Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RebZ62_EYUOUvqEPGlfizJDR4NM.roa
File: RebZ62_EYUOUvqEPGlfizJDR4NM.roa (raw, json)
Hash identifier: XkjCwkT3Bp07K+/WzWOJRU7l0bg+Abi2XUcYAJYkqII=
Subject key identifier: 45:E6:D9:EB:6F:C4:61:43:94:BE:A1:0F:1A:57:E2:CC:90:D1:E0:D3
Certificate issuer: /CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Certificate serial: 019856D6B9660F29320F4BA894B2830B50D7
Authority key identifier: 36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RebZ62_EYUOUvqEPGlfizJDR4NM.roa
Signing time: Tue 29 Jul 2025 15:39:29 +0000
ROA not before: Tue 29 Jul 2025 15:39:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5511
IP address blocks: 45.83.29.0/24 maxlen: 24
45.88.20.0/24 maxlen: 24
45.88.22.0/24 maxlen: 24
45.89.36.0/24 maxlen: 24
45.89.38.0/24 maxlen: 24
45.92.2.0/24 maxlen: 24
45.134.138.0/24 maxlen: 24
45.143.54.0/24 maxlen: 24
45.145.46.0/24 maxlen: 24
45.146.187.0/24 maxlen: 24
45.156.157.0/24 maxlen: 24
87.247.148.0/22 maxlen: 24
89.40.160.0/24 maxlen: 24
91.190.96.0/24 maxlen: 24
91.190.99.0/24 maxlen: 24
91.190.104.0/24 maxlen: 24
91.217.250.0/24 maxlen: 24
93.114.246.0/24 maxlen: 24
178.239.205.0/24 maxlen: 24
185.184.135.0/24 maxlen: 24
185.205.189.0/24 maxlen: 24
188.214.27.0/24 maxlen: 24
188.240.75.0/24 maxlen: 24
217.74.16.0/24 maxlen: 24
2a0b:64c1::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.mft
rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 03:00:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:56:d6:b9:66:0f:29:32:0f:4b:a8:94:b2:83:0b:50:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=36c2a4b7d5d73c5b57046223bf30eb653005b0e2
Validity
Not Before: Jul 29 15:39:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=45e6d9eb6fc4614394bea10f1a57e2cc90d1e0d3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:a7:25:97:77:49:99:bd:25:1c:44:e1:f0:c0:
ce:b7:87:09:6b:fe:37:87:90:b0:b8:4c:62:1a:1e:
d9:5c:f1:09:ad:4e:82:2a:b6:ce:00:00:69:d7:84:
01:db:7f:0f:4a:0e:04:ac:6a:12:53:ac:68:8d:33:
f0:76:68:91:89:49:13:42:37:89:1e:ba:5f:b1:9c:
ae:6f:f3:e9:47:ac:08:c1:d1:49:74:e0:a1:be:be:
2b:5a:0c:37:9a:9c:0f:63:04:69:5c:55:69:f6:8b:
60:91:9f:71:ed:7f:4f:67:38:2d:2c:41:06:dd:73:
f2:02:7c:92:55:2e:b2:16:9c:32:56:2c:c1:c8:fc:
27:7a:2b:d6:f3:16:4e:ca:09:1d:1e:33:e1:69:d0:
39:b2:0b:88:24:f8:69:54:7a:5d:a3:5e:fe:a2:f0:
0f:e4:99:bb:6b:64:bc:c8:9e:73:4a:ef:5e:a0:af:
5e:a2:d2:0c:75:c4:3d:c2:a0:e4:fa:3b:36:11:8c:
65:ee:65:fd:71:5d:bc:2e:9a:c0:2c:e0:71:2a:e1:
43:0c:0e:51:6c:6e:80:0e:6e:a2:ef:e1:21:8c:de:
9c:07:05:c5:ab:9f:69:57:d8:4b:82:54:4c:8a:eb:
ab:e6:6e:10:80:ce:4a:5d:25:08:c7:af:9a:81:16:
38:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
45:E6:D9:EB:6F:C4:61:43:94:BE:A1:0F:1A:57:E2:CC:90:D1:E0:D3
X509v3 Authority Key Identifier:
keyid:36:C2:A4:B7:D5:D7:3C:5B:57:04:62:23:BF:30:EB:65:30:05:B0:E2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NsKkt9XXPFtXBGIjvzDrZTAFsOI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/RebZ62_EYUOUvqEPGlfizJDR4NM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/8dd85a-bf8f-425e-a24b-2ccedb966a58/1/NsKkt9XXPFtXBGIjvzDrZTAFsOI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.83.29.0/24
45.88.20.0/24
45.88.22.0/24
45.89.36.0/24
45.89.38.0/24
45.92.2.0/24
45.134.138.0/24
45.143.54.0/24
45.145.46.0/24
45.146.187.0/24
45.156.157.0/24
87.247.148.0/22
89.40.160.0/24
91.190.96.0/24
91.190.99.0/24
91.190.104.0/24
91.217.250.0/24
93.114.246.0/24
178.239.205.0/24
185.184.135.0/24
185.205.189.0/24
188.214.27.0/24
188.240.75.0/24
217.74.16.0/24
IPv6:
2a0b:64c1::/32
Signature Algorithm: sha256WithRSAEncryption
8a:a2:76:5c:47:13:46:e3:19:c2:fa:ac:5c:55:c2:9e:ef:45:
25:93:a1:94:7d:6b:8b:5d:57:ba:54:42:f5:5e:36:e5:5d:cd:
9b:f2:76:90:5e:c7:09:80:b9:c4:5c:c6:e9:e1:4f:d8:58:c7:
b4:a0:9a:9b:a3:66:3f:b3:54:49:d3:47:e7:b6:65:ec:7e:3d:
0c:02:3c:85:01:e4:d9:cc:dd:dd:a5:ec:49:68:54:19:1c:fb:
b3:66:8d:e5:33:cd:17:11:a4:a0:d1:99:d5:7b:92:0b:dc:77:
e2:f5:ac:83:a0:c8:6c:ae:79:15:75:fe:60:25:9d:6e:be:ce:
83:d0:be:08:1c:5d:ca:48:f9:85:e9:e4:33:fc:b4:4c:3a:49:
1a:7e:56:6f:f3:3d:b2:51:46:ba:06:22:e3:dd:15:92:78:90:
88:68:14:6f:10:0d:d9:a3:f7:9e:c4:ac:78:58:c0:f6:69:e3:
34:a7:02:61:bb:de:56:d8:5a:ad:0d:8e:93:8b:52:03:8e:16:
38:92:c3:99:6a:62:f1:fb:c0:a0:7a:c8:0d:57:a2:24:0e:f0:
c7:89:3e:ad:a5:d3:87:82:bd:d8:e5:01:ee:9b:04:26:4b:65:
b3:9f:39:d1:d1:d7:08:e2:2c:cc:98:f8:de:39:bc:4a:ab:4f:
68:b7:f0:dc
-----BEGIN CERTIFICATE-----
MIIFmzCCBIOgAwIBAgISAZhW1rlmDykyD0uolLKDC1DXMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM2YzJhNGI3ZDVkNzNjNWI1NzA0NjIyM2JmMzBlYjY1MzAw
NWIwZTIwHhcNMjUwNzI5MTUzOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NWU2ZDllYjZmYzQ2MTQzOTRiZWExMGYxYTU3ZTJjYzkwZDFlMGQzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuKcll3dJmb0lHETh8MDOt4cJa/43
h5CwuExiGh7ZXPEJrU6CKrbOAABp14QB238PSg4ErGoSU6xojTPwdmiRiUkTQjeJ
HrpfsZyub/PpR6wIwdFJdOChvr4rWgw3mpwPYwRpXFVp9otgkZ9x7X9PZzgtLEEG
3XPyAnySVS6yFpwyVizByPwneivW8xZOygkdHjPhadA5sguIJPhpVHpdo17+ovAP
5Jm7a2S8yJ5zSu9eoK9eotIMdcQ9wqDk+js2EYxl7mX9cV28LprALOBxKuFDDA5R
bG6ADm6i7+EhjN6cBwXFq59pV9hLglRMiuur5m4QgM5KXSUIx6+agRY4PwIDAQAB
o4ICpzCCAqMwHQYDVR0OBBYEFEXm2etvxGFDlL6hDxpX4syQ0eDTMB8GA1UdIwQY
MBaAFDbCpLfV1zxbVwRiI78w62UwBbDiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGIt
MmNjZWRiOTY2YTU4LzEvUmViWjYyX0VZVU9VdnFFUEdsZml6SkRSNE5NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy84ZGQ4NWEtYmY4Zi00MjVlLWEyNGItMmNjZWRiOTY2YTU4
LzEvTnNLa3Q5WFhQRnRYQkdJanZ6RHJaVEFGc09JLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG8BggrBgEFBQcBBwEB/wSBrDCBqTCBlwQCAAEwgZADBAAt
Ux0DBAAtWBQDBAAtWBYDBAAtWSQDBAAtWSYDBAAtXAIDBAAthooDBAAtjzYDBAAt
kS4DBAAtkrsDBAAtnJ0DBAJX95QDBABZKKADBABbvmADBABbvmMDBABbvmgDBABb
2foDBABdcvYDBACy780DBAC5uIcDBAC5zb0DBAC81hsDBAC88EsDBADZShAwDQQC
AAIwBwMFACoLZMEwDQYJKoZIhvcNAQELBQADggEBAIqidlxHE0bjGcL6rFxVwp7v
RSWToZR9a4tdV7pUQvVeNuVdzZvydpBexwmAucRcxunhT9hYx7SgmpujZj+zVEnT
R+e2Zex+PQwCPIUB5NnM3d2l7EloVBkc+7NmjeUzzRcRpKDRmdV7kgvcd+L1rIOg
yGyueRV1/mAlnW6+zoPQvggcXcpI+YXp5DP8tEw6SRp+Vm/zPbJRRroGIuPdFZJ4
kIhoFG8QDdmj957ErHhYwPZp4zSnAmG73lbYWq0NjpOLUgOOFjiSw5lqYvH7wKB6
yA1XoiQO8MeJPq2l04eCvdjlAe6bBCZLZbOfOdHR1wjiLMyY+N45vEqrT2i38Nw=
-----END CERTIFICATE-----
Generated at Mon Aug 4 07:57:21 2025 by rpki-client