Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/7Bsb-M9H7d4Hc8VS4AnIjyLsXlE.roa
File: 7Bsb-M9H7d4Hc8VS4AnIjyLsXlE.roa (raw, json)
Hash identifier: g+wem5y6cG+2ZtV6aLNz5ga+egeri0j1bBqB9ifdstE=
Subject key identifier: EC:1B:1B:F8:CF:47:ED:DE:07:73:C5:52:E0:09:C8:8F:22:EC:5E:51
Certificate issuer: /CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Certificate serial: 0198C70EAC2BBC85336853566B7D36008DE7
Authority key identifier: E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/7Bsb-M9H7d4Hc8VS4AnIjyLsXlE.roa
Signing time: Wed 20 Aug 2025 10:38:04 +0000
ROA not before: Wed 20 Aug 2025 10:38:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210329
IP address blocks: 45.91.170.0/24 maxlen: 24
45.248.36.0/24 maxlen: 24
63.250.58.0/24 maxlen: 24
81.28.4.0/24 maxlen: 24
81.28.5.0/24 maxlen: 24
83.229.68.0/24 maxlen: 24
83.229.69.0/24 maxlen: 24
83.229.75.0/24 maxlen: 24
91.202.170.0/24 maxlen: 24
91.223.236.0/24 maxlen: 24
103.13.208.0/24 maxlen: 24
103.13.209.0/24 maxlen: 24
103.240.145.0/24 maxlen: 24
103.241.64.0/24 maxlen: 24
103.241.65.0/24 maxlen: 24
185.53.211.0/24 maxlen: 24
185.127.16.0/24 maxlen: 24
185.127.17.0/24 maxlen: 24
185.127.18.0/24 maxlen: 24
185.127.19.0/24 maxlen: 24
185.181.9.0/24 maxlen: 24
185.181.11.0/24 maxlen: 24
185.227.109.0/24 maxlen: 24
185.237.12.0/24 maxlen: 24
185.237.13.0/24 maxlen: 24
185.237.98.0/24 maxlen: 24
185.237.99.0/24 maxlen: 24
185.247.116.0/24 maxlen: 24
185.247.119.0/24 maxlen: 24
194.37.82.0/24 maxlen: 24
194.146.24.0/24 maxlen: 24
194.146.25.0/24 maxlen: 24
195.238.123.0/24 maxlen: 24
212.86.104.0/24 maxlen: 24
212.86.105.0/24 maxlen: 24
2a06:c5c0:600::/48 maxlen: 48
2a07:3b80:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.mft
rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c7:0e:ac:2b:bc:85:33:68:53:56:6b:7d:36:00:8d:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5bd7923afdbae87d07b2308dd389d9cf082ed6d
Validity
Not Before: Aug 20 10:38:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ec1b1bf8cf47edde0773c552e009c88f22ec5e51
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ba:54:54:54:ad:59:72:c2:06:a2:e3:82:cc:ed:
89:da:6d:0c:1f:51:fc:bb:8f:82:c5:df:27:67:4f:
12:12:12:39:56:bd:2b:4f:96:52:9d:0d:65:9f:64:
4d:49:da:d6:d7:dd:c7:4d:fc:86:e4:c5:18:3a:7a:
fd:49:cf:4b:b8:71:3e:dd:d3:f3:a1:65:aa:a6:6a:
53:92:41:50:0a:12:c1:8c:d6:39:42:83:c7:79:fb:
47:c3:de:e1:2e:ed:6a:dc:ea:3d:cf:f8:f5:d0:ab:
a9:84:51:1a:4c:bf:42:ce:10:dc:83:4d:a6:09:b6:
5c:aa:a1:4c:05:87:88:5c:c3:15:09:bb:ec:d4:c7:
eb:b5:54:fd:52:73:83:49:d5:a4:97:66:9f:7d:bb:
15:30:a5:bd:97:97:02:b9:97:34:e2:34:2b:9f:8b:
f2:81:a4:60:61:b2:8f:e3:1f:d8:fa:ec:9d:cb:ca:
26:2c:a9:ac:9a:18:b2:e2:1c:10:ba:05:6c:50:97:
6b:a2:2d:67:93:3c:49:ba:6f:cf:d0:2a:e8:9e:54:
32:b4:c7:df:cc:b3:6c:4d:0e:d1:37:39:f7:8c:47:
60:30:69:26:3e:15:2b:2d:27:a5:8f:17:6f:7b:06:
8f:99:b2:ff:c0:1f:30:40:8b:12:79:17:4c:b7:aa:
2e:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
EC:1B:1B:F8:CF:47:ED:DE:07:73:C5:52:E0:09:C8:8F:22:EC:5E:51
X509v3 Authority Key Identifier:
keyid:E5:BD:79:23:AF:DB:AE:87:D0:7B:23:08:DD:38:9D:9C:F0:82:ED:6D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5b15I6_brofQeyMI3TidnPCC7W0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/7Bsb-M9H7d4Hc8VS4AnIjyLsXlE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/269229-20eb-4f1c-a13e-26d1e54578f1/1/5b15I6_brofQeyMI3TidnPCC7W0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.170.0/24
45.248.36.0/24
63.250.58.0/24
81.28.4.0/23
83.229.68.0/23
83.229.75.0/24
91.202.170.0/24
91.223.236.0/24
103.13.208.0/23
103.240.145.0/24
103.241.64.0/23
185.53.211.0/24
185.127.16.0/22
185.181.9.0/24
185.181.11.0/24
185.227.109.0/24
185.237.12.0/23
185.237.98.0/23
185.247.116.0/24
185.247.119.0/24
194.37.82.0/24
194.146.24.0/23
195.238.123.0/24
212.86.104.0/23
IPv6:
2a06:c5c0:600::/48
2a07:3b80:2::/48
Signature Algorithm: sha256WithRSAEncryption
46:48:75:b3:37:cf:e9:2b:27:c0:c4:47:bf:d4:c5:50:9f:b1:
f9:aa:77:93:a3:36:ac:31:cc:62:03:63:6e:50:34:2c:97:f6:
bc:b5:c5:2d:8e:65:1a:15:0b:17:0c:58:12:bc:65:c4:63:e7:
b7:28:95:58:4d:2f:d6:2d:25:87:c3:b4:22:43:f0:d1:95:6c:
55:b3:b1:1a:49:be:93:45:4f:5d:e3:27:f0:c0:39:a3:61:ea:
cd:f5:cd:46:84:1c:1c:85:f7:a8:1f:46:31:cc:82:db:91:e9:
44:8a:88:8c:fe:55:7a:a5:bd:1a:5e:65:44:31:f4:0c:a7:48:
27:d3:8a:c5:ef:6d:10:14:20:76:16:a8:7b:20:46:93:01:41:
93:57:43:e5:e6:35:78:c1:e0:87:d6:44:65:85:30:06:c4:11:
13:13:40:2f:c5:af:d4:90:1e:4c:6e:de:80:6d:b1:3f:ed:6c:
58:08:95:e8:99:bf:c1:a4:68:f8:2c:7b:b4:ac:bb:84:16:80:
2b:fe:aa:2f:da:4e:8f:55:09:3d:35:c8:35:85:03:cc:2f:2d:
3f:25:93:12:dd:27:c6:fc:8f:15:1b:66:e8:e0:06:f3:45:86:
c6:0e:00:ad:1a:fa:d8:32:d2:2c:96:75:69:fc:da:c9:74:3a:
af:4f:c0:70
-----BEGIN CERTIFICATE-----
MIIFpjCCBI6gAwIBAgISAZjHDqwrvIUzaFNWa302AI3nMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1YmQ3OTIzYWZkYmFlODdkMDdiMjMwOGRkMzg5ZDljZjA4
MmVkNmQwHhcNMjUwODIwMTAzODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlYzFiMWJmOGNmNDdlZGRlMDc3M2M1NTJlMDA5Yzg4ZjIyZWM1ZTUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAulRUVK1ZcsIGouOCzO2J2m0MH1H8
u4+Cxd8nZ08SEhI5Vr0rT5ZSnQ1ln2RNSdrW193HTfyG5MUYOnr9Sc9LuHE+3dPz
oWWqpmpTkkFQChLBjNY5QoPHeftHw97hLu1q3Oo9z/j10KuphFEaTL9CzhDcg02m
CbZcqqFMBYeIXMMVCbvs1MfrtVT9UnODSdWkl2affbsVMKW9l5cCuZc04jQrn4vy
gaRgYbKP4x/Y+uydy8omLKmsmhiy4hwQugVsUJdroi1nkzxJum/P0CronlQytMff
zLNsTQ7RNzn3jEdgMGkmPhUrLSeljxdvewaPmbL/wB8wQIsSeRdMt6ouSwIDAQAB
o4ICsjCCAq4wHQYDVR0OBBYEFOwbG/jPR+3eB3PFUuAJyI8i7F5RMB8GA1UdIwQY
MBaAFOW9eSOv266H0HsjCN04nZzwgu1tMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2Ut
MjZkMWU1NDU3OGYxLzEvN0JzYi1NOUg3ZDRIYzhWUzRBbklqeUxzWGxFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS8yNjkyMjktMjBlYi00ZjFjLWExM2UtMjZkMWU1NDU3OGYx
LzEvNWIxNUk2X2Jyb2ZRZXlNSTNUaWRuUENDN1cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHHBggrBgEFBQcBBwEB/wSBtzCBtDCBlwQCAAEwgZADBAAt
W6oDBAAt+CQDBAA/+joDBAFRHAQDBAFT5UQDBABT5UsDBABbyqoDBABb3+wDBAFn
DdADBABn8JEDBAFn8UADBAC5NdMDBAK5fxADBAC5tQkDBAC5tQsDBAC5420DBAG5
7QwDBAG57WIDBAC593QDBAC593cDBADCJVIDBAHCkhgDBADD7nsDBAHUVmgwGAQC
AAIwEgMHACoGxcAGAAMHACoHO4AAAjANBgkqhkiG9w0BAQsFAAOCAQEARkh1szfP
6SsnwMRHv9TFUJ+x+ap3k6M2rDHMYgNjblA0LJf2vLXFLY5lGhULFwxYErxlxGPn
tyiVWE0v1i0lh8O0IkPw0ZVsVbOxGkm+k0VPXeMn8MA5o2HqzfXNRoQcHIX3qB9G
McyC25HpRIqIjP5VeqW9Gl5lRDH0DKdIJ9OKxe9tEBQgdhaoeyBGkwFBk1dD5eY1
eMHgh9ZEZYUwBsQRExNAL8Wv1JAeTG7egG2xP+1sWAiV6Jm/waRo+Cx7tKy7hBaA
K/6qL9pOj1UJPTXINYUDzC8tPyWTEt0nxvyPFRtm6OAG80WGxg4ArRr62DLSLJZ1
afzayXQ6r0/AcA==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:44:28 2025 by rpki-client