Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/aAlCgMfdB66L_mtq-oOwkAeFurg.roa
File: aAlCgMfdB66L_mtq-oOwkAeFurg.roa (raw, json)
Hash identifier: dRvFRI+NbjYVMQtrKTxs5054NLT1K04L2S3KDJNIoJE=
Subject key identifier: 68:09:42:80:C7:DD:07:AE:8B:FE:6B:6A:FA:83:B0:90:07:85:BA:B8
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0197E3C5D4FCE4036A6370E6E9B845786EEE
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/aAlCgMfdB66L_mtq-oOwkAeFurg.roa
Signing time: Mon 07 Jul 2025 07:24:42 +0000
ROA not before: Mon 07 Jul 2025 07:24:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.151.73.0/24 maxlen: 24
45.151.74.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.136.0/24 maxlen: 24
83.172.138.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.159.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.40.105.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
93.113.99.0/24 maxlen: 24
93.113.215.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.190.0.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
213.111.176.0/24 maxlen: 24
213.111.178.0/24 maxlen: 24
213.111.180.0/24 maxlen: 24
213.111.182.0/24 maxlen: 24
213.111.183.0/24 maxlen: 24
213.111.184.0/24 maxlen: 24
213.111.185.0/24 maxlen: 24
213.111.188.0/24 maxlen: 24
213.111.191.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:46::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 01:01:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e3:c5:d4:fc:e4:03:6a:63:70:e6:e9:b8:45:78:6e:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jul 7 07:24:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=68094280c7dd07ae8bfe6b6afa83b0900785bab8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:aa:2f:28:b9:ec:d0:58:4d:cf:f7:32:f1:42:
dd:76:a0:1d:96:50:ce:a2:2e:fe:34:3a:a8:e0:5d:
a2:b7:43:1f:d2:d8:1a:e2:41:f0:ec:ec:a5:f9:a7:
7d:f1:86:5c:e8:3d:e1:64:67:90:63:36:2f:cd:6c:
fd:34:65:a9:95:23:6c:d1:e8:6d:b4:7c:8f:14:0b:
48:6f:81:cb:db:ce:ca:35:8a:65:13:3a:d9:2b:f6:
8f:3f:ff:4e:77:f3:7d:2c:7e:e6:8d:84:ce:10:13:
6f:9d:51:9a:7a:73:98:36:ef:ef:ff:b0:9a:60:f2:
f0:ba:86:6d:b0:9e:50:08:9f:b2:73:a1:b2:c0:2c:
96:8a:2c:22:bf:ab:3d:d1:2a:34:58:1e:f6:aa:e7:
86:d1:19:99:99:2f:ad:e0:16:73:8d:59:14:d0:ce:
41:60:94:bf:b4:01:ce:13:bc:09:65:f1:c6:d9:f9:
60:ae:22:cf:81:b4:15:28:be:b4:ab:ef:bf:d2:8d:
12:8b:dd:c6:b8:d5:de:38:a9:5b:ba:24:ea:99:92:
a2:94:18:00:f8:76:e0:5d:1b:a5:4c:fb:09:2b:a2:
24:e5:4a:40:f5:ba:6e:42:15:ce:85:de:1c:be:91:
e2:c5:3b:5f:14:cf:78:b2:cd:0d:25:b6:d0:66:18:
39:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:09:42:80:C7:DD:07:AE:8B:FE:6B:6A:FA:83:B0:90:07:85:BA:B8
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/aAlCgMfdB66L_mtq-oOwkAeFurg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.151.73.0-45.151.74.255
45.153.127.0/24
46.183.187.0/24
83.172.134.0-83.172.136.255
83.172.138.0/24
83.172.150.0/24
83.172.159.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.40.105.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
93.113.99.0/24
93.113.215.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.190.0.0/23
188.214.32.0/24
193.3.55.0/24
213.111.176.0/24
213.111.178.0/24
213.111.180.0/24
213.111.182.0-213.111.185.255
213.111.188.0/24
213.111.191.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
10:b4:81:fe:a1:9a:e1:20:83:63:14:e5:c5:e2:7d:33:09:8b:
26:be:03:05:10:e5:20:10:04:fd:85:cb:98:ba:45:04:8f:0a:
f0:86:11:d2:fb:3a:81:ca:ce:dc:5a:99:fe:c1:f3:13:72:cd:
52:f1:44:46:18:06:f3:d9:30:00:13:9d:63:63:7f:83:39:c4:
7d:17:d1:c6:e6:2d:2a:de:13:82:fb:75:33:d9:df:7e:bd:68:
00:d3:ef:56:bf:7f:77:cd:b2:20:23:c0:68:77:93:1f:a5:e4:
f6:5f:11:c3:e5:aa:d5:7d:97:c4:cf:74:30:b7:61:e9:99:d2:
09:1b:a5:5f:78:89:d6:22:0b:4f:84:44:3b:43:9b:b9:6b:95:
b4:d7:99:e9:9d:16:75:bb:61:24:68:3b:75:3a:54:a8:b5:19:
2f:21:29:69:5c:dd:5c:82:7c:fe:3e:70:72:9b:80:00:db:e3:
e2:27:86:6b:c2:64:eb:f9:6f:15:30:c0:af:07:4b:66:8c:96:
c0:4d:10:fa:9c:40:63:8b:c6:79:fc:e3:c2:a8:38:75:b2:53:
fb:8a:01:6e:1b:b4:df:ff:03:c1:09:87:8c:cf:f5:ba:6f:5c:
e0:65:cc:f4:ad:14:89:82:65:d7:4f:6e:7d:2d:81:82:10:56:
7a:af:e5:d4
-----BEGIN CERTIFICATE-----
MIIG9zCCBd+gAwIBAgISAZfjxdT85ANqY3Dm6bhFeG7uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNzA3MDcyNDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODA5NDI4MGM3ZGQwN2FlOGJmZTZiNmFmYTgzYjA5MDA3ODViYWI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoqovKLns0FhNz/cy8ULddqAdllDO
oi7+NDqo4F2it0Mf0tga4kHw7Oyl+ad98YZc6D3hZGeQYzYvzWz9NGWplSNs0eht
tHyPFAtIb4HL287KNYplEzrZK/aPP/9Od/N9LH7mjYTOEBNvnVGaenOYNu/v/7Ca
YPLwuoZtsJ5QCJ+yc6GywCyWiiwiv6s90So0WB72queG0RmZmS+t4BZzjVkU0M5B
YJS/tAHOE7wJZfHG2flgriLPgbQVKL60q++/0o0Si93GuNXeOKlbuiTqmZKilBgA
+HbgXRulTPsJK6Ik5UpA9bpuQhXOhd4cvpHixTtfFM94ss0NJbbQZhg5owIDAQAB
o4IEAzCCA/8wHQYDVR0OBBYEFGgJQoDH3Qeui/5ravqDsJAHhbq4MB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvYUFsQ2dNZmRCNjZMX210cS1vT3drQWVGdXJnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICFwYIKwYBBQUHAQcBAf8EggIGMIICAjCCAXQEAgABMIIB
bAMEAAW7IQMEACXrMAMEACXrMzAMAwQALZdJAwQALZdKAwQALZl/AwQALre7MAwD
BAFTrIYDBABTrIgDBABTrIoDBABTrJYDBABTrJ8DBAFT83gDBAFZH3gDBABZH3sD
BABZKGkwDAMEA1ku6AMEAFku7AMEAVuEXAMEAFuEXwMEAFzzQAMEAF1xYwMEAF1x
1wMEAF+czAMEAF+czwMEAWc5+AMEAGc5+wMEAIb/0zAMAwQAlZqdAwQFlZqAAwQA
l+wEMAwDBACX7A8DBACX7BIwDAMEApfsFAMEAJfsFgMEAJfsGQMEAJ7/0DAMAwQA
nv/VAwQDnv/QAwQAsH5jAwQAuRrsAwQBuRruAwQBuUxOAwQAuXq7AwQAucEwAwQA
ucNAAwQAucNCAwQBvL4AAwQAvNYgAwQAwQM3AwQA1W+wAwQA1W+yAwQA1W+0MAwD
BAHVb7YDBAHVb7gDBADVb7wDBADVb78DBADVtzcwgYcEAgACMIGAAwcBKgMPgAAy
AwcAKgMPgAA5AwcBKgMPgABAMBIDBwIqAw+AAEQDBwEqAw+AAEgDBwAqAw+AAGED
BwAqAw+AAGUDBwAqAw+AAIEDBwAqAw+AA1gDBwAqAw+AA4EDBwAqAw+ACFIDBwAq
Aw+ACXEDBwAqAw+ARBYDBwAqAw+A7VEwDQYJKoZIhvcNAQELBQADggEBABC0gf6h
muEgg2MU5cXifTMJiya+AwUQ5SAQBP2Fy5i6RQSPCvCGEdL7OoHKztxamf7B8xNy
zVLxREYYBvPZMAATnWNjf4M5xH0X0cbmLSreE4L7dTPZ3369aADT71a/f3fNsiAj
wGh3kx+l5PZfEcPlqtV9l8TPdDC3YemZ0gkbpV94idYiC0+ERDtDm7lrlbTXmemd
FnW7YSRoO3U6VKi1GS8hKWlc3VyCfP4+cHKbgADb4+InhmvCZOv5bxUwwK8HS2aM
lsBNEPqcQGOLxnn848KoOHWyU/uKAW4btN//A8EJh4zP9bpvXOBlzPStFImCZddP
bn0tgYIQVnqv5dQ=
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:17:54 2025 by rpki-client