Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/oCErCOjsL_CvuQw4NPleZBi0rUw.roa
File: oCErCOjsL_CvuQw4NPleZBi0rUw.roa (raw, json)
Hash identifier: BvqX7THt+OjksudDxFZCcypykkpLFmyDiydkWbfqGK8=
Subject key identifier: A0:21:2B:08:E8:EC:2F:F0:AF:B9:0C:38:34:F9:5E:64:18:B4:AD:4C
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019819F02910B2F0E9D3CDD79DF87B0F9DD1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/oCErCOjsL_CvuQw4NPleZBi0rUw.roa
Signing time: Thu 17 Jul 2025 19:50:26 +0000
ROA not before: Thu 17 Jul 2025 19:50:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44559
IP address blocks: 45.9.12.0/24 maxlen: 24
45.9.13.0/24 maxlen: 24
45.9.14.0/24 maxlen: 24
45.9.15.0/24 maxlen: 24
45.9.16.0/24 maxlen: 24
45.12.112.0/24 maxlen: 24
45.12.113.0/24 maxlen: 24
45.12.128.0/24 maxlen: 24
45.15.125.0/24 maxlen: 24
45.15.128.0/24 maxlen: 24
45.15.129.0/24 maxlen: 24
45.15.130.0/24 maxlen: 24
45.15.131.0/24 maxlen: 24
45.15.147.0/24 maxlen: 24
45.15.152.0/24 maxlen: 24
45.15.153.0/24 maxlen: 24
45.83.27.0/24 maxlen: 24
45.83.84.0/24 maxlen: 24
45.83.85.0/24 maxlen: 24
45.83.86.0/24 maxlen: 24
45.83.87.0/24 maxlen: 24
45.83.150.0/24 maxlen: 24
45.83.151.0/24 maxlen: 24
45.86.71.0/24 maxlen: 24
45.86.76.0/24 maxlen: 24
45.86.77.0/24 maxlen: 24
45.86.78.0/24 maxlen: 24
45.86.79.0/24 maxlen: 24
45.88.168.0/24 maxlen: 24
45.88.169.0/24 maxlen: 24
45.88.170.0/24 maxlen: 24
45.88.171.0/24 maxlen: 24
45.88.178.0/24 maxlen: 24
45.88.179.0/24 maxlen: 24
45.88.181.0/24 maxlen: 24
45.89.96.0/24 maxlen: 24
45.89.98.0/24 maxlen: 24
45.89.197.0/24 maxlen: 24
45.89.198.0/24 maxlen: 24
45.89.199.0/24 maxlen: 24
45.128.55.0/24 maxlen: 24
45.128.56.0/24 maxlen: 24
45.128.73.0/24 maxlen: 24
45.128.74.0/24 maxlen: 24
45.128.75.0/24 maxlen: 24
139.28.235.0/24 maxlen: 24
141.98.160.0/24 maxlen: 24
171.22.121.0/24 maxlen: 24
171.22.128.0/24 maxlen: 24
171.22.133.0/24 maxlen: 24
171.22.134.0/24 maxlen: 24
171.22.135.0/24 maxlen: 24
171.22.136.0/24 maxlen: 24
171.22.137.0/24 maxlen: 24
171.22.138.0/24 maxlen: 24
185.106.97.0/24 maxlen: 24
185.161.71.0/24 maxlen: 24
213.59.113.0/24 maxlen: 24
213.59.114.0/24 maxlen: 24
213.59.115.0/24 maxlen: 24
213.59.116.0/24 maxlen: 24
213.59.117.0/24 maxlen: 24
213.59.118.0/24 maxlen: 24
213.59.121.0/24 maxlen: 24
213.59.122.0/24 maxlen: 24
213.59.123.0/24 maxlen: 24
213.59.124.0/24 maxlen: 24
213.59.125.0/24 maxlen: 24
213.59.126.0/24 maxlen: 24
213.59.127.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:19:f0:29:10:b2:f0:e9:d3:cd:d7:9d:f8:7b:0f:9d:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Jul 17 19:50:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a0212b08e8ec2ff0afb90c3834f95e6418b4ad4c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:43:94:4a:98:3a:11:1d:e1:eb:28:47:19:39:
6c:4c:f8:9d:d5:d1:f9:76:48:fe:13:c8:06:c5:8a:
4d:33:e6:fb:83:1f:11:50:f8:98:7a:1a:87:cd:47:
60:bf:88:1a:5f:be:4b:b6:68:dc:64:84:23:9b:e5:
30:71:d8:d6:dc:c2:98:ed:c9:61:3e:d1:9b:7c:39:
74:94:97:b1:57:4b:4e:2e:2e:d3:59:eb:25:32:f1:
b3:86:dd:44:cd:ad:d3:ff:bf:94:07:ba:0e:d4:70:
56:2e:98:0d:c2:d9:1c:91:6c:58:e1:53:cb:2d:95:
c0:b5:16:de:44:0e:81:06:b5:83:40:74:b6:5a:c1:
83:2f:21:1e:12:2c:3d:38:62:23:99:47:59:25:52:
cd:c0:67:8b:e7:28:17:9f:2e:a0:ab:9c:a3:b9:67:
fa:e8:b2:30:d7:dc:c9:33:09:bd:36:55:b8:a6:f9:
ca:d1:42:32:bd:71:9a:64:cf:e9:9e:0d:54:88:44:
5d:e7:27:da:e3:27:89:b7:d3:75:7a:73:52:a6:88:
93:7d:1d:ec:16:ac:b0:57:2a:d5:8d:75:6f:7d:a8:
09:e5:3c:59:bf:6d:a0:e8:cc:f5:96:16:a8:7c:35:
b0:7a:4c:66:57:b0:4e:45:6e:24:b7:30:0b:9b:e2:
46:65
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A0:21:2B:08:E8:EC:2F:F0:AF:B9:0C:38:34:F9:5E:64:18:B4:AD:4C
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/oCErCOjsL_CvuQw4NPleZBi0rUw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.12.0-45.9.16.255
45.12.112.0/23
45.12.128.0/24
45.15.125.0/24
45.15.128.0/22
45.15.147.0/24
45.15.152.0/23
45.83.27.0/24
45.83.84.0/22
45.83.150.0/23
45.86.71.0/24
45.86.76.0/22
45.88.168.0/22
45.88.178.0/23
45.88.181.0/24
45.89.96.0/24
45.89.98.0/24
45.89.197.0-45.89.199.255
45.128.55.0-45.128.56.255
45.128.73.0-45.128.75.255
139.28.235.0/24
141.98.160.0/24
171.22.121.0/24
171.22.128.0/24
171.22.133.0-171.22.138.255
185.106.97.0/24
185.161.71.0/24
213.59.113.0-213.59.118.255
213.59.121.0-213.59.127.255
Signature Algorithm: sha256WithRSAEncryption
97:dd:6e:93:ef:91:5f:29:d0:4e:9b:65:30:17:a7:ec:52:ca:
ae:dc:6c:08:aa:f2:19:d9:67:66:e7:53:dd:02:dd:0c:d3:5b:
b8:10:a4:9b:10:41:40:e8:c8:99:10:be:78:ff:48:36:ec:bc:
ca:c3:15:81:f5:1a:98:7a:29:4c:9c:8a:67:33:5b:3b:88:8c:
4b:cc:cd:07:6e:19:c0:5c:43:6e:9c:04:5e:c0:e0:48:d1:b7:
5a:d9:55:88:d0:e2:b9:c4:f5:5e:59:e1:8d:c2:5b:f3:dd:03:
97:8d:47:e6:71:bf:0d:87:fe:51:86:48:fb:c7:63:6a:e9:83:
9f:8a:a2:88:11:4b:60:4f:fd:a6:2b:c8:2c:2f:12:d0:57:1a:
8a:12:99:2b:a9:56:c0:93:c7:bb:9e:61:f9:39:ae:67:bb:0f:
b0:9c:12:c7:cf:8e:e5:07:22:04:d5:d9:8e:8f:69:ed:ee:d0:
ca:63:dd:ed:da:38:8c:1c:db:3c:d8:10:cd:8f:21:20:ee:6b:
d9:85:83:62:12:bc:0d:ce:3c:0f:27:fe:9c:82:15:d5:16:88:
be:12:89:17:3e:26:8a:71:d5:73:e7:62:2a:8a:de:dc:41:e2:
89:ee:33:f5:35:ae:1b:4a:f2:a5:f6:3f:98:a5:f0:fd:c5:af:
75:0f:f7:f8
-----BEGIN CERTIFICATE-----
MIIF4zCCBMugAwIBAgISAZgZ8CkQsvDp083Xnfh7D53RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwNzE3MTk1MDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMDIxMmIwOGU4ZWMyZmYwYWZiOTBjMzgzNGY5NWU2NDE4YjRhZDRjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkkOUSpg6ER3h6yhHGTlsTPid1dH5
dkj+E8gGxYpNM+b7gx8RUPiYehqHzUdgv4gaX75LtmjcZIQjm+UwcdjW3MKY7clh
PtGbfDl0lJexV0tOLi7TWeslMvGzht1Eza3T/7+UB7oO1HBWLpgNwtkckWxY4VPL
LZXAtRbeRA6BBrWDQHS2WsGDLyEeEiw9OGIjmUdZJVLNwGeL5ygXny6gq5yjuWf6
6LIw19zJMwm9NlW4pvnK0UIyvXGaZM/png1UiERd5yfa4yeJt9N1enNSpoiTfR3s
FqywVyrVjXVvfagJ5TxZv22g6Mz1lhaofDWwekxmV7BORW4ktzALm+JGZQIDAQAB
o4IC7zCCAuswHQYDVR0OBBYEFKAhKwjo7C/wr7kMODT5XmQYtK1MMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvb0NFckNPanNMX0N2dVF3NE5QbGVaQmkwclV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAwYIKwYBBQUHAQcBAf8EgfMwgfAwge0EAgABMIHmMAwD
BAItCQwDBAAtCRADBAEtDHADBAAtDIADBAAtD30DBAItD4ADBAAtD5MDBAEtD5gD
BAAtUxsDBAItU1QDBAEtU5YDBAAtVkcDBAItVkwDBAItWKgDBAEtWLIDBAAtWLUD
BAAtWWADBAAtWWIwDAMEAC1ZxQMEAy1ZwDAMAwQALYA3AwQALYA4MAwDBAAtgEkD
BAItgEgDBACLHOsDBACNYqADBACrFnkDBACrFoAwDAMEAKsWhQMEAKsWigMEALlq
YQMEALmhRzAMAwQA1TtxAwQA1Tt2MAwDBADVO3kDBAfVOwAwDQYJKoZIhvcNAQEL
BQADggEBAJfdbpPvkV8p0E6bZTAXp+xSyq7cbAiq8hnZZ2bnU90C3QzTW7gQpJsQ
QUDoyJkQvnj/SDbsvMrDFYH1Gph6KUycimczWzuIjEvMzQduGcBcQ26cBF7A4EjR
t1rZVYjQ4rnE9V5Z4Y3CW/PdA5eNR+Zxvw2H/lGGSPvHY2rpg5+KoogRS2BP/aYr
yCwvEtBXGooSmSupVsCTx7ueYfk5rme7D7CcEsfPjuUHIgTV2Y6Pae3u0Mpj3e3a
OIwc2zzYEM2PISDua9mFg2ISvA3OPA8n/pyCFdUWiL4SiRc+Jopx1XPnYiqK3txB
4onuM/U1rhtK8qX2P5il8P3Fr3UP9/g=
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:35:25 2025 by rpki-client