Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/bOLd_g3LzxzjAnCOuuC_Q_9gA6k.roa
File: bOLd_g3LzxzjAnCOuuC_Q_9gA6k.roa (raw, json)
Hash identifier: 5Jf6m6sD98CMKb3WTweoZbVfKZTiMzSlEHYjt0bnWhE=
Subject key identifier: 6C:E2:DD:FE:0D:CB:CF:1C:E3:02:70:8E:BA:E0:BF:43:FF:60:03:A9
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 0197F0CD7E8287A75FC8D8AA7F9F7BAD3D6F
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/bOLd_g3LzxzjAnCOuuC_Q_9gA6k.roa
Signing time: Wed 09 Jul 2025 20:08:08 +0000
ROA not before: Wed 09 Jul 2025 20:08:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29518
IP address blocks: 5.44.192.0/20 maxlen: 20
5.172.144.0/21 maxlen: 21
31.192.192.0/20 maxlen: 20
31.208.0.0/16 maxlen: 16
31.209.0.0/18 maxlen: 18
37.17.248.0/21 maxlen: 21
46.162.64.0/18 maxlen: 18
46.236.64.0/18 maxlen: 18
62.182.0.0/21 maxlen: 21
62.220.160.0/19 maxlen: 19
77.53.0.0/16 maxlen: 16
79.138.0.0/17 maxlen: 17
80.244.64.0/19 maxlen: 19
81.88.0.0/20 maxlen: 20
81.186.240.0/20 maxlen: 20
82.117.96.0/19 maxlen: 19
82.209.128.0/18 maxlen: 18
83.209.0.0/16 maxlen: 16
83.219.192.0/19 maxlen: 19
83.233.0.0/16 maxlen: 16
85.8.0.0/18 maxlen: 18
85.30.0.0/18 maxlen: 18
85.235.0.0/19 maxlen: 19
85.235.17.0/24 maxlen: 24
85.235.18.0/23 maxlen: 23
85.235.20.0/22 maxlen: 22
85.235.24.0/24 maxlen: 24
85.238.192.0/19 maxlen: 19
87.96.128.0/17 maxlen: 17
87.236.88.0/21 maxlen: 21
87.241.64.0/18 maxlen: 18
87.251.192.0/19 maxlen: 19
87.253.64.0/19 maxlen: 19
88.83.32.0/19 maxlen: 19
88.129.0.0/16 maxlen: 16
89.160.0.0/17 maxlen: 17
89.233.192.0/18 maxlen: 18
89.236.0.0/18 maxlen: 18
89.236.0.0/23 maxlen: 23
89.236.2.0/23 maxlen: 23
89.236.4.0/22 maxlen: 22
89.236.8.0/23 maxlen: 23
89.236.11.0/24 maxlen: 24
89.236.15.0/24 maxlen: 24
89.236.17.0/24 maxlen: 24
89.236.18.0/23 maxlen: 23
89.236.20.0/22 maxlen: 22
89.236.24.0/23 maxlen: 23
89.236.26.0/24 maxlen: 24
89.236.35.0/24 maxlen: 24
89.236.36.0/23 maxlen: 23
89.236.38.0/24 maxlen: 24
89.236.47.0/24 maxlen: 24
89.236.48.0/24 maxlen: 24
89.236.53.0/24 maxlen: 24
89.236.54.0/23 maxlen: 23
89.236.56.0/22 maxlen: 22
91.232.59.0/24 maxlen: 24
91.232.60.0/23 maxlen: 23
94.198.64.0/21 maxlen: 21
94.245.0.0/18 maxlen: 18
94.245.0.0/20 maxlen: 20
94.245.16.0/20 maxlen: 20
94.245.48.0/20 maxlen: 20
94.255.128.0/17 maxlen: 17
95.155.192.0/18 maxlen: 18
109.124.128.0/18 maxlen: 18
109.225.64.0/18 maxlen: 18
146.247.80.0/21 maxlen: 21
178.132.248.0/21 maxlen: 21
178.251.240.0/21 maxlen: 21
185.18.164.0/22 maxlen: 22
185.52.180.0/22 maxlen: 22
185.58.144.0/22 maxlen: 22
185.113.96.0/22 maxlen: 22
188.120.160.0/19 maxlen: 19
188.122.128.0/19 maxlen: 19
193.23.57.0/24 maxlen: 24
195.78.224.0/22 maxlen: 22
195.238.255.0/24 maxlen: 24
213.21.64.0/18 maxlen: 18
213.142.0.0/19 maxlen: 19
213.185.0.0/19 maxlen: 19
213.185.4.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
213.185.7.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.10.0/24 maxlen: 24
213.185.12.0/22 maxlen: 22
213.185.16.0/23 maxlen: 23
213.185.20.0/23 maxlen: 23
213.185.24.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
217.72.48.0/20 maxlen: 20
217.72.52.0/23 maxlen: 23
217.72.54.0/24 maxlen: 24
217.72.56.0/22 maxlen: 22
217.72.60.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
217.76.80.0/20 maxlen: 20
217.78.32.0/20 maxlen: 20
217.115.32.0/19 maxlen: 19
217.118.208.0/20 maxlen: 20
2001:7a0::/32 maxlen: 32
2001:9c8::/29 maxlen: 29
2a00:1598::/29 maxlen: 29
2a00:8280::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
2a02:7b8::/32 maxlen: 32
2a02:23c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 02:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f0:cd:7e:82:87:a7:5f:c8:d8:aa:7f:9f:7b:ad:3d:6f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Jul 9 20:08:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6ce2ddfe0dcbcf1ce302708ebae0bf43ff6003a9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f5:69:fe:cf:29:b5:14:b5:fe:23:35:6e:28:e9:
24:1e:29:fd:14:37:e1:da:1b:78:0b:0e:be:b2:34:
4f:69:c5:97:e4:b1:09:a6:32:7e:7d:e4:01:2d:3e:
31:59:c7:bd:0f:ff:1f:54:1a:52:72:9b:b6:e3:bb:
3e:03:7b:4b:24:49:e7:2f:07:af:29:1a:a9:ea:eb:
50:28:be:7a:b1:8e:41:49:0c:65:80:56:b9:7a:37:
27:d7:ea:6e:25:44:f3:df:b7:7b:64:e2:3b:fd:fe:
fd:f3:e9:d7:54:1e:a1:27:8f:77:ed:ca:9b:03:ca:
c9:d8:bb:2c:01:3c:ce:94:77:a3:7a:93:c4:b9:1d:
75:aa:08:13:8e:57:16:49:a9:18:39:4b:89:5f:f4:
de:de:a4:8d:84:77:65:0e:15:ab:01:d9:29:18:ba:
48:90:80:df:dc:06:9a:34:63:3f:c4:52:a7:5b:f7:
53:b9:81:56:59:8d:02:18:3e:54:d2:96:47:6b:5e:
c5:67:08:f4:13:41:06:5f:18:88:95:44:11:46:b8:
22:6c:3d:50:56:bc:11:3c:10:31:5d:18:74:87:ac:
cb:e4:19:20:dc:21:80:ea:c6:fe:a0:7d:1e:71:e5:
80:bd:44:ae:d1:75:40:b6:ad:d3:27:82:6e:54:89:
28:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6C:E2:DD:FE:0D:CB:CF:1C:E3:02:70:8E:BA:E0:BF:43:FF:60:03:A9
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/bOLd_g3LzxzjAnCOuuC_Q_9gA6k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.192.0/20
5.172.144.0/21
31.192.192.0/20
31.208.0.0-31.209.63.255
37.17.248.0/21
46.162.64.0/18
46.236.64.0/18
62.182.0.0/21
62.220.160.0/19
77.53.0.0/16
79.138.0.0/17
80.244.64.0/19
81.88.0.0/20
81.186.240.0/20
82.117.96.0/19
82.209.128.0/18
83.209.0.0/16
83.219.192.0/19
83.233.0.0/16
85.8.0.0/18
85.30.0.0/18
85.235.0.0/19
85.238.192.0/19
87.96.128.0/17
87.236.88.0/21
87.241.64.0/18
87.251.192.0/19
87.253.64.0/19
88.83.32.0/19
88.129.0.0/16
89.160.0.0/17
89.233.192.0/18
89.236.0.0/18
91.232.59.0-91.232.61.255
94.198.64.0/21
94.245.0.0/18
94.255.128.0/17
95.155.192.0/18
109.124.128.0/18
109.225.64.0/18
146.247.80.0/21
178.132.248.0/21
178.251.240.0/21
185.18.164.0/22
185.52.180.0/22
185.58.144.0/22
185.113.96.0/22
188.120.160.0/19
188.122.128.0/19
193.23.57.0/24
195.78.224.0/22
195.238.255.0/24
213.21.64.0/18
213.142.0.0/19
213.185.0.0/19
217.72.48.0/20
217.76.80.0/20
217.78.32.0/20
217.115.32.0/19
217.118.208.0/20
IPv6:
2001:7a0::/32
2001:9c8::/29
2a00:1598::/29
2a00:8280::/32
2a01:b700::/32
2a02:7b8::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
0a:10:65:5e:4f:c6:5d:35:fe:a5:be:82:85:b3:8d:e3:a0:df:
f9:7e:83:f8:f1:37:d2:7e:9b:2b:e9:65:86:31:88:ce:c0:40:
86:9f:b4:df:f8:12:2b:5c:98:ef:ce:97:e5:19:bc:c2:f8:83:
02:e8:01:2c:84:e0:18:14:22:cd:01:91:e3:d5:6d:e9:d6:a0:
9c:1c:62:f3:11:f9:bd:14:65:8d:12:a5:f5:cf:62:c8:60:d7:
e2:71:cb:84:ad:65:9c:a1:97:2a:2e:32:c2:3f:3c:24:18:89:
b3:94:0d:6b:4f:38:eb:27:46:74:a7:fb:d6:ed:a7:b7:62:2b:
1a:07:1c:38:38:6b:d5:72:df:b5:6c:35:17:ea:f4:ad:aa:5c:
bb:34:e6:b5:6e:71:40:c3:a7:ce:ef:3b:4a:6e:f5:f8:e0:9c:
eb:3e:cf:64:0d:5e:4a:eb:6e:a7:9d:ca:1d:eb:28:ac:5d:82:
54:7e:26:0a:f6:15:bb:71:42:10:e0:4f:a2:3d:f0:97:61:31:
15:66:dd:9b:23:07:b7:97:84:88:47:1c:0a:7a:87:c4:af:d5:
da:bf:35:c9:65:8e:27:a9:cf:b5:38:88:0b:02:fe:a8:df:4f:
de:cf:37:2f:4f:74:98:8c:e8:0b:4b:06:07:aa:c6:0a:bd:f6:
6c:21:9a:58
-----BEGIN CERTIFICATE-----
MIIGrTCCBZWgAwIBAgISAZfwzX6Ch6dfyNiqf597rT1vMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjUwNzA5MjAwODA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2Y2UyZGRmZTBkY2JjZjFjZTMwMjcwOGViYWUwYmY0M2ZmNjAwM2E5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA9Wn+zym1FLX+IzVuKOkkHin9FDfh
2ht4Cw6+sjRPacWX5LEJpjJ+feQBLT4xWce9D/8fVBpScpu247s+A3tLJEnnLwev
KRqp6utQKL56sY5BSQxlgFa5ejcn1+puJUTz37d7ZOI7/f798+nXVB6hJ4937cqb
A8rJ2LssATzOlHejepPEuR11qggTjlcWSakYOUuJX/Te3qSNhHdlDhWrAdkpGLpI
kIDf3AaaNGM/xFKnW/dTuYFWWY0CGD5U0pZHa17FZwj0E0EGXxiIlUQRRrgibD1Q
VrwRPBAxXRh0h6zL5Bkg3CGA6sb+oH0eceWAvUSu0XVAtq3TJ4JuVIkoDQIDAQAB
o4IDuTCCA7UwHQYDVR0OBBYEFGzi3f4Ny88c4wJwjrrgv0P/YAOpMB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvYk9MZF9nM0x6eHpqQW5DT3V1Q19RXzlnQTZrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBzQYIKwYBBQUHAQcBAf8EggG8MIIBuDCCAXsEAgABMIIB
cwMEBAUswAMEAwWskAMEBB/AwDALAwMEH9ADBAYf0QADBAMlEfgDBAYuokADBAYu
7EADBAM+tgADBAU+3KADAwBNNQMEB0+KAAMEBVD0QAMEBFFYAAMEBFG68AMEBVJ1
YAMEBlLRgAMDAFPRAwQFU9vAAwMAU+kDBAZVCAADBAZVHgADBAVV6wADBAVV7sAD
BAdXYIADBANX7FgDBAZX8UADBAVX+8ADBAVX/UADBAVYUyADAwBYgQMEB1mgAAME
BlnpwAMEBlnsADAMAwQAW+g7AwQBW+g8AwQDXsZAAwQGXvUAAwQHXv+AAwQGX5vA
AwQGbXyAAwQGbeFAAwQDkvdQAwQDsoT4AwQDsvvwAwQCuRKkAwQCuTS0AwQCuTqQ
AwQCuXFgAwQFvHigAwQFvHqAAwQAwRc5AwQCw07gAwQAw+7/AwQG1RVAAwQF1Y4A
AwQF1bkAAwQE2UgwAwQE2UxQAwQE2U4gAwQF2XMgAwQE2XbQMDcEAgACMDEDBQAg
AQegAwUDIAEJyAMFAyoAFZgDBQAqAIKAAwUAKgG3AAMFACoCB7gDBQAqAiPAMA0G
CSqGSIb3DQEBCwUAA4IBAQAKEGVeT8ZdNf6lvoKFs43joN/5foP48TfSfpsr6WWG
MYjOwECGn7Tf+BIrXJjvzpflGbzC+IMC6AEshOAYFCLNAZHj1W3p1qCcHGLzEfm9
FGWNEqX1z2LIYNficcuErWWcoZcqLjLCPzwkGImzlA1rTzjrJ0Z0p/vW7ae3Yisa
Bxw4OGvVct+1bDUX6vStqly7NOa1bnFAw6fO7ztKbvX44JzrPs9kDV5K626nncod
6yisXYJUfiYK9hW7cUIQ4E+iPfCXYTEVZt2bIwe3l4SIRxwKeofEr9XavzXJZY4n
qc+1OIgLAv6o30/ezzcvT3SYjOgLSwYHqsYKvfZsIZpY
-----END CERTIFICATE-----
Generated at Sat Jul 26 11:53:32 2025 by rpki-client