Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/TDNldyoVb4xBkRrsANEwRdX0Uqs.roa
File: TDNldyoVb4xBkRrsANEwRdX0Uqs.roa (raw, json)
Hash identifier: wQFfix2hzJo3LB++Adj8kc2QXPUVVh12Ff6IX0c9r8w=
Subject key identifier: 4C:33:65:77:2A:15:6F:8C:41:91:1A:EC:00:D1:30:45:D5:F4:52:AB
Certificate issuer: /CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Certificate serial: 01981862CF784F64DF28FFC476F0C4B9F788
Authority key identifier: 7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/TDNldyoVb4xBkRrsANEwRdX0Uqs.roa
Signing time: Thu 17 Jul 2025 12:36:25 +0000
ROA not before: Thu 17 Jul 2025 12:36:25 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210756
IP address blocks: 5.8.42.0/24 maxlen: 24
5.8.43.0/24 maxlen: 24
5.101.68.0/24 maxlen: 24
5.101.69.0/24 maxlen: 24
5.101.70.0/24 maxlen: 24
5.101.218.0/24 maxlen: 24
5.188.2.0/24 maxlen: 24
5.188.3.0/24 maxlen: 24
5.188.7.0/24 maxlen: 24
5.188.35.0/24 maxlen: 24
5.188.37.0/24 maxlen: 24
5.188.38.0/24 maxlen: 24
5.188.39.0/24 maxlen: 24
5.188.121.0/24 maxlen: 24
5.188.149.0/24 maxlen: 24
5.188.150.0/24 maxlen: 24
5.188.170.0/24 maxlen: 24
5.188.171.0/24 maxlen: 24
5.188.176.0/24 maxlen: 24
5.188.177.0/24 maxlen: 24
5.188.178.0/24 maxlen: 24
5.188.179.0/24 maxlen: 24
5.188.212.0/24 maxlen: 24
5.188.224.0/24 maxlen: 24
5.188.229.0/24 maxlen: 24
5.189.201.0/24 maxlen: 24
5.189.205.0/24 maxlen: 24
5.189.223.0/24 maxlen: 24
31.184.204.0/24 maxlen: 24
31.184.205.0/24 maxlen: 24
37.9.36.0/24 maxlen: 24
37.9.37.0/24 maxlen: 24
37.9.38.0/24 maxlen: 24
37.9.39.0/24 maxlen: 24
37.9.52.0/24 maxlen: 24
37.9.53.0/24 maxlen: 24
37.9.54.0/24 maxlen: 24
37.9.55.0/24 maxlen: 24
45.147.162.0/24 maxlen: 24
45.147.163.0/24 maxlen: 24
79.133.127.0/24 maxlen: 24
82.97.207.0/24 maxlen: 24
83.229.14.0/24 maxlen: 24
83.229.25.0/24 maxlen: 24
91.243.80.0/24 maxlen: 24
91.243.82.0/24 maxlen: 24
91.243.83.0/24 maxlen: 24
91.243.84.0/24 maxlen: 24
91.243.86.0/24 maxlen: 24
92.38.128.0/24 maxlen: 24
92.38.129.0/24 maxlen: 24
92.38.130.0/24 maxlen: 24
92.38.131.0/24 maxlen: 24
92.38.136.0/24 maxlen: 24
92.38.137.0/24 maxlen: 24
92.38.138.0/24 maxlen: 24
92.38.139.0/24 maxlen: 24
92.38.152.0/24 maxlen: 24
92.38.153.0/24 maxlen: 24
92.38.156.0/24 maxlen: 24
92.38.188.0/24 maxlen: 24
92.38.189.0/24 maxlen: 24
92.38.190.0/24 maxlen: 24
92.38.191.0/24 maxlen: 24
92.223.4.0/24 maxlen: 24
92.223.5.0/24 maxlen: 24
92.223.6.0/24 maxlen: 24
92.223.8.0/24 maxlen: 24
92.223.9.0/24 maxlen: 24
92.223.14.0/24 maxlen: 24
92.223.32.0/24 maxlen: 24
92.223.33.0/24 maxlen: 24
92.223.34.0/24 maxlen: 24
92.223.35.0/24 maxlen: 24
92.223.36.0/24 maxlen: 24
92.223.38.0/24 maxlen: 24
92.223.41.0/24 maxlen: 24
92.223.43.0/24 maxlen: 24
92.223.49.0/24 maxlen: 24
92.223.60.0/24 maxlen: 24
92.223.64.0/24 maxlen: 24
92.223.65.0/24 maxlen: 24
92.223.67.0/24 maxlen: 24
92.223.72.0/24 maxlen: 24
92.223.80.0/24 maxlen: 24
92.223.87.0/24 maxlen: 24
92.223.91.0/24 maxlen: 24
92.223.103.0/24 maxlen: 24
92.223.106.0/24 maxlen: 24
92.223.108.0/24 maxlen: 24
92.223.109.0/24 maxlen: 24
92.223.110.0/24 maxlen: 24
92.223.111.0/24 maxlen: 24
92.223.114.0/24 maxlen: 24
92.223.115.0/24 maxlen: 24
92.223.122.0/24 maxlen: 24
92.223.123.0/24 maxlen: 24
95.85.88.0/24 maxlen: 24
95.181.176.0/24 maxlen: 24
95.181.177.0/24 maxlen: 24
95.181.178.0/24 maxlen: 24
95.181.179.0/24 maxlen: 24
95.181.180.0/24 maxlen: 24
95.181.181.0/24 maxlen: 24
95.181.182.0/24 maxlen: 24
95.181.183.0/24 maxlen: 24
146.185.196.0/24 maxlen: 24
146.185.197.0/24 maxlen: 24
146.185.198.0/24 maxlen: 24
146.185.199.0/24 maxlen: 24
146.185.215.0/24 maxlen: 24
146.185.218.0/24 maxlen: 24
185.14.46.0/24 maxlen: 24
185.101.137.0/24 maxlen: 24
193.17.93.0/24 maxlen: 24
2a11:27c0::/44 maxlen: 44
2a11:27c0:10::/44 maxlen: 44
2a11:27c0:20::/44 maxlen: 44
2a11:27c0:100::/44 maxlen: 44
2a11:27c0:110::/44 maxlen: 44
2a11:27c0:120::/44 maxlen: 44
2a11:27c0:130::/44 maxlen: 44
2a11:27c0:140::/44 maxlen: 44
2a11:27c0:150::/44 maxlen: 44
2a11:27c0:160::/44 maxlen: 44
2a11:27c0:170::/44 maxlen: 44
2a11:27c0:180::/44 maxlen: 44
2a11:27c0:190::/44 maxlen: 44
2a11:27c0:1a0::/44 maxlen: 44
2a11:27c0:1b0::/44 maxlen: 44
2a11:27c0:1c0::/44 maxlen: 44
2a11:27c0:1d0::/44 maxlen: 44
2a11:27c0:1e0::/44 maxlen: 44
2a11:27c0:1f0::/44 maxlen: 44
2a11:27c0:200::/44 maxlen: 44
2a11:27c0:210::/44 maxlen: 44
2a11:27c0:1000::/44 maxlen: 44
2a11:27c0:1010::/44 maxlen: 44
2a11:27c0:1020::/44 maxlen: 44
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:18:62:cf:78:4f:64:df:28:ff:c4:76:f0:c4:b9:f7:88
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3e585a59b523bb86d660a7168e1c1eba094da0
Validity
Not Before: Jul 17 12:36:25 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4c3365772a156f8c41911aec00d13045d5f452ab
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:55:be:14:87:56:10:e0:1c:55:e0:18:fc:67:
55:12:b8:8d:f6:49:1e:53:fe:f2:6b:0d:c0:c0:f1:
92:61:02:aa:82:50:b8:4a:8c:6a:56:8e:fb:7b:99:
8d:f2:2a:eb:19:ed:62:ed:0e:df:c9:38:d1:36:10:
75:1f:48:7f:82:38:aa:9f:45:6d:c0:14:c7:c0:b6:
06:2b:08:49:d8:25:4e:b3:8b:18:f0:22:6b:33:09:
92:5d:ad:53:79:88:96:58:84:ff:c8:c0:ab:4b:62:
42:28:65:88:93:f3:c6:c2:0f:27:39:f3:74:5c:c7:
0d:3f:2d:bf:44:e8:c8:54:78:22:25:4c:ed:4f:b2:
88:36:01:f1:88:e0:b1:d1:04:63:68:71:f6:9d:7e:
c0:f4:f5:3e:bf:4f:c8:dd:68:bf:e2:22:3a:34:2d:
ea:bd:0e:26:66:1d:8e:38:a4:f2:aa:91:23:e4:99:
48:87:ed:e5:7c:e2:7e:f9:76:bf:bf:51:ca:27:1a:
61:d1:4d:e9:1a:2b:b9:32:84:7b:4f:12:b5:b7:3a:
c4:f6:8f:18:91:e7:e7:d0:4e:b4:1c:a4:07:52:f1:
d5:0b:2b:bd:da:d5:08:1b:b6:05:ca:8f:fd:25:c1:
7c:1d:5d:4e:b0:b3:28:21:ad:79:f4:c6:87:2d:35:
12:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4C:33:65:77:2A:15:6F:8C:41:91:1A:EC:00:D1:30:45:D5:F4:52:AB
X509v3 Authority Key Identifier:
keyid:7C:3E:58:5A:59:B5:23:BB:86:D6:60:A7:16:8E:1C:1E:BA:09:4D:A0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD5YWlm1I7uG1mCnFo4cHroJTaA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/TDNldyoVb4xBkRrsANEwRdX0Uqs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/26e32a-35ba-443f-bc1e-6dc1f56031eb/1/fD5YWlm1I7uG1mCnFo4cHroJTaA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.8.42.0/23
5.101.68.0-5.101.70.255
5.101.218.0/24
5.188.2.0/23
5.188.7.0/24
5.188.35.0/24
5.188.37.0-5.188.39.255
5.188.121.0/24
5.188.149.0-5.188.150.255
5.188.170.0/23
5.188.176.0/22
5.188.212.0/24
5.188.224.0/24
5.188.229.0/24
5.189.201.0/24
5.189.205.0/24
5.189.223.0/24
31.184.204.0/23
37.9.36.0/22
37.9.52.0/22
45.147.162.0/23
79.133.127.0/24
82.97.207.0/24
83.229.14.0/24
83.229.25.0/24
91.243.80.0/24
91.243.82.0-91.243.84.255
91.243.86.0/24
92.38.128.0/22
92.38.136.0/22
92.38.152.0/23
92.38.156.0/24
92.38.188.0/22
92.223.4.0-92.223.6.255
92.223.8.0/23
92.223.14.0/24
92.223.32.0-92.223.36.255
92.223.38.0/24
92.223.41.0/24
92.223.43.0/24
92.223.49.0/24
92.223.60.0/24
92.223.64.0/23
92.223.67.0/24
92.223.72.0/24
92.223.80.0/24
92.223.87.0/24
92.223.91.0/24
92.223.103.0/24
92.223.106.0/24
92.223.108.0/22
92.223.114.0/23
92.223.122.0/23
95.85.88.0/24
95.181.176.0/21
146.185.196.0/22
146.185.215.0/24
146.185.218.0/24
185.14.46.0/24
185.101.137.0/24
193.17.93.0/24
IPv6:
2a11:27c0::-2a11:27c0:2f:ffff:ffff:ffff:ffff:ffff
2a11:27c0:100::-2a11:27c0:21f:ffff:ffff:ffff:ffff:ffff
2a11:27c0:1000::-2a11:27c0:102f:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
81:b6:4d:56:7d:02:0f:1e:0d:7d:c1:06:49:7d:0d:6d:c1:4d:
8a:81:04:4e:5c:d6:66:d0:0e:32:79:a8:a1:a6:de:61:b1:d9:
fe:38:c6:54:84:6e:88:e2:db:66:63:26:de:e0:bd:ca:08:c9:
97:53:36:86:db:48:41:05:ff:30:58:ec:ca:56:b4:b5:59:f8:
ea:4e:63:bc:38:a7:57:cc:75:49:13:6a:e8:d4:49:9e:b5:61:
99:4d:3c:43:d8:65:d0:d5:a8:18:70:ba:1e:92:81:8f:69:30:
bc:28:55:76:3c:3b:b4:ab:ae:a4:cf:13:00:90:2e:e9:95:ae:
f8:97:3e:bf:3e:9e:07:82:77:b5:38:e8:56:72:db:82:99:57:
67:c3:fb:f6:5a:27:f7:c3:62:03:e7:d7:35:37:40:f7:5e:9e:
5d:ba:8a:e3:ef:f6:16:2a:44:55:c5:98:e7:e9:06:11:c7:6a:
16:f6:1b:0b:7c:8f:d6:7b:a5:9b:3a:75:37:ce:ac:cf:f5:28:
2a:1a:0d:2b:d7:ba:0e:5c:85:fd:d2:95:b5:94:29:00:f3:eb:
de:62:8e:92:47:88:8c:7e:ad:a0:3c:e2:22:15:60:15:d7:e8:
7e:48:d1:f1:7d:d0:1d:b6:a2:32:19:c4:b7:d4:d6:94:45:ff:
b8:90:ae:72
-----BEGIN CERTIFICATE-----
MIIG3zCCBcegAwIBAgISAZgYYs94T2TfKP/EdvDEufeIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2U1ODVhNTliNTIzYmI4NmQ2NjBhNzE2OGUxYzFlYmEw
OTRkYTAwHhcNMjUwNzE3MTIzNjI1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YzMzNjU3NzJhMTU2ZjhjNDE5MTFhZWMwMGQxMzA0NWQ1ZjQ1MmFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1FW+FIdWEOAcVeAY/GdVEriN9kke
U/7yaw3AwPGSYQKqglC4SoxqVo77e5mN8irrGe1i7Q7fyTjRNhB1H0h/gjiqn0Vt
wBTHwLYGKwhJ2CVOs4sY8CJrMwmSXa1TeYiWWIT/yMCrS2JCKGWIk/PGwg8nOfN0
XMcNPy2/ROjIVHgiJUztT7KINgHxiOCx0QRjaHH2nX7A9PU+v0/I3Wi/4iI6NC3q
vQ4mZh2OOKTyqpEj5JlIh+3lfOJ++Xa/v1HKJxph0U3pGiu5MoR7TxK1tzrE9o8Y
kefn0E60HKQHUvHVCyu92tUIG7YFyo/9JcF8HV1OsLMoIa159MaHLTUSeQIDAQAB
o4ID6zCCA+cwHQYDVR0OBBYEFEwzZXcqFW+MQZEa7ADRMEXV9FKrMB8GA1UdIwQY
MBaAFHw+WFpZtSO7htZgpxaOHB66CU2gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUt
NmRjMWY1NjAzMWViLzEvVERObGR5b1ZiNHhCa1Jyc0FORXdSZFgwVXFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS8yNmUzMmEtMzViYS00NDNmLWJjMWUtNmRjMWY1NjAzMWVi
LzEvZkQ1WVdsbTFJN3VHMW1DbkZvNGNIcm9KVGFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB/wYIKwYBBQUHAQcBAf8EggHuMIIB6jCCAaYEAgABMIIB
ngMEAQUIKjAMAwQCBWVEAwQABWVGAwQABWXaAwQBBbwCAwQABbwHAwQABbwjMAwD
BAAFvCUDBAMFvCADBAAFvHkwDAMEAAW8lQMEAAW8lgMEAQW8qgMEAgW8sAMEAAW8
1AMEAAW84AMEAAW85QMEAAW9yQMEAAW9zQMEAAW93wMEAR+4zAMEAiUJJAMEAiUJ
NAMEAS2TogMEAE+FfwMEAFJhzwMEAFPlDgMEAFPlGQMEAFvzUDAMAwQBW/NSAwQA
W/NUAwQAW/NWAwQCXCaAAwQCXCaIAwQBXCaYAwQAXCacAwQCXCa8MAwDBAJc3wQD
BABc3wYDBAFc3wgDBABc3w4wDAMEBVzfIAMEAFzfJAMEAFzfJgMEAFzfKQMEAFzf
KwMEAFzfMQMEAFzfPAMEAVzfQAMEAFzfQwMEAFzfSAMEAFzfUAMEAFzfVwMEAFzf
WwMEAFzfZwMEAFzfagMEAlzfbAMEAVzfcgMEAVzfegMEAF9VWAMEA1+1sAMEApK5
xAMEAJK51wMEAJK52gMEALkOLgMEALlliQMEAMERXTA+BAIAAjA4MBADBQYqESfA
AwcEKhEnwAAgMBEDBgAqESfAAQMHBSoRJ8ACADARAwYEKhEnwBADBwQqESfAECAw
DQYJKoZIhvcNAQELBQADggEBAIG2TVZ9Ag8eDX3BBkl9DW3BTYqBBE5c1mbQDjJ5
qKGm3mGx2f44xlSEboji22ZjJt7gvcoIyZdTNobbSEEF/zBY7MpWtLVZ+OpOY7w4
p1fMdUkTaujUSZ61YZlNPEPYZdDVqBhwuh6SgY9pMLwoVXY8O7SrrqTPEwCQLumV
rviXPr8+ngeCd7U46FZy24KZV2fD+/ZaJ/fDYgPn1zU3QPdenl26iuPv9hYqRFXF
mOfpBhHHahb2Gwt8j9Z7pZs6dTfOrM/1KCoaDSvXug5chf3SlbWUKQDz695ijpJH
iIx+raA84iIVYBXX6H5I0fF90B22ojIZxLfU1pRF/7iQrnI=
-----END CERTIFICATE-----
Generated at Sun Jul 27 21:31:34 2025 by rpki-client