Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kWVGrn2KbBs46jF6L8D3znRoUdc.roa
File: kWVGrn2KbBs46jF6L8D3znRoUdc.roa (raw, json)
Hash identifier: fCWrEW72O0Yi25jumuVeoeXPf/Lw+VRA2yMFeBssueg=
Subject key identifier: 91:65:46:AE:7D:8A:6C:1B:38:EA:31:7A:2F:C0:F7:CE:74:68:51:D7
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 0197CC548D9606F5AC7302C25216BF4895A5
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kWVGrn2KbBs46jF6L8D3znRoUdc.roa
Signing time: Wed 02 Jul 2025 18:09:42 +0000
ROA not before: Wed 02 Jul 2025 18:09:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.147.0/24 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/22 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 03:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:cc:54:8d:96:06:f5:ac:73:02:c2:52:16:bf:48:95:a5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Jul 2 18:09:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=916546ae7d8a6c1b38ea317a2fc0f7ce746851d7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:bc:70:4c:72:26:7c:b1:c4:88:20:be:a7:2f:
8b:35:4a:ba:5c:07:9c:ef:eb:bc:7d:04:a2:75:37:
7a:2b:10:66:21:c8:43:4d:62:fd:4c:39:f7:2b:45:
f0:e0:65:cc:8f:e6:83:d5:50:53:15:d8:a3:41:4b:
97:bd:15:97:ab:02:e0:fe:94:a5:ee:0c:ef:78:83:
73:71:c9:c5:f7:3c:41:9a:d7:fb:a9:ba:74:8f:7a:
71:ff:34:f2:f2:40:e5:c4:f2:40:72:6e:65:c7:e5:
bc:91:7b:54:2b:55:37:4e:5b:4a:7c:02:a3:56:1e:
be:0d:d5:54:68:79:17:d1:99:32:bd:de:c3:df:12:
ee:19:30:37:cc:5a:78:53:65:f9:c1:3a:eb:49:2b:
1f:00:9f:2e:5c:a6:be:50:f1:b0:4e:b1:60:fa:70:
44:70:e2:70:64:79:a1:29:24:ab:6c:86:f9:4c:44:
6f:cb:b8:cf:c4:b4:56:3a:7b:f2:22:75:32:1a:5c:
48:36:31:59:a5:48:87:82:0b:77:ca:83:48:02:a9:
8d:74:3d:c1:b9:36:51:d3:a1:ff:40:7f:71:c6:f3:
3d:e4:f4:b9:e5:92:7a:bd:3a:6a:b3:3c:7e:b4:ed:
8d:b2:93:7e:7e:84:56:4f:dd:20:e9:0e:51:c6:3f:
95:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:65:46:AE:7D:8A:6C:1B:38:EA:31:7A:2F:C0:F7:CE:74:68:51:D7
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/kWVGrn2KbBs46jF6L8D3znRoUdc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.90.147.0/24
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/22
85.202.162.0/24
89.190.156.0/22
178.218.144.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
7f:51:04:b2:8c:b6:ab:0b:19:40:e0:0f:3f:a5:31:63:8d:63:
d9:61:92:27:d6:7d:97:78:10:a8:c9:b3:76:e2:cb:0b:a5:ab:
41:26:f8:25:a5:20:03:26:3d:72:bd:cc:49:8c:53:82:72:e6:
82:5c:2e:11:5c:81:16:63:ef:ef:3c:05:7a:93:12:96:04:0b:
1e:07:39:14:8c:55:8d:7c:b0:8c:4d:b4:7e:85:c6:7f:b0:ae:
9e:fb:66:c3:cb:32:79:af:95:3c:76:42:c4:7e:6d:6e:bf:15:
4a:1d:97:f1:4d:93:9a:df:06:b2:94:7f:69:44:1e:1a:18:49:
e8:f1:f4:34:29:21:57:8e:ab:28:30:fd:bb:a0:98:fd:4c:90:
6c:08:ef:b6:13:20:6a:4c:d1:01:80:9c:8b:75:a3:5e:0e:96:
c3:20:d1:70:23:72:be:f0:b1:0b:9b:ea:2a:31:21:61:65:d6:
5c:af:b0:19:ca:c3:f1:1e:08:b6:3d:c2:cb:28:3a:ba:30:9f:
94:f2:ee:b9:67:20:af:e3:d0:2d:0c:88:3e:f7:00:f1:b5:5c:
4e:5f:bb:6f:ed:a0:2a:49:5f:06:06:bd:d0:45:ff:db:9f:0b:
8b:8b:55:77:b2:34:21:b7:d4:93:f2:de:b7:b9:b8:89:2b:a6:
bb:de:28:46
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZfMVI2WBvWscwLCUha/SJWlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwNzAyMTgwOTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MTY1NDZhZTdkOGE2YzFiMzhlYTMxN2EyZmMwZjdjZTc0Njg1MWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxbxwTHImfLHEiCC+py+LNUq6XAec
7+u8fQSidTd6KxBmIchDTWL9TDn3K0Xw4GXMj+aD1VBTFdijQUuXvRWXqwLg/pSl
7gzveINzccnF9zxBmtf7qbp0j3px/zTy8kDlxPJAcm5lx+W8kXtUK1U3TltKfAKj
Vh6+DdVUaHkX0Zkyvd7D3xLuGTA3zFp4U2X5wTrrSSsfAJ8uXKa+UPGwTrFg+nBE
cOJwZHmhKSSrbIb5TERvy7jPxLRWOnvyInUyGlxINjFZpUiHggt3yoNIAqmNdD3B
uTZR06H/QH9xxvM95PS55ZJ6vTpqszx+tO2NspN+foRWT90g6Q5Rxj+V2QIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFJFlRq59imwbOOoxei/A9850aFHXMB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEva1dWR3JuMktiQnM0NmpGNkw4RDN6blJvVWRjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCBhAQCAAEwfgME
AgI4pAMEAAW2MAMEAi1RFAMEAC1akwMEAi2M3AMEAk1T8AMEAE5s2QMEAlOPdAME
AFXKogMEAlm+nAMEArLakAMEArm6QAMEArnjRAMEArnqSAMEArny4AMEAMEfHgME
AsEiTAMEAsHdwAMEAsIyEAMEAsI44AMEAtRrDDCBlgQCAAIwgY8DBwQqCwuCAAAw
DwMFAioLC4QDBgEqCwuGAAMHBCoLC4b/8AMHACoLC4f/EgMHACoLC4f/tAMHBCoL
C4f/wAMHACoLC4f/0gMHACoLC4f/2gMHACoLC4f/7AMHBCoLC4f/8DASAwcEKgtw
gAAQAwcGKgtwgAAAAwcEKgtwhv/wAwcEKgtwh//wAwUDKg13wDANBgkqhkiG9w0B
AQsFAAOCAQEAf1EEsoy2qwsZQOAPP6UxY41j2WGSJ9Z9l3gQqMmzduLLC6WrQSb4
JaUgAyY9cr3MSYxTgnLmglwuEVyBFmPv7zwFepMSlgQLHgc5FIxVjXywjE20foXG
f7Cunvtmw8syea+VPHZCxH5tbr8VSh2X8U2Tmt8GspR/aUQeGhhJ6PH0NCkhV46r
KDD9u6CY/UyQbAjvthMgakzRAYCci3WjXg6WwyDRcCNyvvCxC5vqKjEhYWXWXK+w
GcrD8R4Itj3Cyyg6ujCflPLuuWcgr+PQLQyIPvcA8bVcTl+7b+2gKklfBga90EX/
258Li4tVd7I0IbfUk/Let7m4iSumu94oRg==
-----END CERTIFICATE-----
Generated at Thu Jul 3 09:46:15 2025 by rpki-client