Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/wQdFdfp3G1swGYFbilJrnZoxRKo.roa
File: wQdFdfp3G1swGYFbilJrnZoxRKo.roa (raw, json)
Hash identifier: xVAwomcooIF9fy/NZrsElw+YNWtgvPGIe9sFNZoDTck=
Subject key identifier: C1:07:45:75:FA:77:1B:5B:30:19:81:5B:8A:52:6B:9D:9A:31:44:AA
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0195FB4EA47EC6FD7FE3FC2587626EBE4B83
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/wQdFdfp3G1swGYFbilJrnZoxRKo.roa
Signing time: Thu 03 Apr 2025 10:59:49 +0000
ROA not before: Thu 03 Apr 2025 10:59:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30633
IP address blocks: 45.86.247.0/24 maxlen: 24
45.129.127.0/24 maxlen: 24
45.135.37.0/24 maxlen: 24
80.253.250.0/24 maxlen: 24
103.139.50.0/24 maxlen: 24
193.27.21.0/24 maxlen: 24
193.27.23.0/24 maxlen: 24
193.164.199.0/24 maxlen: 24
2a06:1184:33::/48 maxlen: 48
2a06:5280::/29 maxlen: 29
2a0a:2d06:33::/48 maxlen: 48
2a0c:7886:33::/48 maxlen: 48
2a0e:1a80:2541::/48 maxlen: 48
2a0e:c780::/32 maxlen: 32
2a0e:f201:1::/48 maxlen: 48
2a0f:1e00:123::/48 maxlen: 48
2a0f:1e00:456::/48 maxlen: 48
2a0f:1e00:987::/48 maxlen: 48
2a0f:1e00:abc::/48 maxlen: 48
2a0f:1e00:def9::/48 maxlen: 48
2a0f:1e01:1::/48 maxlen: 48
2a0f:1e81:2::/48 maxlen: 48
2a0f:1e81:1293::/48 maxlen: 48
2a0f:1e81:4319::/48 maxlen: 48
2a0f:1e81:92e8::/48 maxlen: 48
2a0f:1e81:a3d0::/48 maxlen: 48
2a0f:1e81:cdae::/48 maxlen: 48
2a0f:2e80::/29 maxlen: 29
2a0f:3d84::/32 maxlen: 32
2a0f:7d02:1::/48 maxlen: 48
2a0f:e1c6::/32 maxlen: 32
2a10:6d40::/29 maxlen: 29
2a11:fd80::/29 maxlen: 29
2a12:ac40::/32 maxlen: 32
2a12:ac41::/32 maxlen: 32
2a12:ecc4:2213::/48 maxlen: 48
2a12:f540::/29 maxlen: 29
2a13:18c0:1::/48 maxlen: 48
2a13:9280::/32 maxlen: 32
2a13:9380::/29 maxlen: 29
2a13:df00::/29 maxlen: 29
2a13:e101:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Apr 2025 13:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:95:fb:4e:a4:7e:c6:fd:7f:e3:fc:25:87:62:6e:be:4b:83
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Apr 3 10:59:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c1074575fa771b5b3019815b8a526b9d9a3144aa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:39:3e:70:f1:5b:3e:9b:3d:1e:99:2d:31:b4:
a1:cd:41:01:16:93:f8:1b:93:19:21:8e:b4:c3:37:
81:dd:9c:b3:d2:34:6c:aa:a4:35:81:ab:40:04:90:
97:6f:a1:6f:9a:0d:a5:82:b5:0c:83:a8:8e:1d:66:
1a:d5:19:19:d8:75:94:84:39:0e:de:58:9a:5d:79:
6f:46:df:ba:71:2b:99:da:1c:e8:39:5b:c5:4e:a6:
a4:32:d7:ac:0c:42:f0:4d:61:3f:8d:46:4a:6f:c6:
f9:1e:ea:9b:8b:cf:52:ed:b3:2c:3e:9e:82:c7:5f:
84:4c:91:59:8e:cf:29:af:5d:04:20:bd:e8:73:d3:
c8:80:ec:d0:a3:2b:44:8e:b1:19:17:58:bf:13:f9:
b1:23:49:f6:9b:36:9d:da:7b:48:57:06:ae:ff:2a:
f1:79:84:74:11:8d:d5:2b:f2:d6:68:31:d4:89:ab:
47:3e:0c:52:cc:fc:3d:1a:3a:fa:13:20:9a:b6:e9:
e7:33:64:1a:a5:a7:f1:b9:6a:e6:9d:84:54:37:53:
84:30:c9:ce:02:c2:20:02:7e:cc:77:34:49:2f:2b:
a5:bc:1b:93:2f:51:7f:fe:11:84:d1:2d:2f:2f:42:
74:67:f3:fe:15:be:a1:bd:95:93:f6:77:a2:54:bd:
a5:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C1:07:45:75:FA:77:1B:5B:30:19:81:5B:8A:52:6B:9D:9A:31:44:AA
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/wQdFdfp3G1swGYFbilJrnZoxRKo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.247.0/24
45.129.127.0/24
45.135.37.0/24
80.253.250.0/24
103.139.50.0/24
193.27.21.0/24
193.27.23.0/24
193.164.199.0/24
IPv6:
2a06:1184:33::/48
2a06:5280::/29
2a0a:2d06:33::/48
2a0c:7886:33::/48
2a0e:1a80:2541::/48
2a0e:c780::/32
2a0e:f201:1::/48
2a0f:1e00:123::/48
2a0f:1e00:456::/48
2a0f:1e00:987::/48
2a0f:1e00:abc::/48
2a0f:1e00:def9::/48
2a0f:1e01:1::/48
2a0f:1e81:2::/48
2a0f:1e81:1293::/48
2a0f:1e81:4319::/48
2a0f:1e81:92e8::/48
2a0f:1e81:a3d0::/48
2a0f:1e81:cdae::/48
2a0f:2e80::/29
2a0f:3d84::/32
2a0f:7d02:1::/48
2a0f:e1c6::/32
2a10:6d40::/29
2a11:fd80::/29
2a12:ac40::/31
2a12:ecc4:2213::/48
2a12:f540::/29
2a13:18c0:1::/48
2a13:9280::/32
2a13:9380::/29
2a13:df00::/29
2a13:e101:2::/48
Signature Algorithm: sha256WithRSAEncryption
af:b1:a6:de:f7:50:c6:89:7b:8d:e2:37:c9:16:15:25:d6:ba:
df:23:26:30:d7:0f:9c:b8:7a:f0:c9:ee:9a:de:9f:a1:8f:ef:
a3:72:af:23:ac:03:8b:f5:d0:8f:4c:a3:4c:28:bc:10:de:8f:
d6:53:05:fc:47:00:cf:10:07:4a:37:86:59:c7:24:3a:2b:6c:
b9:ad:3a:a5:e4:95:06:8d:4c:25:91:7c:75:65:65:8c:8e:20:
5b:b6:bc:4f:f5:52:2b:9b:8a:b5:5d:f8:cb:b5:ac:ca:84:c9:
f0:19:bb:3d:db:5d:94:9a:43:de:18:29:f0:27:9c:4a:8e:9b:
6e:1e:a9:a1:f8:0f:9b:27:b1:df:40:c5:d8:ed:c1:7a:de:75:
96:0a:70:7f:a3:26:3e:0a:e2:54:8a:40:a4:4d:3e:4a:0c:a6:
6f:c5:1e:e0:a3:69:3a:31:be:6e:ae:3a:d5:b5:a8:3a:df:e2:
98:5f:0e:01:67:ae:b4:97:9a:99:ee:15:3c:3f:c7:31:57:13:
81:dd:01:5c:19:97:be:8d:fd:cb:2b:1d:05:78:ea:b1:c4:ac:
d7:91:b5:b1:9e:e5:79:12:c4:78:ea:dd:4b:2c:a4:d0:f4:3a:
7a:d4:8f:17:f0:6b:03:02:c2:8c:65:fb:93:bb:b8:a3:19:80:
75:1c:ae:ec
-----BEGIN CERTIFICATE-----
MIIGSjCCBTKgAwIBAgISAZX7TqR+xv1/4/wlh2JuvkuDMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNDAzMTA1OTQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMTA3NDU3NWZhNzcxYjViMzAxOTgxNWI4YTUyNmI5ZDlhMzE0NGFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzk+cPFbPps9HpktMbShzUEBFpP4
G5MZIY60wzeB3Zyz0jRsqqQ1gatABJCXb6Fvmg2lgrUMg6iOHWYa1RkZ2HWUhDkO
3liaXXlvRt+6cSuZ2hzoOVvFTqakMtesDELwTWE/jUZKb8b5Huqbi89S7bMsPp6C
x1+ETJFZjs8pr10EIL3oc9PIgOzQoytEjrEZF1i/E/mxI0n2mzad2ntIVwau/yrx
eYR0EY3VK/LWaDHUiatHPgxSzPw9Gjr6EyCatunnM2QapafxuWrmnYRUN1OEMMnO
AsIgAn7MdzRJLyulvBuTL1F//hGE0S0vL0J0Z/P+Fb6hvZWT9neiVL2lUwIDAQAB
o4IDVjCCA1IwHQYDVR0OBBYEFMEHRXX6dxtbMBmBW4pSa52aMUSqMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvd1FkRmRmcDNHMXN3R1lGYmlsSnJuWm94UktvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBagYIKwYBBQUHAQcBAf8EggFZMIIBVTA2BAIAATAwAwQA
LVb3AwQALYF/AwQALYclAwQAUP36AwQAZ4syAwQAwRsVAwQAwRsXAwQAwaTHMIIB
GQQCAAIwggERAwcAKgYRhAAzAwUDKgZSgAMHACoKLQYAMwMHACoMeIYAMwMHACoO
GoAlQQMFACoOx4ADBwAqDvIBAAEDBwAqDx4AASMDBwAqDx4ABFYDBwAqDx4ACYcD
BwAqDx4ACrwDBwAqDx4A3vkDBwAqDx4BAAEDBwAqDx6BAAIDBwAqDx6BEpMDBwAq
Dx6BQxkDBwAqDx6BkugDBwAqDx6Bo9ADBwAqDx6Bza4DBQMqDy6AAwUAKg89hAMH
ACoPfQIAAQMFACoP4cYDBQMqEG1AAwUDKhH9gAMFASoSrEADBwAqEuzEIhMDBQMq
EvVAAwcAKhMYwAABAwUAKhOSgAMFAyoTk4ADBQMqE98AAwcAKhPhAQACMA0GCSqG
SIb3DQEBCwUAA4IBAQCvsabe91DGiXuN4jfJFhUl1rrfIyYw1w+cuHrwye6a3p+h
j++jcq8jrAOL9dCPTKNMKLwQ3o/WUwX8RwDPEAdKN4ZZxyQ6K2y5rTql5JUGjUwl
kXx1ZWWMjiBbtrxP9VIrm4q1XfjLtazKhMnwGbs9212UmkPeGCnwJ5xKjptuHqmh
+A+bJ7HfQMXY7cF63nWWCnB/oyY+CuJUikCkTT5KDKZvxR7go2k6Mb5urjrVtag6
3+KYXw4BZ660l5qZ7hU8P8cxVxOB3QFcGZe+jf3LKx0FeOqxxKzXkbWxnuV5EsR4
6t1LLKTQ9Dp61I8X8GsDAsKMZfuTu7ijGYB1HK7s
-----END CERTIFICATE-----
Generated at Sat Apr 5 19:06:39 2025 by rpki-client