Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qm0L2lHJWWrJqK3NBR1H81Pb1_g.roa
File: qm0L2lHJWWrJqK3NBR1H81Pb1_g.roa (raw, json)
Hash identifier: fi0XBXL2NKtYqIfL0RgarISWN5TtZRTbbQN1Zvvfv5I=
Subject key identifier: AA:6D:0B:DA:51:C9:59:6A:C9:A8:AD:CD:05:1D:47:F3:53:DB:D7:F8
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019826C8B998AFBE72316F6CF667F7EAF0DB
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qm0L2lHJWWrJqK3NBR1H81Pb1_g.roa
Signing time: Sun 20 Jul 2025 07:42:25 +0000
ROA not before: Sun 20 Jul 2025 07:42:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.219.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.233.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:26:c8:b9:98:af:be:72:31:6f:6c:f6:67:f7:ea:f0:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jul 20 07:42:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aa6d0bda51c9596ac9a8adcd051d47f353dbd7f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:6b:e0:a1:7f:8f:df:3e:4a:fe:92:a4:eb:31:
6d:34:c0:af:61:0d:3f:6b:f8:da:6e:3e:59:d8:27:
1d:c3:ae:95:b0:cc:b2:50:7b:67:12:c4:5c:f6:57:
d3:b2:56:ea:16:40:9e:26:81:ba:a3:81:5b:00:74:
89:69:4b:cf:4a:59:7b:f5:84:60:19:90:a9:c7:7f:
af:ff:3f:43:18:1f:85:e7:45:d7:62:ba:0c:c1:6f:
6b:30:23:f2:82:8b:2f:b3:b5:3c:c0:67:d1:dc:7d:
69:f3:c7:cc:f3:42:55:33:3e:8d:da:3d:ff:c0:82:
ef:4c:aa:64:4c:6a:fe:f6:20:2f:95:2b:90:5d:38:
9b:f3:7a:a4:6b:0a:6f:c3:aa:ee:e3:ea:37:57:40:
72:1e:4a:74:0b:02:bc:6a:28:7d:db:d0:d1:79:87:
a6:43:00:b7:78:56:f0:d6:95:cb:36:41:5c:5d:08:
e7:99:55:20:e4:10:62:1c:82:0a:c2:fa:67:59:c7:
a3:e2:01:92:40:56:67:ab:e7:1b:60:cd:73:af:d5:
da:95:92:92:13:66:07:00:3a:7b:c6:47:31:e8:d5:
91:db:b5:ef:c6:f8:23:e2:bb:af:2c:10:ab:76:03:
af:1d:de:f1:a6:19:1c:99:83:41:c4:86:90:b1:e1:
84:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AA:6D:0B:DA:51:C9:59:6A:C9:A8:AD:CD:05:1D:47:F3:53:DB:D7:F8
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/qm0L2lHJWWrJqK3NBR1H81Pb1_g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.234.0/23
78.159.128.0/23
78.159.131.0/24
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/22
78.159.157.0-78.159.159.255
91.92.33.0/24
91.92.35.0/24
91.92.40.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.206.0/23
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.218.0-93.152.224.255
93.152.226.0/23
93.152.233.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
6f:a0:46:f1:fa:ab:42:80:4e:4d:4c:ac:36:15:96:ce:e1:a5:
44:67:f6:d8:f5:4d:1f:80:86:67:d8:5d:16:e7:49:f7:01:ba:
25:de:c1:17:87:88:f4:e2:88:ef:b2:a5:4c:02:78:e4:77:34:
50:23:18:c1:f6:4b:4a:8b:cb:e7:8a:66:e4:19:6d:ed:ff:2d:
df:da:76:be:1d:6a:0b:79:8a:b9:25:d1:4c:d0:17:bc:1d:a4:
f3:ef:95:92:22:2e:ec:7a:b4:b4:b4:8d:76:06:e4:93:cb:70:
35:48:0c:93:da:e4:07:95:c0:d8:76:88:89:c7:73:0a:35:1b:
85:ed:a0:17:77:37:c8:c4:1f:aa:b3:81:ec:10:8f:25:d8:e5:
d4:0b:4f:65:14:2b:c5:1f:b9:9e:d2:93:74:45:be:56:d7:f2:
09:a8:32:63:06:43:af:3b:1a:dd:3c:3e:8c:f6:2e:9d:9e:ef:
fe:2a:7e:88:95:b9:c1:53:13:91:19:54:e0:0c:d2:f8:e0:6d:
a3:7e:21:04:77:22:0d:5d:99:a2:7e:aa:92:55:c4:ba:8d:76:
4a:80:20:2b:54:48:93:3e:bd:8d:e4:b3:3f:87:7f:e3:e4:eb:
5c:95:20:53:5a:f2:39:c0:7c:54:6e:fb:2f:07:e0:e9:8f:5f:
d2:96:13:7c
-----BEGIN CERTIFICATE-----
MIIF2DCCBMCgAwIBAgISAZgmyLmYr75yMW9s9mf36vDbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwNzIwMDc0MjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhYTZkMGJkYTUxYzk1OTZhYzlhOGFkY2QwNTFkNDdmMzUzZGJkN2Y4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmmvgoX+P3z5K/pKk6zFtNMCvYQ0/
a/jabj5Z2Ccdw66VsMyyUHtnEsRc9lfTslbqFkCeJoG6o4FbAHSJaUvPSll79YRg
GZCpx3+v/z9DGB+F50XXYroMwW9rMCPygosvs7U8wGfR3H1p88fM80JVMz6N2j3/
wILvTKpkTGr+9iAvlSuQXTib83qkawpvw6ru4+o3V0ByHkp0CwK8aih929DReYem
QwC3eFbw1pXLNkFcXQjnmVUg5BBiHIIKwvpnWcej4gGSQFZnq+cbYM1zr9XalZKS
E2YHADp7xkcx6NWR27Xvxvgj4ruvLBCrdgOvHd7xphkcmYNBxIaQseGEcwIDAQAB
o4IC5DCCAuAwHQYDVR0OBBYEFKptC9pRyVlqyaitzQUdR/NT29f4MB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvcW0wTDJsSEpXV3JKcUszTkJSMUg4MVBiMV9nLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH5BggrBgEFBQcBBwEB/wSB6TCB5jCB4wQCAAEwgdwDBAAt
jegDBAEtjeoDBAFOn4ADBABOn4MDBAJOn4gwDAMEAE6flQMEAE6flgMEAk6fmDAM
AwQATp+dAwQFTp+AAwQAW1whAwQAW1wjMAwDBANbXCgDBABbXC4wDAMEAFtcMQME
AVtcNAMEAV2YzjAMAwQAXZjRAwQCXZjQMAwDBABdmNUDBABdmNgwDAMEAV2Y2gME
AF2Y4AMEAV2Y4gMEAF2Y6QMEAV4aHAMEAl4aTDAMAwQAXhpZAwQAXhpaAwQAXr7D
AwQBuWD8AwQAuWD/AwQA1GZpAwQA1GZrMA0GCSqGSIb3DQEBCwUAA4IBAQBvoEbx
+qtCgE5NTKw2FZbO4aVEZ/bY9U0fgIZn2F0W50n3Abol3sEXh4j04ojvsqVMAnjk
dzRQIxjB9ktKi8vnimbkGW3t/y3f2na+HWoLeYq5JdFM0Be8HaTz75WSIi7serS0
tI12BuSTy3A1SAyT2uQHlcDYdoiJx3MKNRuF7aAXdzfIxB+qs4HsEI8l2OXUC09l
FCvFH7me0pN0Rb5W1/IJqDJjBkOvOxrdPD6M9i6dnu/+Kn6IlbnBUxORGVTgDNL4
4G2jfiEEdyINXZmifqqSVcS6jXZKgCArVEiTPr2N5LM/h3/j5OtclSBTWvI5wHxU
bvsvB+Dpj1/SlhN8
-----END CERTIFICATE-----
Generated at Sun Jul 20 20:12:29 2025 by rpki-client