Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/vtod0X9q1UxXYWyU0iJvMZK0FuU.roa
File: vtod0X9q1UxXYWyU0iJvMZK0FuU.roa (raw, json)
Hash identifier: hazDQDv/KGyD5MQE7kb1mVj2PkHFae3QD7YWTocQdWk=
Subject key identifier: BE:DA:1D:D1:7F:6A:D5:4C:57:61:6C:94:D2:22:6F:31:92:B4:16:E5
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 0198C1664E391F55F27E5D477113EFF71641
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/vtod0X9q1UxXYWyU0iJvMZK0FuU.roa
Signing time: Tue 19 Aug 2025 08:16:04 +0000
ROA not before: Tue 19 Aug 2025 08:16:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47952
IP address blocks: 45.136.106.0/24 maxlen: 24
45.139.220.0/24 maxlen: 24
45.139.221.0/24 maxlen: 24
45.139.223.0/24 maxlen: 24
45.145.21.0/24 maxlen: 24
45.145.22.0/24 maxlen: 24
45.145.23.0/24 maxlen: 24
81.200.140.0/24 maxlen: 24
81.200.141.0/24 maxlen: 24
81.200.142.0/24 maxlen: 24
81.200.143.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0:2::/48 maxlen: 48
2a0a:c4c0:3::/48 maxlen: 48
2a0a:c4c0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 11:02:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:66:4e:39:1f:55:f2:7e:5d:47:71:13:ef:f7:16:41
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Aug 19 08:16:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=beda1dd17f6ad54c57616c94d2226f3192b416e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:46:e7:84:6d:df:82:da:8a:15:ed:d7:08:53:
67:72:77:07:cf:e0:cc:70:b9:2c:f3:4e:93:7c:3a:
99:44:3a:16:05:ac:97:6c:7e:1e:7b:c2:81:42:dc:
76:55:33:0c:bf:0c:6c:f4:8f:57:ca:5d:45:a1:f7:
0a:06:90:05:8b:1a:47:5f:74:a2:5f:98:8f:cf:35:
41:af:ff:e4:63:21:4d:a0:08:a1:90:6f:a7:a8:c5:
33:1a:7f:09:ac:9a:4c:4a:e2:d4:18:bc:97:f3:90:
78:74:4f:ac:19:81:6a:c3:df:c0:49:f5:6e:fa:ce:
29:24:eb:0d:aa:f8:34:1c:be:8f:83:4d:69:d5:c1:
76:13:25:a7:50:22:43:52:7b:26:06:00:b0:a1:80:
7a:cb:7f:7c:e6:fa:7f:65:f8:a9:cf:28:53:6b:f7:
e1:6f:49:04:c8:dc:c2:d5:fc:b1:5b:af:eb:7c:be:
35:5a:f2:10:4b:ea:22:0e:88:b5:3c:e2:8a:64:59:
5d:0b:3f:0d:4f:79:ae:2c:aa:d5:e5:46:d0:0a:8d:
2a:15:9d:77:00:f6:35:4e:67:56:9e:81:97:bc:ac:
c8:18:29:d1:6f:26:fb:bb:07:a5:95:88:44:13:b7:
39:f9:08:de:80:d2:24:9c:43:c1:55:4b:31:2c:a2:
5f:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:DA:1D:D1:7F:6A:D5:4C:57:61:6C:94:D2:22:6F:31:92:B4:16:E5
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/vtod0X9q1UxXYWyU0iJvMZK0FuU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.106.0/24
45.139.220.0/23
45.139.223.0/24
45.145.21.0-45.145.23.255
81.200.140.0/22
91.194.52.0/24
91.194.54.0/24
185.82.220.0/22
185.126.177.0-185.126.179.255
185.201.212.0/22
IPv6:
2a0a:c4c0::/46
2a0a:c4c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
5c:ce:68:98:b1:a7:36:51:2d:63:4d:41:ea:1d:b9:d9:a2:6a:
e8:2b:e2:0f:7b:4b:eb:74:25:dd:66:48:95:99:32:25:36:f2:
71:81:b7:ef:7a:c0:bb:7f:60:7e:72:35:1a:71:46:73:57:58:
3d:f9:d7:4f:db:fd:58:8b:89:7c:3e:49:bf:dd:f8:53:b4:5e:
5a:11:f0:25:ea:b9:5b:79:59:62:e7:2a:7b:5d:ac:4d:96:63:
a8:5c:e3:26:a5:a6:6a:cb:9d:21:05:3c:eb:81:70:fb:6f:d7:
81:0f:3e:e1:3e:b6:da:a2:73:ad:cc:ba:93:f6:3e:05:d8:05:
9e:0b:c8:b4:f0:08:a9:12:c8:23:a4:ca:a0:04:aa:da:f6:2a:
89:7a:f2:f9:cd:a4:6c:30:21:28:52:a0:ea:55:5d:2c:0e:74:
97:52:d0:6e:fa:b5:3c:6a:82:cd:8d:1b:b1:62:36:51:33:b7:
31:ac:24:70:78:e1:17:f7:55:07:ac:44:25:21:3b:87:83:96:
42:a3:ba:ae:34:cb:8a:b1:48:a4:ed:23:0a:16:27:47:44:b9:
77:20:0f:2e:de:be:e4:fe:30:39:25:26:b4:90:59:e0:4c:92:
e5:55:2a:87:83:d0:93:27:91:9d:19:b9:dd:b3:33:45:bc:6b:
96:39:7b:1b
-----BEGIN CERTIFICATE-----
MIIFXTCCBEWgAwIBAgISAZjBZk45H1Xyfl1HcRPv9xZBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjUwODE5MDgxNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZWRhMWRkMTdmNmFkNTRjNTc2MTZjOTRkMjIyNmYzMTkyYjQxNmU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn0bnhG3fgtqKFe3XCFNncncHz+DM
cLks806TfDqZRDoWBayXbH4ee8KBQtx2VTMMvwxs9I9Xyl1FofcKBpAFixpHX3Si
X5iPzzVBr//kYyFNoAihkG+nqMUzGn8JrJpMSuLUGLyX85B4dE+sGYFqw9/ASfVu
+s4pJOsNqvg0HL6Pg01p1cF2EyWnUCJDUnsmBgCwoYB6y3985vp/ZfipzyhTa/fh
b0kEyNzC1fyxW6/rfL41WvIQS+oiDoi1POKKZFldCz8NT3muLKrV5UbQCo0qFZ13
APY1TmdWnoGXvKzIGCnRbyb7uwellYhEE7c5+QjegNIknEPBVUsxLKJf2QIDAQAB
o4ICaTCCAmUwHQYDVR0OBBYEFL7aHdF/atVMV2FslNIibzGStBblMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvdnRvZDBYOXExVXhYWVd5VTBpSnZNWkswRnVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMH8GCCsGAQUFBwEHAQH/BHAwbjBSBAIAATBMAwQALYhqAwQB
LYvcAwQALYvfMAwDBAAtkRUDBAMtkRADBAJRyIwDBABbwjQDBABbwjYDBAK5Utww
DAMEALl+sQMEArl+sAMEArnJ1DAYBAIAAjASAwcCKgrEwAAAAwcAKgrEwAEAMA0G
CSqGSIb3DQEBCwUAA4IBAQBczmiYsac2US1jTUHqHbnZomroK+IPe0vrdCXdZkiV
mTIlNvJxgbfvesC7f2B+cjUacUZzV1g9+ddP2/1Yi4l8Pkm/3fhTtF5aEfAl6rlb
eVli5yp7XaxNlmOoXOMmpaZqy50hBTzrgXD7b9eBDz7hPrbaonOtzLqT9j4F2AWe
C8i08AipEsgjpMqgBKra9iqJevL5zaRsMCEoUqDqVV0sDnSXUtBu+rU8aoLNjRux
YjZRM7cxrCRweOEX91UHrEQlITuHg5ZCo7quNMuKsUik7SMKFidHRLl3IA8u3r7k
/jA5JSa0kFngTJLlVSqHg9CTJ5GdGbndszNFvGuWOXsb
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:50:08 2025 by rpki-client