Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/KOsVP5bePK5N3aNgh_Mf2tcpMMI.roa
File: KOsVP5bePK5N3aNgh_Mf2tcpMMI.roa (raw, json)
Hash identifier: 7uBjlY68CN9kyBrkClnf/o/c0vAf129ok+umjgiD7ws=
Subject key identifier: 28:EB:15:3F:96:DE:3C:AE:4D:DD:A3:60:87:F3:1F:DA:D7:29:30:C2
Certificate issuer: /CN=86e99134171b5863f62f22b7d7abf740349528ec
Certificate serial: 0197E4E9E25E201C70D54BFE3A8158CA9038
Authority key identifier: 86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/KOsVP5bePK5N3aNgh_Mf2tcpMMI.roa
Signing time: Mon 07 Jul 2025 12:43:42 +0000
ROA not before: Mon 07 Jul 2025 12:43:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60439
IP address blocks: 45.82.92.0/22 maxlen: 24
45.82.92.0/24 maxlen: 24
45.82.93.0/24 maxlen: 24
45.82.94.0/24 maxlen: 24
45.90.148.0/22 maxlen: 24
45.90.148.0/24 maxlen: 24
45.90.149.0/24 maxlen: 24
45.90.150.0/24 maxlen: 24
45.90.151.0/24 maxlen: 24
45.94.80.0/22 maxlen: 24
45.131.112.0/22 maxlen: 24
45.136.212.0/22 maxlen: 24
45.136.212.0/24 maxlen: 24
45.136.213.0/24 maxlen: 24
45.136.214.0/24 maxlen: 24
45.141.224.0/22 maxlen: 24
45.151.80.0/24 maxlen: 24
45.151.81.0/24 maxlen: 24
45.151.82.0/24 maxlen: 24
45.151.83.0/24 maxlen: 24
85.208.196.0/24 maxlen: 24
85.208.197.0/24 maxlen: 24
85.208.198.0/24 maxlen: 24
85.208.199.0/24 maxlen: 24
139.28.16.0/22 maxlen: 24
193.160.22.0/24 maxlen: 24
193.160.23.0/24 maxlen: 24
193.160.30.0/24 maxlen: 24
193.160.31.0/24 maxlen: 24
2a13:8240::/40 maxlen: 48
2a13:8240:42::/48 maxlen: 48
2a13:8240:100::/40 maxlen: 48
2a13:8240:200::/40 maxlen: 48
2a13:8240:205::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.mft
rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 15:00:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e4:e9:e2:5e:20:1c:70:d5:4b:fe:3a:81:58:ca:90:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=86e99134171b5863f62f22b7d7abf740349528ec
Validity
Not Before: Jul 7 12:43:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=28eb153f96de3cae4ddda36087f31fdad72930c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:ec:d8:a7:2a:b8:63:9b:16:34:96:07:99:e8:
a9:26:59:40:41:cd:30:2c:fc:3f:2f:a5:eb:e1:8d:
e4:23:dd:d1:52:17:61:84:3d:35:9f:26:8c:53:89:
5e:48:b7:32:d8:92:44:c2:c6:2c:ce:71:fe:90:c2:
cb:c3:5e:9f:1c:10:54:0a:11:14:77:9e:48:ab:d9:
12:8b:b2:3a:d5:29:db:d2:d8:40:b1:29:ca:56:f3:
03:88:ca:b4:27:f3:5a:4a:6c:22:34:49:16:5e:c8:
63:2f:82:84:88:04:1e:3a:0c:4a:3b:a2:8e:d8:99:
b1:b5:ce:73:59:9d:8f:c1:e0:8d:71:d9:06:8d:4a:
cb:1f:c9:fd:8c:bb:e6:d3:ac:30:77:aa:62:4e:34:
c2:a2:e0:24:a8:ad:fc:20:27:15:62:57:f1:d2:a3:
1e:0d:e3:32:6f:3b:79:0b:21:55:ce:4f:62:5c:82:
e4:8e:e1:93:52:dd:ab:fe:9f:b7:86:84:73:42:52:
69:b2:50:63:d3:fd:86:bd:94:b2:2f:03:8c:7c:48:
38:85:db:b1:d6:54:f5:69:48:97:6a:5c:02:51:37:
c5:37:e4:64:33:3b:a0:10:4b:5b:ca:4a:22:02:e0:
d0:87:7a:06:b8:d2:6a:07:5a:79:bd:ac:a3:3c:53:
b9:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
28:EB:15:3F:96:DE:3C:AE:4D:DD:A3:60:87:F3:1F:DA:D7:29:30:C2
X509v3 Authority Key Identifier:
keyid:86:E9:91:34:17:1B:58:63:F6:2F:22:B7:D7:AB:F7:40:34:95:28:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/humRNBcbWGP2LyK316v3QDSVKOw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/KOsVP5bePK5N3aNgh_Mf2tcpMMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fb/c1b5ec-52ff-4ecb-b3fd-da95808ba2c1/1/humRNBcbWGP2LyK316v3QDSVKOw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.82.92.0/22
45.90.148.0/22
45.94.80.0/22
45.131.112.0/22
45.136.212.0/22
45.141.224.0/22
45.151.80.0/22
85.208.196.0/22
139.28.16.0/22
193.160.22.0/23
193.160.30.0/23
IPv6:
2a13:8240::-2a13:8240:2ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
79:51:7f:8d:ab:a8:b7:4d:2a:07:8d:da:73:9e:0a:8e:0a:c3:
e0:eb:c0:a8:e6:c3:d5:ae:f0:13:5c:0e:7d:fb:95:a4:ba:c2:
60:ba:35:5c:7f:d0:ad:14:a1:05:ae:9f:7d:33:ae:5a:f6:f7:
a1:5c:77:c6:a7:b4:27:e8:1d:b3:d3:b2:e8:5a:53:52:cc:4d:
b7:03:f3:0e:df:58:56:c4:e3:f9:a8:da:33:86:a5:db:a1:a5:
31:9b:a6:18:e7:13:7b:4c:18:b6:f9:85:f8:60:42:ea:8d:be:
91:03:7b:07:88:7e:7b:75:bf:62:77:bb:d5:59:bb:58:ee:39:
a4:e6:69:8c:06:ca:ad:61:00:ca:70:de:9e:37:1c:70:c5:32:
06:1b:cf:ec:41:e0:62:a4:cb:ab:92:27:b0:51:73:bf:79:2d:
27:39:31:ec:1e:93:19:5e:a9:50:62:2c:3a:d2:c0:ae:8d:95:
6e:f6:a8:f9:52:80:d7:21:08:ea:ab:c3:f0:be:5f:31:3f:8d:
aa:3d:39:3f:20:5c:40:7f:91:32:2a:58:88:0a:cb:cf:35:5e:
d0:8b:9a:da:c0:7b:67:fa:e2:27:d9:8c:64:40:05:c2:09:9e:
33:08:c1:e1:a9:37:90:bc:ca:4f:93:fc:c1:01:46:30:06:50:
95:b7:0c:2a
-----BEGIN CERTIFICATE-----
MIIFUjCCBDqgAwIBAgISAZfk6eJeIBxw1Uv+OoFYypA4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg2ZTk5MTM0MTcxYjU4NjNmNjJmMjJiN2Q3YWJmNzQwMzQ5
NTI4ZWMwHhcNMjUwNzA3MTI0MzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOGViMTUzZjk2ZGUzY2FlNGRkZGEzNjA4N2YzMWZkYWQ3MjkzMGMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAquzYpyq4Y5sWNJYHmeipJllAQc0w
LPw/L6Xr4Y3kI93RUhdhhD01nyaMU4leSLcy2JJEwsYsznH+kMLLw16fHBBUChEU
d55Iq9kSi7I61Snb0thAsSnKVvMDiMq0J/NaSmwiNEkWXshjL4KEiAQeOgxKO6KO
2Jmxtc5zWZ2PweCNcdkGjUrLH8n9jLvm06wwd6piTjTCouAkqK38ICcVYlfx0qMe
DeMybzt5CyFVzk9iXILkjuGTUt2r/p+3hoRzQlJpslBj0/2GvZSyLwOMfEg4hdux
1lT1aUiXalwCUTfFN+RkMzugEEtbykoiAuDQh3oGuNJqB1p5vayjPFO5zwIDAQAB
o4ICXjCCAlowHQYDVR0OBBYEFCjrFT+W3jyuTd2jYIfzH9rXKTDCMB8GA1UdIwQY
MBaAFIbpkTQXG1hj9i8it9er90A0lSjsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQt
ZGE5NTgwOGJhMmMxLzEvS09zVlA1YmVQSzVOM2FOZ2hfTWYydGNwTU1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mYi9jMWI1ZWMtNTJmZi00ZWNiLWIzZmQtZGE5NTgwOGJhMmMx
LzEvaHVtUk5CY2JXR1AyTHlLMzE2djNRRFNWS093LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHQGCCsGAQUFBwEHAQH/BGUwYzBIBAIAATBCAwQCLVJcAwQC
LVqUAwQCLV5QAwQCLYNwAwQCLYjUAwQCLY3gAwQCLZdQAwQCVdDEAwQCixwQAwQB
waAWAwQBwaAeMBcEAgACMBEwDwMFBioTgkADBgAqE4JAAjANBgkqhkiG9w0BAQsF
AAOCAQEAeVF/jauot00qB43ac54KjgrD4OvAqObD1a7wE1wOffuVpLrCYLo1XH/Q
rRShBa6ffTOuWvb3oVx3xqe0J+gds9Oy6FpTUsxNtwPzDt9YVsTj+ajaM4al26Gl
MZumGOcTe0wYtvmF+GBC6o2+kQN7B4h+e3W/Yne71Vm7WO45pOZpjAbKrWEAynDe
njcccMUyBhvP7EHgYqTLq5InsFFzv3ktJzkx7B6TGV6pUGIsOtLAro2Vbvao+VKA
1yEI6qvD8L5fMT+Nqj05PyBcQH+RMipYiArLzzVe0Iua2sB7Z/riJ9mMZEAFwgme
MwjB4ak3kLzKT5P8wQFGMAZQlbcMKg==
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:47:46 2025 by rpki-client