Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/hVK512RaS7Wqoko0eCeNgWu9miM.roa
File: hVK512RaS7Wqoko0eCeNgWu9miM.roa (raw, json)
Hash identifier: tpa1Mpq3iNlKpncPJwo9VA05AS/nxDYqEa9TqaOOX08=
Subject key identifier: 85:52:B9:D7:64:5A:4B:B5:AA:A2:4A:34:78:27:8D:81:6B:BD:9A:23
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 01970CB89DDFEBC7D8156A6F5B42E759D3E1
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/hVK512RaS7Wqoko0eCeNgWu9miM.roa
Signing time: Mon 26 May 2025 13:11:54 +0000
ROA not before: Mon 26 May 2025 13:11:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
83.172.151.0/24 maxlen: 24
83.172.153.0/24 maxlen: 24
83.172.169.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.122.184.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f82:abcd::/48 maxlen: 48
2a03:f82:abcd:43::/64 maxlen: 64
2a03:f87:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:0c:b8:9d:df:eb:c7:d8:15:6a:6f:5b:42:e7:59:d3:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: May 26 13:11:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8552b9d7645a4bb5aaa24a3478278d816bbd9a23
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:49:d6:ba:c4:fc:10:a4:57:a2:d1:f7:31:b7:
a0:31:b1:25:f4:da:7a:b1:e0:00:18:a6:51:58:54:
43:5c:1d:3a:5d:84:f4:7a:35:04:c7:5e:63:a0:01:
c2:6e:11:bf:66:ca:b3:46:79:3a:f1:a3:b6:d7:ed:
a9:a8:33:6a:ff:17:56:60:1a:c3:b3:e2:bc:ff:45:
d4:4d:50:8a:76:75:1d:db:5a:68:8a:c9:0a:0c:e3:
a9:85:ff:f1:6d:2c:97:4a:10:85:17:d3:be:d1:2e:
9f:6f:4a:a5:a0:aa:73:8e:72:f4:a1:76:80:19:af:
be:f9:22:0d:46:e0:67:1b:b1:9b:1f:41:c7:5b:c2:
6f:a6:b2:59:1c:ce:dd:05:42:41:31:f7:6f:74:7f:
76:9d:09:06:91:39:3f:c4:3c:32:73:a7:86:8d:ef:
7e:f6:10:84:c3:60:51:a9:20:21:3b:a7:ad:86:29:
e8:3c:f9:4c:e2:12:13:e9:11:f4:59:91:db:50:b5:
57:b0:66:45:53:19:bf:47:ed:e5:a3:61:1f:7c:06:
91:3b:cf:fa:91:f7:69:cb:15:f7:cb:79:8e:46:03:
83:dc:69:40:5b:34:b7:2b:da:38:41:7f:f7:ea:b1:
a0:76:dc:ac:8b:20:f0:5d:82:c6:50:1c:a9:a2:fd:
65:63
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:52:B9:D7:64:5A:4B:B5:AA:A2:4A:34:78:27:8D:81:6B:BD:9A:23
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/hVK512RaS7Wqoko0eCeNgWu9miM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
37.235.48.0/20
45.153.125.0/24
83.172.151.0/24
83.172.153.0/24
83.172.169.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.46.238.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.205.0/24
103.57.250.0/24
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
185.26.236.0-185.26.238.255
185.122.184.0/24
185.193.51.0/24
185.195.65.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:31::/48
2a03:f80:56::/47
2a03:f80:70::/48
2a03:f80:354::/48
2a03:f80:357::/48
2a03:f80:359::/48
2a03:f80:370::/47
2a03:f80:3991::/48
2a03:f80:ad15::/48
2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
2a03:f80:ed31::/48
2a03:f80:ed51::/48
2a03:f82:abcd::/48
2a03:f87:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
21:a4:62:3f:51:21:f1:4b:6f:a9:de:b8:ad:09:a5:78:90:08:
64:3e:84:25:d9:0d:78:92:69:56:cb:dc:0e:e3:71:6c:e9:1b:
db:56:b9:63:6c:dd:74:47:36:a6:29:67:5e:ed:39:39:13:68:
43:6d:1b:e9:39:8b:5d:48:3b:8a:6b:3b:4b:23:c6:b1:66:69:
f0:1b:9d:39:6d:60:65:87:78:3d:4f:2f:c8:69:7d:75:ab:4a:
9d:5b:03:a6:a4:23:8f:d9:c9:5c:fc:37:ff:5e:7d:81:29:26:
50:95:3e:e4:11:b7:e9:aa:0c:9e:5f:62:25:32:45:ce:7d:a0:
d0:b3:45:37:12:9c:90:6c:b4:38:7a:15:6c:32:a6:e0:0e:b1:
8c:5f:23:62:55:93:87:12:7e:6c:c3:01:81:7f:bc:a4:9d:81:
c9:7a:c6:cc:75:36:bf:dc:64:8f:19:9f:88:b9:78:df:36:28:
a8:70:b5:47:80:e7:26:f2:a7:bd:8b:96:f4:07:3d:04:83:93:
d9:32:05:a4:23:38:0b:42:50:2b:66:f4:7f:6e:0c:2d:8c:e4:
37:b4:38:c6:ba:a3:9e:1b:99:91:1a:c4:ac:af:ab:c6:68:06:
a1:b0:6b:6d:75:e0:24:5f:ef:f1:08:ab:71:6c:50:ec:31:15:
84:88:38:51
-----BEGIN CERTIFICATE-----
MIIGazCCBVOgAwIBAgISAZcMuJ3f68fYFWpvW0LnWdPhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNTI2MTMxMTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NTUyYjlkNzY0NWE0YmI1YWFhMjRhMzQ3ODI3OGQ4MTZiYmQ5YTIzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwknWusT8EKRXotH3MbegMbEl9Np6
seAAGKZRWFRDXB06XYT0ejUEx15joAHCbhG/ZsqzRnk68aO21+2pqDNq/xdWYBrD
s+K8/0XUTVCKdnUd21poiskKDOOphf/xbSyXShCFF9O+0S6fb0qloKpzjnL0oXaA
Ga+++SINRuBnG7GbH0HHW8JvprJZHM7dBUJBMfdvdH92nQkGkTk/xDwyc6eGje9+
9hCEw2BRqSAhO6ethinoPPlM4hIT6RH0WZHbULVXsGZFUxm/R+3lo2EffAaRO8/6
kfdpyxX3y3mORgOD3GlAWzS3K9o4QX/36rGgdtysiyDwXYLGUBypov1lYwIDAQAB
o4IDdzCCA3MwHQYDVR0OBBYEFIVSuddkWku1qqJKNHgnjYFrvZojMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvaFZLNTEyUmFTN1dxb2tvMGVDZU5nV3U5bWlNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBiwYIKwYBBQUHAQcBAf8EggF6MIIBdjCB1wQCAAEwgdAD
BAAFtHIDBAQl6zADBAAtmX0DBABTrJcDBABTrJkDBABTrKkDBABT83gDBAFT83oD
BABU9z0DBABWancDBABZH3sDBABZLu4DBABbhF4DBAFb48wDBABc80IDBABfnM0D
BABnOfoDBACG/9IwDAMEA5WamAMEAJWanAMEBZfsADAMAwQAnv/RAwQAnv/UMAwD
BAK5GuwDBAC5Gu4DBAC5ergDBAC5wTMDBAC5w0EwDAMEALzWIQMEALzWIgMEAbzW
JjAMAwQB1bc2AwQB1bc4MIGZBAIAAjCBkgMHACoDD4AABwMHACoDD4AAMQMHASoD
D4AAVgMHACoDD4AAcAMHACoDD4ADVAMHACoDD4ADVwMHACoDD4ADWQMHASoDD4AD
cAMHACoDD4A5kQMHACoDD4CtFTASAwcAKgMPgO0VAwcDKgMPgO0QAwcAKgMPgO0x
AwcAKgMPgO1RAwcAKgMPgqvNAwcAKgMPh///MA0GCSqGSIb3DQEBCwUAA4IBAQAh
pGI/USHxS2+p3ritCaV4kAhkPoQl2Q14kmlWy9wO43Fs6RvbVrljbN10RzamKWde
7Tk5E2hDbRvpOYtdSDuKaztLI8axZmnwG505bWBlh3g9Ty/IaX11q0qdWwOmpCOP
2clc/Df/Xn2BKSZQlT7kEbfpqgyeX2IlMkXOfaDQs0U3EpyQbLQ4ehVsMqbgDrGM
XyNiVZOHEn5swwGBf7yknYHJesbMdTa/3GSPGZ+IuXjfNiiocLVHgOcm8qe9i5b0
Bz0Eg5PZMgWkIzgLQlArZvR/bgwtjOQ3tDjGuqOeG5mRGsSsr6vGaAahsGttdeAk
X+/xCKtxbFDsMRWEiDhR
-----END CERTIFICATE-----
Generated at Fri Jun 6 16:06:24 2025 by rpki-client