Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/ypGsSdhwUPXWu7n8WEI-5JJ11R0.roa
File: ypGsSdhwUPXWu7n8WEI-5JJ11R0.roa (raw, json)
Hash identifier: jJPrgo1Ck75SNnAuqJfOWcq15mWkd6Gj36byuNxQVnk=
Subject key identifier: CA:91:AC:49:D8:70:50:F5:D6:BB:B9:FC:58:42:3E:E4:92:75:D5:1D
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 0197885C5AD2B5150E7BAB5593CACC7E2DCC
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/ypGsSdhwUPXWu7n8WEI-5JJ11R0.roa
Signing time: Thu 19 Jun 2025 13:24:03 +0000
ROA not before: Thu 19 Jun 2025 13:24:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44092
IP address blocks: 45.145.200.0/22 maxlen: 22
45.145.200.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
85.208.200.0/22 maxlen: 22
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
178.23.8.0/21 maxlen: 24
178.210.232.0/21 maxlen: 24
185.56.156.0/22 maxlen: 24
185.71.244.0/22 maxlen: 24
185.71.244.0/24 maxlen: 24
185.71.246.0/24 maxlen: 24
185.171.232.0/22 maxlen: 22
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.178.252.0/22 maxlen: 24
185.191.104.0/22 maxlen: 22
185.191.104.0/24 maxlen: 24
185.191.105.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
185.215.144.0/22 maxlen: 22
185.215.144.0/24 maxlen: 24
185.215.145.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.219.116.0/22 maxlen: 22
185.219.116.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
185.236.48.0/23 maxlen: 23
185.248.227.0/24 maxlen: 24
185.255.29.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
212.28.168.0/21 maxlen: 21
217.28.64.0/22 maxlen: 22
217.28.64.0/24 maxlen: 24
217.28.65.0/24 maxlen: 24
217.28.66.0/24 maxlen: 24
217.28.67.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a05:3680::/29 maxlen: 29
2a0b:7b80::/29 maxlen: 29
2a0f:de80::/29 maxlen: 29
2a13:56c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:88:5c:5a:d2:b5:15:0e:7b:ab:55:93:ca:cc:7e:2d:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Jun 19 13:24:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ca91ac49d87050f5d6bbb9fc58423ee49275d51d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8c:d1:71:98:72:26:09:b5:90:93:ef:c8:8c:0a:
0e:7f:96:09:45:66:0a:06:25:ea:40:12:94:32:0d:
31:4b:82:d3:4e:46:6f:8a:65:e3:97:e1:ba:2e:8c:
eb:6c:04:6e:d8:da:ab:c2:96:df:18:b7:4d:5b:a8:
c7:5d:9d:a7:6b:f6:2e:b3:97:6b:a6:27:4a:d1:11:
7c:c7:93:46:4c:56:66:03:1d:b3:1c:b6:40:af:91:
11:62:74:2b:8f:06:59:c2:9d:ef:e2:13:95:33:15:
42:3b:d9:6d:27:83:58:1e:11:68:b7:99:f2:0a:b4:
e0:8f:5e:19:01:93:20:42:36:8f:08:c7:76:ce:5a:
8e:14:7b:18:38:94:fa:32:6f:37:31:ca:1c:f4:32:
c1:3f:7b:39:9e:fc:15:fc:61:0e:76:52:3c:21:a9:
a8:97:21:87:a2:c1:d6:6e:e6:59:90:42:e4:bb:c6:
61:65:d6:16:96:7f:63:0e:0a:25:95:8b:a2:5f:e3:
8f:41:1d:32:87:5c:f4:46:9a:34:5a:9a:4f:09:49:
5d:9c:b0:8f:92:c4:15:99:51:30:1b:04:9e:d8:91:
a7:d1:9d:93:bb:21:1e:80:ad:42:a0:d4:4b:f3:26:
8d:05:86:24:ad:81:ce:af:e3:ef:24:35:8a:e6:57:
c3:49
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CA:91:AC:49:D8:70:50:F5:D6:BB:B9:FC:58:42:3E:E4:92:75:D5:1D
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/ypGsSdhwUPXWu7n8WEI-5JJ11R0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.200.0/22
77.242.128.0/20
85.208.200.0/22
89.37.70.0/23
178.23.8.0/21
178.210.232.0/21
185.56.156.0/22
185.71.244.0/22
185.171.232.0/22
185.178.252.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.236.48.0/23
185.248.227.0/24
185.255.29.0/24
188.191.56.0/22
212.28.168.0/21
217.28.64.0/22
IPv6:
2a02:53e0::/32
2a05:3680::/29
2a0b:7b80::/29
2a0f:de80::/29
2a13:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
86:84:c6:d5:27:e8:2f:5b:68:f9:0f:dd:14:5c:25:68:c4:0c:
f1:fb:68:fb:31:f9:c4:92:4e:3e:46:7b:10:fb:88:51:ae:7b:
34:a2:98:32:28:f0:49:de:ae:7d:1a:ee:a7:f3:0d:9c:3c:66:
6a:8b:b2:7c:68:5f:cb:4f:f5:09:02:af:43:10:57:f5:32:21:
b5:92:0d:30:34:98:f8:5e:b0:f8:bd:dd:58:0a:5d:fa:58:08:
83:07:2a:17:5c:3a:2b:ea:1d:0a:95:8b:73:de:b4:09:7f:e8:
f5:a6:44:18:82:77:ac:c3:c4:6a:a5:fe:a4:4f:2a:0c:b7:8e:
6a:c2:66:7d:13:ec:40:c3:5a:27:dd:16:58:85:59:ac:44:b4:
f2:77:ac:33:9d:5b:b5:46:7e:20:59:a0:9a:cd:89:aa:43:f2:
c3:68:3b:b4:f7:6b:f4:e5:bb:78:e0:b2:8d:98:60:01:4a:87:
5b:1e:23:26:3e:20:07:92:5b:dd:f3:fe:b2:d8:18:ec:07:7f:
fc:52:5e:da:c6:16:37:6e:ea:08:79:f8:f9:c7:43:c7:c4:cf:
8c:d1:5c:33:02:f0:a4:0d:02:be:5e:94:96:f9:2e:1f:49:94:
96:11:a1:e1:58:cf:f3:06:22:22:0f:ec:26:d3:54:f3:76:c2:
5b:5e:49:3e
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZeIXFrStRUOe6tVk8rMfi3MMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjUwNjE5MTMyNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYTkxYWM0OWQ4NzA1MGY1ZDZiYmI5ZmM1ODQyM2VlNDkyNzVkNTFkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjNFxmHImCbWQk+/IjAoOf5YJRWYK
BiXqQBKUMg0xS4LTTkZvimXjl+G6LozrbARu2NqrwpbfGLdNW6jHXZ2na/Yus5dr
pidK0RF8x5NGTFZmAx2zHLZAr5ERYnQrjwZZwp3v4hOVMxVCO9ltJ4NYHhFot5ny
CrTgj14ZAZMgQjaPCMd2zlqOFHsYOJT6Mm83Mcoc9DLBP3s5nvwV/GEOdlI8Iamo
lyGHosHWbuZZkELku8ZhZdYWln9jDgollYuiX+OPQR0yh1z0Rpo0WppPCUldnLCP
ksQVmVEwGwSe2JGn0Z2TuyEegK1CoNRL8yaNBYYkrYHOr+PvJDWK5lfDSQIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFMqRrEnYcFD11ru5/FhCPuSSddUdMB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEveXBHc1NkaHdVUFhXdTduOFdFSS01SkoxMVIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTB4BAIAATByAwQCLZHI
AwQETfKAAwQCVdDIAwQBWSVGAwQDshcIAwQDstLoAwQCuTicAwQCuUf0AwQCuavo
AwQCubL8AwQCub9oAwQCudeQAwQCudt0AwQBuewwAwQAufjjAwQAuf8dAwQCvL84
AwQD1ByoAwQC2RxAMCkEAgACMCMDBQAqAlPgAwUDKgU2gAMFAyoLe4ADBQMqD96A
AwUDKhNWwDANBgkqhkiG9w0BAQsFAAOCAQEAhoTG1SfoL1to+Q/dFFwlaMQM8fto
+zH5xJJOPkZ7EPuIUa57NKKYMijwSd6ufRrup/MNnDxmaouyfGhfy0/1CQKvQxBX
9TIhtZINMDSY+F6w+L3dWApd+lgIgwcqF1w6K+odCpWLc960CX/o9aZEGIJ3rMPE
aqX+pE8qDLeOasJmfRPsQMNaJ90WWIVZrES08nesM51btUZ+IFmgms2JqkPyw2g7
tPdr9OW7eOCyjZhgAUqHWx4jJj4gB5Jb3fP+stgY7Ad//FJe2sYWN27qCHn4+cdD
x8TPjNFcMwLwpA0Cvl6UlvkuH0mUlhGh4VjP8wYiIg/sJtNU83bCW15JPg==
-----END CERTIFICATE-----
Generated at Tue Jul 1 15:03:26 2025 by rpki-client