Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hOgPCeNOuf2TeRtpLNEuxA_yOAM.roa
File: hOgPCeNOuf2TeRtpLNEuxA_yOAM.roa (raw, json)
Hash identifier: maXsxSIhBGLW2by/5mcCUxVz50+ea/Fpb8jON1Ip/Cc=
Subject key identifier: 84:E8:0F:09:E3:4E:B9:FD:93:79:1B:69:2C:D1:2E:C4:0F:F2:38:03
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197CB43B9ABF117842A366958B13A36B82A
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hOgPCeNOuf2TeRtpLNEuxA_yOAM.roa
Signing time: Wed 02 Jul 2025 13:11:42 +0000
ROA not before: Wed 02 Jul 2025 13:11:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 28753
IP address blocks: 45.9.122.0/24 maxlen: 24
193.8.127.0/24 maxlen: 24
2a04:9f40::/29 maxlen: 29
2a06:1184:101::/48 maxlen: 48
2a06:3bc0::/29 maxlen: 29
2a07:8a40::/29 maxlen: 29
2a09:7b00::/29 maxlen: 29
2a0a:2d06:102::/48 maxlen: 48
2a0a:2d06:103::/48 maxlen: 48
2a0a:7d00::/29 maxlen: 29
2a0c:4880::/29 maxlen: 29
2a0c:7886:99::/48 maxlen: 48
2a0c:7886:100::/48 maxlen: 48
2a0e:15c7:99::/48 maxlen: 48
2a0f:17c0::/29 maxlen: 29
2a0f:2500::/29 maxlen: 29
2a0f:d200::/29 maxlen: 29
2a0f:db40::/29 maxlen: 29
2a11:8880::/29 maxlen: 29
2a12:d5c0::/29 maxlen: 29
2a12:ecc0:158::/48 maxlen: 48
2a12:f5c0::/29 maxlen: 29
2a13:1380::/29 maxlen: 29
2a13:18c6:66::/48 maxlen: 48
2a13:2cc0::/29 maxlen: 29
2a13:2d40::/29 maxlen: 29
2a13:2dc0::/29 maxlen: 29
2a13:2e40::/29 maxlen: 29
2a13:3380::/29 maxlen: 29
2a13:4900::/29 maxlen: 29
2a13:5b80::/29 maxlen: 29
2a13:7400::/29 maxlen: 29
2a13:7900::/29 maxlen: 29
2a13:7d80::/29 maxlen: 29
2a13:8200::/29 maxlen: 29
2a13:9080::/29 maxlen: 29
2a13:9180::/29 maxlen: 29
2a13:9580::/29 maxlen: 29
2a13:9680::/29 maxlen: 29
2a13:d100::/29 maxlen: 29
2a13:d700::/29 maxlen: 29
2a13:d900::/29 maxlen: 29
2a13:f900::/29 maxlen: 29
2a13:fb00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 22:01:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cb:43:b9:ab:f1:17:84:2a:36:69:58:b1:3a:36:b8:2a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jul 2 13:11:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=84e80f09e34eb9fd93791b692cd12ec40ff23803
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ca:42:e5:85:00:af:b6:f6:bc:b4:21:df:f2:d1:
0f:df:27:7c:57:4c:35:9a:9d:ee:4c:59:20:90:e8:
be:8f:6b:2b:42:e6:80:9f:38:40:5f:a8:db:52:a7:
88:ae:26:9a:ec:d9:89:30:2a:54:f2:a1:24:1c:2a:
fd:16:c9:aa:36:55:02:60:66:d0:9b:06:1f:92:9d:
10:99:1f:e5:f0:6b:99:23:5a:99:0e:0c:f7:41:7a:
44:79:ed:89:8a:ca:db:bb:45:9b:0b:6e:8d:6b:cf:
eb:ad:01:50:1a:f9:22:1e:6e:dc:5d:0b:c9:5b:c7:
fc:27:8e:f4:e5:f8:37:a4:0a:33:27:bf:11:f6:22:
f4:a4:78:89:f5:a8:b4:ff:82:8f:f6:a9:2b:d0:ae:
4b:a0:b6:50:47:06:64:72:0a:1b:6b:55:87:62:05:
37:27:c2:ea:f5:49:3e:a6:27:cb:6b:42:6c:fb:4a:
53:ba:20:18:e9:d3:af:78:8e:9b:92:8d:11:67:ce:
2b:04:7e:d2:61:4c:ba:bf:0f:42:f9:ad:fd:d4:2a:
62:fc:dd:7c:34:c4:35:68:ec:d1:5f:8c:11:78:2a:
7d:ca:aa:e0:f1:f3:17:43:f5:ff:49:04:7a:0f:4f:
f7:06:99:7c:72:ff:e1:83:f9:e9:d2:c2:c1:ca:93:
3d:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
84:E8:0F:09:E3:4E:B9:FD:93:79:1B:69:2C:D1:2E:C4:0F:F2:38:03
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/hOgPCeNOuf2TeRtpLNEuxA_yOAM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.122.0/24
193.8.127.0/24
IPv6:
2a04:9f40::/29
2a06:1184:101::/48
2a06:3bc0::/29
2a07:8a40::/29
2a09:7b00::/29
2a0a:2d06:102::/47
2a0a:7d00::/29
2a0c:4880::/29
2a0c:7886:99::/48
2a0c:7886:100::/48
2a0e:15c7:99::/48
2a0f:17c0::/29
2a0f:2500::/29
2a0f:d200::/29
2a0f:db40::/29
2a11:8880::/29
2a12:d5c0::/29
2a12:ecc0:158::/48
2a12:f5c0::/29
2a13:1380::/29
2a13:18c6:66::/48
2a13:2cc0::/29
2a13:2d40::/29
2a13:2dc0::/29
2a13:2e40::/29
2a13:3380::/29
2a13:4900::/29
2a13:5b80::/29
2a13:7400::/29
2a13:7900::/29
2a13:7d80::/29
2a13:8200::/29
2a13:9080::/29
2a13:9180::/29
2a13:9580::/29
2a13:9680::/29
2a13:d100::/29
2a13:d700::/29
2a13:d900::/29
2a13:f900::/29
2a13:fb00::/29
Signature Algorithm: sha256WithRSAEncryption
b9:a5:10:c1:8a:a9:91:89:ca:bb:5d:02:66:f0:94:4c:1e:a1:
44:f6:7a:e3:86:4b:b8:6f:0f:a8:86:4d:ab:3a:12:d6:1d:00:
f9:49:36:1a:c4:b1:b6:c2:cc:28:c9:57:e8:6c:be:c1:82:85:
bf:b0:41:1f:9c:86:e2:48:12:6c:6f:2a:9c:6b:e9:e9:28:f9:
20:47:88:1e:0f:eb:e0:a9:39:e9:cc:f2:a0:19:59:db:5a:12:
d3:02:bf:0e:6d:7f:dd:80:ec:61:8e:52:ae:ce:eb:6d:3d:ba:
af:c8:36:fd:36:41:b4:e9:bd:aa:1a:77:25:fc:de:84:ca:d2:
9c:43:57:38:41:f6:7c:0f:a0:2a:0f:03:b3:d6:9f:b4:3d:94:
00:dd:36:78:ba:de:c1:54:04:f2:89:4b:79:01:5c:e0:7a:83:
91:cd:13:13:fc:05:5e:b2:81:f0:74:63:11:41:2d:7c:ca:e7:
dc:2e:79:2f:c9:95:23:d3:32:4d:12:37:fb:31:36:00:b0:ea:
9b:98:d7:69:c5:bc:78:57:80:36:12:83:7f:8f:4d:b6:39:7c:
6a:57:db:cd:b1:19:be:90:bc:24:7e:8d:4d:8e:94:bc:36:86:
67:4e:c8:68:ea:76:ba:5e:84:7c:58:f7:35:1e:53:64:6c:1c:
db:cf:ac:de
-----BEGIN CERTIFICATE-----
MIIGQjCCBSqgAwIBAgISAZfLQ7mr8ReEKjZpWLE6NrgqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNzAyMTMxMTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NGU4MGYwOWUzNGViOWZkOTM3OTFiNjkyY2QxMmVjNDBmZjIzODAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAykLlhQCvtva8tCHf8tEP3yd8V0w1
mp3uTFkgkOi+j2srQuaAnzhAX6jbUqeIriaa7NmJMCpU8qEkHCr9FsmqNlUCYGbQ
mwYfkp0QmR/l8GuZI1qZDgz3QXpEee2Jisrbu0WbC26Na8/rrQFQGvkiHm7cXQvJ
W8f8J4705fg3pAozJ78R9iL0pHiJ9ai0/4KP9qkr0K5LoLZQRwZkcgoba1WHYgU3
J8Lq9Uk+pifLa0Js+0pTuiAY6dOveI6bko0RZ84rBH7SYUy6vw9C+a391Cpi/N18
NMQ1aOzRX4wReCp9yqrg8fMXQ/X/SQR6D0/3Bpl8cv/hg/np0sLBypM9LQIDAQAB
o4IDTjCCA0owHQYDVR0OBBYEFIToDwnjTrn9k3kbaSzRLsQP8jgDMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvaE9nUENlTk91ZjJUZVJ0cExORXV4QV95T0FNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBYgYIKwYBBQUHAQcBAf8EggFRMIIBTTASBAIAATAMAwQA
LQl6AwQAwQh/MIIBNQQCAAIwggEtAwUDKgSfQAMHACoGEYQBAQMFAyoGO8ADBQMq
B4pAAwUDKgl7AAMHASoKLQYBAgMFAyoKfQADBQMqDEiAAwcAKgx4hgCZAwcAKgx4
hgEAAwcAKg4VxwCZAwUDKg8XwAMFAyoPJQADBQMqD9IAAwUDKg/bQAMFAyoRiIAD
BQMqEtXAAwcAKhLswAFYAwUDKhL1wAMFAyoTE4ADBwAqExjGAGYDBQMqEyzAAwUD
KhMtQAMFAyoTLcADBQMqEy5AAwUDKhMzgAMFAyoTSQADBQMqE1uAAwUDKhN0AAMF
AyoTeQADBQMqE32AAwUDKhOCAAMFAyoTkIADBQMqE5GAAwUDKhOVgAMFAyoTloAD
BQMqE9EAAwUDKhPXAAMFAyoT2QADBQMqE/kAAwUDKhP7ADANBgkqhkiG9w0BAQsF
AAOCAQEAuaUQwYqpkYnKu10CZvCUTB6hRPZ644ZLuG8PqIZNqzoS1h0A+Uk2GsSx
tsLMKMlX6Gy+wYKFv7BBH5yG4kgSbG8qnGvp6Sj5IEeIHg/r4Kk56czyoBlZ21oS
0wK/Dm1/3YDsYY5Srs7rbT26r8g2/TZBtOm9qhp3JfzehMrSnENXOEH2fA+gKg8D
s9aftD2UAN02eLrewVQE8olLeQFc4HqDkc0TE/wFXrKB8HRjEUEtfMrn3C55L8mV
I9MyTRI3+zE2ALDqm5jXacW8eFeANhKDf49Ntjl8alfbzbEZvpC8JH6NTY6UvDaG
Z07IaOp2ul6EfFj3NR5TZGwc28+s3g==
-----END CERTIFICATE-----
Generated at Sun Jul 6 08:01:51 2025 by rpki-client