Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/kwOyuuDg3-S03TS2I0WqFSe_pu8.roa
File: kwOyuuDg3-S03TS2I0WqFSe_pu8.roa (raw, json)
Hash identifier: ZbyfvHOE7g5cp+O9MlAOCTO0HekTFMhe/qoLPlPfLHo=
Subject key identifier: 93:03:B2:BA:E0:E0:DF:E4:B4:DD:34:B6:23:45:AA:15:27:BF:A6:EF
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0197D4CD29F726742A8886BCEA578FE655DB
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/kwOyuuDg3-S03TS2I0WqFSe_pu8.roa
Signing time: Fri 04 Jul 2025 09:38:24 +0000
ROA not before: Fri 04 Jul 2025 09:38:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205647
IP address blocks: 37.148.0.0/19 maxlen: 24
37.148.32.0/20 maxlen: 24
37.148.48.0/23 maxlen: 24
37.148.50.0/23 maxlen: 24
37.148.52.0/22 maxlen: 24
37.148.56.0/21 maxlen: 24
37.148.64.0/21 maxlen: 24
37.148.72.0/21 maxlen: 24
37.148.80.0/22 maxlen: 24
37.148.84.0/22 maxlen: 24
37.148.84.0/23 maxlen: 24
37.148.86.0/23 maxlen: 24
37.148.88.0/22 maxlen: 24
37.148.88.0/24 maxlen: 24
37.148.89.0/24 maxlen: 24
37.148.90.0/24 maxlen: 24
37.148.91.0/24 maxlen: 24
37.148.92.0/23 maxlen: 24
37.148.92.0/24 maxlen: 24
37.148.120.0/21 maxlen: 24
37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.144.0/22 maxlen: 22
37.202.148.0/23 maxlen: 23
37.202.150.0/23 maxlen: 23
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
37.202.184.0/21 maxlen: 24
37.202.184.0/22 maxlen: 24
37.202.188.0/22 maxlen: 24
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:cd:29:f7:26:74:2a:88:86:bc:ea:57:8f:e6:55:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jul 4 09:38:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9303b2bae0e0dfe4b4dd34b62345aa1527bfa6ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:dd:83:2e:33:98:49:d3:e6:1b:ae:00:af:ed:
e8:97:b7:19:01:a0:9e:4b:c9:5f:ff:f3:ee:9d:e7:
6e:d6:34:1e:9f:32:c2:5f:ce:2a:b1:b3:8b:0b:ef:
a9:50:76:15:a1:b7:ff:af:e9:29:21:a6:f7:86:29:
e4:1a:ef:8c:cb:72:16:ff:52:63:2c:02:c4:cf:39:
0b:73:eb:b5:bd:d1:f6:00:6f:69:f1:42:74:76:1a:
29:25:73:0d:e5:ad:05:38:f8:91:89:f4:73:8e:d8:
21:55:bc:4a:8b:59:f5:cf:9b:fa:3d:0f:65:60:de:
af:01:66:0e:ec:25:88:1d:f1:c1:2c:64:6c:e8:bf:
b0:38:74:75:2a:23:ed:ce:d8:02:39:27:eb:5d:c7:
fa:6c:e4:50:96:c5:cd:e9:92:16:97:76:44:c4:28:
8c:43:00:12:9c:17:e3:31:4e:63:3f:a0:6b:e6:f9:
99:f5:71:86:0b:4e:b3:fd:ea:e3:ca:92:f4:a7:de:
d5:ec:e9:72:f9:6f:fc:df:59:2d:64:35:ce:96:18:
ba:5d:30:1e:81:34:d8:55:de:1c:56:c7:fd:0f:21:
34:d7:e3:38:f2:b5:dd:03:d2:bc:86:85:16:01:6e:
e2:2b:0d:ed:cf:c1:42:3d:69:3e:8e:c0:5d:68:c6:
ed:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:03:B2:BA:E0:E0:DF:E4:B4:DD:34:B6:23:45:AA:15:27:BF:A6:EF
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/kwOyuuDg3-S03TS2I0WqFSe_pu8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.0.0-37.148.93.255
37.148.120.0/21
37.202.128.0/18
85.15.48.0/23
94.182.0.0-94.183.127.255
Signature Algorithm: sha256WithRSAEncryption
bd:31:e6:5e:34:f8:e3:1e:f3:43:86:39:d2:0f:40:19:d1:f5:
8b:25:99:e4:5b:5d:1c:ff:ab:09:19:3c:df:67:aa:c4:02:88:
5d:8e:4a:9b:8f:78:ca:57:b1:28:6c:11:b5:f8:b7:50:93:b0:
ca:a7:d7:f4:9a:d5:87:8c:51:25:94:5c:65:f7:b1:be:e7:5c:
36:46:c5:52:5d:08:c6:82:0f:70:c0:f0:20:d6:65:fd:b0:b3:
ad:18:81:dd:6d:fd:e9:f8:50:24:74:8c:2d:f0:76:7e:32:a7:
9a:75:4b:c0:a6:31:e9:57:a6:1f:88:84:93:e4:d1:b0:ce:02:
d4:66:a1:11:6c:7d:c4:e9:c5:b5:88:ec:70:95:7d:5b:c5:f2:
be:d3:c1:87:e6:84:b1:98:6d:dd:3b:2b:19:18:31:fd:0d:b7:
7f:89:e3:4e:df:a8:e7:82:5b:66:b0:af:e5:6b:94:28:75:82:
5e:36:07:87:06:d2:cf:da:11:88:35:57:4d:9c:b3:7d:23:b6:
e0:5e:94:e4:2f:16:38:e8:8f:e7:62:90:1a:38:06:3b:c5:37:
7b:81:c5:ec:04:34:e3:f0:e5:48:05:6f:09:00:a2:2a:d6:77:
52:95:32:91:f9:b3:c5:53:36:83:52:c7:00:88:4d:7f:02:c9:
19:e1:4c:5d
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZfUzSn3JnQqiIa86leP5lXbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNzA0MDkzODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzAzYjJiYWUwZTBkZmU0YjRkZDM0YjYyMzQ1YWExNTI3YmZhNmVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl92DLjOYSdPmG64Ar+3ol7cZAaCe
S8lf//Punedu1jQenzLCX84qsbOLC++pUHYVobf/r+kpIab3hinkGu+My3IW/1Jj
LALEzzkLc+u1vdH2AG9p8UJ0dhopJXMN5a0FOPiRifRzjtghVbxKi1n1z5v6PQ9l
YN6vAWYO7CWIHfHBLGRs6L+wOHR1KiPtztgCOSfrXcf6bORQlsXN6ZIWl3ZExCiM
QwASnBfjMU5jP6Br5vmZ9XGGC06z/erjypL0p97V7Oly+W/831ktZDXOlhi6XTAe
gTTYVd4cVsf9DyE01+M48rXdA9K8hoUWAW7iKw3tz8FCPWk+jsBdaMbt8QIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFJMDsrrg4N/ktN00tiNFqhUnv6bvMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEva3dPeXV1RGczLVMwM1RTMkkwV3FGU2VfcHU4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAsDAwIllAME
ASWUXAMEAyWUeAMEBiXKgAMEAVUPMDALAwMBXrYDBAdetwAwDQYJKoZIhvcNAQEL
BQADggEBAL0x5l40+OMe80OGOdIPQBnR9YslmeRbXRz/qwkZPN9nqsQCiF2OSpuP
eMpXsShsEbX4t1CTsMqn1/Sa1YeMUSWUXGX3sb7nXDZGxVJdCMaCD3DA8CDWZf2w
s60Ygd1t/en4UCR0jC3wdn4yp5p1S8CmMelXph+IhJPk0bDOAtRmoRFsfcTpxbWI
7HCVfVvF8r7TwYfmhLGYbd07KxkYMf0Nt3+J407fqOeCW2awr+VrlCh1gl42B4cG
0s/aEYg1V02cs30jtuBelOQvFjjoj+dikBo4BjvFN3uBxewENOPw5UgFbwkAoirW
d1KVMpH5s8VTNoNSxwCITX8CyRnhTF0=
-----END CERTIFICATE-----
Generated at Wed Jul 23 18:54:08 2025 by rpki-client