Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/W7RrPeqi7zq3Oi_igLU7XJ82huo.roa
File: W7RrPeqi7zq3Oi_igLU7XJ82huo.roa (raw, json)
Hash identifier: v52aXSRIvbSWCBynNf08BiSp6vA3FvJMLtw5LINQI/I=
Subject key identifier: 5B:B4:6B:3D:EA:A2:EF:3A:B7:3A:2F:E2:80:B5:3B:5C:9F:36:86:EA
Certificate issuer: /CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Certificate serial: 0199043B41E928630580E420FA0F35A50938
Authority key identifier: 48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/W7RrPeqi7zq3Oi_igLU7XJ82huo.roa
Signing time: Mon 01 Sep 2025 07:43:36 +0000
ROA not before: Mon 01 Sep 2025 07:43:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48678
IP address blocks: 5.180.105.0/24 maxlen: 24
5.180.106.0/24 maxlen: 24
5.180.107.0/24 maxlen: 24
45.131.0.0/24 maxlen: 24
45.131.1.0/24 maxlen: 24
45.131.2.0/24 maxlen: 24
45.131.3.0/24 maxlen: 24
45.136.4.0/24 maxlen: 24
45.141.148.0/24 maxlen: 24
45.141.149.0/24 maxlen: 24
45.147.44.0/24 maxlen: 24
77.83.200.0/24 maxlen: 24
77.83.201.0/24 maxlen: 24
77.83.202.0/24 maxlen: 24
194.116.228.0/24 maxlen: 24
194.116.236.0/24 maxlen: 24
194.116.237.0/24 maxlen: 24
194.146.36.0/24 maxlen: 24
194.146.47.0/24 maxlen: 24
2a09:8780::/29 maxlen: 29
2a0f:b700::/29 maxlen: 29
2a0f:e900::/29 maxlen: 29
2a0f:eb00::/29 maxlen: 29
2a0f:eb05::/32 maxlen: 32
2a0f:eb07::/32 maxlen: 32
2a0f:ed00::/29 maxlen: 29
2a0f:ed03::/32 maxlen: 32
2a0f:f900::/29 maxlen: 29
2a13:a440:7::/48 maxlen: 48
2a13:a441::/32 maxlen: 32
2a13:a445::/32 maxlen: 32
2a13:a447::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.mft
rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 15:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:04:3b:41:e9:28:63:05:80:e4:20:fa:0f:35:a5:09:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4805f17c2d7133d2dad3a8df7e35315e37ef5daf
Validity
Not Before: Sep 1 07:43:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5bb46b3deaa2ef3ab73a2fe280b53b5c9f3686ea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:62:87:a9:f6:9d:38:ee:bb:bc:9b:a8:31:1e:
f4:cf:9e:cf:4f:a2:88:30:fc:6a:27:29:42:16:73:
53:b2:dc:94:1d:22:8f:f4:8a:10:ee:b7:32:41:7a:
01:23:fd:9d:da:68:13:78:1c:bc:af:98:f7:fb:9c:
f6:ef:63:8e:5e:97:32:5d:cd:6f:4a:52:22:fa:5d:
c0:5e:85:75:26:42:c7:8b:1f:72:af:f1:43:e5:5d:
f1:58:74:75:72:8d:9e:e3:6d:27:03:57:53:33:d3:
4b:08:48:83:98:27:e4:5e:39:66:db:03:68:db:04:
19:64:12:7c:56:74:3e:62:59:48:a8:a4:d6:57:50:
b4:12:6c:8f:a0:bc:4e:81:2f:2a:07:4a:dc:f6:31:
a3:c4:df:2c:44:ad:28:a8:4f:22:ca:1c:1b:2b:02:
5f:1b:b2:11:6e:f3:85:4e:6d:02:0e:db:ec:7e:56:
61:cd:bc:6d:4e:0c:18:e7:fa:a3:1c:ee:b0:4b:8c:
99:ef:97:ec:49:a6:b5:f6:3b:17:f6:a3:c4:7b:e4:
78:a2:c9:1b:5e:63:7c:04:11:86:59:ac:fa:84:50:
6f:5d:1e:c5:dd:e8:c6:33:a5:54:e8:a2:2d:f6:db:
5c:a2:dd:0e:1a:4d:f9:52:d3:2b:3d:5e:6f:67:f0:
88:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
5B:B4:6B:3D:EA:A2:EF:3A:B7:3A:2F:E2:80:B5:3B:5C:9F:36:86:EA
X509v3 Authority Key Identifier:
keyid:48:05:F1:7C:2D:71:33:D2:DA:D3:A8:DF:7E:35:31:5E:37:EF:5D:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/SAXxfC1xM9La06jffjUxXjfvXa8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/W7RrPeqi7zq3Oi_igLU7XJ82huo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/db/8e07dd-4fe5-4820-bcbe-5dd6e22ebab0/1/SAXxfC1xM9La06jffjUxXjfvXa8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.105.0-5.180.107.255
45.131.0.0/22
45.136.4.0/24
45.141.148.0/23
45.147.44.0/24
77.83.200.0-77.83.202.255
194.116.228.0/24
194.116.236.0/23
194.146.36.0/24
194.146.47.0/24
IPv6:
2a09:8780::/29
2a0f:b700::/29
2a0f:e900::/29
2a0f:eb00::/29
2a0f:ed00::/29
2a0f:f900::/29
2a13:a440:7::/48
2a13:a441::/32
2a13:a445::/32
2a13:a447::/32
Signature Algorithm: sha256WithRSAEncryption
23:1f:5b:e4:b5:37:30:1a:06:27:df:0e:c2:93:ad:2b:7a:62:
fb:fe:29:d4:98:c1:c9:86:0c:36:87:33:87:09:5c:ac:e4:11:
60:20:dd:b2:1a:99:48:f1:3d:7c:9c:3e:55:4d:78:7b:fe:12:
07:34:84:0c:1b:a6:0a:47:a2:21:23:a0:6d:99:f7:4c:38:97:
5e:9a:70:bb:b6:7f:c1:e6:1a:89:a9:2a:73:58:cf:93:10:93:
31:bf:5e:cf:e3:d9:5d:0f:65:66:5b:37:d3:6e:d2:f2:f0:73:
1b:46:31:4d:80:d3:b1:55:32:4b:33:01:88:25:27:d1:59:ac:
41:42:08:96:da:b3:ff:e7:df:75:dd:d2:c6:be:b0:e4:5b:e7:
d6:73:22:72:b0:20:2a:7d:53:a1:c1:af:0c:0f:24:e9:8b:16:
0b:9d:ed:1a:c9:25:d0:d7:58:52:61:71:71:4e:af:3f:9e:5f:
7c:02:dd:10:0e:5e:c1:43:8b:65:4e:1e:20:5e:17:a6:54:1a:
ad:a4:8b:34:36:c3:d8:6e:ac:75:fa:d1:08:e5:7f:32:a1:3f:
98:2f:ae:29:67:03:82:1b:c9:1c:41:41:03:26:43:64:e7:1f:
86:79:b0:ec:f2:ad:f9:c1:78:b5:d5:a9:d7:e3:cc:bd:f2:31:
80:ea:94:1b
-----BEGIN CERTIFICATE-----
MIIFljCCBH6gAwIBAgISAZkEO0HpKGMFgOQg+g81pQk4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ4MDVmMTdjMmQ3MTMzZDJkYWQzYThkZjdlMzUzMTVlMzdl
ZjVkYWYwHhcNMjUwOTAxMDc0MzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1YmI0NmIzZGVhYTJlZjNhYjczYTJmZTI4MGI1M2I1YzlmMzY4NmVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2KHqfadOO67vJuoMR70z57PT6KI
MPxqJylCFnNTstyUHSKP9IoQ7rcyQXoBI/2d2mgTeBy8r5j3+5z272OOXpcyXc1v
SlIi+l3AXoV1JkLHix9yr/FD5V3xWHR1co2e420nA1dTM9NLCEiDmCfkXjlm2wNo
2wQZZBJ8VnQ+YllIqKTWV1C0EmyPoLxOgS8qB0rc9jGjxN8sRK0oqE8iyhwbKwJf
G7IRbvOFTm0CDtvsflZhzbxtTgwY5/qjHO6wS4yZ75fsSaa19jsX9qPEe+R4oskb
XmN8BBGGWaz6hFBvXR7F3ejGM6VU6KIt9ttcot0OGk35UtMrPV5vZ/CI9wIDAQAB
o4ICojCCAp4wHQYDVR0OBBYEFFu0az3qou86tzov4oC1O1yfNobqMB8GA1UdIwQY
MBaAFEgF8XwtcTPS2tOo3341MV43712vMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUt
NWRkNmUyMmViYWIwLzEvVzdSclBlcWk3enEzT2lfaWdMVTdYSjgyaHVvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kYi84ZTA3ZGQtNGZlNS00ODIwLWJjYmUtNWRkNmUyMmViYWIw
LzEvU0FYeGZDMXhNOUxhMDZqZmZqVXhYamZ2WGE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG3BggrBgEFBQcBBwEB/wSBpzCBpDBSBAIAATBMMAwDBAAF
tGkDBAIFtGgDBAItgwADBAAtiAQDBAEtjZQDBAAtkywwDAMEA01TyAMEAE1TygME
AMJ05AMEAcJ07AMEAMKSJAMEAMKSLzBOBAIAAjBIAwUDKgmHgAMFAyoPtwADBQMq
D+kAAwUDKg/rAAMFAyoP7QADBQMqD/kAAwcAKhOkQAAHAwUAKhOkQQMFACoTpEUD
BQAqE6RHMA0GCSqGSIb3DQEBCwUAA4IBAQAjH1vktTcwGgYn3w7Ck60remL7/inU
mMHJhgw2hzOHCVys5BFgIN2yGplI8T18nD5VTXh7/hIHNIQMG6YKR6IhI6BtmfdM
OJdemnC7tn/B5hqJqSpzWM+TEJMxv17P49ldD2VmWzfTbtLy8HMbRjFNgNOxVTJL
MwGIJSfRWaxBQgiW2rP/59913dLGvrDkW+fWcyJysCAqfVOhwa8MDyTpixYLne0a
ySXQ11hSYXFxTq8/nl98At0QDl7BQ4tlTh4gXhemVBqtpIs0NsPYbqx1+tEI5X8y
oT+YL64pZwOCG8kcQUEDJkNk5x+GebDs8q35wXi11anX48y98jGA6pQb
-----END CERTIFICATE-----
Generated at Sat Sep 6 00:29:56 2025 by rpki-client