Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/P0fCccGAGT3P2tDw-rs5ORyPyrw.roa
File: P0fCccGAGT3P2tDw-rs5ORyPyrw.roa (raw, json)
Hash identifier: zsjstCOlxud3vr07JZ7SKJe39jYJRrodk6RlxTPhlQE=
Subject key identifier: 3F:47:C2:71:C1:80:19:3D:CF:DA:D0:F0:FA:BB:39:39:1C:8F:CA:BC
Certificate issuer: /CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Certificate serial: 01982C2C6D9EDB651F21A1930E16DEB1D69D
Authority key identifier: 43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/P0fCccGAGT3P2tDw-rs5ORyPyrw.roa
Signing time: Mon 21 Jul 2025 08:49:25 +0000
ROA not before: Mon 21 Jul 2025 08:49:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48359
IP address blocks: 45.155.192.0/24 maxlen: 24
45.155.193.0/24 maxlen: 24
45.155.194.0/24 maxlen: 24
45.155.195.0/24 maxlen: 24
91.213.157.0/24 maxlen: 24
91.213.167.0/24 maxlen: 24
91.213.172.0/24 maxlen: 24
185.47.48.0/23 maxlen: 23
185.47.48.0/24 maxlen: 24
185.47.49.0/24 maxlen: 24
185.47.50.0/23 maxlen: 23
185.47.50.0/24 maxlen: 24
185.47.51.0/24 maxlen: 24
185.82.64.0/22 maxlen: 22
185.82.64.0/24 maxlen: 24
185.82.65.0/24 maxlen: 24
185.82.66.0/24 maxlen: 24
185.82.67.0/24 maxlen: 24
185.121.56.0/22 maxlen: 22
185.121.56.0/24 maxlen: 24
185.121.57.0/24 maxlen: 24
185.121.58.0/24 maxlen: 24
185.121.59.0/24 maxlen: 24
185.125.20.0/24 maxlen: 24
185.125.21.0/24 maxlen: 24
185.125.22.0/24 maxlen: 24
185.125.23.0/24 maxlen: 24
185.137.60.0/22 maxlen: 24
185.137.60.0/24 maxlen: 24
185.137.61.0/24 maxlen: 24
185.137.62.0/24 maxlen: 24
185.137.63.0/24 maxlen: 24
185.142.92.0/22 maxlen: 22
185.142.92.0/24 maxlen: 24
185.142.93.0/24 maxlen: 24
185.142.94.0/24 maxlen: 24
185.142.95.0/24 maxlen: 24
185.142.124.0/22 maxlen: 22
185.142.124.0/24 maxlen: 24
185.142.125.0/24 maxlen: 24
185.142.126.0/24 maxlen: 24
185.142.127.0/24 maxlen: 24
185.212.192.0/24 maxlen: 24
185.212.193.0/24 maxlen: 24
185.212.195.0/24 maxlen: 24
185.221.192.0/22 maxlen: 22
185.221.192.0/24 maxlen: 24
185.221.194.0/24 maxlen: 24
185.221.195.0/24 maxlen: 24
185.238.44.0/24 maxlen: 24
185.238.45.0/24 maxlen: 24
185.238.46.0/24 maxlen: 24
185.238.47.0/24 maxlen: 24
193.246.174.0/24 maxlen: 24
193.246.175.0/24 maxlen: 24
193.246.200.0/24 maxlen: 24
193.246.201.0/24 maxlen: 24
195.8.110.0/24 maxlen: 24
195.8.112.0/24 maxlen: 24
195.8.114.0/24 maxlen: 24
195.191.22.0/24 maxlen: 24
195.191.23.0/24 maxlen: 24
195.191.44.0/24 maxlen: 24
195.191.45.0/24 maxlen: 24
195.230.97.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.mft
rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:2c:2c:6d:9e:db:65:1f:21:a1:93:0e:16:de:b1:d6:9d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=43965dd1f6f24a46d7cc4bccfecd4151c6dd1bfb
Validity
Not Before: Jul 21 08:49:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3f47c271c180193dcfdad0f0fabb39391c8fcabc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:69:c7:03:d2:e1:72:60:5c:0b:f7:8c:3e:11:
27:36:40:0c:06:77:96:92:8b:8d:3d:ea:a9:c0:3c:
0d:47:09:2d:d9:30:0c:db:e0:f2:24:f1:d2:b6:0e:
e6:bb:b5:ff:3c:f6:0f:80:a5:ec:fd:08:6c:7a:a1:
37:5c:ea:92:f7:76:4a:44:2e:e6:83:66:48:3f:60:
6b:b4:7f:a7:e4:1e:3d:eb:a4:d4:b8:5b:0d:07:4d:
7f:6f:67:05:34:a5:d0:46:c5:45:56:fe:9f:4c:b3:
6a:3b:26:f7:04:47:a0:03:67:d6:11:35:e5:8c:1c:
01:ca:b6:49:ae:66:5a:95:ae:7d:41:22:e5:d0:6d:
bb:12:b7:7e:0f:35:e1:b0:7e:5f:e0:4c:e3:21:b8:
58:09:e9:bd:ee:b8:6a:57:92:55:45:78:fc:5e:af:
b7:95:18:9d:44:23:12:14:d9:e1:1b:34:6d:5c:0e:
77:92:9d:3e:fb:7b:f4:cf:40:eb:fa:43:a1:fb:dc:
3a:eb:5a:d4:ed:99:dd:8a:03:5e:8e:4f:2f:7b:e7:
93:af:8a:a9:0d:9e:76:f7:80:04:9f:bf:07:76:0b:
c4:ee:d4:68:41:aa:f2:51:14:62:c0:a6:af:b2:d1:
2d:76:4d:9f:6a:6d:d3:5c:f3:38:73:49:d1:b3:c3:
22:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3F:47:C2:71:C1:80:19:3D:CF:DA:D0:F0:FA:BB:39:39:1C:8F:CA:BC
X509v3 Authority Key Identifier:
keyid:43:96:5D:D1:F6:F2:4A:46:D7:CC:4B:CC:FE:CD:41:51:C6:DD:1B:FB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/P0fCccGAGT3P2tDw-rs5ORyPyrw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c3/c731c4-9183-4db3-b70a-33980c03f08e/1/Q5Zd0fbySkbXzEvM_s1BUcbdG_s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.155.192.0/22
91.213.157.0/24
91.213.167.0/24
91.213.172.0/24
185.47.48.0/22
185.82.64.0/22
185.121.56.0/22
185.125.20.0/22
185.137.60.0/22
185.142.92.0/22
185.142.124.0/22
185.212.192.0/23
185.212.195.0/24
185.221.192.0/22
185.238.44.0/22
193.246.174.0/23
193.246.200.0/23
195.8.110.0/24
195.8.112.0/24
195.8.114.0/24
195.191.22.0/23
195.191.44.0/23
195.230.97.0/24
Signature Algorithm: sha256WithRSAEncryption
43:8f:a5:45:b6:7c:07:cd:d1:6d:af:64:1f:41:cb:21:e4:61:
52:91:00:df:5f:0e:ff:b5:e5:45:1c:8f:e6:83:2a:bc:0c:36:
82:f8:6c:c7:04:4d:53:ee:55:6b:2a:c1:bc:0c:a1:63:6c:fd:
b8:2a:e2:3e:c2:a2:73:69:60:ad:38:c4:ff:f5:90:fb:6b:3e:
ec:eb:2a:ef:88:f9:de:86:fd:d2:ef:25:9e:29:9d:e1:ba:7e:
ab:b6:d4:99:82:ae:d0:db:fb:00:3a:56:c1:61:44:61:a9:6c:
ec:3b:1a:35:c1:47:b4:e2:63:8b:f2:a4:e7:30:ca:62:95:7a:
47:77:97:63:78:15:12:26:ce:52:7e:0d:f9:29:02:21:4e:ed:
5e:92:9d:b2:f6:be:ce:aa:c4:9a:61:f4:a3:2a:35:11:d2:7e:
8c:2c:97:d9:4b:e0:42:87:61:73:6c:3c:29:18:15:70:e5:21:
59:1b:5e:b3:2f:1f:9c:83:6d:5d:d3:c6:dc:08:1b:dd:3c:74:
6c:08:26:f7:48:17:54:ce:51:53:93:6b:4b:8c:16:94:9e:19:
c0:31:bd:c6:ce:f2:6e:b1:27:f6:17:83:2d:ed:98:32:0c:87:
89:5c:bb:d0:40:51:27:88:ac:eb:5c:97:c6:b9:29:3e:23:9f:
1e:6b:a3:e5
-----BEGIN CERTIFICATE-----
MIIFhjCCBG6gAwIBAgISAZgsLG2e22UfIaGTDhbesdadMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQzOTY1ZGQxZjZmMjRhNDZkN2NjNGJjY2ZlY2Q0MTUxYzZk
ZDFiZmIwHhcNMjUwNzIxMDg0OTI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZjQ3YzI3MWMxODAxOTNkY2ZkYWQwZjBmYWJiMzkzOTFjOGZjYWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjWnHA9LhcmBcC/eMPhEnNkAMBneW
kouNPeqpwDwNRwkt2TAM2+DyJPHStg7mu7X/PPYPgKXs/QhseqE3XOqS93ZKRC7m
g2ZIP2BrtH+n5B4966TUuFsNB01/b2cFNKXQRsVFVv6fTLNqOyb3BEegA2fWETXl
jBwByrZJrmZala59QSLl0G27Erd+DzXhsH5f4EzjIbhYCem97rhqV5JVRXj8Xq+3
lRidRCMSFNnhGzRtXA53kp0++3v0z0Dr+kOh+9w661rU7ZndigNejk8ve+eTr4qp
DZ5294AEn78HdgvE7tRoQaryURRiwKavstEtdk2fam3TXPM4c0nRs8MikQIDAQAB
o4ICkjCCAo4wHQYDVR0OBBYEFD9HwnHBgBk9z9rQ8Pq7OTkcj8q8MB8GA1UdIwQY
MBaAFEOWXdH28kpG18xLzP7NQVHG3Rv7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEt
MzM5ODBjMDNmMDhlLzEvUDBmQ2NjR0FHVDNQMnREdy1yczVPUnlQeXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMy9jNzMxYzQtOTE4My00ZGIzLWI3MGEtMzM5ODBjMDNmMDhl
LzEvUTVaZDBmYnlTa2JYekV2TV9zMUJVY2JkR19zLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGnBggrBgEFBQcBBwEB/wSBlzCBlDCBkQQCAAEwgYoDBAIt
m8ADBABb1Z0DBABb1acDBABb1awDBAK5LzADBAK5UkADBAK5eTgDBAK5fRQDBAK5
iTwDBAK5jlwDBAK5jnwDBAG51MADBAC51MMDBAK53cADBAK57iwDBAHB9q4DBAHB
9sgDBADDCG4DBADDCHADBADDCHIDBAHDvxYDBAHDvywDBADD5mEwDQYJKoZIhvcN
AQELBQADggEBAEOPpUW2fAfN0W2vZB9ByyHkYVKRAN9fDv+15UUcj+aDKrwMNoL4
bMcETVPuVWsqwbwMoWNs/bgq4j7ConNpYK04xP/1kPtrPuzrKu+I+d6G/dLvJZ4p
neG6fqu21JmCrtDb+wA6VsFhRGGpbOw7GjXBR7TiY4vypOcwymKVekd3l2N4FRIm
zlJ+DfkpAiFO7V6SnbL2vs6qxJph9KMqNRHSfowsl9lL4EKHYXNsPCkYFXDlIVkb
XrMvH5yDbV3TxtwIG908dGwIJvdIF1TOUVOTa0uMFpSeGcAxvcbO8m6xJ/YXgy3t
mDIMh4lcu9BAUSeIrOtcl8a5KT4jnx5ro+U=
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:24:07 2025 by rpki-client