Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1sOBW0Gg13rsn5B8XGiiIT9RPd0.roa
File: 1sOBW0Gg13rsn5B8XGiiIT9RPd0.roa (raw, json)
Hash identifier: EGaqm5IlOSXL8/i9axZ1bQB5TBJqw9OakC1KWezv18Q=
Subject key identifier: D6:C3:81:5B:41:A0:D7:7A:EC:9F:90:7C:5C:68:A2:21:3F:51:3D:DD
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01982BED420D57FCAE5BD28C5D231DF00FEB
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1sOBW0Gg13rsn5B8XGiiIT9RPd0.roa
Signing time: Mon 21 Jul 2025 07:40:25 +0000
ROA not before: Mon 21 Jul 2025 07:40:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.130.255.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.145.56.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
192.153.171.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.23.253.0/24 maxlen: 24
193.27.10.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
193.27.21.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 19:29:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2b:ed:42:0d:57:fc:ae:5b:d2:8c:5d:23:1d:f0:0f:eb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 21 07:40:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d6c3815b41a0d77aec9f907c5c68a2213f513ddd
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:bc:86:d9:8b:aa:ea:2b:cf:d9:08:de:d7:50:
ec:ec:16:fe:ee:d1:2a:c3:20:9f:8d:f4:53:92:d0:
23:47:bd:36:6c:91:f5:e1:a0:e8:a1:8a:9a:68:ca:
8f:ff:a2:e4:54:70:97:d9:09:e4:e2:6f:d7:4b:3f:
c8:23:c8:39:1e:1e:cc:14:35:bf:bb:cd:ed:15:9c:
f7:f1:fd:2c:c6:4c:9b:a7:68:22:14:32:dd:59:bc:
ae:f4:c0:02:5d:d4:8c:7e:88:d1:fd:ba:41:3d:f8:
17:98:ce:3c:6b:2e:79:0a:b0:89:53:ec:dc:fc:35:
8f:4a:42:a6:e9:a7:17:34:90:58:a6:99:7b:0f:c3:
bb:24:04:99:29:56:f7:fe:6b:71:bf:c2:0f:b3:23:
cb:4e:ab:39:a1:56:86:a3:80:3f:9f:cc:d2:60:a2:
ac:e8:3e:e9:b3:22:a2:05:11:24:fb:0c:eb:e3:3a:
89:a8:77:db:ab:df:b3:c3:93:6f:8d:da:1d:46:19:
da:5c:3d:81:1c:12:c6:eb:b3:c0:07:31:10:cd:8a:
52:cb:8b:c7:b6:bc:1d:02:85:4b:46:a3:9a:44:7b:
6d:41:bc:a0:62:6d:6a:c0:17:1f:f0:47:ce:d0:ae:
d7:24:5a:d3:a6:7c:74:97:06:4e:82:c9:3d:ca:b9:
a7:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D6:C3:81:5B:41:A0:D7:7A:EC:9F:90:7C:5C:68:A2:21:3F:51:3D:DD
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/1sOBW0Gg13rsn5B8XGiiIT9RPd0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.130.255.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.145.56.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
185.242.244.0/23
192.153.171.0/24
193.8.215.0/24
193.23.245.0/24
193.23.253.0/24
193.27.10.0/24
193.27.19.0/24
193.27.21.0/24
195.158.192.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
71:e2:79:a5:95:76:0e:07:4b:15:88:e9:4e:1c:16:f9:37:92:
b2:61:ee:77:a5:ee:8b:18:56:b9:14:ef:a3:3e:2b:60:61:63:
9a:4e:41:88:6b:58:0e:95:d3:70:b2:af:77:72:83:26:c7:41:
bb:55:e8:64:fd:8e:13:8a:bd:3c:5b:2b:98:0a:17:e5:12:6d:
78:d9:c6:05:14:35:43:76:f1:33:94:b1:12:a2:43:54:fd:44:
97:96:37:d9:63:12:d1:9e:b1:6c:33:e7:49:c2:04:27:f4:cf:
fd:89:30:83:7e:83:c5:ee:87:c8:a6:97:dd:bb:94:06:eb:14:
3d:68:62:12:bf:f2:39:41:89:dc:aa:e1:ce:1d:11:a3:21:54:
ad:cc:bb:7f:79:53:29:0e:71:cb:c5:03:0d:2d:17:07:a1:2b:
98:a8:8a:32:79:c7:3d:4f:6d:07:55:5d:ec:5b:65:9c:88:b9:
90:90:ab:ea:c7:53:b0:f0:56:5d:23:35:22:9d:12:61:94:2c:
59:bc:60:42:11:9d:be:19:e6:ba:74:f1:cc:fb:8c:53:a1:d7:
08:ef:60:5c:e1:da:ef:fd:15:7d:09:6d:4f:c8:d3:36:e6:e4:
17:b6:50:26:e5:ef:5b:1f:89:ac:5d:64:ef:68:c6:ba:3a:00:
b0:d2:47:5e
-----BEGIN CERTIFICATE-----
MIIF3DCCBMSgAwIBAgISAZgr7UINV/yuW9KMXSMd8A/rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzIxMDc0MDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNmMzODE1YjQxYTBkNzdhZWM5ZjkwN2M1YzY4YTIyMTNmNTEzZGRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsLyG2Yuq6ivP2Qje11Ds7Bb+7tEq
wyCfjfRTktAjR702bJH14aDooYqaaMqP/6LkVHCX2Qnk4m/XSz/II8g5Hh7MFDW/
u83tFZz38f0sxkybp2giFDLdWbyu9MACXdSMfojR/bpBPfgXmM48ay55CrCJU+zc
/DWPSkKm6acXNJBYppl7D8O7JASZKVb3/mtxv8IPsyPLTqs5oVaGo4A/n8zSYKKs
6D7psyKiBREk+wzr4zqJqHfbq9+zw5NvjdodRhnaXD2BHBLG67PABzEQzYpSy4vH
trwdAoVLRqOaRHttQbygYm1qwBcf8EfO0K7XJFrTpnx0lwZOgsk9yrmn3wIDAQAB
o4IC6DCCAuQwHQYDVR0OBBYEFNbDgVtBoNd67J+QfFxooiE/UT3dMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvMXNPQlcwR2cxM3JzbjVCOFhHaWlJVDlSUGQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH9BggrBgEFBQcBBwEB/wSB7TCB6jCBzQQCAAEwgcYDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAAtgv8DBAEtg9QDBAAtg9cDBAAthycDBAAt
iVEDBAAtjA0DBAAtjbEDBAAtkTgDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBAAt
nrkDBABV0YADBABncisDBABxHpoDBAC5eqsDBAC5fkADBAC5fkIDBAC5m8gDBAG5
8vQDBADAmasDBADBCNcDBADBF/UDBADBF/0DBADBGwoDBADBGxMDBADBGxUDBADD
nsAwGAQCAAIwEgMHACoMeIYBBQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEA
ceJ5pZV2DgdLFYjpThwW+TeSsmHud6XuixhWuRTvoz4rYGFjmk5BiGtYDpXTcLKv
d3KDJsdBu1XoZP2OE4q9PFsrmAoX5RJteNnGBRQ1Q3bxM5SxEqJDVP1El5Y32WMS
0Z6xbDPnScIEJ/TP/Ykwg36Dxe6HyKaX3buUBusUPWhiEr/yOUGJ3Krhzh0RoyFU
rcy7f3lTKQ5xy8UDDS0XB6ErmKiKMnnHPU9tB1Vd7FtlnIi5kJCr6sdTsPBWXSM1
Ip0SYZQsWbxgQhGdvhnmunTxzPuMU6HXCO9gXOHa7/0VfQltT8jTNubkF7ZQJuXv
Wx+JrF1k72jGujoAsNJHXg==
-----END CERTIFICATE-----
Generated at Fri Jul 25 01:03:45 2025 by rpki-client