU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/7b2129-cc6c-4710-ba41-b57a36f2afcd/1/qHCQwnXDTAXDBvOzYGOJOg1yeCo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.73.0/24
45.9.75.0/24
45.89.65.0/24
45.90.216.0/22
45.95.202.0/23
45.132.255.0/24
84.252.73.0-84.252.75.255
85.209.2.0/24
185.102.139.0/24
185.103.109.0/24
185.104.251.0/24
185.112.101.0-185.112.103.255
185.217.198.0/23
185.221.162.0/24
185.232.169.0/24
185.233.83.0/24
185.233.200.0/24
193.162.143.0/24
193.168.227.0/24
Signature Algorithm: sha256WithRSAEncryption
3f:dc:fd:24:a9:48:fe:28:76:4d:18:a7:d5:e2:b7:5d:2f:4b:
ca:6b:a0:d5:1e:25:d4:0c:87:25:a3:79:ce:7f:af:c8:30:0b:
e3:df:bb:9a:0c:1f:51:b3:1a:6d:a0:91:de:1d:b6:ab:07:95:
fa:a4:9f:f0:6a:e6:c5:8d:56:6e:31:25:ec:af:e2:f7:29:ca:
6a:a3:26:ab:ab:01:d6:2a:d5:d9:25:6c:cf:c2:ec:4f:9a:32:
e2:b3:49:d7:48:ed:f7:4f:f6:ce:fc:b7:2b:6e:3b:df:6d:c7:
63:2e:d7:42:c4:5d:16:cb:f0:5b:49:d5:0c:18:f5:df:a6:33:
81:29:12:70:7f:bf:fd:43:62:d0:ca:07:9d:57:2b:0b:e3:10:
62:a5:c4:a5:7b:f8:35:97:b7:31:cd:b7:40:21:c5:d8:15:50:
d9:29:4b:18:0e:0b:d5:35:16:e5:c5:4e:56:0b:4a:e8:82:68:
66:d1:0d:f7:1d:e8:5d:e0:be:bb:ba:15:73:40:c8:ec:08:ca:
1e:a6:42:fd:49:08:ee:31:7b:b4:a1:f0:87:f5:4e:9f:b3:0b:
f6:25:96:dc:bd:86:77:4f:35:74:25:3b:06:3c:14:ba:ea:66:
63:e1:5b:e2:f4:a9:02:f4:29:b4:24:bd:5f:93:16:a1:14:1d:
a6:45:6c:e3
-----BEGIN CERTIFICATE-----
MIIFfjCCBGagAwIBAgISAZgJtTvJrgMMKPIVTywZUYutMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4NzA5MGMyNzVjMzRjMDVjMzA2ZjNiMzYwNjM4OTNhMGQ3
Mjc4MmEwHhcNMjUwNzE0MTYxMjA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzAxNTU4ZGRjYTkxZWRmNzY0YTczNjMxZjcwOGYyMDYwNzJlMDg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj6M5+f/2JPj44ZoC5QlEajM+v6k3
YiH4rxdfMGHSmDvVIlg75WNC60P5Q80Rt4/MnHm2fXKpVsfZr6yZEeOHaBoMkpgW
op0Yb6Zt1gOxbhDJ3JgvV7qpc2isLlKCcSRcKYv55cITKB8dpFcKi4gvKSGKzKmd
SMDCXkx1eArzpBLklxxENNnS8VXcDEFWHrArM1sTemr9ZhV5pN0uARgqfkySF51w
e9ZfKJWFXWUIzIuRHuy48rE1gPBB8Ew+zao3BdwnAyoJT6DQVi4Nv6veH+AvG6Bt
2o1sm/dPo/7iDMucMuLmETcCyI3GGobx0/WvKPcT/EVDgvtmlCnXem4FtwIDAQAB
o4ICijCCAoYwHQYDVR0OBBYEFIMBVY3cqR7fdkpzYx9wjyBgcuCFMB8GA1UdIwQY
MBaAFKhwkMJ1w0wFwwbzs2BjiToNcngqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEt
YjU3YTM2ZjJhZmNkLzEvZ3dGVmpkeXBIdDkyU25OakgzQ1BJR0J5NElVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS83YjIxMjktY2M2Yy00NzEwLWJhNDEtYjU3YTM2ZjJhZmNk
LzEvcUhDUXduWERUQVhEQnZPellHT0pPZzF5ZUNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGfBggrBgEFBQcBBwEB/wSBjzCBjDCBiQQCAAEwgYIDBAAt
CUkDBAAtCUsDBAAtWUEDBAItWtgDBAEtX8oDBAAthP8wDAMEAFT8SQMEAlT8SAME
AFXRAgMEALlmiwMEALlnbQMEALlo+zAMAwQAuXBlAwQDuXBgAwQBudnGAwQAud2i
AwQAueipAwQAuelTAwQAuenIAwQAwaKPAwQAwajjMA0GCSqGSIb3DQEBCwUAA4IB
AQA/3P0kqUj+KHZNGKfV4rddL0vKa6DVHiXUDIclo3nOf6/IMAvj37uaDB9Rsxpt
oJHeHbarB5X6pJ/waubFjVZuMSXsr+L3KcpqoyarqwHWKtXZJWzPwuxPmjLis0nX
SO33T/bO/LcrbjvfbcdjLtdCxF0Wy/BbSdUMGPXfpjOBKRJwf7/9Q2LQygedVysL
4xBipcSle/g1l7cxzbdAIcXYFVDZKUsYDgvVNRblxU5WC0rogmhm0Q33Hehd4L67
uhVzQMjsCMoepkL9SQjuMXu0ofCH9U6fswv2JZbcvYZ3TzV0JTsGPBS66mZj4Vvi
9KkC9Cm0JL1fkxahFB2mRWzj
-----END CERTIFICATE-----
Generated at Sun Jul 20 18:27:31 2025 by rpki-client