Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/YzdSzrn2g46QLg-Ab4yA5f8O1xU.roa
File: YzdSzrn2g46QLg-Ab4yA5f8O1xU.roa (raw, json)
Hash identifier: juEIYlvSOfWVe6E6l6/j9UJcOILOSNhDvqnCdtQBLU0=
Subject key identifier: 63:37:52:CE:B9:F6:83:8E:90:2E:0F:80:6F:8C:80:E5:FF:0E:D7:15
Certificate issuer: /CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Certificate serial: 0198557F07CFC3C418B9CFC6AA1B0AEB0DF3
Authority key identifier: CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/YzdSzrn2g46QLg-Ab4yA5f8O1xU.roa
Signing time: Tue 29 Jul 2025 09:24:05 +0000
ROA not before: Tue 29 Jul 2025 09:24:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15625
IP address blocks: 145.221.0.0/16 maxlen: 16
145.221.0.0/17 maxlen: 17
145.221.36.0/24 maxlen: 24
145.221.37.0/24 maxlen: 24
145.221.38.0/24 maxlen: 24
145.221.39.0/24 maxlen: 24
145.221.40.0/24 maxlen: 24
145.221.41.0/24 maxlen: 24
145.221.42.0/24 maxlen: 24
145.221.43.0/24 maxlen: 24
145.221.64.0/24 maxlen: 24
145.221.65.0/24 maxlen: 24
145.221.66.0/24 maxlen: 24
145.221.67.0/24 maxlen: 24
145.221.68.0/24 maxlen: 24
145.221.69.0/24 maxlen: 24
145.221.70.0/24 maxlen: 24
145.221.71.0/24 maxlen: 24
145.221.76.0/24 maxlen: 24
145.221.77.0/24 maxlen: 24
145.221.78.0/24 maxlen: 24
145.221.79.0/24 maxlen: 24
145.221.80.0/24 maxlen: 24
145.221.81.0/24 maxlen: 24
145.221.82.0/24 maxlen: 24
145.221.83.0/24 maxlen: 24
145.221.84.0/24 maxlen: 24
145.221.85.0/24 maxlen: 24
145.221.86.0/24 maxlen: 24
145.221.87.0/24 maxlen: 24
145.221.92.0/24 maxlen: 24
145.221.93.0/24 maxlen: 24
145.221.94.0/24 maxlen: 24
145.221.95.0/24 maxlen: 24
145.221.99.0/24 maxlen: 24
145.221.128.0/17 maxlen: 17
145.221.176.0/24 maxlen: 24
145.221.177.0/24 maxlen: 24
145.221.178.0/24 maxlen: 24
145.221.179.0/24 maxlen: 24
145.221.180.0/24 maxlen: 24
145.221.181.0/24 maxlen: 24
145.221.182.0/24 maxlen: 24
145.221.183.0/24 maxlen: 24
145.221.184.0/24 maxlen: 24
145.221.185.0/24 maxlen: 24
145.221.186.0/24 maxlen: 24
145.221.188.0/24 maxlen: 24
145.221.189.0/24 maxlen: 24
145.221.190.0/24 maxlen: 24
145.221.193.0/24 maxlen: 24
145.221.208.0/24 maxlen: 24
145.221.209.0/24 maxlen: 24
145.221.210.0/24 maxlen: 24
145.221.211.0/24 maxlen: 24
145.221.212.0/24 maxlen: 24
145.221.213.0/24 maxlen: 24
145.221.214.0/24 maxlen: 24
145.221.215.0/24 maxlen: 24
145.221.216.0/24 maxlen: 24
145.221.217.0/24 maxlen: 24
145.221.219.0/24 maxlen: 24
145.221.220.0/24 maxlen: 24
145.221.221.0/24 maxlen: 24
145.221.222.0/24 maxlen: 24
145.221.252.0/24 maxlen: 24
145.221.253.0/24 maxlen: 24
145.221.254.0/24 maxlen: 24
145.221.255.0/24 maxlen: 24
156.114.128.0/18 maxlen: 18
156.114.128.0/19 maxlen: 19
156.114.128.0/24 maxlen: 24
156.114.129.0/24 maxlen: 24
156.114.130.0/24 maxlen: 24
156.114.131.0/24 maxlen: 24
156.114.132.0/24 maxlen: 24
156.114.133.0/24 maxlen: 24
156.114.134.0/24 maxlen: 24
156.114.135.0/24 maxlen: 24
156.114.136.0/24 maxlen: 24
156.114.153.0/24 maxlen: 24
156.114.154.0/24 maxlen: 24
156.114.155.0/24 maxlen: 24
156.114.160.0/19 maxlen: 19
156.114.160.0/24 maxlen: 24
156.114.161.0/24 maxlen: 24
156.114.162.0/24 maxlen: 24
156.114.163.0/24 maxlen: 24
156.114.164.0/24 maxlen: 24
156.114.165.0/24 maxlen: 24
156.114.167.0/24 maxlen: 24
156.114.168.0/24 maxlen: 24
156.114.185.0/24 maxlen: 24
156.114.186.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.mft
rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:7f:07:cf:c3:c4:18:b9:cf:c6:aa:1b:0a:eb:0d:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=caece41cbc2c30626ef2a28d1839f2d6c4757f3f
Validity
Not Before: Jul 29 09:24:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=633752ceb9f6838e902e0f806f8c80e5ff0ed715
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:c0:8b:5f:55:a1:bd:a8:e3:5e:a2:02:5d:9e:
f8:9e:56:0b:1f:b6:ea:9b:1e:42:a0:27:dc:b7:0a:
18:76:48:5c:ae:fe:c7:41:b1:56:8f:42:36:3a:e2:
95:9c:55:6c:80:0d:8d:79:fe:f9:3b:1c:ec:23:f1:
ca:31:c4:59:e4:4d:6b:ea:8e:d8:e2:03:29:94:11:
81:85:eb:27:06:05:cc:bb:c9:05:c2:5e:f6:73:96:
25:d5:bf:d0:bb:2f:ef:bd:18:70:65:6b:f4:77:8f:
3b:af:2d:b8:69:73:d7:80:57:7d:e1:81:1b:fe:a5:
1b:5d:4f:00:09:c3:c1:7e:a3:35:dd:58:ba:ca:95:
3d:49:ad:45:60:d4:34:f4:0b:85:b5:dd:a2:af:c8:
11:75:0a:42:d1:cb:93:b8:2f:90:10:12:5f:17:d7:
21:d1:f4:b8:65:18:74:46:86:6c:e2:8d:de:28:52:
86:de:6f:3c:d0:1a:aa:5f:d5:19:58:24:fd:e1:41:
37:a7:7e:99:c1:39:82:d6:42:d8:3b:77:51:bc:ea:
8d:eb:4a:88:a6:c4:d7:90:65:ce:ab:7e:81:af:11:
d9:c9:7d:d6:34:b7:33:3c:7c:d5:25:a9:38:8c:3b:
31:7e:3b:b9:1a:dd:85:8b:4e:06:fc:76:32:75:83:
7e:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:37:52:CE:B9:F6:83:8E:90:2E:0F:80:6F:8C:80:E5:FF:0E:D7:15
X509v3 Authority Key Identifier:
keyid:CA:EC:E4:1C:BC:2C:30:62:6E:F2:A2:8D:18:39:F2:D6:C4:75:7F:3F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yuzkHLwsMGJu8qKNGDny1sR1fz8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/YzdSzrn2g46QLg-Ab4yA5f8O1xU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5d/630cbe-ce01-464d-82eb-d851e40d57bf/1/yuzkHLwsMGJu8qKNGDny1sR1fz8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.221.0.0/16
156.114.128.0/18
Signature Algorithm: sha256WithRSAEncryption
69:c8:69:a4:70:37:77:cf:b1:1d:d1:d1:87:6c:37:60:f5:4a:
9d:e6:a2:fe:7e:23:c0:3e:d2:25:e6:1b:1b:34:59:dd:10:b6:
77:97:6f:61:e1:79:a6:6e:20:7f:31:2e:de:6c:2c:10:a8:60:
31:1d:42:b6:9d:96:ef:0f:08:b4:30:63:6b:b0:38:5b:46:7f:
5d:da:c8:c6:8f:33:f5:39:75:35:28:c0:ba:2f:ca:3b:2f:d9:
0d:af:43:8b:06:a0:fd:97:ac:66:53:4b:65:8d:58:8f:0b:fb:
1d:98:10:bd:dd:d2:ed:06:c3:34:2b:2c:ea:7f:12:01:08:eb:
a7:44:08:7c:9c:88:7b:57:b0:1e:78:89:56:6c:5a:95:11:b7:
55:3b:fb:ca:03:db:9d:29:17:bb:d2:62:04:e5:15:55:09:2b:
e2:61:a6:87:a0:4c:cc:77:51:2d:a2:c5:37:89:e1:3e:18:10:
a6:ee:f9:76:ae:6b:26:37:35:36:eb:2e:a7:1d:e0:74:87:60:
f7:60:51:61:90:5d:07:b0:22:8d:5c:ae:ee:d9:26:cf:5b:05:
22:ae:3b:25:a9:61:89:54:85:2a:da:39:72:5d:5a:d9:81:b4:
c9:fb:8a:d1:d6:52:2e:e2:62:55:c5:a4:f8:e7:51:9c:7f:16:
0c:7b:cb:ab
-----BEGIN CERTIFICATE-----
MIIFAjCCA+qgAwIBAgISAZhVfwfPw8QYuc/GqhsK6w3zMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNhZWNlNDFjYmMyYzMwNjI2ZWYyYTI4ZDE4MzlmMmQ2YzQ3
NTdmM2YwHhcNMjUwNzI5MDkyNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzM3NTJjZWI5ZjY4MzhlOTAyZTBmODA2ZjhjODBlNWZmMGVkNzE1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvsCLX1WhvajjXqICXZ74nlYLH7bq
mx5CoCfctwoYdkhcrv7HQbFWj0I2OuKVnFVsgA2Nef75OxzsI/HKMcRZ5E1r6o7Y
4gMplBGBhesnBgXMu8kFwl72c5Yl1b/Quy/vvRhwZWv0d487ry24aXPXgFd94YEb
/qUbXU8ACcPBfqM13Vi6ypU9Sa1FYNQ09AuFtd2ir8gRdQpC0cuTuC+QEBJfF9ch
0fS4ZRh0RoZs4o3eKFKG3m880BqqX9UZWCT94UE3p36ZwTmC1kLYO3dRvOqN60qI
psTXkGXOq36BrxHZyX3WNLczPHzVJak4jDsxfju5Gt2Fi04G/HYydYN+eQIDAQAB
o4ICDjCCAgowHQYDVR0OBBYEFGM3Us659oOOkC4PgG+MgOX/DtcVMB8GA1UdIwQY
MBaAFMrs5By8LDBibvKijRg58tbEdX8/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWIt
ZDg1MWU0MGQ1N2JmLzEvWXpkU3pybjJnNDZRTGctQWI0eUE1ZjhPMXhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81ZC82MzBjYmUtY2UwMS00NjRkLTgyZWItZDg1MWU0MGQ1N2Jm
LzEveXV6a0hMd3NNR0p1OHFLTkdEbnkxc1IxZno4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCQGCCsGAQUFBwEHAQH/BBUwEzARBAIAATALAwMAkd0DBAac
coAwDQYJKoZIhvcNAQELBQADggEBAGnIaaRwN3fPsR3R0YdsN2D1Sp3mov5+I8A+
0iXmGxs0Wd0QtneXb2HheaZuIH8xLt5sLBCoYDEdQradlu8PCLQwY2uwOFtGf13a
yMaPM/U5dTUowLovyjsv2Q2vQ4sGoP2XrGZTS2WNWI8L+x2YEL3d0u0GwzQrLOp/
EgEI66dECHyciHtXsB54iVZsWpURt1U7+8oD250pF7vSYgTlFVUJK+JhpoegTMx3
US2ixTeJ4T4YEKbu+XauayY3NTbrLqcd4HSHYPdgUWGQXQewIo1cru7ZJs9bBSKu
OyWpYYlUhSraOXJdWtmBtMn7itHWUi7iYlXFpPjnUZx/Fgx7y6s=
-----END CERTIFICATE-----
Generated at Sat Aug 9 10:46:36 2025 by rpki-client