Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/PrwzU8vesp6TjRca3qkyW5R1p-A.roa
File: PrwzU8vesp6TjRca3qkyW5R1p-A.roa (raw, json)
Hash identifier: f+KiuFk5nzUwMr9AigX4CLzhXS4nMO0Kqg1vNXt0kQk=
Subject key identifier: 3E:BC:33:53:CB:DE:B2:9E:93:8D:17:1A:DE:A9:32:5B:94:75:A7:E0
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 019A019BDDBD93E2BE375DBFEA2A31A46976
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/PrwzU8vesp6TjRca3qkyW5R1p-A.roa
Signing time: Mon 20 Oct 2025 12:33:03 +0000
ROA not before: Mon 20 Oct 2025 12:33:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.9.118.0/24 maxlen: 24
45.9.120.0/24 maxlen: 24
45.9.122.0/24 maxlen: 24
45.86.244.0/24 maxlen: 24
45.95.97.0/24 maxlen: 24
45.130.128.0/24 maxlen: 24
45.134.184.0/24 maxlen: 24
45.141.176.0/24 maxlen: 24
45.146.91.0/24 maxlen: 24
45.146.180.0/24 maxlen: 24
45.151.104.0/24 maxlen: 24
45.154.58.0/24 maxlen: 24
45.154.228.0/24 maxlen: 24
85.209.130.0/24 maxlen: 24
185.164.59.0/24 maxlen: 24
192.156.217.0/24 maxlen: 24
193.8.1.0/24 maxlen: 24
193.23.245.0/24 maxlen: 24
193.39.245.0/24 maxlen: 24
193.254.234.0/24 maxlen: 24
193.254.235.0/24 maxlen: 24
194.62.30.0/24 maxlen: 24
194.62.66.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
195.158.192.0/24 maxlen: 24
2a0f:e7c4:10::/48 maxlen: 48
2a11:3500::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 23:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:9b:dd:bd:93:e2:be:37:5d:bf:ea:2a:31:a4:69:76
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Oct 20 12:33:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3ebc3353cbdeb29e938d171adea9325b9475a7e0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:65:ac:8c:cf:9a:c4:40:39:ae:07:ac:f0:e3:
f2:66:29:4d:65:8d:ae:d3:f7:cc:85:fc:10:b8:56:
59:97:13:31:30:bd:f0:5d:7e:ea:12:87:12:4b:08:
33:4f:13:2c:7f:15:5c:9a:08:ca:6e:a5:f2:ec:19:
c2:b6:2f:57:ea:e6:f8:db:4a:f4:01:32:e2:aa:a6:
21:30:91:e1:a1:ad:55:a1:48:3c:f9:83:c0:0b:e0:
86:c4:29:bd:a8:b7:45:18:89:71:52:9a:91:0f:35:
60:6d:06:aa:69:dd:72:db:07:54:35:24:0e:ab:38:
3e:85:09:06:1b:fd:e1:7f:30:9a:6f:6a:4a:8c:ef:
7f:82:15:3f:40:1c:1c:c9:e6:5f:10:c3:b2:0a:f2:
c8:12:b1:2a:61:3b:d8:62:f0:b9:6d:e3:33:3f:0c:
d8:81:e4:5d:7e:81:da:9b:8c:f2:22:9f:32:c5:5f:
9c:c0:64:ad:59:4a:a2:13:96:5b:c5:d2:c0:0d:8d:
19:e7:c9:7a:89:e3:6e:19:69:29:59:24:54:0a:d9:
38:c6:34:86:fb:ab:58:b3:ef:34:29:2c:4a:03:e8:
7a:11:81:1c:a8:18:5e:73:22:a2:2d:c6:a0:8a:64:
95:63:15:a8:07:01:c1:eb:0d:1e:1a:22:5b:9e:9b:
b3:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3E:BC:33:53:CB:DE:B2:9E:93:8D:17:1A:DE:A9:32:5B:94:75:A7:E0
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/PrwzU8vesp6TjRca3qkyW5R1p-A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.118.0/24
45.9.120.0/24
45.9.122.0/24
45.86.244.0/24
45.95.97.0/24
45.130.128.0/24
45.134.184.0/24
45.141.176.0/24
45.146.91.0/24
45.146.180.0/24
45.151.104.0/24
45.154.58.0/24
45.154.228.0/24
85.209.130.0/24
185.164.59.0/24
192.156.217.0/24
193.8.1.0/24
193.23.245.0/24
193.39.245.0/24
193.254.234.0/23
194.62.30.0/24
194.62.66.0/24
195.66.26.0/24
195.158.192.0/24
IPv6:
2a0f:e7c4:10::/48
2a11:3500::/29
Signature Algorithm: sha256WithRSAEncryption
c7:63:21:f7:6c:41:87:3d:a0:5e:c8:77:39:17:dc:d8:55:b1:
ee:cc:a6:54:16:8c:c0:8d:3a:ab:f9:9a:0c:b2:d1:96:51:f4:
2f:ea:92:32:33:13:e2:77:f5:7a:1c:e0:50:62:24:16:7e:99:
da:3e:86:34:87:84:ca:cd:25:c6:49:a2:d5:c5:67:b0:03:92:
e8:81:82:a6:7d:ae:6b:5c:f3:03:83:7e:7a:ce:e2:d6:a8:18:
1a:31:d3:e3:16:95:14:f3:b0:4f:16:e4:dc:e8:1f:da:f0:d5:
1b:4e:63:d1:dc:40:f9:f2:93:7f:50:6e:09:f9:14:8a:54:6a:
79:e4:48:09:86:87:59:cb:d1:96:ba:9e:13:37:c1:0c:1c:0b:
96:2b:59:13:6e:5b:a8:18:9f:7f:1d:c9:b4:7a:b9:57:37:a5:
8b:2d:b8:a8:0b:0a:98:2d:29:14:8f:b0:97:c4:5b:18:4a:61:
a2:ab:e3:73:3a:b9:a5:d5:3b:19:dc:fc:11:ae:4b:f1:00:c1:
e6:ab:4a:2c:35:7f:25:96:35:fe:a1:65:b1:5a:8d:66:7f:c1:
ee:7b:5b:4f:11:14:1d:e1:8b:38:17:fa:7b:85:5b:96:68:b9:
80:f4:fa:c4:ba:f6:3a:52:0a:7f:3e:10:e0:6b:a2:9b:77:57:
58:50:79:80
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZoBm929k+K+N12/6ioxpGl2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUxMDIwMTIzMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzZWJjMzM1M2NiZGViMjllOTM4ZDE3MWFkZWE5MzI1Yjk0NzVhN2UwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAomWsjM+axEA5rges8OPyZilNZY2u
0/fMhfwQuFZZlxMxML3wXX7qEocSSwgzTxMsfxVcmgjKbqXy7BnCti9X6ub420r0
ATLiqqYhMJHhoa1VoUg8+YPAC+CGxCm9qLdFGIlxUpqRDzVgbQaqad1y2wdUNSQO
qzg+hQkGG/3hfzCab2pKjO9/ghU/QBwcyeZfEMOyCvLIErEqYTvYYvC5beMzPwzY
geRdfoHam4zyIp8yxV+cwGStWUqiE5ZbxdLADY0Z58l6ieNuGWkpWSRUCtk4xjSG
+6tYs+80KSxKA+h6EYEcqBhecyKiLcagimSVYxWoBwHB6w0eGiJbnpuzMwIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFD68M1PL3rKek40XGt6pMluUdafgMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvUHJ3elU4dmVzcDZUalJjYTNxa3lXNVIxcC1BLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBlwQCAAEwgZADBAAt
CXYDBAAtCXgDBAAtCXoDBAAtVvQDBAAtX2EDBAAtgoADBAAthrgDBAAtjbADBAAt
klsDBAAtkrQDBAAtl2gDBAAtmjoDBAAtmuQDBABV0YIDBAC5pDsDBADAnNkDBADB
CAEDBADBF/UDBADBJ/UDBAHB/uoDBADCPh4DBADCPkIDBADDQhoDBADDnsAwFgQC
AAIwEAMHACoP58QAEAMFAyoRNQAwDQYJKoZIhvcNAQELBQADggEBAMdjIfdsQYc9
oF7IdzkX3NhVse7MplQWjMCNOqv5mgyy0ZZR9C/qkjIzE+J39Xoc4FBiJBZ+mdo+
hjSHhMrNJcZJotXFZ7ADkuiBgqZ9rmtc8wODfnrO4taoGBox0+MWlRTzsE8W5Nzo
H9rw1RtOY9HcQPnyk39Qbgn5FIpUannkSAmGh1nL0Za6nhM3wQwcC5YrWRNuW6gY
n38dybR6uVc3pYstuKgLCpgtKRSPsJfEWxhKYaKr43M6uaXVOxnc/BGuS/EAwear
Siw1fyWWNf6hZbFajWZ/we57W08RFB3hizgX+nuFW5ZouYD0+sS69jpSCn8+EOBr
opt3V1hQeYA=
-----END CERTIFICATE-----
Generated at Wed Oct 22 05:21:48 2025 by rpki-client