Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oxQUVEU_ynNRkIfiNjreUNnepf8.roa
File: oxQUVEU_ynNRkIfiNjreUNnepf8.roa (raw, json)
Hash identifier: g0JQc14b4JcQdabfYO8oditbAd7pp567xINTfPHpUjA=
Subject key identifier: A3:14:14:54:45:3F:CA:73:51:90:87:E2:36:3A:DE:50:D9:DE:A5:FF
Certificate issuer: /CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Certificate serial: 01989DF836BD5E0DA4D439921D74EECB955B
Authority key identifier: B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oxQUVEU_ynNRkIfiNjreUNnepf8.roa
Signing time: Tue 12 Aug 2025 11:09:06 +0000
ROA not before: Tue 12 Aug 2025 11:09:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7489
IP address blocks: 2.56.164.0/22 maxlen: 24
5.182.48.0/24 maxlen: 24
45.81.20.0/22 maxlen: 24
45.90.147.0/24 maxlen: 24
45.140.220.0/22 maxlen: 24
77.83.240.0/22 maxlen: 24
77.83.243.0/24 maxlen: 24
78.108.217.0/24 maxlen: 24
83.143.116.0/24 maxlen: 24
85.202.162.0/24 maxlen: 24
89.190.156.0/22 maxlen: 24
178.218.144.0/22 maxlen: 24
185.186.64.0/22 maxlen: 24
185.227.68.0/22 maxlen: 24
185.227.71.0/24 maxlen: 24
185.234.72.0/22 maxlen: 24
185.242.224.0/22 maxlen: 24
185.242.225.0/24 maxlen: 24
193.31.30.0/24 maxlen: 24
193.34.76.0/22 maxlen: 24
193.34.77.0/24 maxlen: 24
193.221.192.0/22 maxlen: 24
194.50.16.0/22 maxlen: 24
194.56.224.0/22 maxlen: 24
212.107.12.0/22 maxlen: 24
212.107.14.0/24 maxlen: 24
2a0b:b82::/44 maxlen: 44
2a0b:b84::/32 maxlen: 32
2a0b:b85::/32 maxlen: 32
2a0b:b86::/40 maxlen: 48
2a0b:b86:100::/40 maxlen: 48
2a0b:b86:fff0::/44 maxlen: 44
2a0b:b87:ff12::/48 maxlen: 48
2a0b:b87:ffb4::/48 maxlen: 48
2a0b:b87:ffc0::/44 maxlen: 44
2a0b:b87:ffd2::/48 maxlen: 48
2a0b:b87:ffda::/48 maxlen: 48
2a0b:b87:ffec::/48 maxlen: 48
2a0b:b87:fff0::/44 maxlen: 44
2a0b:7080:10::/44 maxlen: 44
2a0b:7080:10::/45 maxlen: 45
2a0b:7080:10::/48 maxlen: 48
2a0b:7080:20::/44 maxlen: 48
2a0b:7080:20::/48 maxlen: 48
2a0b:7080:30::/44 maxlen: 48
2a0b:7086:fff0::/44 maxlen: 44
2a0b:7087:fff0::/44 maxlen: 44
2a0d:77c0::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:9d:f8:36:bd:5e:0d:a4:d4:39:92:1d:74:ee:cb:95:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1a7b0d8de8251d36d7c83faf6bc7efec73b5034
Validity
Not Before: Aug 12 11:09:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a3141454453fca73519087e2363ade50d9dea5ff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:7e:a9:21:3c:d6:0f:3f:c7:96:a1:d7:b7:f7:
1c:04:d5:58:ec:b7:c3:ba:79:56:08:97:11:c2:9a:
9a:c0:87:0b:49:da:43:ef:7b:30:be:5a:d0:9b:72:
2e:0f:63:d8:2c:76:17:a8:98:3d:6d:c5:2e:55:22:
4b:18:18:27:6e:ab:4f:6b:80:a4:d0:c3:e0:a6:62:
f5:a2:bd:99:9d:b8:06:4a:42:c3:2d:fb:37:20:3d:
51:a6:6d:45:a5:39:d2:d1:fe:61:8b:88:fa:2d:6b:
a7:d3:1e:55:2b:b0:20:98:c0:19:d3:21:5b:5c:e3:
59:37:b8:44:e4:c9:52:c1:a6:c2:a7:c0:56:24:8a:
5d:df:fd:e2:ca:21:15:c8:14:58:fe:38:6d:bc:a6:
ca:2c:54:cd:68:15:3a:d4:dc:f9:28:0b:ca:cd:a1:
2c:f2:58:a7:79:d6:ee:3a:c4:db:8a:5b:8c:51:14:
4d:2d:f9:91:5a:39:53:1f:f7:c3:26:26:63:2f:a8:
9b:e3:5e:53:18:82:76:4d:4a:97:03:c5:d3:82:52:
d3:4b:f0:cb:97:4c:90:3a:c8:fb:a9:30:2d:05:40:
e0:59:76:e7:60:ad:26:7a:34:49:66:c9:ac:30:76:
5a:db:2e:80:f4:0d:24:11:89:3e:31:fd:9a:95:0b:
4a:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A3:14:14:54:45:3F:CA:73:51:90:87:E2:36:3A:DE:50:D9:DE:A5:FF
X509v3 Authority Key Identifier:
keyid:B1:A7:B0:D8:DE:82:51:D3:6D:7C:83:FA:F6:BC:7E:FE:C7:3B:50:34
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/saew2N6CUdNtfIP69rx-_sc7UDQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/oxQUVEU_ynNRkIfiNjreUNnepf8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/f134c8-f814-4b71-957b-394acd21f39b/1/saew2N6CUdNtfIP69rx-_sc7UDQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.164.0/22
5.182.48.0/24
45.81.20.0/22
45.90.147.0/24
45.140.220.0/22
77.83.240.0/22
78.108.217.0/24
83.143.116.0/24
85.202.162.0/24
89.190.156.0/22
178.218.144.0/22
185.186.64.0/22
185.227.68.0/22
185.234.72.0/22
185.242.224.0/22
193.31.30.0/24
193.34.76.0/22
193.221.192.0/22
194.50.16.0/22
194.56.224.0/22
212.107.12.0/22
IPv6:
2a0b:b82::/44
2a0b:b84::-2a0b:b86:1ff:ffff:ffff:ffff:ffff:ffff
2a0b:b86:fff0::/44
2a0b:b87:ff12::/48
2a0b:b87:ffb4::/48
2a0b:b87:ffc0::/44
2a0b:b87:ffd2::/48
2a0b:b87:ffda::/48
2a0b:b87:ffec::/48
2a0b:b87:fff0::/44
2a0b:7080:10::-2a0b:7080:3f:ffff:ffff:ffff:ffff:ffff
2a0b:7086:fff0::/44
2a0b:7087:fff0::/44
2a0d:77c0::/29
Signature Algorithm: sha256WithRSAEncryption
1f:b4:7a:0b:36:e3:96:16:88:1d:dc:03:b3:ab:85:75:6b:43:
05:79:ba:6b:4f:57:1f:0c:c2:82:8a:e9:5f:04:3c:01:37:d2:
1c:9c:80:d1:73:52:cd:c1:6c:50:26:a1:8a:08:5d:54:0d:5f:
42:22:15:dd:3d:15:a2:f0:b9:6e:0a:9a:2c:4e:1c:2d:53:d8:
42:89:ff:81:89:15:f3:9f:87:8c:a4:21:f1:dd:7e:95:6f:3e:
0c:70:2c:50:f8:54:6f:5b:3f:ea:97:90:5e:72:ed:35:9b:16:
46:ee:2c:76:d0:6b:c2:4f:a9:1c:05:ec:98:6b:09:3c:5b:9b:
ae:a0:7c:e6:56:d6:bb:bf:0e:e8:b3:3d:d8:2a:c3:ba:54:3c:
1f:82:3d:f1:68:8f:9b:59:4c:f1:43:ff:a8:76:58:d8:46:50:
fa:bf:d1:c8:df:bb:a5:1a:3f:20:cf:32:31:06:51:fe:2e:4a:
47:cf:3e:d4:86:48:41:2f:f6:dc:d4:f4:63:a0:11:24:6a:d9:
e7:d2:ec:51:d6:e2:52:04:8d:bd:c3:5f:73:90:2a:a0:e6:ef:
16:df:95:d3:8b:52:83:f3:86:d0:1a:09:f1:16:fb:44:86:a9:
d1:bb:7c:94:4b:7a:41:ba:56:31:ca:6b:db:63:06:ff:99:e0:
b4:ed:e4:95
-----BEGIN CERTIFICATE-----
MIIGFTCCBP2gAwIBAgISAZid+Da9Xg2k1DmSHXTuy5VbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxYTdiMGQ4ZGU4MjUxZDM2ZDdjODNmYWY2YmM3ZWZlYzcz
YjUwMzQwHhcNMjUwODEyMTEwOTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhMzE0MTQ1NDQ1M2ZjYTczNTE5MDg3ZTIzNjNhZGU1MGQ5ZGVhNWZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArn6pITzWDz/HlqHXt/ccBNVY7LfD
unlWCJcRwpqawIcLSdpD73swvlrQm3IuD2PYLHYXqJg9bcUuVSJLGBgnbqtPa4Ck
0MPgpmL1or2ZnbgGSkLDLfs3ID1Rpm1FpTnS0f5hi4j6LWun0x5VK7AgmMAZ0yFb
XONZN7hE5MlSwabCp8BWJIpd3/3iyiEVyBRY/jhtvKbKLFTNaBU61Nz5KAvKzaEs
8linedbuOsTbiluMURRNLfmRWjlTH/fDJiZjL6ib415TGIJ2TUqXA8XTglLTS/DL
l0yQOsj7qTAtBUDgWXbnYK0mejRJZsmsMHZa2y6A9A0kEYk+Mf2alQtKyQIDAQAB
o4IDITCCAx0wHQYDVR0OBBYEFKMUFFRFP8pzUZCH4jY63lDZ3qX/MB8GA1UdIwQY
MBaAFLGnsNjeglHTbXyD+va8fv7HO1A0MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2It
Mzk0YWNkMjFmMzliLzEvb3hRVVZFVV95bk5Sa0lmaU5qcmVVTm5lcGY4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9mMTM0YzgtZjgxNC00YjcxLTk1N2ItMzk0YWNkMjFmMzli
LzEvc2FldzJONkNVZE50ZklQNjlyeC1fc2M3VURRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBNQYIKwYBBQUHAQcBAf8EggEkMIIBIDCBhAQCAAEwfgME
AgI4pAMEAAW2MAMEAi1RFAMEAC1akwMEAi2M3AMEAk1T8AMEAE5s2QMEAFOPdAME
AFXKogMEAlm+nAMEArLakAMEArm6QAMEArnjRAMEArnqSAMEArny4AMEAMEfHgME
AsEiTAMEAsHdwAMEAsIyEAMEAsI44AMEAtRrDDCBlgQCAAIwgY8DBwQqCwuCAAAw
DwMFAioLC4QDBgEqCwuGAAMHBCoLC4b/8AMHACoLC4f/EgMHACoLC4f/tAMHBCoL
C4f/wAMHACoLC4f/0gMHACoLC4f/2gMHACoLC4f/7AMHBCoLC4f/8DASAwcEKgtw
gAAQAwcGKgtwgAAAAwcEKgtwhv/wAwcEKgtwh//wAwUDKg13wDANBgkqhkiG9w0B
AQsFAAOCAQEAH7R6CzbjlhaIHdwDs6uFdWtDBXm6a09XHwzCgorpXwQ8ATfSHJyA
0XNSzcFsUCahighdVA1fQiIV3T0VovC5bgqaLE4cLVPYQon/gYkV85+HjKQh8d1+
lW8+DHAsUPhUb1s/6peQXnLtNZsWRu4sdtBrwk+pHAXsmGsJPFubrqB85lbWu78O
6LM92CrDulQ8H4I98WiPm1lM8UP/qHZY2EZQ+r/RyN+7pRo/IM8yMQZR/i5KR88+
1IZIQS/23NT0Y6ARJGrZ59LsUdbiUgSNvcNfc5AqoObvFt+V04tSg/OG0BoJ8Rb7
RIap0bt8lEt6QbpWMcpr22MG/5ngtO3klQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:33:01 2025 by rpki-client