Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/k_lwXaBiBKz06NOFsfzksh9ZKio.roa
File: k_lwXaBiBKz06NOFsfzksh9ZKio.roa (raw, json)
Hash identifier: dGzNVRq0or8J2WB27ivttWiHfbjfVDTphfxdH/v79t8=
Subject key identifier: 93:F9:70:5D:A0:62:04:AC:F4:E8:D3:85:B1:FC:E4:B2:1F:59:2A:2A
Certificate issuer: /CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Certificate serial: 0197EE6F6C92048851A583367083E2D69F7C
Authority key identifier: 6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/k_lwXaBiBKz06NOFsfzksh9ZKio.roa
Signing time: Wed 09 Jul 2025 09:06:09 +0000
ROA not before: Wed 09 Jul 2025 09:06:09 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215727
IP address blocks: 45.136.0.0/24 maxlen: 32
45.136.2.0/24 maxlen: 32
45.136.3.0/24 maxlen: 32
128.0.119.0/24 maxlen: 32
185.117.20.0/24 maxlen: 32
185.117.21.0/24 maxlen: 32
185.117.23.0/24 maxlen: 32
185.144.100.0/24 maxlen: 32
185.144.101.0/24 maxlen: 32
185.144.102.0/24 maxlen: 32
185.144.103.0/24 maxlen: 32
185.211.48.0/24 maxlen: 32
185.211.49.0/24 maxlen: 32
185.211.50.0/24 maxlen: 32
185.227.240.0/24 maxlen: 32
185.227.241.0/24 maxlen: 32
185.227.242.0/24 maxlen: 32
185.227.243.0/24 maxlen: 32
193.201.208.0/24 maxlen: 32
193.201.209.0/24 maxlen: 32
193.201.210.0/24 maxlen: 32
193.201.211.0/24 maxlen: 32
194.36.100.0/24 maxlen: 32
194.36.102.0/24 maxlen: 32
194.36.103.0/24 maxlen: 32
194.124.64.0/24 maxlen: 32
194.124.65.0/24 maxlen: 32
194.124.66.0/24 maxlen: 32
194.124.67.0/24 maxlen: 32
195.85.68.0/24 maxlen: 32
195.85.69.0/24 maxlen: 32
195.85.70.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.mft
rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ee:6f:6c:92:04:88:51:a5:83:36:70:83:e2:d6:9f:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6c8fd1a8ae5996c1e5692c1a8c42bfe9c3ba5745
Validity
Not Before: Jul 9 09:06:09 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=93f9705da06204acf4e8d385b1fce4b21f592a2a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:ca:d9:d4:ba:92:2e:59:e3:b8:8a:7f:b2:35:
fc:09:94:78:b7:b2:89:48:3c:e7:cb:77:ed:4d:72:
54:bd:25:15:21:ae:00:8a:93:bf:ea:1d:c0:ea:5d:
71:00:1b:2d:08:d6:a7:91:17:03:b3:9c:9c:04:73:
80:68:75:35:70:33:15:37:ee:23:c0:e8:ef:f7:f9:
5b:91:65:7a:1c:7f:4d:40:82:76:fd:d6:88:f3:75:
ec:df:ef:11:03:5b:7d:80:66:45:d3:87:51:5e:cc:
b9:0e:8e:bc:e6:4c:bb:59:c2:65:aa:77:1d:ea:d3:
b2:fb:3c:ac:22:f5:65:b4:e4:d0:04:90:8f:69:48:
aa:77:19:a9:d9:6a:53:30:56:d9:bc:bb:79:6c:93:
95:1b:15:88:96:95:67:15:e8:72:11:6f:1b:d3:9a:
d3:3b:e9:9a:43:04:af:bc:a1:9c:ae:f3:34:05:0b:
85:b5:b9:1e:09:bc:7d:4c:06:79:1c:5a:ce:04:3d:
37:80:28:4f:cc:27:08:67:87:35:82:2f:5d:09:cf:
51:b2:e4:a6:f4:3d:71:83:bb:93:61:d3:d9:87:fe:
c4:d0:03:f8:e6:92:7a:81:2c:29:c2:2e:4f:2f:32:
5d:17:a5:bf:a7:eb:bc:f5:74:53:ee:7d:cc:9d:02:
d0:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:F9:70:5D:A0:62:04:AC:F4:E8:D3:85:B1:FC:E4:B2:1F:59:2A:2A
X509v3 Authority Key Identifier:
keyid:6C:8F:D1:A8:AE:59:96:C1:E5:69:2C:1A:8C:42:BF:E9:C3:BA:57:45
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bI_RqK5ZlsHlaSwajEK_6cO6V0U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/k_lwXaBiBKz06NOFsfzksh9ZKio.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d0/492590-a02f-443e-aaa3-feac26eaecc2/1/bI_RqK5ZlsHlaSwajEK_6cO6V0U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.0.0/24
45.136.2.0/23
128.0.119.0/24
185.117.20.0/23
185.117.23.0/24
185.144.100.0/22
185.211.48.0-185.211.50.255
185.227.240.0/22
193.201.208.0/22
194.36.100.0/24
194.36.102.0/23
194.124.64.0/22
195.85.68.0-195.85.70.255
Signature Algorithm: sha256WithRSAEncryption
d0:6d:04:3f:c0:c9:c9:6e:bd:25:bc:5b:88:68:db:c5:a9:a1:
e9:66:e9:2d:4f:01:bc:4a:28:c3:d2:0a:6e:4d:f6:32:8a:d4:
e0:55:f2:c9:e5:43:fb:67:d8:30:c4:7c:d9:f9:5c:80:72:3b:
11:9f:f7:08:e3:7c:6b:78:9f:a2:a4:fa:70:cd:22:e2:72:c1:
a6:33:0f:6b:2b:47:81:ab:87:5b:ba:94:a8:7a:be:44:33:5c:
d2:a0:a1:1f:c3:a7:71:d9:19:7c:db:13:74:a7:e4:4f:d1:c1:
4d:8e:fa:9e:45:98:78:6b:b1:75:c7:a1:c0:00:d5:93:4f:1d:
e2:95:33:4d:87:23:ec:ed:c3:68:63:b3:30:5e:c3:73:a4:f2:
e2:b4:3a:05:24:04:05:5f:94:23:d9:5f:90:70:f3:dc:2b:6b:
92:42:5d:f7:e5:4b:dd:48:84:33:5b:c1:a9:52:2e:a4:b7:30:
94:8d:6e:19:ac:16:b9:cb:8c:fd:d9:30:ef:8c:88:ed:ac:54:
91:da:bb:de:1a:6b:5f:41:1e:9f:da:d3:69:e5:fe:21:b1:7d:
16:a5:32:30:f4:cc:f7:9a:68:b5:09:28:6b:3d:f5:84:18:61:
d4:b3:47:f4:f8:1e:0a:08:c8:62:d7:fd:11:da:7d:9d:84:aa:
e2:94:2e:de
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZfub2ySBIhRpYM2cIPi1p98MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZjOGZkMWE4YWU1OTk2YzFlNTY5MmMxYThjNDJiZmU5YzNi
YTU3NDUwHhcNMjUwNzA5MDkwNjA5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5M2Y5NzA1ZGEwNjIwNGFjZjRlOGQzODViMWZjZTRiMjFmNTkyYTJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlsrZ1LqSLlnjuIp/sjX8CZR4t7KJ
SDzny3ftTXJUvSUVIa4AipO/6h3A6l1xABstCNankRcDs5ycBHOAaHU1cDMVN+4j
wOjv9/lbkWV6HH9NQIJ2/daI83Xs3+8RA1t9gGZF04dRXsy5Do685ky7WcJlqncd
6tOy+zysIvVltOTQBJCPaUiqdxmp2WpTMFbZvLt5bJOVGxWIlpVnFehyEW8b05rT
O+maQwSvvKGcrvM0BQuFtbkeCbx9TAZ5HFrOBD03gChPzCcIZ4c1gi9dCc9RsuSm
9D1xg7uTYdPZh/7E0AP45pJ6gSwpwi5PLzJdF6W/p+u89XRT7n3MnQLQxwIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFJP5cF2gYgSs9OjThbH85LIfWSoqMB8GA1UdIwQY
MBaAFGyP0aiuWZbB5WksGoxCv+nDuldFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMt
ZmVhYzI2ZWFlY2MyLzEva19sd1hhQmlCS3owNk5PRnNmemtzaDlaS2lvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMC80OTI1OTAtYTAyZi00NDNlLWFhYTMtZmVhYzI2ZWFlY2My
LzEvYklfUnFLNVpsc0hsYVN3YWpFS182Y082VjBVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBkBAIAATBeAwQALYgAAwQB
LYgCAwQAgAB3AwQBuXUUAwQAuXUXAwQCuZBkMAwDBAS50zADBAC50zIDBAK54/AD
BALBydADBADCJGQDBAHCJGYDBALCfEAwDAMEAsNVRAMEAMNVRjANBgkqhkiG9w0B
AQsFAAOCAQEA0G0EP8DJyW69JbxbiGjbxamh6WbpLU8BvEoow9IKbk32MorU4FXy
yeVD+2fYMMR82flcgHI7EZ/3CON8a3ifoqT6cM0i4nLBpjMPaytHgauHW7qUqHq+
RDNc0qChH8OncdkZfNsTdKfkT9HBTY76nkWYeGuxdcehwADVk08d4pUzTYcj7O3D
aGOzMF7Dc6Ty4rQ6BSQEBV+UI9lfkHDz3CtrkkJd9+VL3UiEM1vBqVIupLcwlI1u
GawWucuM/dkw74yI7axUkdq73hprX0Een9rTaeX+IbF9FqUyMPTM95potQkoaz31
hBhh1LNH9PgeCgjIYtf9Edp9nYSq4pQu3g==
-----END CERTIFICATE-----
Generated at Mon Jul 21 06:49:19 2025 by rpki-client