Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/41t90T64fe_uDqz-gN6xxukXadk.roa
File: 41t90T64fe_uDqz-gN6xxukXadk.roa (raw, json)
Hash identifier: hGQUDD65j8Nm6ImyVjym1lDKYzPpqmHOWpClTYzpkbc=
Subject key identifier: E3:5B:7D:D1:3E:B8:7D:EF:EE:0E:AC:FE:80:DE:B1:C6:E9:17:69:D9
Certificate issuer: /CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Certificate serial: 0198260FCA7633151E0202D75E129549BF52
Authority key identifier: EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/41t90T64fe_uDqz-gN6xxukXadk.roa
Signing time: Sun 20 Jul 2025 04:20:25 +0000
ROA not before: Sun 20 Jul 2025 04:20:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34665
IP address blocks: 5.8.0.0/21 maxlen: 22
5.8.8.0/22 maxlen: 22
5.8.8.0/23 maxlen: 23
5.8.8.0/24 maxlen: 24
5.8.9.0/24 maxlen: 24
5.8.10.0/23 maxlen: 23
5.8.10.0/24 maxlen: 24
5.8.11.0/24 maxlen: 24
5.8.12.0/22 maxlen: 22
5.8.16.0/24 maxlen: 24
5.8.48.0/22 maxlen: 22
5.8.48.0/23 maxlen: 23
5.8.48.0/24 maxlen: 24
5.8.49.0/24 maxlen: 24
5.8.50.0/23 maxlen: 23
5.8.50.0/24 maxlen: 24
5.8.51.0/24 maxlen: 24
5.8.52.0/22 maxlen: 22
5.8.52.0/23 maxlen: 23
5.8.52.0/24 maxlen: 24
5.8.53.0/24 maxlen: 24
5.8.54.0/23 maxlen: 23
5.8.54.0/24 maxlen: 24
5.8.55.0/24 maxlen: 24
5.8.60.0/23 maxlen: 23
5.8.65.0/24 maxlen: 24
5.8.66.0/23 maxlen: 23
5.8.80.0/21 maxlen: 23
5.101.0.0/22 maxlen: 22
5.101.0.0/23 maxlen: 23
5.101.0.0/24 maxlen: 24
5.101.1.0/24 maxlen: 24
5.101.2.0/23 maxlen: 23
5.101.2.0/24 maxlen: 24
5.101.3.0/24 maxlen: 24
5.101.4.0/22 maxlen: 22
5.101.4.0/23 maxlen: 23
5.101.4.0/24 maxlen: 24
5.101.5.0/24 maxlen: 24
5.101.6.0/23 maxlen: 23
5.101.6.0/24 maxlen: 24
5.101.7.0/24 maxlen: 24
5.101.32.0/22 maxlen: 24
5.101.47.0/24 maxlen: 24
5.101.64.0/22 maxlen: 22
5.101.64.0/23 maxlen: 23
5.101.64.0/24 maxlen: 24
5.101.65.0/24 maxlen: 24
5.101.66.0/23 maxlen: 23
5.101.66.0/24 maxlen: 24
5.101.67.0/24 maxlen: 24
5.101.90.0/23 maxlen: 23
5.101.92.0/22 maxlen: 22
5.188.10.0/23 maxlen: 23
5.188.44.0/22 maxlen: 22
5.188.44.0/23 maxlen: 23
5.188.44.0/24 maxlen: 24
5.188.45.0/24 maxlen: 24
5.188.46.0/23 maxlen: 23
5.188.46.0/24 maxlen: 24
5.188.47.0/24 maxlen: 24
5.188.48.0/23 maxlen: 23
5.188.49.0/24 maxlen: 24
5.188.192.0/23 maxlen: 24
5.188.194.0/23 maxlen: 23
5.188.204.0/23 maxlen: 23
5.188.208.0/23 maxlen: 23
5.188.210.0/24 maxlen: 24
5.188.211.0/24 maxlen: 24
5.188.223.0/24 maxlen: 24
5.188.233.0/24 maxlen: 24
5.188.234.0/23 maxlen: 23
5.189.248.0/22 maxlen: 24
5.189.252.0/24 maxlen: 24
31.44.188.0/22 maxlen: 32
31.184.192.0/22 maxlen: 22
31.184.192.0/23 maxlen: 23
31.184.192.0/24 maxlen: 24
31.184.193.0/24 maxlen: 24
31.184.194.0/23 maxlen: 23
31.184.194.0/24 maxlen: 24
31.184.195.0/24 maxlen: 24
31.184.196.0/22 maxlen: 22
31.184.196.0/23 maxlen: 23
31.184.196.0/24 maxlen: 24
31.184.197.0/24 maxlen: 24
31.184.198.0/23 maxlen: 23
31.184.198.0/24 maxlen: 24
31.184.199.0/24 maxlen: 24
31.184.238.0/23 maxlen: 23
31.184.243.0/24 maxlen: 24
37.9.48.0/24 maxlen: 24
37.139.53.0/24 maxlen: 24
37.139.56.0/22 maxlen: 22
37.139.56.0/23 maxlen: 23
37.139.56.0/24 maxlen: 24
37.139.57.0/24 maxlen: 24
37.139.58.0/23 maxlen: 23
37.139.58.0/24 maxlen: 24
37.139.59.0/24 maxlen: 24
46.161.2.0/23 maxlen: 23
46.161.8.0/24 maxlen: 24
46.161.10.0/24 maxlen: 24
46.161.14.0/23 maxlen: 23
46.161.20.0/22 maxlen: 22
46.161.28.0/22 maxlen: 22
46.161.32.0/22 maxlen: 22
46.161.44.0/22 maxlen: 22
46.161.48.0/22 maxlen: 22
46.161.48.0/23 maxlen: 23
46.161.48.0/24 maxlen: 24
46.161.49.0/24 maxlen: 24
46.161.50.0/23 maxlen: 23
46.161.50.0/24 maxlen: 24
46.161.51.0/24 maxlen: 24
91.243.32.0/22 maxlen: 22
91.243.48.0/22 maxlen: 22
91.243.48.0/23 maxlen: 23
91.243.48.0/24 maxlen: 24
91.243.49.0/24 maxlen: 24
91.243.50.0/23 maxlen: 23
91.243.50.0/24 maxlen: 24
91.243.51.0/24 maxlen: 24
91.243.52.0/22 maxlen: 22
91.243.56.0/22 maxlen: 22
91.243.60.0/24 maxlen: 24
91.243.61.0/24 maxlen: 24
95.215.0.0/22 maxlen: 24
95.215.0.0/23 maxlen: 23
95.215.0.0/24 maxlen: 24
95.215.1.0/24 maxlen: 24
95.215.2.0/23 maxlen: 23
95.215.2.0/24 maxlen: 24
95.215.3.0/24 maxlen: 24
146.185.223.0/24 maxlen: 24
146.185.224.0/21 maxlen: 21
188.143.232.0/22 maxlen: 22
188.143.232.0/23 maxlen: 23
188.143.232.0/24 maxlen: 24
188.143.233.0/24 maxlen: 24
188.143.235.0/24 maxlen: 24
195.2.240.0/23 maxlen: 24
2a00:1d78:100:1c0::/58 maxlen: 58
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.mft
rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 23 Jul 2025 10:01:07 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:26:0f:ca:76:33:15:1e:02:02:d7:5e:12:95:49:bf:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eaaa8a0a5fdfd698e104be36a2aeec813aeca071
Validity
Not Before: Jul 20 04:20:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=e35b7dd13eb87defee0eacfe80deb1c6e91769d9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:52:5e:50:6c:9f:ca:b2:2e:80:06:bc:51:27:
5d:5c:86:7f:54:21:f9:0b:fe:26:5f:69:d2:ed:23:
34:ba:9b:a3:22:8c:d8:22:97:87:03:1f:b9:78:04:
51:42:38:29:8e:1d:82:d3:fe:d4:05:e7:5b:1c:d2:
03:cc:ca:12:50:76:14:0d:b9:3e:51:e0:68:b5:c4:
f7:dc:c6:69:39:6b:da:86:cb:4a:51:66:9a:7f:5b:
bd:38:f0:9c:4e:6f:a1:49:55:71:3b:79:71:80:4a:
4b:27:a5:7a:7f:88:2a:ff:92:ce:e4:b9:aa:5c:48:
96:cd:e5:e9:c4:6a:77:89:e5:9a:c2:0c:2a:65:22:
41:09:4e:ee:20:83:45:4b:9c:47:33:a5:07:22:82:
0e:73:28:2f:68:05:21:1b:fd:4b:da:0e:8d:28:0b:
ec:cd:94:2d:ff:72:81:bb:ee:7f:18:a0:1d:57:cd:
9c:9c:fe:f2:51:c3:4d:43:f1:5b:f6:6e:ae:a2:76:
37:cf:7c:89:d6:8c:60:dd:cb:60:8d:d7:b7:d2:f5:
d7:c3:8e:e9:4b:64:b3:9e:f7:0a:47:b4:90:28:0b:
c3:39:d6:4e:f9:21:b1:8e:b6:77:b1:cc:0d:7e:7c:
55:51:51:bb:3f:22:34:71:c4:73:c6:1a:ce:59:92:
47:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
E3:5B:7D:D1:3E:B8:7D:EF:EE:0E:AC:FE:80:DE:B1:C6:E9:17:69:D9
X509v3 Authority Key Identifier:
keyid:EA:AA:8A:0A:5F:DF:D6:98:E1:04:BE:36:A2:AE:EC:81:3A:EC:A0:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6qqKCl_f1pjhBL42oq7sgTrsoHE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/41t90T64fe_uDqz-gN6xxukXadk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/2932df-a4bd-4af5-a4d4-89d09240c43b/1/6qqKCl_f1pjhBL42oq7sgTrsoHE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.0.0-5.8.16.255
5.8.48.0/21
5.8.60.0/23
5.8.65.0-5.8.67.255
5.8.80.0/21
5.101.0.0/21
5.101.32.0/22
5.101.47.0/24
5.101.64.0/22
5.101.90.0-5.101.95.255
5.188.10.0/23
5.188.44.0-5.188.49.255
5.188.192.0/22
5.188.204.0/23
5.188.208.0/22
5.188.223.0/24
5.188.233.0-5.188.235.255
5.189.248.0-5.189.252.255
31.44.188.0/22
31.184.192.0/21
31.184.238.0/23
31.184.243.0/24
37.9.48.0/24
37.139.53.0/24
37.139.56.0/22
46.161.2.0/23
46.161.8.0/24
46.161.10.0/24
46.161.14.0/23
46.161.20.0/22
46.161.28.0-46.161.35.255
46.161.44.0-46.161.51.255
91.243.32.0/22
91.243.48.0-91.243.61.255
95.215.0.0/22
146.185.223.0-146.185.231.255
188.143.232.0/22
195.2.240.0/23
IPv6:
2a00:1d78:100:1c0::/58
Signature Algorithm: sha256WithRSAEncryption
13:01:49:dc:a0:04:ef:79:d8:d5:dd:89:a6:ca:48:ae:b2:92:
4c:6b:e4:ad:26:f3:ce:dd:c4:2a:57:ec:64:59:db:b5:f6:f0:
9c:9d:cb:e8:6f:59:02:be:28:d3:23:33:e0:1b:6a:19:76:7a:
76:15:e7:92:43:0c:e3:54:f7:bc:42:05:41:26:b2:be:01:d7:
cf:5f:23:95:8e:2e:f5:04:b2:c2:fe:b7:ee:59:95:11:1e:2f:
a1:c9:2b:8f:25:e9:a2:4c:15:8b:1f:0c:02:d5:44:b9:fe:ff:
44:be:3f:e7:86:df:3c:80:e4:93:4f:a1:41:c6:e0:d3:ac:ec:
cd:7a:41:a4:24:11:47:ee:d3:43:17:c6:24:8d:df:b8:fa:0f:
8f:19:1a:e5:34:f9:ed:43:78:d3:f8:78:47:c3:0b:23:6f:15:
e6:69:4e:a7:13:91:df:68:ed:99:66:d3:fe:64:24:b3:c2:74:
cb:31:b0:20:9b:be:20:6b:5a:db:8a:e0:b1:99:40:d5:22:b5:
2f:78:59:3b:18:14:c5:cd:79:ae:c5:af:1e:f7:7f:45:eb:05:
12:2a:f9:be:e9:df:f7:80:f0:a2:7b:56:d4:2e:54:ce:fc:dc:
76:e1:92:63:29:5e:f5:73:56:25:79:ba:78:df:a8:91:fa:69:
06:a3:15:93
-----BEGIN CERTIFICATE-----
MIIGRzCCBS+gAwIBAgISAZgmD8p2MxUeAgLXXhKVSb9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVhYWE4YTBhNWZkZmQ2OThlMTA0YmUzNmEyYWVlYzgxM2Fl
Y2EwNzEwHhcNMjUwNzIwMDQyMDI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlMzViN2RkMTNlYjg3ZGVmZWUwZWFjZmU4MGRlYjFjNmU5MTc2OWQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoVJeUGyfyrIugAa8USddXIZ/VCH5
C/4mX2nS7SM0upujIozYIpeHAx+5eARRQjgpjh2C0/7UBedbHNIDzMoSUHYUDbk+
UeBotcT33MZpOWvahstKUWaaf1u9OPCcTm+hSVVxO3lxgEpLJ6V6f4gq/5LO5Lmq
XEiWzeXpxGp3ieWawgwqZSJBCU7uIINFS5xHM6UHIoIOcygvaAUhG/1L2g6NKAvs
zZQt/3KBu+5/GKAdV82cnP7yUcNNQ/Fb9m6uonY3z3yJ1oxg3ctgjde30vXXw47p
S2SznvcKR7SQKAvDOdZO+SGxjrZ3scwNfnxVUVG7PyI0ccRzxhrOWZJHuQIDAQAB
o4IDUzCCA08wHQYDVR0OBBYEFONbfdE+uH3v7g6s/oDescbpF2nZMB8GA1UdIwQY
MBaAFOqqigpf39aY4QS+NqKu7IE67KBxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQt
ODlkMDkyNDBjNDNiLzEvNDF0OTBUNjRmZV91RHF6LWdONnh4dWtYYWRrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8yOTMyZGYtYTRiZC00YWY1LWE0ZDQtODlkMDkyNDBjNDNi
LzEvNnFxS0NsX2YxcGpoQkw0Mm9xN3NnVHJzb0hFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBZwYIKwYBBQUHAQcBAf8EggFWMIIBUjCCATsEAgABMIIB
MzALAwMDBQgDBAAFCBADBAMFCDADBAEFCDwwDAMEAAUIQQMEAgUIQAMEAwUIUAME
AwVlAAMEAgVlIAMEAAVlLwMEAgVlQDAMAwQBBWVaAwQFBWVAAwQBBbwKMAwDBAIF
vCwDBAEFvDADBAIFvMADBAEFvMwDBAIFvNADBAAFvN8wDAMEAAW86QMEAgW86DAM
AwQDBb34AwQABb38AwQCHyy8AwQDH7jAAwQBH7juAwQAH7jzAwQAJQkwAwQAJYs1
AwQCJYs4AwQBLqECAwQALqEIAwQALqEKAwQBLqEOAwQCLqEUMAwDBAIuoRwDBAIu
oSAwDAMEAi6hLAMEAi6hMAMEAlvzIDAMAwQEW/MwAwQBW/M8AwQCX9cAMAwDBACS
ud8DBAOSueADBAK8j+gDBAHDAvAwEQQCAAIwCwMJBioAHXgBAAHAMA0GCSqGSIb3
DQEBCwUAA4IBAQATAUncoATvedjV3YmmykiuspJMa+StJvPO3cQqV+xkWdu19vCc
ncvob1kCvijTIzPgG2oZdnp2FeeSQwzjVPe8QgVBJrK+AdfPXyOVji71BLLC/rfu
WZURHi+hySuPJemiTBWLHwwC1US5/v9Evj/nht88gOSTT6FBxuDTrOzNekGkJBFH
7tNDF8Ykjd+4+g+PGRrlNPntQ3jT+HhHwwsjbxXmaU6nE5HfaO2ZZtP+ZCSzwnTL
MbAgm74ga1rbiuCxmUDVIrUveFk7GBTFzXmuxa8e939F6wUSKvm+6d/3gPCie1bU
LlTO/Nx24ZJjKV71c1Ylebp436iR+mkGoxWT
-----END CERTIFICATE-----
Generated at Tue Jul 22 19:34:16 2025 by rpki-client