Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/7wKL7D4mKL8xthwFyXE0DiGZnJg.roa
File: 7wKL7D4mKL8xthwFyXE0DiGZnJg.roa (raw, json)
Hash identifier: Ni5TAnH6WUmPtPiLpriTSJ80ZztG0zEleN3jjDSGbM0=
Subject key identifier: EF:02:8B:EC:3E:26:28:BF:31:B6:1C:05:C9:71:34:0E:21:99:9C:98
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0199BD60810832B24F8AE47594635AED85B8
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/7wKL7D4mKL8xthwFyXE0DiGZnJg.roa
Signing time: Tue 07 Oct 2025 06:34:02 +0000
ROA not before: Tue 07 Oct 2025 06:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.147.0/24 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 17 Oct 2025 06:01:18 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bd:60:81:08:32:b2:4f:8a:e4:75:94:63:5a:ed:85:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Oct 7 06:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ef028bec3e2628bf31b61c05c971340e21999c98
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:c8:56:8b:1d:4b:a4:57:0c:4e:a1:9b:4a:eb:
ad:9e:fd:49:94:7f:83:42:9f:fe:3a:5b:bc:a2:c6:
39:73:0b:ce:aa:3a:12:a0:9e:68:87:9a:ae:f9:a2:
f7:f3:ff:69:53:b7:0b:4f:a7:ec:47:e9:7c:68:02:
e3:b6:d0:41:69:a5:57:8f:72:0c:75:80:06:d8:98:
0f:fb:81:1a:bd:e3:01:81:69:74:9a:ea:d7:af:23:
39:33:af:d3:05:47:ca:4d:41:27:ef:2a:15:d8:5e:
ba:cb:9d:b7:36:cf:bd:39:64:01:41:7c:4d:21:71:
33:49:74:bc:f1:b0:88:ee:e3:d4:b8:32:17:6a:aa:
7f:95:9d:09:3b:29:6d:2b:15:12:42:c7:40:eb:3f:
fe:0b:66:b9:10:b2:a4:07:9b:49:c8:7d:ff:40:75:
ff:97:75:d8:58:e8:e7:50:9a:f4:78:9f:89:08:8b:
19:92:41:fa:5e:83:e2:a6:e1:d1:09:cf:6c:70:dc:
60:fe:bb:59:3c:b9:16:f0:38:5f:24:98:18:b6:71:
2d:c2:00:ac:e3:a4:04:e1:3f:b1:01:b1:29:c0:0a:
70:db:9e:7a:71:ab:49:54:bf:cd:ba:da:6d:6d:70:
33:47:8f:8e:45:75:87:1d:12:cc:6f:d1:ca:d4:a3:
38:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EF:02:8B:EC:3E:26:28:BF:31:B6:1C:05:C9:71:34:0E:21:99:9C:98
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/7wKL7D4mKL8xthwFyXE0DiGZnJg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.90.147.0/24
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/24
85.202.162.0/24
89.190.156.0/22
178.218.144.0/22
185.186.64.0/22
185.227.71.0/24
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
34:00:9d:ad:b5:a2:21:c1:02:0c:1f:95:3e:54:22:01:b4:79:
16:50:66:f8:1b:d8:2f:9d:d8:4a:31:48:90:a8:d5:a6:f0:c7:
dc:03:0c:19:3e:a9:21:1b:35:80:ca:fb:96:ea:a2:84:fe:54:
bc:65:2d:07:be:1b:a9:92:d6:cb:8e:35:b8:d2:1d:e9:47:a3:
00:8d:6c:91:d4:94:60:1b:ea:14:9a:fc:31:73:42:b7:38:3f:
43:62:17:39:80:f7:74:d0:03:8d:44:01:e9:70:67:68:f4:dc:
82:b6:83:ed:21:b8:3a:14:05:0a:6c:82:88:18:15:e2:f8:b2:
c0:fd:85:79:dd:d6:8b:3a:e1:33:16:32:53:d4:c7:a8:d2:e4:
f8:44:e3:17:a8:52:b5:c8:20:c1:aa:bc:e6:a8:0b:cf:9d:2a:
99:f6:bd:63:e4:69:dc:40:d3:d4:1e:07:53:39:ba:b2:5a:fe:
db:7d:0e:9d:dd:e0:67:74:3e:d4:4d:49:4c:83:ae:e9:b9:fe:
a6:23:a9:7b:9d:07:27:20:45:e2:cf:60:b0:b9:d8:c1:ed:2b:
f0:f2:b2:19:02:4f:c2:75:cd:46:ad:e0:1a:52:3c:73:ab:b6:
60:fc:a3:fe:38:8c:2e:08:c3:57:8e:31:58:00:a3:b1:b0:36:
d6:fd:da:04
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZm9YIEIMrJPiuR1lGNa7YW4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUxMDA3MDYzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZjAyOGJlYzNlMjYyOGJmMzFiNjFjMDVjOTcxMzQwZTIxOTk5Yzk4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1chWix1LpFcMTqGbSuutnv1JlH+D
Qp/+Olu8osY5cwvOqjoSoJ5oh5qu+aL38/9pU7cLT6fsR+l8aALjttBBaaVXj3IM
dYAG2JgP+4EaveMBgWl0murXryM5M6/TBUfKTUEn7yoV2F66y523Ns+9OWQBQXxN
IXEzSXS88bCI7uPUuDIXaqp/lZ0JOyltKxUSQsdA6z/+C2a5ELKkB5tJyH3/QHX/
l3XYWOjnUJr0eJ+JCIsZkkH6XoPipuHRCc9scNxg/rtZPLkW8DhfJJgYtnEtwgCs
46QE4T+xAbEpwApw2556catJVL/NutptbXAzR4+ORXWHHRLMb9HK1KM4cQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFO8Ci+w+Jii/MbYcBclxNA4hmZyYMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvN3dLTDdENG1LTDh4dGh3RnlYRTBEaUdabkpnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCBhAQCAAEwfgME
AgI4pAMEAAW2MAMEAi1RFAMEAC1akwMEAi2M3AMEAk1T8AMEAE5s2QMEAFOPdAME
AFXKogMEAlm+nAMEArLakAMEArm6QAMEALnjRwMEArnqSAMEArny4AMEAMEfHgME
AsEiTAMEAsHdwAMEAsIyEAMEAsI44AMEAtRrDDCBlgQCAAIwgY8DBwQqCwuCAAAw
DwMFAioLC4QDBgEqCwuGAAMHBCoLC4b/8AMHACoLC4f/EgMHACoLC4f/tAMHBCoL
C4f/wAMHACoLC4f/0gMHACoLC4f/2gMHACoLC4f/7AMHBCoLC4f/8DASAwcEKgtw
gAAQAwcGKgtwgAAAAwcEKgtwhv/wAwcEKgtwh//wAwUDKg13wDANBgkqhkiG9w0B
AQsFAAOCAQEANACdrbWiIcECDB+VPlQiAbR5FlBm+BvYL53YSjFIkKjVpvDH3AMM
GT6pIRs1gMr7luqihP5UvGUtB74bqZLWy441uNId6UejAI1skdSUYBvqFJr8MXNC
tzg/Q2IXOYD3dNADjUQB6XBnaPTcgraD7SG4OhQFCmyCiBgV4viywP2Fed3Wizrh
MxYyU9THqNLk+ETjF6hStcggwaq85qgLz50qmfa9Y+Rp3EDT1B4HUzm6slr+230O
nd3gZ3Q+1E1JTIOu6bn+piOpe50HJyBF4s9gsLnYwe0r8PKyGQJPwnXNRq3gGlI8
c6u2YPyj/jiMLgjDV44xWACjsbA21v3aBA==
-----END CERTIFICATE-----
Generated at Thu Oct 16 15:47:45 2025 by rpki-client