Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OMQe6XLaDFvX4eUUy9jzs5IyrGw.roa
File: OMQe6XLaDFvX4eUUy9jzs5IyrGw.roa (raw, json)
Hash identifier: PwDGGWv3z2Za9iovBKnVfhH+AiZJH0ZVQmprQh8N6Ng=
Subject key identifier: 38:C4:1E:E9:72:DA:0C:5B:D7:E1:E5:14:CB:D8:F3:B3:92:32:AC:6C
Certificate issuer: /CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Certificate serial: 01976A0C91714235C23B6B3E3531A1A9B1CF
Authority key identifier: 7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OMQe6XLaDFvX4eUUy9jzs5IyrGw.roa
Signing time: Fri 13 Jun 2025 16:08:17 +0000
ROA not before: Fri 13 Jun 2025 16:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57043
IP address blocks: 45.86.244.0/24 maxlen: 24
45.94.47.0/24 maxlen: 24
45.95.97.0/24 maxlen: 24
45.130.128.0/24 maxlen: 24
45.134.184.0/24 maxlen: 24
45.151.104.0/24 maxlen: 24
45.154.58.0/24 maxlen: 24
45.154.228.0/24 maxlen: 24
85.209.130.0/24 maxlen: 24
185.164.59.0/24 maxlen: 24
192.156.217.0/24 maxlen: 24
193.8.1.0/24 maxlen: 24
193.39.245.0/24 maxlen: 24
193.254.234.0/24 maxlen: 24
194.62.30.0/24 maxlen: 24
194.62.66.0/24 maxlen: 24
195.66.26.0/24 maxlen: 24
2a0f:e7c4:10::/48 maxlen: 48
2a11:3500::/29 maxlen: 29
2a13:8c86:120::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.mft
rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 17 Jun 2025 14:25:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:6a:0c:91:71:42:35:c2:3b:6b:3e:35:31:a1:a9:b1:cf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7d559aafbfc0931242e1d637298cf1dd223e4c26
Validity
Not Before: Jun 13 16:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=38c41ee972da0c5bd7e1e514cbd8f3b39232ac6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:e0:20:e1:0a:c9:49:32:91:5f:41:49:05:
73:9d:65:37:fe:be:14:bb:c8:fb:b8:9e:c8:4f:c5:
56:c0:e1:61:ff:e2:c4:9c:c0:fc:02:5f:fb:c7:94:
46:03:2a:03:d3:93:cc:95:2e:60:de:10:2b:59:1b:
a4:fe:50:f1:e7:0a:c4:ea:02:78:bd:b2:f4:11:10:
17:e9:a2:66:bd:b2:a1:8a:f5:f3:6b:ab:53:65:7e:
68:72:d3:2d:a1:aa:08:0b:e2:99:f4:e2:b6:82:57:
f7:ea:9d:d1:b2:26:93:3e:8a:9f:21:00:80:e3:bb:
16:6a:74:73:a3:c3:cc:8c:7f:94:02:01:f2:a7:ef:
5b:68:f1:9c:95:25:a2:99:8a:7b:57:1f:86:42:a2:
fb:d6:b0:27:e7:63:f2:0f:14:8a:72:c5:c4:61:51:
46:39:30:e3:d4:49:2a:1b:46:3e:61:f6:f2:a8:3d:
0c:14:80:f9:37:06:b9:9e:bb:0c:e3:d1:39:dc:7a:
0d:79:d1:4d:f0:fc:bd:38:1d:e8:f0:ec:8a:17:07:
4b:75:88:ab:16:fe:2f:39:b3:76:bd:3b:b3:96:2b:
90:2a:db:eb:ef:a5:82:72:49:2c:94:0d:8a:b9:13:
4e:37:21:3c:73:d0:5c:f1:50:8c:5f:06:18:9a:5c:
e0:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
38:C4:1E:E9:72:DA:0C:5B:D7:E1:E5:14:CB:D8:F3:B3:92:32:AC:6C
X509v3 Authority Key Identifier:
keyid:7D:55:9A:AF:BF:C0:93:12:42:E1:D6:37:29:8C:F1:DD:22:3E:4C:26
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fVWar7_AkxJC4dY3KYzx3SI-TCY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/OMQe6XLaDFvX4eUUy9jzs5IyrGw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/49adc6-ba89-403f-ada9-8c5007c2a4b6/1/fVWar7_AkxJC4dY3KYzx3SI-TCY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.86.244.0/24
45.94.47.0/24
45.95.97.0/24
45.130.128.0/24
45.134.184.0/24
45.151.104.0/24
45.154.58.0/24
45.154.228.0/24
85.209.130.0/24
185.164.59.0/24
192.156.217.0/24
193.8.1.0/24
193.39.245.0/24
193.254.234.0/24
194.62.30.0/24
194.62.66.0/24
195.66.26.0/24
IPv6:
2a0f:e7c4:10::/48
2a11:3500::/29
2a13:8c86:120::/48
Signature Algorithm: sha256WithRSAEncryption
5b:e4:21:a3:79:0a:f5:aa:91:2e:da:1a:98:d2:80:a3:f4:0e:
21:f3:35:22:7e:cd:1e:6e:34:f1:cc:15:e5:b6:06:76:0f:c0:
07:74:6c:4c:80:5e:2a:61:df:95:12:34:1c:e6:7c:33:b4:49:
d7:da:22:51:89:14:53:e7:a9:f1:8f:dd:61:1b:e9:dd:67:46:
94:b5:de:fd:9a:bd:26:c2:60:99:f8:ad:3e:11:27:ed:50:03:
cb:6f:81:33:d5:cc:20:62:39:fd:20:a4:0e:62:7f:1f:67:ae:
64:c8:46:59:09:62:dd:fc:b6:d2:fb:49:ce:56:cb:e0:70:19:
ef:1d:85:37:62:b0:ea:a2:5b:67:23:c4:1b:c8:60:92:cf:b1:
c6:9e:0a:e7:eb:44:ec:cb:64:41:0c:f1:51:9d:3c:6c:95:9b:
95:3c:74:93:0e:20:5c:e4:40:dd:aa:90:cc:9e:7d:2b:ac:ad:
4b:1b:ec:25:45:15:af:35:87:ab:6f:77:fc:4e:18:d0:bc:ba:
1a:11:d2:20:04:09:ee:67:b3:e8:ef:c9:70:96:e2:7a:3b:04:
e0:c9:13:71:e0:98:e2:fe:ca:cb:16:e0:4e:ca:39:fe:cb:6f:
5d:09:09:9b:e6:a6:f7:d2:13:58:50:b1:dd:39:60:4a:99:54:
67:66:ad:38
-----BEGIN CERTIFICATE-----
MIIFgTCCBGmgAwIBAgISAZdqDJFxQjXCO2s+NTGhqbHPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdkNTU5YWFmYmZjMDkzMTI0MmUxZDYzNzI5OGNmMWRkMjIz
ZTRjMjYwHhcNMjUwNjEzMTYwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzOGM0MWVlOTcyZGEwYzViZDdlMWU1MTRjYmQ4ZjNiMzkyMzJhYzZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW3gIOEKyUkykV9BSQVznWU3/r4U
u8j7uJ7IT8VWwOFh/+LEnMD8Al/7x5RGAyoD05PMlS5g3hArWRuk/lDx5wrE6gJ4
vbL0ERAX6aJmvbKhivXza6tTZX5octMtoaoIC+KZ9OK2glf36p3RsiaTPoqfIQCA
47sWanRzo8PMjH+UAgHyp+9baPGclSWimYp7Vx+GQqL71rAn52PyDxSKcsXEYVFG
OTDj1EkqG0Y+YfbyqD0MFID5Nwa5nrsM49E53HoNedFN8Py9OB3o8OyKFwdLdYir
Fv4vObN2vTuzliuQKtvr76WCckkslA2KuRNONyE8c9Bc8VCMXwYYmlzgfwIDAQAB
o4ICjTCCAokwHQYDVR0OBBYEFDjEHuly2gxb1+HlFMvY87OSMqxsMB8GA1UdIwQY
MBaAFH1Vmq+/wJMSQuHWNymM8d0iPkwmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTkt
OGM1MDA3YzJhNGI2LzEvT01RZTZYTGFERnZYNGVVVXk5anpzNUl5ckd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC80OWFkYzYtYmE4OS00MDNmLWFkYTktOGM1MDA3YzJhNGI2
LzEvZlZXYXI3X0FreEpDNGRZM0tZengzU0ktVENZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGiBggrBgEFBQcBBwEB/wSBkjCBjzBsBAIAATBmAwQALVb0
AwQALV4vAwQALV9hAwQALYKAAwQALYa4AwQALZdoAwQALZo6AwQALZrkAwQAVdGC
AwQAuaQ7AwQAwJzZAwQAwQgBAwQAwSf1AwQAwf7qAwQAwj4eAwQAwj5CAwQAw0Ia
MB8EAgACMBkDBwAqD+fEABADBQMqETUAAwcAKhOMhgEgMA0GCSqGSIb3DQEBCwUA
A4IBAQBb5CGjeQr1qpEu2hqY0oCj9A4h8zUifs0ebjTxzBXltgZ2D8AHdGxMgF4q
Yd+VEjQc5nwztEnX2iJRiRRT56nxj91hG+ndZ0aUtd79mr0mwmCZ+K0+ESftUAPL
b4Ez1cwgYjn9IKQOYn8fZ65kyEZZCWLd/LbS+0nOVsvgcBnvHYU3YrDqoltnI8Qb
yGCSz7HGngrn60Tsy2RBDPFRnTxslZuVPHSTDiBc5EDdqpDMnn0rrK1LG+wlRRWv
NYerb3f8ThjQvLoaEdIgBAnuZ7Po78lwluJ6OwTgyRNx4Jji/srLFuBOyjn+y29d
CQmb5qb30hNYULHdOWBKmVRnZq04
-----END CERTIFICATE-----
Generated at Mon Jun 16 23:13:39 2025 by rpki-client