Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fBzb20jn4M_zODd0xL0-McvRXOU.roa
File: fBzb20jn4M_zODd0xL0-McvRXOU.roa (raw, json)
Hash identifier: GEvOQqijhXzdnyIU4C06ska7GFvNqAJUh4JPiosVWkI=
Subject key identifier: 7C:1C:DB:DB:48:E7:E0:CF:F3:38:37:74:C4:BD:3E:31:CB:D1:5C:E5
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 0198944B1364D5D2049A331D2C81C985D00B
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fBzb20jn4M_zODd0xL0-McvRXOU.roa
Signing time: Sun 10 Aug 2025 14:03:24 +0000
ROA not before: Sun 10 Aug 2025 14:03:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214927
IP address blocks: 45.9.117.0/24 maxlen: 24
45.95.96.0/24 maxlen: 24
45.118.248.0/24 maxlen: 24
45.130.60.0/24 maxlen: 24
45.130.255.0/24 maxlen: 24
45.131.212.0/24 maxlen: 24
45.131.213.0/24 maxlen: 24
45.131.215.0/24 maxlen: 24
45.135.39.0/24 maxlen: 24
45.137.81.0/24 maxlen: 24
45.140.13.0/24 maxlen: 24
45.141.177.0/24 maxlen: 24
45.145.56.0/24 maxlen: 24
45.146.131.0/24 maxlen: 24
45.152.208.0/24 maxlen: 24
45.153.22.0/24 maxlen: 24
45.155.69.0/24 maxlen: 24
45.158.185.0/24 maxlen: 24
85.209.128.0/24 maxlen: 24
103.114.43.0/24 maxlen: 24
113.30.154.0/24 maxlen: 24
185.122.171.0/24 maxlen: 24
185.126.64.0/24 maxlen: 24
185.126.66.0/24 maxlen: 24
185.155.200.0/24 maxlen: 24
185.242.244.0/24 maxlen: 24
185.242.245.0/24 maxlen: 24
192.153.171.0/24 maxlen: 24
193.8.215.0/24 maxlen: 24
193.23.253.0/24 maxlen: 24
193.27.10.0/24 maxlen: 24
193.27.19.0/24 maxlen: 24
2a0c:7886:105::/48 maxlen: 48
2a0f:e7c6:1000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:94:4b:13:64:d5:d2:04:9a:33:1d:2c:81:c9:85:d0:0b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Aug 10 14:03:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7c1cdbdb48e7e0cff3383774c4bd3e31cbd15ce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:db:06:95:38:8b:ae:cd:b8:eb:73:1d:57:8d:
8c:42:f1:99:04:b6:bb:3f:99:0c:d1:41:8c:a3:0a:
df:61:27:5c:cd:d1:05:4b:4d:cf:78:c7:34:1c:3a:
65:0c:1a:8d:98:1f:cd:ec:fb:32:f2:dd:50:2b:63:
bc:c9:17:c3:d0:87:4b:88:3a:e0:35:3d:be:68:46:
d5:f4:3e:e1:82:14:4c:26:b5:24:2b:e2:29:ec:1d:
82:19:31:18:7a:da:d3:38:c3:3d:6f:e5:7e:54:56:
83:24:fe:1b:0c:17:cd:a0:22:b3:7d:aa:29:15:4b:
9b:da:e5:41:e0:6a:3b:ea:77:ec:dc:97:bb:69:57:
b7:46:fd:5d:1b:55:ec:83:9a:79:d6:90:cf:af:ac:
ee:94:e1:a4:99:5c:e7:21:15:40:77:25:01:b5:7e:
89:f7:1a:30:78:54:99:e9:c6:33:e5:60:f1:2a:e5:
f3:c6:2f:60:7a:81:52:65:61:d8:c6:0a:63:19:f0:
82:a7:9a:4e:72:be:f7:2a:c5:b5:d0:14:94:87:e5:
dd:98:08:01:0d:f3:f1:cc:94:00:36:1e:5e:7a:88:
65:14:3b:a6:d2:e9:df:0d:99:26:52:cf:e4:33:f0:
ac:b4:86:d9:41:42:3a:83:7f:62:24:b2:8b:ed:e1:
8a:bf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7C:1C:DB:DB:48:E7:E0:CF:F3:38:37:74:C4:BD:3E:31:CB:D1:5C:E5
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fBzb20jn4M_zODd0xL0-McvRXOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.9.117.0/24
45.95.96.0/24
45.118.248.0/24
45.130.60.0/24
45.130.255.0/24
45.131.212.0/23
45.131.215.0/24
45.135.39.0/24
45.137.81.0/24
45.140.13.0/24
45.141.177.0/24
45.145.56.0/24
45.146.131.0/24
45.152.208.0/24
45.153.22.0/24
45.155.69.0/24
45.158.185.0/24
85.209.128.0/24
103.114.43.0/24
113.30.154.0/24
185.122.171.0/24
185.126.64.0/24
185.126.66.0/24
185.155.200.0/24
185.242.244.0/23
192.153.171.0/24
193.8.215.0/24
193.23.253.0/24
193.27.10.0/24
193.27.19.0/24
IPv6:
2a0c:7886:105::/48
2a0f:e7c6:1000::/48
Signature Algorithm: sha256WithRSAEncryption
af:72:4d:b9:bf:28:4d:29:02:20:9f:9e:71:9c:9d:d7:92:4f:
6f:50:6f:eb:04:69:94:5c:61:62:0e:9e:c5:f4:15:c1:4c:f4:
51:d1:dc:51:15:d8:30:e7:30:c9:d3:b3:a0:47:4c:e0:d7:b3:
01:7f:29:78:08:79:f6:ae:e3:ce:21:1b:e9:67:21:e6:a2:27:
c6:ef:87:73:39:41:55:60:61:4e:c3:f1:a7:40:5f:6e:c7:53:
5c:ba:9f:b1:af:f1:59:95:ad:04:46:ee:60:c9:ea:80:97:92:
67:11:2f:d4:f3:d6:f1:ea:d6:b4:10:fb:8f:44:8d:9e:60:47:
b3:5f:81:00:8d:fd:e1:61:06:d1:46:89:f2:8c:9b:01:1f:03:
7f:bb:3b:ea:e9:d8:28:ff:51:3b:d6:39:cf:c1:33:a3:9f:b6:
d1:c8:bc:34:94:f3:cf:41:c7:38:d6:8c:47:c8:5d:47:ee:c7:
ec:d9:dc:1e:e9:08:3f:3c:c9:b8:a4:3a:9b:1a:19:97:4c:61:
3d:1d:40:6f:b7:05:ef:c3:07:f1:44:7b:23:7f:ea:1d:0c:71:
1b:4b:86:27:c9:51:5e:62:4b:25:e7:0e:77:4f:c5:47:ab:10:
26:ee:5f:b9:9b:b6:7a:29:b1:59:94:eb:1c:00:5f:3c:2d:dc:
03:1c:90:49
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZiUSxNk1dIEmjMdLIHJhdALMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwODEwMTQwMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YzFjZGJkYjQ4ZTdlMGNmZjMzODM3NzRjNGJkM2UzMWNiZDE1Y2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAttsGlTiLrs2463MdV42MQvGZBLa7
P5kM0UGMowrfYSdczdEFS03PeMc0HDplDBqNmB/N7Psy8t1QK2O8yRfD0IdLiDrg
NT2+aEbV9D7hghRMJrUkK+Ip7B2CGTEYetrTOMM9b+V+VFaDJP4bDBfNoCKzfaop
FUub2uVB4Go76nfs3Je7aVe3Rv1dG1Xsg5p51pDPr6zulOGkmVznIRVAdyUBtX6J
9xoweFSZ6cYz5WDxKuXzxi9geoFSZWHYxgpjGfCCp5pOcr73KsW10BSUh+XdmAgB
DfPxzJQANh5eeohlFDum0unfDZkmUs/kM/CstIbZQUI6g39iJLKL7eGKvwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFHwc29tI5+DP8zg3dMS9PjHL0VzlMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvZkJ6YjIwam40TV96T0RkMHhMMC1NY3ZSWE9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCBuwQCAAEwgbQDBAAt
CXUDBAAtX2ADBAAtdvgDBAAtgjwDBAAtgv8DBAEtg9QDBAAtg9cDBAAthycDBAAt
iVEDBAAtjA0DBAAtjbEDBAAtkTgDBAAtkoMDBAAtmNADBAAtmRYDBAAtm0UDBAAt
nrkDBABV0YADBABncisDBABxHpoDBAC5eqsDBAC5fkADBAC5fkIDBAC5m8gDBAG5
8vQDBADAmasDBADBCNcDBADBF/0DBADBGwoDBADBGxMwGAQCAAIwEgMHACoMeIYB
BQMHACoP58YQADANBgkqhkiG9w0BAQsFAAOCAQEAr3JNub8oTSkCIJ+ecZyd15JP
b1Bv6wRplFxhYg6exfQVwUz0UdHcURXYMOcwydOzoEdM4NezAX8peAh59q7jziEb
6Wch5qInxu+HczlBVWBhTsPxp0BfbsdTXLqfsa/xWZWtBEbuYMnqgJeSZxEv1PPW
8erWtBD7j0SNnmBHs1+BAI394WEG0UaJ8oybAR8Df7s76unYKP9RO9Y5z8Ezo5+2
0ci8NJTzz0HHONaMR8hdR+7H7NncHukIPzzJuKQ6mxoZl0xhPR1Ab7cF78MH8UR7
I3/qHQxxG0uGJ8lRXmJLJecOd0/FR6sQJu5fuZu2eimxWZTrHABfPC3cAxyQSQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:45:16 2025 by rpki-client