Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LhPpBjNmbFa2gl8_Dbax6zoOarw.roa
File: LhPpBjNmbFa2gl8_Dbax6zoOarw.roa (raw, json)
Hash identifier: SeJ8QFdJteLuaYtUGWsxAGNYwpSn6gVxPP7gW3ScQjc=
Subject key identifier: 2E:13:E9:06:33:66:6C:56:B6:82:5F:3F:0D:B6:B1:EB:3A:0E:6A:BC
Certificate issuer: /CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Certificate serial: 0199148ACB450C949BBA80126D31953C2B95
Authority key identifier: AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LhPpBjNmbFa2gl8_Dbax6zoOarw.roa
Signing time: Thu 04 Sep 2025 11:44:24 +0000
ROA not before: Thu 04 Sep 2025 11:44:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 79.132.72.0/24 maxlen: 24
79.132.73.0/24 maxlen: 24
79.132.74.0/24 maxlen: 24
79.132.75.0/24 maxlen: 24
79.132.76.0/24 maxlen: 24
79.132.77.0/24 maxlen: 24
79.132.78.0/24 maxlen: 24
79.132.79.0/24 maxlen: 24
79.132.80.0/24 maxlen: 24
79.132.81.0/24 maxlen: 24
79.132.82.0/24 maxlen: 24
79.132.83.0/24 maxlen: 24
79.132.84.0/22 maxlen: 24
79.132.88.0/24 maxlen: 24
79.132.89.0/24 maxlen: 24
79.132.90.0/24 maxlen: 24
79.132.91.0/24 maxlen: 24
79.135.152.0/24 maxlen: 24
79.135.153.0/24 maxlen: 24
79.135.155.0/24 maxlen: 24
80.81.40.0/24 maxlen: 24
80.81.41.0/24 maxlen: 24
80.81.49.0/24 maxlen: 24
80.81.50.0/24 maxlen: 24
80.81.52.0/24 maxlen: 24
80.81.56.0/24 maxlen: 24
80.254.212.0/24 maxlen: 24
80.254.213.0/24 maxlen: 24
80.254.214.0/24 maxlen: 24
80.254.215.0/24 maxlen: 24
80.254.220.0/24 maxlen: 24
80.254.221.0/24 maxlen: 24
80.254.222.0/24 maxlen: 24
80.254.223.0/24 maxlen: 24
83.223.128.0/24 maxlen: 24
83.223.129.0/24 maxlen: 24
83.223.144.0/24 maxlen: 24
85.254.8.0/24 maxlen: 24
85.254.9.0/24 maxlen: 24
85.254.10.0/24 maxlen: 24
85.254.11.0/24 maxlen: 24
85.254.45.0/24 maxlen: 24
85.254.47.0/24 maxlen: 24
85.254.52.0/24 maxlen: 24
85.254.53.0/24 maxlen: 24
85.254.54.0/24 maxlen: 24
85.254.55.0/24 maxlen: 24
85.254.62.0/24 maxlen: 24
85.254.66.0/24 maxlen: 24
85.254.67.0/24 maxlen: 24
85.254.70.0/24 maxlen: 24
85.254.72.0/24 maxlen: 24
85.254.104.0/24 maxlen: 24
85.254.105.0/24 maxlen: 24
85.254.106.0/24 maxlen: 24
85.254.107.0/24 maxlen: 24
85.254.108.0/24 maxlen: 24
85.254.109.0/24 maxlen: 24
85.254.110.0/24 maxlen: 24
85.254.111.0/24 maxlen: 24
85.254.116.0/24 maxlen: 24
85.254.122.0/24 maxlen: 24
85.254.133.0/24 maxlen: 24
85.254.135.0/24 maxlen: 24
85.254.136.0/24 maxlen: 24
85.254.165.0/24 maxlen: 24
85.254.166.0/24 maxlen: 24
85.254.167.0/24 maxlen: 24
85.254.171.0/24 maxlen: 24
85.254.188.0/24 maxlen: 24
85.254.189.0/24 maxlen: 24
85.254.190.0/24 maxlen: 24
85.254.191.0/24 maxlen: 24
91.190.38.0/24 maxlen: 24
91.190.39.0/24 maxlen: 24
91.190.40.0/24 maxlen: 24
91.190.41.0/24 maxlen: 24
91.190.43.0/24 maxlen: 24
91.190.44.0/24 maxlen: 24
91.190.46.0/24 maxlen: 24
91.190.62.0/24 maxlen: 24
91.190.63.0/24 maxlen: 24
159.148.125.0/24 maxlen: 24
159.148.138.0/24 maxlen: 24
159.148.148.0/24 maxlen: 24
159.148.150.0/24 maxlen: 24
159.148.222.0/24 maxlen: 24
159.148.242.0/24 maxlen: 24
159.148.243.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.mft
rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 23:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:8a:cb:45:0c:94:9b:ba:80:12:6d:31:95:3c:2b:95
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ab0952c8ba8dadb1d34de6c6a93864a609fc41ec
Validity
Not Before: Sep 4 11:44:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2e13e90633666c56b6825f3f0db6b1eb3a0e6abc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f2:ba:88:38:91:fc:6e:fc:35:c5:26:89:2d:f1:
ac:a2:dc:7f:28:b9:f5:20:01:b2:0d:d9:18:52:75:
28:c4:52:02:b9:bc:c6:21:8e:49:1e:eb:de:b3:00:
fa:90:2a:22:b2:43:12:c4:c5:16:cf:47:23:21:2b:
6d:ee:01:f2:51:21:94:4d:58:e8:36:98:b8:3a:4f:
c4:40:91:da:24:a6:6c:20:d1:74:a1:8a:65:47:bb:
67:34:a2:c1:14:69:be:78:65:db:7e:b7:0b:20:19:
84:9e:cd:11:ea:55:f5:05:d0:96:c0:46:42:3b:4c:
e6:a0:f3:bc:b9:3c:54:14:35:11:03:99:77:e0:3b:
6e:46:75:bd:69:10:2a:08:e8:2f:4a:9c:7d:b7:65:
b0:c8:fb:59:73:26:84:59:44:65:6c:13:69:2a:84:
9f:0e:71:df:e9:33:54:10:8e:f6:00:22:49:23:54:
74:f0:5a:a7:8f:ff:8a:a9:38:16:9d:d9:a6:ff:0d:
d5:1c:ce:4c:ce:16:91:54:a5:90:02:fb:0f:d0:63:
ef:d8:5c:97:73:16:f2:74:d5:75:40:35:8c:7c:03:
d3:0f:bb:f0:47:a4:20:3a:4e:76:cf:60:2d:b9:7e:
33:f1:8e:e9:a1:6d:1f:3c:31:38:52:f0:95:01:69:
73:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2E:13:E9:06:33:66:6C:56:B6:82:5F:3F:0D:B6:B1:EB:3A:0E:6A:BC
X509v3 Authority Key Identifier:
keyid:AB:09:52:C8:BA:8D:AD:B1:D3:4D:E6:C6:A9:38:64:A6:09:FC:41:EC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qwlSyLqNrbHTTebGqThkpgn8Qew.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/LhPpBjNmbFa2gl8_Dbax6zoOarw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0e/3555fe-12cd-402a-a810-5554d6e1686f/1/qwlSyLqNrbHTTebGqThkpgn8Qew.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.132.72.0-79.132.91.255
79.135.152.0/23
79.135.155.0/24
80.81.40.0/23
80.81.49.0-80.81.50.255
80.81.52.0/24
80.81.56.0/24
80.254.212.0/22
80.254.220.0/22
83.223.128.0/23
83.223.144.0/24
85.254.8.0/22
85.254.45.0/24
85.254.47.0/24
85.254.52.0/22
85.254.62.0/24
85.254.66.0/23
85.254.70.0/24
85.254.72.0/24
85.254.104.0/21
85.254.116.0/24
85.254.122.0/24
85.254.133.0/24
85.254.135.0-85.254.136.255
85.254.165.0-85.254.167.255
85.254.171.0/24
85.254.188.0/22
91.190.38.0-91.190.41.255
91.190.43.0-91.190.44.255
91.190.46.0/24
91.190.62.0/23
159.148.125.0/24
159.148.138.0/24
159.148.148.0/24
159.148.150.0/24
159.148.222.0/24
159.148.242.0/23
Signature Algorithm: sha256WithRSAEncryption
c7:c9:75:f9:16:39:bf:7b:bf:87:39:3d:99:37:14:1c:cf:8b:
46:33:57:f6:20:bf:a8:b1:a9:63:80:9d:9e:c2:97:f0:04:02:
5c:af:a0:f4:6c:5e:df:b7:cb:49:d0:60:a8:7e:8b:07:05:e0:
eb:5e:5a:63:c1:4f:23:d6:be:04:81:87:b4:ef:b1:4f:66:6c:
59:c7:4e:bb:b0:0c:c7:c2:cb:c6:91:c6:40:a0:02:2d:ce:78:
65:40:94:84:1a:20:33:4a:e3:76:9e:44:01:34:41:d8:a7:1d:
58:4d:e7:5e:bc:d4:cd:79:1d:71:79:81:29:be:29:06:72:8e:
75:42:d5:ee:fa:ae:5c:de:65:e4:0f:1f:4c:f1:53:c3:bb:a5:
44:98:74:a7:85:c3:9c:7f:ca:0a:bf:db:64:45:da:f4:bb:db:
19:50:8a:53:17:91:07:21:64:76:4f:8d:a7:19:5d:85:de:da:
2f:c0:9a:ff:69:c3:70:61:26:b0:90:bf:b7:28:b1:21:24:59:
b4:06:ee:04:0c:7e:bf:de:df:2f:bb:a6:85:37:42:61:62:2b:
38:5e:ef:38:e4:1a:b5:28:a7:a8:2a:7b:73:a2:fb:f2:80:f2:
e5:9e:40:79:64:ff:76:ce:55:3e:6e:d7:84:d8:09:ba:ac:42:
2c:49:a2:70
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZkUistFDJSbuoASbTGVPCuVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFiMDk1MmM4YmE4ZGFkYjFkMzRkZTZjNmE5Mzg2NGE2MDlm
YzQxZWMwHhcNMjUwOTA0MTE0NDI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZTEzZTkwNjMzNjY2YzU2YjY4MjVmM2YwZGI2YjFlYjNhMGU2YWJjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8rqIOJH8bvw1xSaJLfGsotx/KLn1
IAGyDdkYUnUoxFICubzGIY5JHuveswD6kCoiskMSxMUWz0cjIStt7gHyUSGUTVjo
Npi4Ok/EQJHaJKZsINF0oYplR7tnNKLBFGm+eGXbfrcLIBmEns0R6lX1BdCWwEZC
O0zmoPO8uTxUFDURA5l34DtuRnW9aRAqCOgvSpx9t2WwyPtZcyaEWURlbBNpKoSf
DnHf6TNUEI72ACJJI1R08Fqnj/+KqTgWndmm/w3VHM5MzhaRVKWQAvsP0GPv2FyX
cxbydNV1QDWMfAPTD7vwR6QgOk52z2AtuX4z8Y7poW0fPDE4UvCVAWlzcwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFC4T6QYzZmxWtoJfPw22ses6Dmq8MB8GA1UdIwQY
MBaAFKsJUsi6ja2x003mxqk4ZKYJ/EHsMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAt
NTU1NGQ2ZTE2ODZmLzEvTGhQcEJqTm1iRmEyZ2w4X0RiYXg2em9PYXJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZS8zNTU1ZmUtMTJjZC00MDJhLWE4MTAtNTU1NGQ2ZTE2ODZm
LzEvcXdsU3lMcU5yYkhUVGViR3FUaGtwZ244UWV3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCCARYEAgABMIIB
DjAMAwQDT4RIAwQCT4RYAwQBT4eYAwQAT4ebAwQBUFEoMAwDBABQUTEDBABQUTID
BABQUTQDBABQUTgDBAJQ/tQDBAJQ/twDBAFT34ADBABT35ADBAJV/ggDBABV/i0D
BABV/i8DBAJV/jQDBABV/j4DBAFV/kIDBABV/kYDBABV/kgDBANV/mgDBABV/nQD
BABV/noDBABV/oUwDAMEAFX+hwMEAFX+iDAMAwQAVf6lAwQDVf6gAwQAVf6rAwQC
Vf68MAwDBAFbviYDBAFbvigwDAMEAFu+KwMEAFu+LAMEAFu+LgMEAVu+PgMEAJ+U
fQMEAJ+UigMEAJ+UlAMEAJ+UlgMEAJ+U3gMEAZ+U8jANBgkqhkiG9w0BAQsFAAOC
AQEAx8l1+RY5v3u/hzk9mTcUHM+LRjNX9iC/qLGpY4CdnsKX8AQCXK+g9Gxe37fL
SdBgqH6LBwXg615aY8FPI9a+BIGHtO+xT2ZsWcdOu7AMx8LLxpHGQKACLc54ZUCU
hBogM0rjdp5EATRB2KcdWE3nXrzUzXkdcXmBKb4pBnKOdULV7vquXN5l5A8fTPFT
w7ulRJh0p4XDnH/KCr/bZEXa9LvbGVCKUxeRByFkdk+Npxldhd7aL8Ca/2nDcGEm
sJC/tyixISRZtAbuBAx+v97fL7umhTdCYWIrOF7vOOQatSinqCp7c6L78oDy5Z5A
eWT/ds5VPm7XhNgJuqxCLEmicA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 06:58:38 2025 by rpki-client