Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/jH8Mi3TlwvD2IeH7uCn-uJ9q0w0.roa
File: jH8Mi3TlwvD2IeH7uCn-uJ9q0w0.roa (raw, json)
Hash identifier: ahI8jMGv5DDAbZ9UFRdwdOTFkupqYU+mpHR0wJIw+rI=
Subject key identifier: 8C:7F:0C:8B:74:E5:C2:F0:F6:21:E1:FB:B8:29:FE:B8:9F:6A:D3:0D
Certificate issuer: /CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Certificate serial: 01983B37BBBCC6F195C2DC77398D7DFD4A02
Authority key identifier: 21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/jH8Mi3TlwvD2IeH7uCn-uJ9q0w0.roa
Signing time: Thu 24 Jul 2025 06:56:04 +0000
ROA not before: Thu 24 Jul 2025 06:56:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 1680
IP address blocks: 37.26.144.0/21 maxlen: 21
37.26.145.0/24 maxlen: 24
37.26.146.0/24 maxlen: 24
37.26.147.0/24 maxlen: 24
37.26.148.0/24 maxlen: 24
37.26.149.0/24 maxlen: 24
37.26.150.0/24 maxlen: 24
37.26.151.0/24 maxlen: 24
46.116.0.0/16 maxlen: 18
46.117.0.0/16 maxlen: 18
46.210.0.0/16 maxlen: 24
62.0.0.0/16 maxlen: 24
62.0.87.0/24 maxlen: 24
62.0.88.0/22 maxlen: 24
62.0.92.0/23 maxlen: 24
62.0.94.0/24 maxlen: 24
62.0.114.0/23 maxlen: 24
62.0.116.0/22 maxlen: 24
62.0.120.0/21 maxlen: 24
62.0.128.0/23 maxlen: 24
62.90.0.0/16 maxlen: 24
62.90.135.0/24 maxlen: 24
62.90.143.0/24 maxlen: 24
80.250.144.0/20 maxlen: 24
82.166.0.0/16 maxlen: 24
82.166.100.0/22 maxlen: 24
82.166.112.0/21 maxlen: 24
82.166.201.128/25 maxlen: 25
85.64.0.0/16 maxlen: 16
85.65.0.0/16 maxlen: 16
85.250.0.0/16 maxlen: 16
89.138.0.0/16 maxlen: 16
89.139.0.0/16 maxlen: 16
93.172.0.0/16 maxlen: 16
93.173.0.0/16 maxlen: 16
95.35.0.0/16 maxlen: 24
109.186.0.0/16 maxlen: 16
109.253.0.0/16 maxlen: 24
141.226.132.0/24 maxlen: 24
141.226.134.0/24 maxlen: 24
147.161.8.0/21 maxlen: 24
147.234.17.0/24 maxlen: 24
147.234.22.0/24 maxlen: 24
147.234.27.0/24 maxlen: 24
147.234.27.0/25 maxlen: 25
147.234.27.128/25 maxlen: 25
147.234.28.0/24 maxlen: 24
147.234.43.0/24 maxlen: 24
147.234.83.0/24 maxlen: 24
147.234.84.0/24 maxlen: 24
147.234.86.0/24 maxlen: 24
176.12.128.0/17 maxlen: 24
176.13.0.0/16 maxlen: 24
192.115.84.0/22 maxlen: 24
192.115.112.0/20 maxlen: 24
192.115.140.0/22 maxlen: 24
192.115.152.0/21 maxlen: 24
192.115.160.0/22 maxlen: 24
192.115.200.0/21 maxlen: 24
192.116.32.0/19 maxlen: 24
192.118.28.0/22 maxlen: 22
192.118.28.0/23 maxlen: 23
192.118.30.0/23 maxlen: 23
192.118.84.0/22 maxlen: 24
194.90.0.0/16 maxlen: 24
194.90.1.0/24 maxlen: 24
194.90.229.0/24 maxlen: 24
199.203.0.0/16 maxlen: 24
199.203.1.0/24 maxlen: 24
199.203.21.0/24 maxlen: 24
199.203.76.0/24 maxlen: 24
199.203.191.0/24 maxlen: 24
207.232.0.0/18 maxlen: 18
207.232.50.0/24 maxlen: 24
212.29.192.0/18 maxlen: 18
212.29.244.0/24 maxlen: 24
212.143.0.0/16 maxlen: 24
212.143.194.0/24 maxlen: 24
212.150.0.0/16 maxlen: 24
212.235.0.0/17 maxlen: 24
217.132.0.0/16 maxlen: 16
2001:4df0::/29 maxlen: 32
2001:4df0::/32 maxlen: 32
2001:4df1::/32 maxlen: 32
2001:4df2::/32 maxlen: 32
2001:4df3::/32 maxlen: 32
2001:4df4::/32 maxlen: 32
2001:4df5::/32 maxlen: 32
2001:4df6::/32 maxlen: 32
2001:4df7::/32 maxlen: 32
2a02:148::/29 maxlen: 32
2a02:148::/32 maxlen: 32
2a02:149::/32 maxlen: 32
2a02:14a::/32 maxlen: 32
2a02:14b::/32 maxlen: 32
2a02:14c::/32 maxlen: 32
2a02:14d::/32 maxlen: 32
2a02:14e::/32 maxlen: 32
2a02:14f::/32 maxlen: 32
2a03:c5c0::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.mft
rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 06:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:3b:37:bb:bc:c6:f1:95:c2:dc:77:39:8d:7d:fd:4a:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=21bad74e7f6c0949a2736a57478496d7d8b450e6
Validity
Not Before: Jul 24 06:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c7f0c8b74e5c2f0f621e1fbb829feb89f6ad30d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b8:73:40:00:34:28:21:66:d8:18:a0:d7:e1:61:
55:c8:fe:a3:fd:57:08:cd:bf:9e:ca:80:f9:89:e4:
ea:c1:8c:22:a6:e5:e8:fc:7a:e2:52:10:e2:92:53:
d6:86:bc:23:55:b6:d0:ac:36:93:63:64:5b:96:4b:
1e:bd:c7:16:d4:a9:6d:ee:62:73:b2:61:da:64:b9:
a7:1c:fc:5d:b7:33:08:d2:3c:07:f2:c3:ad:28:59:
1a:ef:b4:49:cf:0c:f2:9e:3f:d2:27:64:c0:8b:b9:
6a:27:cf:43:41:82:f1:5e:72:26:30:88:4a:c7:36:
f8:e6:39:fc:83:1e:83:70:0a:f3:b8:80:e4:1b:99:
5f:52:a1:51:e8:52:4b:ca:4a:37:34:f5:03:35:f1:
13:bb:b7:98:c8:ee:06:08:bc:73:16:02:24:2b:28:
de:dd:b2:8b:b1:2b:23:d5:f3:b7:bb:f7:58:01:91:
ca:61:e7:fe:c6:4e:07:65:c9:40:7e:02:e3:3f:15:
75:5c:ab:6b:c8:66:1b:7e:59:3a:5b:f5:06:bd:d0:
d7:9c:f8:93:8b:20:7b:49:a1:33:a5:88:2e:3c:1b:
53:c0:34:eb:c9:29:ad:8b:25:62:47:2d:c0:c5:b1:
3b:c5:a5:10:bd:00:8e:09:63:b7:41:08:c3:4a:a3:
89:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:7F:0C:8B:74:E5:C2:F0:F6:21:E1:FB:B8:29:FE:B8:9F:6A:D3:0D
X509v3 Authority Key Identifier:
keyid:21:BA:D7:4E:7F:6C:09:49:A2:73:6A:57:47:84:96:D7:D8:B4:50:E6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IbrXTn9sCUmic2pXR4SW19i0UOY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/jH8Mi3TlwvD2IeH7uCn-uJ9q0w0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/60/8ddc38-7a1a-4906-a8ed-4433229a8473/1/IbrXTn9sCUmic2pXR4SW19i0UOY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.26.144.0/21
46.116.0.0/15
46.210.0.0/16
62.0.0.0/16
62.90.0.0/16
80.250.144.0/20
82.166.0.0/16
85.64.0.0/15
85.250.0.0/16
89.138.0.0/15
93.172.0.0/15
95.35.0.0/16
109.186.0.0/16
109.253.0.0/16
141.226.132.0/24
141.226.134.0/24
147.161.8.0/21
147.234.17.0/24
147.234.22.0/24
147.234.27.0-147.234.28.255
147.234.43.0/24
147.234.83.0-147.234.84.255
147.234.86.0/24
176.12.128.0-176.13.255.255
192.115.84.0/22
192.115.112.0/20
192.115.140.0/22
192.115.152.0-192.115.163.255
192.115.200.0/21
192.116.32.0/19
192.118.28.0/22
192.118.84.0/22
194.90.0.0/16
199.203.0.0/16
207.232.0.0/18
212.29.192.0/18
212.143.0.0/16
212.150.0.0/16
212.235.0.0/17
217.132.0.0/16
IPv6:
2001:4df0::/29
2a02:148::/29
2a03:c5c0::/32
Signature Algorithm: sha256WithRSAEncryption
c1:fd:0d:3b:fa:ac:d8:1a:b3:56:b0:32:cd:6d:44:44:d3:9e:
a6:fd:a0:ef:a6:0e:3a:17:2e:d8:45:5a:22:48:c5:6e:ae:0c:
5b:6b:04:0a:c8:a2:49:e7:72:e0:43:fa:cc:8e:0e:9a:63:b2:
45:54:51:8b:ae:44:62:41:44:e3:3b:67:f7:5a:bd:41:f8:84:
29:f5:54:e0:c7:38:5c:2c:cb:75:f9:d0:6d:15:b4:0c:e5:89:
05:c6:0f:58:9d:8d:36:81:30:cd:09:40:e2:a3:1d:43:50:21:
70:37:f0:99:33:9d:0e:9c:1a:e2:65:08:1e:02:0c:2b:36:cf:
a4:e0:fc:cb:74:a6:92:08:fd:7e:b7:7c:61:71:3f:dd:e1:64:
0b:68:0f:99:8d:58:a3:2b:2d:7d:16:2d:40:69:1e:22:e3:d8:
5b:ec:48:db:c3:b7:59:05:f3:73:cc:bb:a1:2e:fc:7a:00:fd:
e9:cb:54:60:5e:d8:ae:fb:9f:13:e6:56:23:72:d8:6b:e3:66:
66:15:ea:b6:de:0f:53:07:9b:a5:80:0d:a3:9c:ef:aa:cb:84:
ed:a0:98:dd:ca:48:1d:f3:56:52:03:01:d4:a7:cf:82:27:78:
a4:1c:4e:fe:e4:8f:44:8f:93:6e:ee:2f:b8:18:ef:d5:c9:2b:
1c:6d:0c:74
-----BEGIN CERTIFICATE-----
MIIGGzCCBQOgAwIBAgISAZg7N7u8xvGVwtx3OY19/UoCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxYmFkNzRlN2Y2YzA5NDlhMjczNmE1NzQ3ODQ5NmQ3ZDhi
NDUwZTYwHhcNMjUwNzI0MDY1NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzdmMGM4Yjc0ZTVjMmYwZjYyMWUxZmJiODI5ZmViODlmNmFkMzBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuHNAADQoIWbYGKDX4WFVyP6j/VcI
zb+eyoD5ieTqwYwipuXo/HriUhDiklPWhrwjVbbQrDaTY2RblksevccW1Klt7mJz
smHaZLmnHPxdtzMI0jwH8sOtKFka77RJzwzynj/SJ2TAi7lqJ89DQYLxXnImMIhK
xzb45jn8gx6DcArzuIDkG5lfUqFR6FJLyko3NPUDNfETu7eYyO4GCLxzFgIkKyje
3bKLsSsj1fO3u/dYAZHKYef+xk4HZclAfgLjPxV1XKtryGYbflk6W/UGvdDXnPiT
iyB7SaEzpYguPBtTwDTrySmtiyViRy3AxbE7xaUQvQCOCWO3QQjDSqOJnwIDAQAB
o4IDJzCCAyMwHQYDVR0OBBYEFIx/DIt05cLw9iHh+7gp/rifatMNMB8GA1UdIwQY
MBaAFCG6105/bAlJonNqV0eEltfYtFDmMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQt
NDQzMzIyOWE4NDczLzEvakg4TWkzVGx3dkQySWVIN3VDbi11SjlxMHcwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82MC84ZGRjMzgtN2ExYS00OTA2LWE4ZWQtNDQzMzIyOWE4NDcz
LzEvSWJyWFRuOXNDVW1pYzJwWFI0U1cxOWkwVU9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBOwYIKwYBBQUHAQcBAf8EggEqMIIBJjCCAQUEAgABMIH+
AwQDJRqQAwMBLnQDAwAu0gMDAD4AAwMAPloDBARQ+pADAwBSpgMDAVVAAwMAVfoD
AwFZigMDAV2sAwMAXyMDAwBtugMDAG39AwQAjeKEAwQAjeKGAwQDk6EIAwQAk+oR
AwQAk+oWMAwDBACT6hsDBACT6hwDBACT6iswDAMEAJPqUwMEAJPqVAMEAJPqVjAL
AwQHsAyAAwMBsAwDBALAc1QDBATAc3ADBALAc4wwDAMEA8BzmAMEAsBzoAMEA8Bz
yAMEBcB0IAMEAsB2HAMEAsB2VAMDAMJaAwMAx8sDBAbP6AADBAbUHcADAwDUjwMD
ANSWAwQH1OsAAwMA2YQwGwQCAAIwFQMFAyABTfADBQMqAgFIAwUAKgPFwDANBgkq
hkiG9w0BAQsFAAOCAQEAwf0NO/qs2BqzVrAyzW1ERNOepv2g76YOOhcu2EVaIkjF
bq4MW2sECsiiSedy4EP6zI4OmmOyRVRRi65EYkFE4ztn91q9QfiEKfVU4Mc4XCzL
dfnQbRW0DOWJBcYPWJ2NNoEwzQlA4qMdQ1AhcDfwmTOdDpwa4mUIHgIMKzbPpOD8
y3Smkgj9frd8YXE/3eFkC2gPmY1YoystfRYtQGkeIuPYW+xI28O3WQXzc8y7oS78
egD96ctUYF7YrvufE+ZWI3LYa+NmZhXqtt4PUwebpYANo5zvqsuE7aCY3cpIHfNW
UgMB1KfPgid4pBxO/uSPRI+Tbu4vuBjv1ckrHG0MdA==
-----END CERTIFICATE-----
Generated at Sat Jul 26 16:00:09 2025 by rpki-client