Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/L6zT0Dqb17Av6U-K9uO_fS8yslE.roa
File: L6zT0Dqb17Av6U-K9uO_fS8yslE.roa (raw, json)
Hash identifier: 57VFcJU8Uf0Ho8bxnqXmR7O+PMPSYCGGFxBf3pQDhJA=
Subject key identifier: 2F:AC:D3:D0:3A:9B:D7:B0:2F:E9:4F:8A:F6:E3:BF:7D:2F:32:B2:51
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0197A80356CD0F48A52207CF8E97B2631ADF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/L6zT0Dqb17Av6U-K9uO_fS8yslE.roa
Signing time: Wed 25 Jun 2025 16:54:40 +0000
ROA not before: Wed 25 Jun 2025 16:54:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395954
IP address blocks: 45.145.58.0/24 maxlen: 24
45.147.100.0/24 maxlen: 24
45.147.101.0/24 maxlen: 24
45.147.102.0/24 maxlen: 24
45.147.103.0/24 maxlen: 24
45.152.201.0/24 maxlen: 24
45.155.200.0/24 maxlen: 24
45.155.201.0/24 maxlen: 24
45.155.202.0/24 maxlen: 24
45.155.203.0/24 maxlen: 24
193.8.8.0/24 maxlen: 24
194.41.56.0/24 maxlen: 24
2a0f:e1c5::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 23:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a8:03:56:cd:0f:48:a5:22:07:cf:8e:97:b2:63:1a:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 25 16:54:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2facd3d03a9bd7b02fe94f8af6e3bf7d2f32b251
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:b2:03:9e:33:d1:57:a7:5c:6a:5f:46:82:86:
3b:0e:6b:ef:43:bb:52:33:f1:1a:11:29:52:93:5b:
4e:12:fd:79:14:cd:08:85:b4:eb:7c:39:77:14:d7:
5c:f4:c9:00:af:87:98:2c:e2:01:44:72:f1:c3:dc:
15:fb:ad:af:d8:eb:42:02:45:bd:2c:c8:d4:04:3d:
29:73:d8:d7:ac:50:05:8d:8e:4c:9c:96:be:20:21:
0a:ae:9c:9d:eb:7d:10:51:ad:52:39:c3:ac:91:59:
4f:9a:3a:0c:c1:77:6c:0b:72:4a:fb:58:67:ff:05:
1e:28:10:d1:ab:1a:84:29:1c:0d:b9:e1:5a:a9:a9:
c6:9a:45:a5:4a:82:cc:fe:a5:72:93:f0:5f:c6:cb:
14:49:cf:a1:d5:97:d4:6a:84:a2:01:3e:8c:64:af:
70:f6:96:12:6c:6a:a4:79:75:1c:ad:87:ae:03:31:
33:64:00:c5:d0:6b:61:67:89:a3:9e:8c:b1:2a:0c:
d0:0e:dd:ee:66:8a:d1:90:02:8b:50:67:80:f9:89:
55:8c:27:35:bd:b8:6e:b5:05:06:78:e6:a1:2a:7b:
0f:05:16:9c:4a:ea:d1:eb:bf:35:d6:32:f1:83:8a:
86:47:c8:f0:21:b5:b1:8c:e4:6f:ae:0e:c7:74:56:
ff:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2F:AC:D3:D0:3A:9B:D7:B0:2F:E9:4F:8A:F6:E3:BF:7D:2F:32:B2:51
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/L6zT0Dqb17Av6U-K9uO_fS8yslE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.145.58.0/24
45.147.100.0/22
45.152.201.0/24
45.155.200.0/22
193.8.8.0/24
194.41.56.0/24
IPv6:
2a0f:e1c5::/32
Signature Algorithm: sha256WithRSAEncryption
6b:1b:b7:4d:80:da:cd:b2:b1:58:99:6e:e2:61:26:e2:15:ed:
08:71:c2:d6:1b:9e:9d:06:86:0a:f8:04:ca:d2:33:34:0e:5a:
cb:b5:0f:f2:61:de:0b:f3:8a:49:d7:63:e9:85:a1:b7:f4:7e:
09:e8:bb:6a:8b:85:8c:e4:5f:71:51:81:13:d2:e8:73:ea:2c:
4a:61:45:f4:29:80:a1:d7:95:3d:f8:b4:47:15:11:78:eb:c8:
2c:9f:75:78:5d:6e:03:11:9f:70:49:20:70:11:35:a3:9e:55:
60:7c:a0:f7:b9:8c:0c:d7:16:13:c6:98:06:0d:29:56:5c:08:
2e:5c:8f:ef:a4:ee:a9:ae:d0:8e:22:5a:5f:e6:09:e3:25:a1:
be:cc:5b:10:0c:bc:e7:40:ef:15:3f:0e:4c:1c:c4:37:6d:b6:
fb:71:3e:ff:9b:20:b1:9a:0b:50:15:5b:9b:d2:1f:90:66:4e:
d0:4b:17:eb:8d:42:d6:4a:f3:fc:13:53:b8:8b:75:4e:b4:f5:
4f:ae:71:84:a1:5b:08:a2:ea:2c:c8:5f:00:20:20:c5:a6:7d:
c6:a2:11:61:fc:c5:9b:e2:fe:52:59:26:9b:d2:1a:bf:8b:11:
80:23:47:84:01:ee:55:4e:66:8a:8a:37:bc:8d:cc:e2:db:c1:
ca:01:82:ea
-----BEGIN CERTIFICATE-----
MIIFKjCCBBKgAwIBAgISAZeoA1bND0ilIgfPjpeyYxrfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjI1MTY1NDQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZmFjZDNkMDNhOWJkN2IwMmZlOTRmOGFmNmUzYmY3ZDJmMzJiMjUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA07IDnjPRV6dcal9GgoY7DmvvQ7tS
M/EaESlSk1tOEv15FM0IhbTrfDl3FNdc9MkAr4eYLOIBRHLxw9wV+62v2OtCAkW9
LMjUBD0pc9jXrFAFjY5MnJa+ICEKrpyd630QUa1SOcOskVlPmjoMwXdsC3JK+1hn
/wUeKBDRqxqEKRwNueFaqanGmkWlSoLM/qVyk/BfxssUSc+h1ZfUaoSiAT6MZK9w
9pYSbGqkeXUcrYeuAzEzZADF0GthZ4mjnoyxKgzQDt3uZorRkAKLUGeA+YlVjCc1
vbhutQUGeOahKnsPBRacSurR67811jLxg4qGR8jwIbWxjORvrg7HdFb/kQIDAQAB
o4ICNjCCAjIwHQYDVR0OBBYEFC+s09A6m9ewL+lPivbjv30vMrJRMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvTDZ6VDBEcWIxN0F2NlUtSzl1T19mUzh5c2xFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEwGCCsGAQUFBwEHAQH/BD0wOzAqBAIAATAkAwQALZE6AwQC
LZNkAwQALZjJAwQCLZvIAwQAwQgIAwQAwik4MA0EAgACMAcDBQAqD+HFMA0GCSqG
SIb3DQEBCwUAA4IBAQBrG7dNgNrNsrFYmW7iYSbiFe0IccLWG56dBoYK+ATK0jM0
DlrLtQ/yYd4L84pJ12PphaG39H4J6Ltqi4WM5F9xUYET0uhz6ixKYUX0KYCh15U9
+LRHFRF468gsn3V4XW4DEZ9wSSBwETWjnlVgfKD3uYwM1xYTxpgGDSlWXAguXI/v
pO6prtCOIlpf5gnjJaG+zFsQDLznQO8VPw5MHMQ3bbb7cT7/myCxmgtQFVub0h+Q
Zk7QSxfrjULWSvP8E1O4i3VOtPVPrnGEoVsIouosyF8AICDFpn3GohFh/MWb4v5S
WSab0hq/ixGAI0eEAe5VTmaKije8jczi28HKAYLq
-----END CERTIFICATE-----
Generated at Tue Jul 1 06:33:03 2025 by rpki-client