Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/A9hFHuB1KcT6sufWXb7Ip8uski0.roa
File: A9hFHuB1KcT6sufWXb7Ip8uski0.roa (raw, json)
Hash identifier: il6x3CO5f44reEoXrVw6CoxKeHuPAxsUHCAYCbpYXXA=
Subject key identifier: 03:D8:45:1E:E0:75:29:C4:FA:B2:E7:D6:5D:BE:C8:A7:CB:AC:92:2D
Certificate issuer: /CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Certificate serial: 0197F8835FD5579269C44827D463668E3D7C
Authority key identifier: DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/A9hFHuB1KcT6sufWXb7Ip8uski0.roa
Signing time: Fri 11 Jul 2025 08:04:08 +0000
ROA not before: Fri 11 Jul 2025 08:04:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39351
IP address blocks: 45.83.220.0/24 maxlen: 24
45.83.221.0/24 maxlen: 24
45.83.222.0/23 maxlen: 24
45.129.56.0/24 maxlen: 24
45.129.59.0/24 maxlen: 24
141.98.252.0/24 maxlen: 24
141.98.254.0/24 maxlen: 24
141.98.255.0/24 maxlen: 24
185.65.132.0/24 maxlen: 24
185.65.133.0/24 maxlen: 24
185.65.134.0/24 maxlen: 24
185.65.135.0/24 maxlen: 24
185.195.232.0/24 maxlen: 24
185.195.233.0/24 maxlen: 24
185.209.196.0/24 maxlen: 24
185.209.197.0/24 maxlen: 24
185.209.198.0/24 maxlen: 24
185.209.199.0/24 maxlen: 24
185.213.152.0/24 maxlen: 24
185.213.153.0/24 maxlen: 24
185.213.154.0/24 maxlen: 24
185.213.155.0/24 maxlen: 24
193.32.126.0/24 maxlen: 24
193.32.127.0/24 maxlen: 24
193.32.248.0/24 maxlen: 24
193.32.249.0/24 maxlen: 24
193.138.216.0/22 maxlen: 22
195.54.182.0/24 maxlen: 24
195.54.183.0/24 maxlen: 24
2a03:1b20:1::/48 maxlen: 48
2a03:1b20:2::/48 maxlen: 48
2a03:1b20:3::/48 maxlen: 48
2a03:1b20:4::/48 maxlen: 48
2a03:1b20:5::/48 maxlen: 48
2a03:1b20:6::/48 maxlen: 48
2a03:1b20:7::/48 maxlen: 48
2a03:1b20:8::/48 maxlen: 48
2a03:1b20:9::/48 maxlen: 48
2a03:1b20:a::/48 maxlen: 48
2a03:1b20:b::/48 maxlen: 48
2a03:1b20:901::/48 maxlen: 48
2a03:1b20:bef1::/48 maxlen: 48
2a03:1b20:bef2::/48 maxlen: 48
2a03:1b21:100::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.mft
rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 05:00:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f8:83:5f:d5:57:92:69:c4:48:27:d4:63:66:8e:3d:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=de2e917315f0a878b21fc139d49a821aaddc3c97
Validity
Not Before: Jul 11 08:04:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=03d8451ee07529c4fab2e7d65dbec8a7cbac922d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:8c:95:54:8a:de:18:54:e1:f5:b2:23:d8:5e:
07:4a:17:dc:20:8c:40:ff:02:b9:c0:d9:08:4e:a1:
c6:55:87:41:8e:ac:7b:0f:f1:af:32:55:52:60:93:
d2:2a:8e:bd:4c:36:bc:55:11:66:4c:61:9a:a4:64:
6a:b2:db:d4:17:b7:30:43:0f:bf:9b:27:68:45:b6:
f8:6a:de:6e:a5:50:98:31:79:a7:37:00:86:2e:81:
16:25:a2:9d:3b:9d:06:66:d0:48:4c:57:25:a9:62:
13:0a:d8:8e:84:69:0e:e7:af:2a:c9:20:78:7a:d7:
47:d3:5f:38:d2:56:1a:59:5f:d2:43:1d:32:f8:f4:
f2:df:dd:fd:8b:8b:61:f7:8b:12:e8:fd:c0:89:3d:
d4:9f:a1:54:50:c1:0b:18:c3:c0:46:03:2b:00:80:
73:cc:fb:de:82:cb:b6:93:d4:33:19:62:7d:0d:63:
b0:f4:de:56:49:00:c4:8e:f8:a0:f4:21:11:13:03:
81:c1:c9:38:8e:d5:fa:ae:5d:66:b0:fc:71:0c:bf:
e3:ee:d4:7f:94:55:1b:af:a2:38:ed:0b:cf:bc:4f:
0d:e6:8c:87:f2:b1:2b:89:67:37:3b:dc:cc:71:52:
4d:5e:3c:f5:e4:af:5a:4b:a5:cd:74:7b:50:6a:9c:
35:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
03:D8:45:1E:E0:75:29:C4:FA:B2:E7:D6:5D:BE:C8:A7:CB:AC:92:2D
X509v3 Authority Key Identifier:
keyid:DE:2E:91:73:15:F0:A8:78:B2:1F:C1:39:D4:9A:82:1A:AD:DC:3C:97
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3i6RcxXwqHiyH8E51JqCGq3cPJc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/A9hFHuB1KcT6sufWXb7Ip8uski0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/2d5bc8-5d93-4b0a-a8b6-f8d65c983744/1/3i6RcxXwqHiyH8E51JqCGq3cPJc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.220.0/22
45.129.56.0/24
45.129.59.0/24
141.98.252.0/24
141.98.254.0/23
185.65.132.0/22
185.195.232.0/23
185.209.196.0/22
185.213.152.0/22
193.32.126.0/23
193.32.248.0/23
193.138.216.0/22
195.54.182.0/23
IPv6:
2a03:1b20:1::-2a03:1b20:b:ffff:ffff:ffff:ffff:ffff
2a03:1b20:901::/48
2a03:1b20:bef1::-2a03:1b20:bef2:ffff:ffff:ffff:ffff:ffff
2a03:1b21:100::/40
Signature Algorithm: sha256WithRSAEncryption
80:44:d8:7f:28:8a:36:1f:4f:cb:99:0a:54:53:1c:f4:ef:67:
c7:70:82:19:08:ba:3c:a6:ad:13:c1:2b:2a:c3:3c:2c:02:3b:
dd:3f:bf:7a:49:29:be:09:52:34:e6:ff:6a:00:ee:d9:e2:65:
2a:c9:a2:8e:e4:1f:7f:b3:22:09:5e:42:dd:09:f4:f3:fa:d6:
8b:a8:53:5d:70:99:3e:90:4d:ef:34:49:bd:8a:9d:3a:5f:40:
07:c9:0b:71:75:e5:26:21:68:1c:b0:f9:85:68:95:98:a9:dc:
25:d7:62:39:84:bf:21:57:d9:99:7f:6f:5a:72:dc:55:29:d7:
87:06:93:4f:68:e3:b7:df:36:ea:ea:44:b1:5f:7f:58:cd:c1:
c7:2b:5a:68:e1:01:55:62:6f:6e:c4:e1:bf:92:0e:e7:5d:8a:
c2:74:95:aa:5f:ee:fa:1a:bc:03:03:17:ce:f9:aa:bc:7e:8f:
19:22:67:9c:c1:0b:1d:56:53:c6:5e:3a:c1:c1:47:9f:00:c1:
fa:2b:d3:81:38:cf:53:b6:e6:22:a6:0f:43:cd:d3:6b:d0:04:
3e:4c:ed:b3:91:b1:88:b9:f2:c9:61:38:6a:bc:ca:a6:b2:dd:
96:d0:e8:7e:24:32:97:3d:50:07:b9:86:31:83:40:e6:87:32:
1a:72:e4:92
-----BEGIN CERTIFICATE-----
MIIFiTCCBHGgAwIBAgISAZf4g1/VV5JpxEgn1GNmjj18MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRlMmU5MTczMTVmMGE4NzhiMjFmYzEzOWQ0OWE4MjFhYWRk
YzNjOTcwHhcNMjUwNzExMDgwNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwM2Q4NDUxZWUwNzUyOWM0ZmFiMmU3ZDY1ZGJlYzhhN2NiYWM5MjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnYyVVIreGFTh9bIj2F4HShfcIIxA
/wK5wNkITqHGVYdBjqx7D/GvMlVSYJPSKo69TDa8VRFmTGGapGRqstvUF7cwQw+/
mydoRbb4at5upVCYMXmnNwCGLoEWJaKdO50GZtBITFclqWITCtiOhGkO568qySB4
etdH01840lYaWV/SQx0y+PTy3939i4th94sS6P3AiT3Un6FUUMELGMPARgMrAIBz
zPvegsu2k9QzGWJ9DWOw9N5WSQDEjvig9CEREwOBwck4jtX6rl1msPxxDL/j7tR/
lFUbr6I47QvPvE8N5oyH8rEriWc3O9zMcVJNXjz15K9aS6XNdHtQapw1xwIDAQAB
o4IClTCCApEwHQYDVR0OBBYEFAPYRR7gdSnE+rLn1l2+yKfLrJItMB8GA1UdIwQY
MBaAFN4ukXMV8Kh4sh/BOdSaghqt3DyXMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYt
ZjhkNjVjOTgzNzQ0LzEvQTloRkh1QjFLY1Q2c3VmV1hiN0lwOHVza2kwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy8yZDViYzgtNWQ5My00YjBhLWE4YjYtZjhkNjVjOTgzNzQ0
LzEvM2k2UmN4WHdxSGl5SDhFNTFKcUNHcTNjUEpjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGqBggrBgEFBQcBBwEB/wSBmjCBlzBUBAIAATBOAwQCLVPc
AwQALYE4AwQALYE7AwQAjWL8AwQBjWL+AwQCuUGEAwQBucPoAwQCudHEAwQCudWY
AwQBwSB+AwQBwSD4AwQCwYrYAwQBwza2MD8EAgACMDkwEgMHACoDGyAAAQMHAioD
GyAACAMHACoDGyAJATASAwcAKgMbIL7xAwcAKgMbIL7yAwYAKgMbIQEwDQYJKoZI
hvcNAQELBQADggEBAIBE2H8oijYfT8uZClRTHPTvZ8dwghkIujymrRPBKyrDPCwC
O90/v3pJKb4JUjTm/2oA7tniZSrJoo7kH3+zIgleQt0J9PP61ouoU11wmT6QTe80
Sb2KnTpfQAfJC3F15SYhaByw+YVolZip3CXXYjmEvyFX2Zl/b1py3FUp14cGk09o
47ffNurqRLFff1jNwccrWmjhAVVib27E4b+SDuddisJ0lapf7voavAMDF875qrx+
jxkiZ5zBCx1WU8ZeOsHBR58Awfor04E4z1O25iKmD0PN02vQBD5M7bORsYi58slh
OGq8yqay3ZbQ6H4kMpc9UAe5hjGDQOaHMhpy5JI=
-----END CERTIFICATE-----
Generated at Tue Jul 22 11:55:21 2025 by rpki-client