
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/V44zBaIrT2vwhrVFAcN5IRAmoy4.roa
File: V44zBaIrT2vwhrVFAcN5IRAmoy4.roa (raw, json)
Hash identifier: IDJvYejslYQFS3URSy/7ffz5ilsUpAhyf+EqD49d/+Y=
Subject key identifier: 57:8E:33:05:A2:2B:4F:6B:F0:86:B5:45:01:C3:79:21:10:26:A3:2E
Certificate issuer: /CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Certificate serial: 0197F458C859B350EF4703E4F273C28C5E87
Authority key identifier: 88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/V44zBaIrT2vwhrVFAcN5IRAmoy4.roa
Signing time: Thu 10 Jul 2025 12:39:08 +0000
ROA not before: Thu 10 Jul 2025 12:39:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 24589
IP address blocks: 31.42.80.0/20 maxlen: 20
83.243.88.0/21 maxlen: 21
84.38.136.0/21 maxlen: 21
87.99.64.0/19 maxlen: 19
87.99.64.0/24 maxlen: 24
87.99.65.0/24 maxlen: 24
87.99.66.0/24 maxlen: 24
87.99.67.0/24 maxlen: 24
87.99.95.0/24 maxlen: 24
88.135.128.0/19 maxlen: 19
91.90.224.0/19 maxlen: 29
91.90.225.0/24 maxlen: 24
91.90.230.0/24 maxlen: 24
91.90.231.0/24 maxlen: 24
91.90.236.0/24 maxlen: 24
91.90.237.0/25 maxlen: 25
91.90.238.0/24 maxlen: 24
91.90.252.64/29 maxlen: 29
91.90.255.0/24 maxlen: 24
91.233.214.0/23 maxlen: 23
109.197.208.0/21 maxlen: 21
109.197.208.0/24 maxlen: 24
109.229.192.0/19 maxlen: 19
171.25.218.0/23 maxlen: 23
176.103.176.0/22 maxlen: 22
176.103.184.0/24 maxlen: 24
176.106.48.0/20 maxlen: 20
176.106.100.0/23 maxlen: 23
176.106.160.0/20 maxlen: 20
176.106.176.0/21 maxlen: 21
185.47.10.0/24 maxlen: 24
185.47.11.0/24 maxlen: 24
185.220.196.0/22 maxlen: 22
185.220.196.0/24 maxlen: 24
193.111.244.0/22 maxlen: 22
193.238.212.0/22 maxlen: 22
193.238.212.128/25 maxlen: 25
193.238.216.0/21 maxlen: 21
194.9.212.0/22 maxlen: 22
194.9.212.0/24 maxlen: 24
195.69.88.0/22 maxlen: 22
213.110.64.0/22 maxlen: 22
213.110.72.0/22 maxlen: 23
213.110.76.0/22 maxlen: 22
213.110.80.0/20 maxlen: 20
2a01:8ca0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.mft
rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f4:58:c8:59:b3:50:ef:47:03:e4:f2:73:c2:8c:5e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=88add9b671f7a36eb2367e34fee4bcb13b8f66cc
Validity
Not Before: Jul 10 12:39:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=578e3305a22b4f6bf086b54501c379211026a32e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:64:25:16:9f:fd:cd:75:3d:30:c0:11:c3:e1:
cc:ca:18:69:7d:db:85:dc:70:36:7e:8a:e3:bd:06:
68:d2:ba:98:8c:42:ce:11:32:ea:c7:3b:8a:b2:2f:
66:0a:2f:8c:71:ee:e8:12:bd:eb:ca:4f:71:6a:7a:
36:bb:ad:43:9d:b1:1c:09:f3:1b:9b:e9:4b:de:be:
02:9b:79:6c:d6:d4:ad:c9:2d:88:08:68:93:ec:87:
ab:e3:76:df:e1:b2:80:94:15:9d:31:09:13:0c:e2:
5c:21:e0:c8:5a:de:4b:7b:f7:d7:35:43:6f:0d:c7:
0a:f5:62:94:34:81:f0:03:59:d5:79:a0:29:d3:dc:
63:f5:07:83:de:1f:37:83:6a:35:1c:8d:b1:91:cb:
2b:2e:38:51:f3:d9:47:b6:ec:dc:c0:15:7a:92:08:
7c:60:c5:63:c7:87:50:41:07:b1:11:55:da:ab:71:
3a:31:4c:c2:63:2c:23:d3:fe:9e:1c:30:af:20:91:
17:e3:ca:df:f7:53:ca:65:2f:f6:68:e7:e8:be:3c:
a9:df:84:b9:d5:9f:47:1a:e1:a7:80:15:89:35:e0:
11:21:f9:50:47:10:23:17:09:6f:8a:ea:39:fa:b1:
93:db:8f:38:85:80:7e:fb:8b:03:22:a2:e4:1c:18:
ae:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:8E:33:05:A2:2B:4F:6B:F0:86:B5:45:01:C3:79:21:10:26:A3:2E
X509v3 Authority Key Identifier:
keyid:88:AD:D9:B6:71:F7:A3:6E:B2:36:7E:34:FE:E4:BC:B1:3B:8F:66:CC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/iK3ZtnH3o26yNn40_uS8sTuPZsw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/V44zBaIrT2vwhrVFAcN5IRAmoy4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/3ed00a-15ee-4664-a7f1-a1b96b9b70f8/1/iK3ZtnH3o26yNn40_uS8sTuPZsw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.42.80.0/20
83.243.88.0/21
84.38.136.0/21
87.99.64.0/19
88.135.128.0/19
91.90.224.0/19
91.233.214.0/23
109.197.208.0/21
109.229.192.0/19
171.25.218.0/23
176.103.176.0/22
176.103.184.0/24
176.106.48.0/20
176.106.100.0/23
176.106.160.0-176.106.183.255
185.47.10.0/23
185.220.196.0/22
193.111.244.0/22
193.238.212.0-193.238.223.255
194.9.212.0/22
195.69.88.0/22
213.110.64.0/22
213.110.72.0-213.110.95.255
IPv6:
2a01:8ca0::/32
Signature Algorithm: sha256WithRSAEncryption
21:a6:18:55:34:90:4f:35:0a:f6:ef:81:87:da:ad:8d:fd:f6:
9a:d4:37:c5:40:82:25:5b:cf:98:81:87:f1:0b:5f:5e:ab:48:
f3:c8:89:a5:7e:c2:8f:23:59:29:84:67:d1:0e:a9:c1:ef:94:
05:ab:12:b4:f0:4b:db:50:fb:ac:0e:9c:0d:f9:4c:c2:8e:18:
19:c5:4e:64:12:fa:b7:09:ef:04:ee:9c:e2:84:72:cb:8a:70:
c2:a4:91:e6:6d:53:f4:48:96:eb:64:38:f6:41:ed:b3:27:8d:
a7:8e:1d:ad:e5:bb:eb:a4:64:17:57:60:36:45:f7:39:31:ea:
8e:7f:f1:a2:a6:d5:35:7b:23:58:f0:09:d3:3c:cc:2a:83:7a:
0c:d6:dd:72:d0:32:5e:08:5f:4e:06:81:4b:4b:29:6e:a0:01:
75:74:f8:f2:55:ef:0a:f4:90:ab:06:c3:b7:23:a9:de:b9:ce:
9f:fa:fa:a4:83:68:31:63:8c:81:98:10:c2:37:d1:d5:aa:0b:
42:ab:da:49:2c:92:4d:c6:f3:7c:41:bf:87:35:ff:1d:ba:9b:
9a:65:5b:36:90:70:6c:9f:d7:6c:84:36:b7:3d:a3:8a:8f:83:
9b:5d:85:cd:85:1e:45:9e:0c:fc:40:be:2e:b4:f1:98:0d:58:
3a:75:13:06
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZf0WMhZs1DvRwPk8nPCjF6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg4YWRkOWI2NzFmN2EzNmViMjM2N2UzNGZlZTRiY2IxM2I4
ZjY2Y2MwHhcNMjUwNzEwMTIzOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NzhlMzMwNWEyMmI0ZjZiZjA4NmI1NDUwMWMzNzkyMTEwMjZhMzJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApGQlFp/9zXU9MMARw+HMyhhpfduF
3HA2forjvQZo0rqYjELOETLqxzuKsi9mCi+Mce7oEr3ryk9xano2u61DnbEcCfMb
m+lL3r4Cm3ls1tStyS2ICGiT7Ier43bf4bKAlBWdMQkTDOJcIeDIWt5Le/fXNUNv
DccK9WKUNIHwA1nVeaAp09xj9QeD3h83g2o1HI2xkcsrLjhR89lHtuzcwBV6kgh8
YMVjx4dQQQexEVXaq3E6MUzCYywj0/6eHDCvIJEX48rf91PKZS/2aOfovjyp34S5
1Z9HGuGngBWJNeARIflQRxAjFwlviuo5+rGT2484hYB++4sDIqLkHBiutwIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFFeOMwWiK09r8Ia1RQHDeSEQJqMuMB8GA1UdIwQY
MBaAFIit2bZx96NusjZ+NP7kvLE7j2bMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEt
YTFiOTZiOWI3MGY4LzEvVjQ0ekJhSXJUMnZ3aHJWRkFjTjVJUkFtb3k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy8zZWQwMGEtMTVlZS00NjY0LWE3ZjEtYTFiOTZiOWI3MGY4
LzEvaUszWnRuSDNvMjZ5Tm40MF91UzhzVHVQWnN3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBqQQCAAEwgaIDBAQf
KlADBANT81gDBANUJogDBAVXY0ADBAVYh4ADBAVbWuADBAFb6dYDBANtxdADBAVt
5cADBAGrGdoDBAKwZ7ADBACwZ7gDBASwajADBAGwamQwDAMEBbBqoAMEA7BqsAME
AbkvCgMEArncxAMEAsFv9DAMAwQCwe7UAwQFwe7AAwQCwgnUAwQCw0VYAwQC1W5A
MAwDBAPVbkgDBAXVbkAwDQQCAAIwBwMFACoBjKAwDQYJKoZIhvcNAQELBQADggEB
ACGmGFU0kE81CvbvgYfarY399prUN8VAgiVbz5iBh/ELX16rSPPIiaV+wo8jWSmE
Z9EOqcHvlAWrErTwS9tQ+6wOnA35TMKOGBnFTmQS+rcJ7wTunOKEcsuKcMKkkeZt
U/RIlutkOPZB7bMnjaeOHa3lu+ukZBdXYDZF9zkx6o5/8aKm1TV7I1jwCdM8zCqD
egzW3XLQMl4IX04GgUtLKW6gAXV0+PJV7wr0kKsGw7cjqd65zp/6+qSDaDFjjIGY
EMI30dWqC0Kr2kkskk3G83xBv4c1/x26m5plWzaQcGyf12yENrc9o4qPg5tdhc2F
HkWeDPxAvi608ZgNWDp1EwY=
-----END CERTIFICATE-----
Generated at Sat Jul 26 08:19:43 2025 by rpki-client