Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/0M_CHtTZz2ksD2BrxQYB5GYr6Qs.roa
File: 0M_CHtTZz2ksD2BrxQYB5GYr6Qs.roa (raw, json)
Hash identifier: pjePI9MMIzsxZCozr1MX0ua7tggMW3H280y5yB3P7S0=
Subject key identifier: D0:CF:C2:1E:D4:D9:CF:69:2C:0F:60:6B:C5:06:01:E4:66:2B:E9:0B
Certificate issuer: /CN=aebf394e2f1b251c88d988a87161084580786ef5
Certificate serial: 0197F9081F9AE5BE0D5F58A6C7109588FDD7
Authority key identifier: AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/0M_CHtTZz2ksD2BrxQYB5GYr6Qs.roa
Signing time: Fri 11 Jul 2025 10:29:08 +0000
ROA not before: Fri 11 Jul 2025 10:29:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16347
IP address blocks: 5.182.252.0/22 maxlen: 24
37.18.160.0/20 maxlen: 24
37.58.128.0/17 maxlen: 24
37.157.8.0/23 maxlen: 24
37.157.10.0/24 maxlen: 24
37.157.12.0/22 maxlen: 24
37.157.60.0/22 maxlen: 24
45.142.172.0/22 maxlen: 24
45.145.124.0/22 maxlen: 24
46.20.160.0/20 maxlen: 24
62.102.224.0/19 maxlen: 24
62.244.70.0/23 maxlen: 24
62.244.72.0/22 maxlen: 24
62.244.80.0/23 maxlen: 24
62.244.90.0/23 maxlen: 24
62.244.92.0/23 maxlen: 24
79.98.96.0/21 maxlen: 24
81.22.216.0/21 maxlen: 24
91.103.232.0/21 maxlen: 24
91.205.156.0/24 maxlen: 24
91.206.156.0/23 maxlen: 24
91.217.94.0/23 maxlen: 24
91.229.230.0/23 maxlen: 24
92.61.72.0/21 maxlen: 24
94.127.8.0/21 maxlen: 24
103.73.172.0/22 maxlen: 24
103.77.32.0/22 maxlen: 24
103.229.36.0/23 maxlen: 24
103.232.172.0/22 maxlen: 24
109.69.192.0/21 maxlen: 24
109.237.240.0/20 maxlen: 24
128.127.128.0/20 maxlen: 24
146.247.88.0/21 maxlen: 24
149.255.136.0/21 maxlen: 24
178.249.160.0/21 maxlen: 24
185.15.128.0/22 maxlen: 24
185.42.132.0/22 maxlen: 24
185.49.120.0/23 maxlen: 24
185.49.122.0/24 maxlen: 24
185.65.224.0/22 maxlen: 24
185.67.88.0/22 maxlen: 24
185.79.148.0/22 maxlen: 24
185.90.96.0/22 maxlen: 24
185.95.120.0/22 maxlen: 24
185.138.104.0/22 maxlen: 24
185.149.8.0/22 maxlen: 24
185.172.16.0/22 maxlen: 24
185.196.248.0/22 maxlen: 24
185.204.140.0/22 maxlen: 24
185.208.248.0/22 maxlen: 24
185.247.248.0/22 maxlen: 24
188.66.56.0/22 maxlen: 24
193.3.24.0/24 maxlen: 24
193.27.194.0/23 maxlen: 24
193.41.95.0/24 maxlen: 24
193.47.139.0/24 maxlen: 24
193.84.100.0/24 maxlen: 24
193.108.197.0/24 maxlen: 24
193.222.142.0/23 maxlen: 24
193.222.188.0/23 maxlen: 24
194.177.32.0/19 maxlen: 24
195.214.240.0/21 maxlen: 24
212.51.160.0/19 maxlen: 24
213.108.64.0/21 maxlen: 24
213.151.166.0/24 maxlen: 24
213.151.168.0/23 maxlen: 24
213.151.171.0/24 maxlen: 24
213.151.172.0/23 maxlen: 24
213.151.174.0/24 maxlen: 24
213.151.175.0/24 maxlen: 24
2a00:bc80::/32 maxlen: 32
2a01:6d8::/32 maxlen: 32
2a01:728::/29 maxlen: 48
2a03:4c00::/29 maxlen: 48
2a03:bf40::/32 maxlen: 32
2a05:df00::/29 maxlen: 29
2a0d:4240::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.mft
rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 11:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f9:08:1f:9a:e5:be:0d:5f:58:a6:c7:10:95:88:fd:d7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aebf394e2f1b251c88d988a87161084580786ef5
Validity
Not Before: Jul 11 10:29:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0cfc21ed4d9cf692c0f606bc50601e4662be90b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:1c:d7:65:fd:c4:54:ad:7e:e6:c4:69:12:63:
1f:40:c1:2f:c2:cd:65:2b:9a:4c:25:21:2b:22:7f:
0a:eb:1e:c0:62:b0:88:be:f3:9e:63:ae:b7:4f:40:
42:68:7a:68:71:bd:cc:d0:7f:f8:55:e6:0e:1d:64:
54:5c:6d:e0:b6:9d:64:45:2a:5c:2a:64:76:4e:e7:
e7:30:b4:4d:e0:4a:51:92:1a:3d:48:84:e1:4c:8f:
d8:7b:aa:93:e5:82:71:e3:1f:2b:1d:23:10:e1:8e:
50:2d:a1:71:91:58:ef:9a:e2:45:eb:b9:b0:71:78:
ef:fb:98:78:10:93:b0:06:49:2d:44:b3:c7:c7:39:
89:3d:68:73:60:cf:64:d1:3b:a8:d9:b6:47:cd:2c:
06:6b:35:9d:bf:8d:47:77:e9:2f:48:dc:ca:e6:d7:
b4:96:34:e9:38:df:7c:03:2f:0f:25:88:ba:22:5b:
c3:0d:bf:db:be:f6:41:b6:e3:f8:68:84:f3:cd:65:
30:37:d1:4d:d2:e7:2e:55:45:d9:2f:1a:97:19:82:
04:0e:f2:fa:ea:4d:2f:19:fb:06:2d:9a:99:bf:e0:
c0:d3:16:87:71:eb:2f:9b:58:af:f5:7b:8e:cf:dc:
82:0d:e4:07:76:19:64:6c:05:96:de:e7:2a:c1:af:
5b:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:CF:C2:1E:D4:D9:CF:69:2C:0F:60:6B:C5:06:01:E4:66:2B:E9:0B
X509v3 Authority Key Identifier:
keyid:AE:BF:39:4E:2F:1B:25:1C:88:D9:88:A8:71:61:08:45:80:78:6E:F5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rr85Ti8bJRyI2YiocWEIRYB4bvU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/0M_CHtTZz2ksD2BrxQYB5GYr6Qs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c9/40498e-d1c0-484c-abcb-61e7f40d5dd6/1/rr85Ti8bJRyI2YiocWEIRYB4bvU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.252.0/22
37.18.160.0/20
37.58.128.0/17
37.157.8.0-37.157.10.255
37.157.12.0/22
37.157.60.0/22
45.142.172.0/22
45.145.124.0/22
46.20.160.0/20
62.102.224.0/19
62.244.70.0-62.244.75.255
62.244.80.0/23
62.244.90.0-62.244.93.255
79.98.96.0/21
81.22.216.0/21
91.103.232.0/21
91.205.156.0/24
91.206.156.0/23
91.217.94.0/23
91.229.230.0/23
92.61.72.0/21
94.127.8.0/21
103.73.172.0/22
103.77.32.0/22
103.229.36.0/23
103.232.172.0/22
109.69.192.0/21
109.237.240.0/20
128.127.128.0/20
146.247.88.0/21
149.255.136.0/21
178.249.160.0/21
185.15.128.0/22
185.42.132.0/22
185.49.120.0-185.49.122.255
185.65.224.0/22
185.67.88.0/22
185.79.148.0/22
185.90.96.0/22
185.95.120.0/22
185.138.104.0/22
185.149.8.0/22
185.172.16.0/22
185.196.248.0/22
185.204.140.0/22
185.208.248.0/22
185.247.248.0/22
188.66.56.0/22
193.3.24.0/24
193.27.194.0/23
193.41.95.0/24
193.47.139.0/24
193.84.100.0/24
193.108.197.0/24
193.222.142.0/23
193.222.188.0/23
194.177.32.0/19
195.214.240.0/21
212.51.160.0/19
213.108.64.0/21
213.151.166.0/24
213.151.168.0/23
213.151.171.0-213.151.175.255
IPv6:
2a00:bc80::/32
2a01:6d8::/32
2a01:728::/29
2a03:4c00::/29
2a03:bf40::/32
2a05:df00::/29
2a0d:4240::/29
Signature Algorithm: sha256WithRSAEncryption
6c:c3:79:ac:c0:40:bf:39:ca:62:64:2d:e0:8b:a0:c4:2b:2b:
74:11:dd:c0:3f:73:6a:ac:b3:86:42:e8:06:03:1d:ad:1e:44:
b0:e1:27:32:01:27:db:e3:ec:68:81:b9:dc:90:8e:26:9a:47:
bd:55:64:e4:1d:a5:9d:0f:56:b8:fc:4b:58:fc:18:f6:0e:75:
65:3d:b1:30:b4:4d:9a:4d:94:ef:8f:6d:21:0f:b4:23:35:05:
96:e1:cb:d8:58:5d:11:ed:a3:2d:24:fc:b4:a8:83:28:fe:ff:
9b:ac:62:f8:b7:3e:3b:b8:c8:d0:05:a7:95:14:21:c2:17:cb:
25:c6:49:fa:68:17:0e:9d:62:26:87:65:69:72:b4:49:34:21:
d3:f3:05:78:66:05:08:f4:d9:0d:98:e0:ed:e4:2c:b2:da:84:
61:6d:4d:38:1f:91:05:48:0d:97:a2:8a:25:f5:47:06:63:63:
92:f0:29:86:30:0c:b2:79:46:62:57:a8:f9:e9:7b:f5:33:51:
df:30:66:16:cf:87:4f:78:7b:6f:61:46:82:f2:b0:02:f2:80:
00:b4:be:46:a8:85:05:46:d6:57:e5:92:fe:9b:a7:2c:f1:94:
0e:9f:c6:4c:53:ed:8f:33:89:66:ce:39:24:e9:26:03:1e:f0:
a7:30:77:b3
-----BEGIN CERTIFICATE-----
MIIG3DCCBcSgAwIBAgISAZf5CB+a5b4NX1imxxCViP3XMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlYmYzOTRlMmYxYjI1MWM4OGQ5ODhhODcxNjEwODQ1ODA3
ODZlZjUwHhcNMjUwNzExMTAyOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGNmYzIxZWQ0ZDljZjY5MmMwZjYwNmJjNTA2MDFlNDY2MmJlOTBiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyRzXZf3EVK1+5sRpEmMfQMEvws1l
K5pMJSErIn8K6x7AYrCIvvOeY663T0BCaHpocb3M0H/4VeYOHWRUXG3gtp1kRSpc
KmR2TufnMLRN4EpRkho9SIThTI/Ye6qT5YJx4x8rHSMQ4Y5QLaFxkVjvmuJF67mw
cXjv+5h4EJOwBkktRLPHxzmJPWhzYM9k0Tuo2bZHzSwGazWdv41Hd+kvSNzK5te0
ljTpON98Ay8PJYi6IlvDDb/bvvZBtuP4aITzzWUwN9FN0ucuVUXZLxqXGYIEDvL6
6k0vGfsGLZqZv+DA0xaHcesvm1iv9XuOz9yCDeQHdhlkbAWW3ucqwa9bMwIDAQAB
o4ID6DCCA+QwHQYDVR0OBBYEFNDPwh7U2c9pLA9ga8UGAeRmK+kLMB8GA1UdIwQY
MBaAFK6/OU4vGyUciNmIqHFhCEWAeG71MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2It
NjFlN2Y0MGQ1ZGQ2LzEvME1fQ0h0VFp6MmtzRDJCcnhRWUI1R1lyNlFzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOS80MDQ5OGUtZDFjMC00ODRjLWFiY2ItNjFlN2Y0MGQ1ZGQ2
LzEvcnI4NVRpOGJKUnlJMllpb2NXRUlSWUI0YnZVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB/AYIKwYBBQUHAQcBAf8EggHrMIIB5zCCAaoEAgABMIIB
ogMEAgW2/AMEBCUSoAMEByU6gDAMAwQDJZ0IAwQAJZ0KAwQCJZ0MAwQCJZ08AwQC
LY6sAwQCLZF8AwQELhSgAwQFPmbgMAwDBAE+9EYDBAI+9EgDBAE+9FAwDAMEAT70
WgMEAT70XAMEA09iYAMEA1EW2AMEA1tn6AMEAFvNnAMEAVvOnAMEAVvZXgMEAVvl
5gMEA1w9SAMEA15/CAMEAmdJrAMEAmdNIAMEAWflJAMEAmforAMEA21FwAMEBG3t
8AMEBIB/gAMEA5L3WAMEA5X/iAMEA7L5oAMEArkPgAMEArkqhDAMAwQDuTF4AwQA
uTF6AwQCuUHgAwQCuUNYAwQCuU+UAwQCuVpgAwQCuV94AwQCuYpoAwQCuZUIAwQC
uawQAwQCucT4AwQCucyMAwQCudD4AwQCuff4AwQCvEI4AwQAwQMYAwQBwRvCAwQA
wSlfAwQAwS+LAwQAwVRkAwQAwWzFAwQBwd6OAwQBwd68AwQFwrEgAwQDw9bwAwQF
1DOgAwQD1WxAAwQA1ZemAwQB1ZeoMAwDBADVl6sDBATVl6AwNwQCAAIwMQMFACoA
vIADBQAqAQbYAwUDKgEHKAMFAyoDTAADBQAqA79AAwUDKgXfAAMFAyoNQkAwDQYJ
KoZIhvcNAQELBQADggEBAGzDeazAQL85ymJkLeCLoMQrK3QR3cA/c2qss4ZC6AYD
Ha0eRLDhJzIBJ9vj7GiBudyQjiaaR71VZOQdpZ0PVrj8S1j8GPYOdWU9sTC0TZpN
lO+PbSEPtCM1BZbhy9hYXRHtoy0k/LSogyj+/5usYvi3Pju4yNAFp5UUIcIXyyXG
SfpoFw6dYiaHZWlytEk0IdPzBXhmBQj02Q2Y4O3kLLLahGFtTTgfkQVIDZeiiiX1
RwZjY5LwKYYwDLJ5RmJXqPnpe/UzUd8wZhbPh094e29hRoLysALygAC0vkaohQVG
1lflkv6bpyzxlA6fxkxT7Y8ziWbOOSTpJgMe8Kcwd7M=
-----END CERTIFICATE-----
Generated at Sat Jul 26 20:06:28 2025 by rpki-client