Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/MyT6UPV8E43iPwo_9szoH1oVdtU.roa
File: MyT6UPV8E43iPwo_9szoH1oVdtU.roa (raw, json)
Hash identifier: jxSBisKYp8wt5gioHM3dV1qvrfZUcAv35ZX+FJsqFnY=
Subject key identifier: 33:24:FA:50:F5:7C:13:8D:E2:3F:0A:3F:F6:CC:E8:1F:5A:15:76:D5
Certificate issuer: /CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Certificate serial: 0197B192931CAA413330FEDB798383662EDC
Authority key identifier: 05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/MyT6UPV8E43iPwo_9szoH1oVdtU.roa
Signing time: Fri 27 Jun 2025 13:27:42 +0000
ROA not before: Fri 27 Jun 2025 13:27:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12716
IP address blocks: 37.63.0.0/20 maxlen: 20
37.63.16.0/22 maxlen: 22
37.63.20.0/22 maxlen: 24
37.63.24.0/22 maxlen: 22
37.63.28.0/22 maxlen: 24
37.63.32.0/22 maxlen: 24
37.63.96.0/22 maxlen: 22
62.204.154.0/23 maxlen: 23
78.90.18.0/23 maxlen: 23
78.90.44.0/23 maxlen: 23
78.90.62.0/24 maxlen: 24
78.90.73.0/24 maxlen: 24
78.90.124.0/24 maxlen: 24
78.90.218.0/23 maxlen: 23
83.97.30.0/24 maxlen: 24
84.252.40.0/23 maxlen: 23
85.118.64.0/22 maxlen: 22
85.118.68.0/23 maxlen: 24
85.118.70.0/24 maxlen: 24
85.118.71.0/24 maxlen: 24
85.118.72.0/23 maxlen: 23
85.118.74.0/24 maxlen: 24
85.118.76.0/22 maxlen: 22
85.118.80.0/22 maxlen: 22
85.118.84.0/24 maxlen: 24
85.118.92.0/24 maxlen: 24
85.118.93.0/24 maxlen: 24
89.215.62.0/23 maxlen: 23
151.251.44.0/22 maxlen: 22
151.251.68.0/22 maxlen: 22
151.251.121.0/24 maxlen: 24
151.251.126.0/23 maxlen: 23
151.251.192.0/22 maxlen: 22
151.251.196.0/24 maxlen: 24
151.251.200.0/22 maxlen: 22
151.251.204.0/22 maxlen: 22
151.251.238.0/24 maxlen: 24
151.251.239.0/24 maxlen: 24
151.251.240.0/20 maxlen: 20
176.222.0.0/20 maxlen: 24
185.151.156.0/22 maxlen: 22
185.224.160.0/23 maxlen: 23
212.104.116.0/22 maxlen: 24
213.226.17.0/24 maxlen: 24
213.226.19.0/24 maxlen: 24
213.226.36.0/24 maxlen: 24
213.226.40.0/24 maxlen: 24
213.226.51.0/24 maxlen: 24
213.226.56.0/24 maxlen: 24
213.226.57.0/24 maxlen: 24
213.226.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.mft
rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b1:92:93:1c:aa:41:33:30:fe:db:79:83:83:66:2e:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0548cedf17029ed98a108113c6c109ecaccd82ec
Validity
Not Before: Jun 27 13:27:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3324fa50f57c138de23f0a3ff6cce81f5a1576d5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:1a:ca:5a:02:eb:e2:fc:fd:1a:d6:e3:61:c7:
86:4e:d8:83:99:11:8a:2a:e8:f6:24:2b:6f:af:d0:
ac:ca:a7:f9:52:8a:fe:44:ee:18:a8:9b:9b:16:45:
5f:62:ea:46:fa:7c:c6:4c:e5:27:c3:5f:71:98:2f:
93:63:9f:7a:af:16:48:7b:48:ed:b4:8c:a6:19:61:
e7:90:a0:79:1c:21:0a:05:c9:3a:95:2f:26:b6:ee:
e0:be:f8:a7:16:00:97:0a:ac:3b:da:27:c5:b2:ca:
e9:73:02:eb:4f:7b:3e:aa:66:a2:69:0f:42:c4:7b:
ed:01:6b:c6:23:6c:24:c5:d4:33:b4:9f:2b:b6:a6:
8c:44:7a:04:bc:26:80:ac:32:8d:fa:07:a0:ae:be:
a9:e7:42:8b:24:2c:d0:40:de:1c:8d:4d:93:2d:74:
bd:83:a2:b0:5f:ad:94:20:9c:ba:4e:88:b6:0a:ad:
e3:f3:6d:b8:94:cd:05:bf:bc:5f:b9:be:21:85:d4:
ac:42:fc:02:77:a4:b2:e7:e0:45:6d:79:33:70:11:
69:d4:22:ec:1c:35:a3:da:09:85:d3:27:7a:7e:48:
2e:c9:ae:18:aa:8d:ce:c5:77:64:37:08:19:62:50:
15:2f:2d:ba:e6:80:12:2d:ca:9a:7a:dd:ca:91:86:
00:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
33:24:FA:50:F5:7C:13:8D:E2:3F:0A:3F:F6:CC:E8:1F:5A:15:76:D5
X509v3 Authority Key Identifier:
keyid:05:48:CE:DF:17:02:9E:D9:8A:10:81:13:C6:C1:09:EC:AC:CD:82:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BUjO3xcCntmKEIETxsEJ7KzNguw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/MyT6UPV8E43iPwo_9szoH1oVdtU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/09/541c05-8d7d-42b8-ab00-7fbbae6f9437/1/BUjO3xcCntmKEIETxsEJ7KzNguw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.63.0.0-37.63.35.255
37.63.96.0/22
62.204.154.0/23
78.90.18.0/23
78.90.44.0/23
78.90.62.0/24
78.90.73.0/24
78.90.124.0/24
78.90.218.0/23
83.97.30.0/24
84.252.40.0/23
85.118.64.0-85.118.74.255
85.118.76.0-85.118.84.255
85.118.92.0/23
89.215.62.0/23
151.251.44.0/22
151.251.68.0/22
151.251.121.0/24
151.251.126.0/23
151.251.192.0-151.251.196.255
151.251.200.0/21
151.251.238.0-151.251.255.255
176.222.0.0/20
185.151.156.0/22
185.224.160.0/23
212.104.116.0/22
213.226.17.0/24
213.226.19.0/24
213.226.36.0/24
213.226.40.0/24
213.226.51.0/24
213.226.56.0/23
213.226.59.0/24
Signature Algorithm: sha256WithRSAEncryption
80:e1:3c:7d:82:44:50:18:c2:0a:69:dc:cf:de:01:0d:80:23:
35:ec:19:2e:1d:cf:0f:e4:bb:fa:12:d4:87:74:58:be:b2:f0:
7f:1c:71:46:2d:7e:6d:17:20:bb:31:0f:3b:c4:95:08:4e:d6:
e1:c6:d1:74:19:a3:1d:ac:9c:51:00:1f:13:88:ef:c0:50:e5:
de:52:5e:c8:fa:00:83:3e:88:c3:94:2e:0d:c9:28:0c:50:03:
d0:72:ab:c4:c6:26:c7:ea:98:25:74:25:a9:73:bb:89:1b:b0:
13:79:ef:06:82:34:e3:c7:ef:a1:e5:37:ff:d3:6c:bb:5b:56:
22:ad:76:7a:dd:ca:c8:80:ac:10:a8:4d:5b:20:4c:bb:e8:b7:
65:d3:b2:32:e5:38:20:8f:3d:b3:16:72:89:36:0c:27:12:8a:
f8:ed:2e:58:3f:eb:f2:34:14:d1:d4:d1:0e:06:13:cd:97:af:
d2:35:d9:c1:01:c0:e7:36:71:f5:8c:cd:59:b2:fc:53:ee:2d:
58:6b:cf:3c:c0:07:e6:85:cd:67:f6:af:1c:dd:37:c3:ed:f1:
a8:ff:66:45:9d:b1:69:b4:f4:db:00:39:97:58:e1:ba:40:53:
ce:fe:43:60:7f:ba:54:c1:e7:9d:a4:16:5f:65:b9:af:7c:04:
5c:4b:ec:ad
-----BEGIN CERTIFICATE-----
MIIF6TCCBNGgAwIBAgISAZexkpMcqkEzMP7beYODZi7cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA1NDhjZWRmMTcwMjllZDk4YTEwODExM2M2YzEwOWVjYWNj
ZDgyZWMwHhcNMjUwNjI3MTMyNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzMzI0ZmE1MGY1N2MxMzhkZTIzZjBhM2ZmNmNjZTgxZjVhMTU3NmQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3hrKWgLr4vz9GtbjYceGTtiDmRGK
Kuj2JCtvr9Csyqf5Uor+RO4YqJubFkVfYupG+nzGTOUnw19xmC+TY596rxZIe0jt
tIymGWHnkKB5HCEKBck6lS8mtu7gvvinFgCXCqw72ifFssrpcwLrT3s+qmaiaQ9C
xHvtAWvGI2wkxdQztJ8rtqaMRHoEvCaArDKN+gegrr6p50KLJCzQQN4cjU2TLXS9
g6KwX62UIJy6Toi2Cq3j8224lM0Fv7xfub4hhdSsQvwCd6Sy5+BFbXkzcBFp1CLs
HDWj2gmF0yd6fkguya4Yqo3OxXdkNwgZYlAVLy265oASLcqaet3KkYYAWQIDAQAB
o4IC9TCCAvEwHQYDVR0OBBYEFDMk+lD1fBON4j8KP/bM6B9aFXbVMB8GA1UdIwQY
MBaAFAVIzt8XAp7ZihCBE8bBCeyszYLsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAt
N2ZiYmFlNmY5NDM3LzEvTXlUNlVQVjhFNDNpUHdvXzlzem9IMW9WZHRVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wOS81NDFjMDUtOGQ3ZC00MmI4LWFiMDAtN2ZiYmFlNmY5NDM3
LzEvQlVqTzN4Y0NudG1LRUlFVHhzRUo3S3pOZ3V3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBCQYIKwYBBQUHAQcBAf8EgfkwgfYwgfMEAgABMIHsMAsD
AwAlPwMEAiU/IAMEAiU/YAMEAT7MmgMEAU5aEgMEAU5aLAMEAE5aPgMEAE5aSQME
AE5afAMEAU5a2gMEAFNhHgMEAVT8KDAMAwQGVXZAAwQAVXZKMAwDBAJVdkwDBABV
dlQDBAFVdlwDBAFZ1z4DBAKX+ywDBAKX+0QDBACX+3kDBAGX+34wDAMEBpf7wAME
AJf7xAMEA5f7yDALAwQBl/vuAwMCl/gDBASw3gADBAK5l5wDBAG54KADBALUaHQD
BADV4hEDBADV4hMDBADV4iQDBADV4igDBADV4jMDBAHV4jgDBADV4jswDQYJKoZI
hvcNAQELBQADggEBAIDhPH2CRFAYwgpp3M/eAQ2AIzXsGS4dzw/ku/oS1Id0WL6y
8H8ccUYtfm0XILsxDzvElQhO1uHG0XQZox2snFEAHxOI78BQ5d5SXsj6AIM+iMOU
Lg3JKAxQA9Byq8TGJsfqmCV0Jalzu4kbsBN57waCNOPH76HlN//TbLtbViKtdnrd
ysiArBCoTVsgTLvot2XTsjLlOCCPPbMWcok2DCcSivjtLlg/6/I0FNHU0Q4GE82X
r9I12cEBwOc2cfWMzVmy/FPuLVhrzzzAB+aFzWf2rxzdN8Pt8aj/ZkWdsWm09NsA
OZdY4bpAU87+Q2B/ulTB552kFl9lua98BFxL7K0=
-----END CERTIFICATE-----
Generated at Sat Jul 26 21:00:48 2025 by rpki-client