Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/1-Y7w9XgF5BNF08Zk3EDN4gwsALU.roa
File: 1-Y7w9XgF5BNF08Zk3EDN4gwsALU.roa (raw, json)
Hash identifier: 6VnnAzOoFEAs8MZaXUimxUhhtW0alo3aoiUxYxFj8aI=
Subject key identifier: F9:8E:F0:F5:78:05:E4:13:45:D3:C6:64:DC:40:CD:E2:0C:2C:00:B5
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 0198A38D32BD302F120E29CE788E3EBA91E2
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/1-Y7w9XgF5BNF08Zk3EDN4gwsALU.roa
Signing time: Wed 13 Aug 2025 13:09:56 +0000
ROA not before: Wed 13 Aug 2025 13:09:56 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 45.66.135.0/24 maxlen: 24
45.67.53.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.85.2.0/24 maxlen: 24
45.90.140.0/24 maxlen: 24
45.128.152.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
81.90.190.0/24 maxlen: 24
89.31.124.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
147.78.14.0/24 maxlen: 24
152.89.210.0/24 maxlen: 24
185.105.191.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.68.0/24 maxlen: 24
185.126.136.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.126.224.0/24 maxlen: 24
185.126.227.0/24 maxlen: 24
185.167.117.0/24 maxlen: 24
185.167.118.0/24 maxlen: 24
185.167.119.0/24 maxlen: 24
185.171.122.0/24 maxlen: 24
185.171.123.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
185.175.142.0/24 maxlen: 24
185.175.143.0/24 maxlen: 24
185.187.236.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
192.54.56.0/24 maxlen: 24
192.54.58.0/24 maxlen: 24
192.54.59.0/24 maxlen: 24
193.37.56.0/24 maxlen: 24
193.37.57.0/24 maxlen: 24
193.38.136.0/24 maxlen: 24
194.124.32.0/24 maxlen: 24
194.156.229.0/24 maxlen: 24
2a0c:8a40:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 07:01:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a3:8d:32:bd:30:2f:12:0e:29:ce:78:8e:3e:ba:91:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: Aug 13 13:09:56 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f98ef0f57805e41345d3c664dc40cde20c2c00b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ce:a0:58:cd:7f:6d:0b:e2:2f:fd:de:a2:71:0e:
92:c4:39:de:3b:2e:b1:5e:f3:9f:ca:fa:55:9a:a3:
b4:a7:84:b5:99:51:99:d5:1d:e5:c8:63:d1:14:d2:
02:40:5f:a8:e5:f9:8e:c0:b4:3b:59:8b:e8:b8:ff:
f7:b3:37:cc:3b:e1:b2:3b:6a:b8:2c:5a:df:40:2e:
fc:3a:3c:28:a2:a7:62:b1:bb:c1:84:bf:22:68:87:
a2:a7:bc:22:c0:e0:ca:c0:3c:9c:2e:ce:3d:68:63:
6d:a3:9e:a8:69:f6:a0:b1:02:65:ea:d7:d8:89:5c:
3d:bf:73:6e:31:67:77:94:43:b8:91:99:60:32:f6:
ec:c4:70:57:58:10:3d:c6:a3:82:80:33:78:bd:7e:
8c:a1:04:e9:25:bb:1e:2b:db:7b:74:81:2b:a5:24:
f6:c5:2b:00:12:3f:cd:6f:9e:4c:c4:6a:88:8f:2f:
7b:e8:ad:e7:c5:93:77:b2:de:96:ab:e5:c9:93:49:
c3:79:91:bd:fd:2f:af:61:57:61:a4:1e:f3:39:71:
e9:c6:b6:a8:81:77:4a:c6:e6:dc:4e:6a:8d:f8:e2:
e2:e8:e5:73:19:2d:01:8f:90:51:d8:33:05:4c:16:
40:d6:0f:92:27:0c:3b:1b:bb:49:de:d3:cc:14:eb:
2a:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:8E:F0:F5:78:05:E4:13:45:D3:C6:64:DC:40:CD:E2:0C:2C:00:B5
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/1-Y7w9XgF5BNF08Zk3EDN4gwsALU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.135.0/24
45.67.53.0/24
45.82.165.0/24
45.85.2.0/24
45.90.140.0/24
45.128.152.0/24
45.134.18.0/24
45.144.242.0/23
81.90.190.0/24
89.31.124.0/24
91.220.202.0/23
147.78.14.0/24
152.89.210.0/24
185.105.191.0/24
185.120.17.0/24
185.126.68.0/24
185.126.136.0/23
185.126.224.0/24
185.126.227.0/24
185.167.117.0-185.167.119.255
185.171.122.0/23
185.172.114.0/24
185.175.142.0/23
185.187.236.0/24
188.119.102.0/24
192.54.56.0/24
192.54.58.0/23
193.37.56.0/23
193.38.136.0/24
194.124.32.0/24
194.156.229.0/24
IPv6:
2a0c:8a40:2::/48
Signature Algorithm: sha256WithRSAEncryption
6e:0e:6e:7e:39:25:02:1b:f4:f4:40:52:f2:65:b7:b4:a3:c5:
e6:f3:eb:b3:03:ff:51:16:ef:f6:59:2c:3e:a0:02:0d:f5:33:
00:2a:55:e6:9a:a7:12:df:e2:72:bc:0b:cc:ee:d2:4c:8d:c7:
c7:f7:ac:73:dc:34:ee:37:50:42:35:c9:1c:87:6b:c1:b5:7e:
47:3c:b0:c2:c8:2b:ef:43:91:78:46:93:0f:da:6c:2a:84:a5:
45:13:f8:62:b5:c6:9d:80:12:7f:f7:c7:79:b8:db:fa:bb:b2:
78:c9:92:ae:ba:2b:25:ce:a9:dc:2f:5d:59:e2:95:27:dc:67:
30:86:4d:1a:46:00:bf:7c:4e:6e:6f:b5:f5:59:f0:d7:8e:2f:
ad:61:4b:4c:92:77:92:9f:20:43:87:cc:a0:2e:e6:56:0a:f2:
bd:e7:67:bc:8f:d3:23:b7:bf:8a:37:ad:b1:3e:d6:d5:e5:22:
c6:e0:f4:c4:ae:3d:bf:6a:10:47:24:d8:b7:3a:4a:a0:fc:5b:
fd:cf:13:8d:a7:7a:ed:76:2f:31:75:03:64:00:47:86:60:56:
10:91:8f:d8:9d:18:c4:09:12:a4:a7:c6:aa:ec:36:06:5a:d4:
ed:3a:79:b6:c7:09:76:1e:ee:ab:9a:96:07:f0:9e:23:b9:63:
70:d5:3d:21
-----BEGIN CERTIFICATE-----
MIIF0DCCBLigAwIBAgISAZijjTK9MC8SDinOeI4+upHiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwODEzMTMwOTU2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOThlZjBmNTc4MDVlNDEzNDVkM2M2NjRkYzQwY2RlMjBjMmMwMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzqBYzX9tC+Iv/d6icQ6SxDneOy6x
XvOfyvpVmqO0p4S1mVGZ1R3lyGPRFNICQF+o5fmOwLQ7WYvouP/3szfMO+GyO2q4
LFrfQC78OjwooqdisbvBhL8iaIeip7wiwODKwDycLs49aGNto56oafagsQJl6tfY
iVw9v3NuMWd3lEO4kZlgMvbsxHBXWBA9xqOCgDN4vX6MoQTpJbseK9t7dIErpST2
xSsAEj/Nb55MxGqIjy976K3nxZN3st6Wq+XJk0nDeZG9/S+vYVdhpB7zOXHpxrao
gXdKxubcTmqN+OLi6OVzGS0Bj5BR2DMFTBZA1g+SJww7G7tJ3tPMFOsqUwIDAQAB
o4IC3DCCAtgwHQYDVR0OBBYEFPmO8PV4BeQTRdPGZNxAzeIMLAC1MB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvMS1ZN3c5WGdGNUJORjA4WmszRURONGd3c0FMVS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYTAvYjNmZDQwLWIxMjUtNDI4Mi1iODgzLTczNjc4OWVlNmZk
MC8xL0N5Ui1jemtleWRhaXBHOHNzTEF2eVpRb2p4TS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCB8AYIKwYBBQUHAQcBAf8EgeAwgd0wgckEAgABMIHCAwQA
LUKHAwQALUM1AwQALVKlAwQALVUCAwQALVqMAwQALYCYAwQALYYSAwQBLZDyAwQA
UVq+AwQAWR98AwQBW9zKAwQAk04OAwQAmFnSAwQAuWm/AwQAuXgRAwQAuX5EAwQB
uX6IAwQAuX7gAwQAuX7jMAwDBAC5p3UDBAO5p3ADBAG5q3oDBAC5rHIDBAG5r44D
BAC5u+wDBAC8d2YDBADANjgDBAHANjoDBAHBJTgDBADBJogDBADCfCADBADCnOUw
DwQCAAIwCQMHACoMikAAAjANBgkqhkiG9w0BAQsFAAOCAQEAbg5ufjklAhv09EBS
8mW3tKPF5vPrswP/URbv9lksPqACDfUzACpV5pqnEt/icrwLzO7STI3Hx/esc9w0
7jdQQjXJHIdrwbV+Rzywwsgr70OReEaTD9psKoSlRRP4YrXGnYASf/fHebjb+ruy
eMmSrrorJc6p3C9dWeKVJ9xnMIZNGkYAv3xObm+19Vnw144vrWFLTJJ3kp8gQ4fM
oC7mVgryvednvI/TI7e/ijetsT7W1eUixuD0xK49v2oQRyTYtzpKoPxb/c8Tjad6
7XYvMXUDZABHhmBWEJGP2J0YxAkSpKfGquw2BlrU7Tp5tscJdh7uq5qWB/CeI7lj
cNU9IQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:44:27 2025 by rpki-client