Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/L7V7oBMQWuhH90NOYH_atbAnsH8.roa
File: L7V7oBMQWuhH90NOYH_atbAnsH8.roa (raw, json)
Hash identifier: plj3XbX2925ks8hdutOLpZj2760YVYJf0gs36tgJmEI=
Subject key identifier: 2F:B5:7B:A0:13:10:5A:E8:47:F7:43:4E:60:7F:DA:B5:B0:27:B0:7F
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 0196891B9D0A6EF55BFF1575119591024191
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/L7V7oBMQWuhH90NOYH_atbAnsH8.roa
Signing time: Wed 30 Apr 2025 23:50:10 +0000
ROA not before: Wed 30 Apr 2025 23:50:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58061
IP address blocks: 5.45.64.0/21 maxlen: 21
5.45.72.0/22 maxlen: 22
5.45.76.0/22 maxlen: 22
5.45.84.0/22 maxlen: 22
5.45.88.0/22 maxlen: 22
5.45.92.0/22 maxlen: 22
5.61.48.0/22 maxlen: 22
5.61.52.0/22 maxlen: 22
5.61.56.0/22 maxlen: 22
37.1.200.0/21 maxlen: 21
37.1.216.0/21 maxlen: 21
37.252.3.0/24 maxlen: 24
37.252.13.0/24 maxlen: 24
37.252.14.0/23 maxlen: 23
45.136.48.0/22 maxlen: 22
45.137.212.0/24 maxlen: 24
45.137.213.0/24 maxlen: 24
45.137.214.0/24 maxlen: 24
45.137.215.0/24 maxlen: 24
46.102.106.0/24 maxlen: 24
62.197.45.0/24 maxlen: 24
62.197.48.0/23 maxlen: 23
82.117.242.0/23 maxlen: 23
85.90.208.0/24 maxlen: 24
89.187.73.0/24 maxlen: 24
176.97.79.0/24 maxlen: 24
176.98.40.0/24 maxlen: 24
185.109.48.0/24 maxlen: 24
185.238.168.0/23 maxlen: 23
185.238.170.0/23 maxlen: 23
188.116.21.0/24 maxlen: 24
188.116.23.0/24 maxlen: 24
188.116.24.0/24 maxlen: 24
188.116.25.0/24 maxlen: 24
188.116.26.0/24 maxlen: 24
188.116.27.0/24 maxlen: 24
195.54.174.0/23 maxlen: 23
213.142.146.0/23 maxlen: 23
2a02:c6c1:2::/48 maxlen: 48
2a02:c6c1:3::/48 maxlen: 48
2a02:c6c1:10::/48 maxlen: 48
2a02:c6c1:151::/48 maxlen: 48
2a02:c6c1:152::/48 maxlen: 48
2a02:c6c1:153::/48 maxlen: 48
2a02:c6c1:154::/48 maxlen: 48
2a02:c6c1:155::/48 maxlen: 48
2a02:c6c1:156::/48 maxlen: 48
2a02:c6c2::/32 maxlen: 32
2a02:c6c3::/32 maxlen: 32
2a02:c6c7::/32 maxlen: 32
2a0c:6740::/29 maxlen: 29
2a0c:6741::/32 maxlen: 32
2a0e:92c0::/29 maxlen: 29
2a0e:9a40::/29 maxlen: 29
2a0e:a7c0::/29 maxlen: 29
2a0e:a7c0::/32 maxlen: 32
2a0f:4b40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 12:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:89:1b:9d:0a:6e:f5:5b:ff:15:75:11:95:91:02:41:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Apr 30 23:50:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2fb57ba013105ae847f7434e607fdab5b027b07f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:22:89:a7:d8:54:fb:0b:b8:62:9c:7b:4e:cf:
89:f3:85:da:67:6e:a0:5b:a8:15:06:ee:18:dc:7d:
c8:2c:d1:d3:00:e5:45:57:f4:c0:a0:2a:df:d1:7a:
e0:a5:70:db:10:76:81:e8:3f:b4:30:59:b1:58:7f:
82:70:48:0d:c1:73:e9:35:dc:a3:a8:ab:31:c9:7e:
56:ef:61:41:78:19:2d:f2:b0:ab:6c:9a:33:d5:0d:
13:7b:c1:5a:16:07:12:4f:29:06:c8:88:f8:9b:c7:
81:d2:e4:0d:00:4d:c5:39:2e:d8:f5:52:57:5d:76:
97:aa:be:e8:8c:4c:35:c0:2e:04:f4:06:d8:41:80:
bd:fd:9d:ec:32:57:17:89:22:26:48:cd:04:00:61:
fd:b9:bd:ef:54:71:e2:b7:da:9f:4b:a2:ca:91:33:
39:4f:91:da:4d:98:ab:88:c0:e6:05:46:07:9f:0e:
97:8a:f4:60:fb:a4:7c:f2:e1:14:63:9a:b4:a7:96:
e9:0c:92:d0:55:03:21:1f:6b:88:13:6a:0a:f7:31:
89:77:0c:1d:75:b5:eb:19:fc:e2:e0:6d:fb:48:1a:
25:4d:25:a4:ee:4d:2b:ae:72:97:2a:5e:35:2c:93:
b1:5a:a6:55:0f:ac:7d:db:3f:3c:fc:33:04:ed:46:
50:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:B5:7B:A0:13:10:5A:E8:47:F7:43:4E:60:7F:DA:B5:B0:27:B0:7F
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/L7V7oBMQWuhH90NOYH_atbAnsH8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.45.64.0/20
5.45.84.0-5.45.95.255
5.61.48.0-5.61.59.255
37.1.200.0/21
37.1.216.0/21
37.252.3.0/24
37.252.13.0-37.252.15.255
45.136.48.0/22
45.137.212.0/22
46.102.106.0/24
62.197.45.0/24
62.197.48.0/23
82.117.242.0/23
85.90.208.0/24
89.187.73.0/24
176.97.79.0/24
176.98.40.0/24
185.109.48.0/24
185.238.168.0/22
188.116.21.0/24
188.116.23.0-188.116.27.255
195.54.174.0/23
213.142.146.0/23
IPv6:
2a02:c6c1:2::/47
2a02:c6c1:10::/48
2a02:c6c1:151::-2a02:c6c1:156:ffff:ffff:ffff:ffff:ffff
2a02:c6c2::/31
2a02:c6c7::/32
2a0c:6740::/29
2a0e:92c0::/29
2a0e:9a40::/29
2a0e:a7c0::/29
2a0f:4b40::/29
Signature Algorithm: sha256WithRSAEncryption
3d:f5:6b:c2:4d:20:c8:a1:96:9e:d3:44:a7:13:f0:d3:8d:05:
73:df:89:98:ae:7f:34:28:99:b1:e0:5f:8b:f0:a0:76:9d:0c:
76:0a:fd:92:3c:71:ab:12:8a:a0:3b:5f:cc:1d:d7:63:0f:05:
25:f0:d1:ad:69:25:dc:9c:f5:4d:00:53:b2:a9:65:1d:47:79:
fd:21:83:77:dd:58:79:f2:2a:71:51:51:25:da:16:2a:ca:a1:
cb:fe:6d:55:82:78:09:7b:fc:bd:e9:08:6b:61:91:0f:6c:54:
f1:8b:87:36:17:bf:9e:cf:e0:b1:d7:7a:b8:6a:1c:08:a4:92:
9c:ee:04:57:bb:90:6f:d9:1d:12:0f:68:32:34:40:15:d8:c9:
d3:68:20:dc:76:95:49:a2:77:68:cc:27:b9:21:a1:be:6f:c9:
9f:48:2a:60:eb:4d:87:3f:64:de:82:a0:7a:82:e7:e5:77:38:
ac:f7:5c:f3:2b:89:4a:08:4f:2d:bc:ff:5a:39:05:fa:96:7c:
12:94:8a:46:08:69:68:99:f5:a5:92:8e:5e:4e:2c:c3:69:4e:
1e:d2:45:23:24:35:05:5c:07:18:47:d0:58:c4:f1:fc:cb:36:
b4:7a:af:8d:82:71:77:6d:ed:35:e5:b4:c2:1a:01:16:4f:d1:
d9:24:62:68
-----BEGIN CERTIFICATE-----
MIIGCDCCBPCgAwIBAgISAZaJG50KbvVb/xV1EZWRAkGRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjUwNDMwMjM1MDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmI1N2JhMDEzMTA1YWU4NDdmNzQzNGU2MDdmZGFiNWIwMjdiMDdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCKJp9hU+wu4Ypx7Ts+J84XaZ26g
W6gVBu4Y3H3ILNHTAOVFV/TAoCrf0XrgpXDbEHaB6D+0MFmxWH+CcEgNwXPpNdyj
qKsxyX5W72FBeBkt8rCrbJoz1Q0Te8FaFgcSTykGyIj4m8eB0uQNAE3FOS7Y9VJX
XXaXqr7ojEw1wC4E9AbYQYC9/Z3sMlcXiSImSM0EAGH9ub3vVHHit9qfS6LKkTM5
T5HaTZiriMDmBUYHnw6XivRg+6R88uEUY5q0p5bpDJLQVQMhH2uIE2oK9zGJdwwd
dbXrGfzi4G37SBolTSWk7k0rrnKXKl41LJOxWqZVD6x92z88/DME7UZQ6QIDAQAB
o4IDFDCCAxAwHQYDVR0OBBYEFC+1e6ATEFroR/dDTmB/2rWwJ7B/MB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvTDdWN29CTVFXdWhIOTBOT1lIX2F0YkFuc0g4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBKAYIKwYBBQUHAQcBAf8EggEXMIIBEzCBsQQCAAEwgaoD
BAQFLUAwDAMEAgUtVAMEBQUtQDAMAwQEBT0wAwQCBT04AwQDJQHIAwQDJQHYAwQA
JfwDMAwDBAAl/A0DBAQl/AADBAItiDADBAItidQDBAAuZmoDBAA+xS0DBAE+xTAD
BAFSdfIDBABVWtADBABZu0kDBACwYU8DBACwYigDBAC5bTADBAK57qgDBAC8dBUw
DAMEALx0FwMEArx0GAMEAcM2rgMEAdWOkjBdBAIAAjBXAwcBKgLGwQACAwcAKgLG
wQAQMBIDBwAqAsbBAVEDBwAqAsbBAVYDBQEqAsbCAwUAKgLGxwMFAyoMZ0ADBQMq
DpLAAwUDKg6aQAMFAyoOp8ADBQMqD0tAMA0GCSqGSIb3DQEBCwUAA4IBAQA99WvC
TSDIoZae00SnE/DTjQVz34mYrn80KJmx4F+L8KB2nQx2Cv2SPHGrEoqgO1/MHddj
DwUl8NGtaSXcnPVNAFOyqWUdR3n9IYN33Vh58ipxUVEl2hYqyqHL/m1VgngJe/y9
6QhrYZEPbFTxi4c2F7+ez+Cx13q4ahwIpJKc7gRXu5Bv2R0SD2gyNEAV2MnTaCDc
dpVJondozCe5IaG+b8mfSCpg602HP2TegqB6gufldzis91zzK4lKCE8tvP9aOQX6
lnwSlIpGCGlomfWlko5eTizDaU4e0kUjJDUFXAcYR9BYxPH8yza0eq+NgnF3be01
5bTCGgEWT9HZJGJo
-----END CERTIFICATE-----
Generated at Thu Jun 5 18:37:40 2025 by rpki-client