Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/pDp2CToPzzYDQ1WhaCtd0HG6Gtc.roa
File: pDp2CToPzzYDQ1WhaCtd0HG6Gtc.roa (raw, json)
Hash identifier: gA5JjiJRsXhS8LWEfP0H0OvEaHq8p+EbMF4HPnV2enw=
Subject key identifier: A4:3A:76:09:3A:0F:CF:36:03:43:55:A1:68:2B:5D:D0:71:BA:1A:D7
Certificate issuer: /CN=66df7742890173927935206a28efbf48123e787c
Certificate serial: 01990B0D2BB7D2020EA1221E93DB3B4FEE72
Authority key identifier: 66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/pDp2CToPzzYDQ1WhaCtd0HG6Gtc.roa
Signing time: Tue 02 Sep 2025 15:30:36 +0000
ROA not before: Tue 02 Sep 2025 15:30:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5413
IP address blocks: 5.22.224.0/21 maxlen: 24
45.83.76.0/22 maxlen: 24
62.44.64.0/19 maxlen: 24
62.69.32.0/19 maxlen: 24
62.72.128.0/19 maxlen: 24
62.105.64.0/18 maxlen: 24
62.232.0.0/16 maxlen: 24
77.44.0.0/17 maxlen: 24
77.73.120.0/21 maxlen: 24
77.107.128.0/18 maxlen: 24
78.41.208.0/21 maxlen: 24
78.141.0.0/18 maxlen: 24
80.64.48.0/20 maxlen: 24
80.69.128.0/20 maxlen: 24
80.89.80.0/20 maxlen: 24
80.234.128.0/17 maxlen: 24
82.195.96.0/19 maxlen: 24
83.219.32.0/19 maxlen: 24
89.145.192.0/18 maxlen: 24
93.92.120.0/21 maxlen: 24
93.95.104.0/21 maxlen: 24
94.30.0.0/17 maxlen: 24
109.170.128.0/17 maxlen: 24
130.185.64.0/21 maxlen: 24
176.35.0.0/16 maxlen: 24
185.3.76.0/22 maxlen: 24
185.8.204.0/22 maxlen: 24
185.138.152.0/22 maxlen: 24
185.196.204.0/22 maxlen: 24
193.41.96.0/21 maxlen: 24
193.192.64.0/19 maxlen: 24
193.242.113.0/24 maxlen: 24
193.242.115.0/24 maxlen: 24
193.242.116.0/24 maxlen: 24
194.1.210.0/24 maxlen: 24
194.79.240.0/22 maxlen: 24
194.126.64.0/19 maxlen: 24
194.143.160.0/19 maxlen: 24
194.153.0.0/19 maxlen: 24
194.154.160.0/19 maxlen: 24
195.38.64.0/19 maxlen: 24
195.70.64.0/19 maxlen: 24
195.147.0.0/16 maxlen: 24
195.200.128.0/19 maxlen: 24
195.224.0.0/16 maxlen: 24
195.226.32.0/19 maxlen: 24
212.19.64.0/19 maxlen: 24
212.35.224.0/19 maxlen: 24
212.88.32.0/19 maxlen: 24
212.102.192.0/19 maxlen: 24
212.103.224.0/19 maxlen: 24
212.241.128.0/17 maxlen: 24
213.205.128.0/18 maxlen: 24
217.67.48.0/20 maxlen: 24
2001:b98::/29 maxlen: 29
2001:b98::/32 maxlen: 32
2a00:b300::/32 maxlen: 32
2a04:b2c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 09 Sep 2025 01:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:0b:0d:2b:b7:d2:02:0e:a1:22:1e:93:db:3b:4f:ee:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=66df7742890173927935206a28efbf48123e787c
Validity
Not Before: Sep 2 15:30:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a43a76093a0fcf36034355a1682b5dd071ba1ad7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:4e:6c:d2:16:ec:54:67:31:75:a3:42:1f:0f:
39:83:25:01:e6:8c:9f:69:1e:28:ef:65:aa:36:e5:
de:24:e4:5e:58:c2:df:be:12:63:55:bd:3f:fe:d0:
39:0b:18:c5:4a:4c:60:c0:cb:61:66:43:12:2f:08:
22:0a:98:ef:6b:d2:b7:35:d1:e7:d7:17:3e:29:4a:
5d:bc:c0:04:99:3f:da:c4:36:d8:43:9a:8f:07:1b:
69:01:3b:c1:0a:8d:73:87:93:db:3a:b7:00:fa:9d:
53:96:a2:c3:6e:55:d5:d5:a5:6e:01:9a:9c:fb:41:
af:5c:73:0c:89:6f:65:ae:bd:a4:ad:b3:2f:04:60:
01:8b:98:9e:41:2c:86:b7:03:85:b1:16:ec:48:7c:
b5:80:00:ec:6a:a7:cc:e0:d5:cd:39:1e:fa:33:d0:
08:16:0d:6f:ba:e6:6c:a8:b6:14:22:d0:a6:15:1f:
a5:24:31:27:9e:c5:ec:6b:6e:3c:35:5d:d2:3d:ba:
99:e1:40:1b:12:6c:c8:02:c3:54:ed:51:5c:c8:b1:
17:30:f7:fd:a6:ce:80:00:75:9d:c2:d2:08:db:d6:
7e:cf:5a:d8:65:fd:66:b9:d4:60:14:9d:e7:f3:70:
23:fa:4b:cf:c0:58:3b:af:0b:00:48:28:12:2f:a7:
e0:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:3A:76:09:3A:0F:CF:36:03:43:55:A1:68:2B:5D:D0:71:BA:1A:D7
X509v3 Authority Key Identifier:
keyid:66:DF:77:42:89:01:73:92:79:35:20:6A:28:EF:BF:48:12:3E:78:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Zt93QokBc5J5NSBqKO-_SBI-eHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/pDp2CToPzzYDQ1WhaCtd0HG6Gtc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/21/e84340-128a-4497-946f-09787f152ade/1/Zt93QokBc5J5NSBqKO-_SBI-eHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.22.224.0/21
45.83.76.0/22
62.44.64.0/19
62.69.32.0/19
62.72.128.0/19
62.105.64.0/18
62.232.0.0/16
77.44.0.0/17
77.73.120.0/21
77.107.128.0/18
78.41.208.0/21
78.141.0.0/18
80.64.48.0/20
80.69.128.0/20
80.89.80.0/20
80.234.128.0/17
82.195.96.0/19
83.219.32.0/19
89.145.192.0/18
93.92.120.0/21
93.95.104.0/21
94.30.0.0/17
109.170.128.0/17
130.185.64.0/21
176.35.0.0/16
185.3.76.0/22
185.8.204.0/22
185.138.152.0/22
185.196.204.0/22
193.41.96.0/21
193.192.64.0/19
193.242.113.0/24
193.242.115.0-193.242.116.255
194.1.210.0/24
194.79.240.0/22
194.126.64.0/19
194.143.160.0/19
194.153.0.0/19
194.154.160.0/19
195.38.64.0/19
195.70.64.0/19
195.147.0.0/16
195.200.128.0/19
195.224.0.0/16
195.226.32.0/19
212.19.64.0/19
212.35.224.0/19
212.88.32.0/19
212.102.192.0/19
212.103.224.0/19
212.241.128.0/17
213.205.128.0/18
217.67.48.0/20
IPv6:
2001:b98::/29
2a00:b300::/32
2a04:b2c0::/29
Signature Algorithm: sha256WithRSAEncryption
02:7f:ce:29:a6:0b:5e:58:4a:b8:88:59:42:ce:86:f6:29:f5:
e6:9a:93:64:57:9c:f0:be:c1:c7:a5:c0:85:e0:fb:35:01:ac:
cf:cb:34:61:16:4a:20:b2:e7:bf:bc:80:93:a1:bb:00:9c:5b:
80:c7:ff:e7:8c:b7:17:17:bb:1e:d9:82:95:97:30:bf:37:40:
08:47:7d:63:f8:10:4e:e6:0f:d9:72:25:fd:8c:14:9d:5d:fc:
25:04:09:89:cf:c8:bb:3f:f1:82:97:e7:54:e7:79:a2:f6:2a:
09:62:04:e3:33:ce:24:a0:dc:2a:9a:84:74:b6:77:81:cf:44:
fc:19:3e:d1:85:79:c8:06:b1:57:53:2d:4c:f2:d3:71:8c:18:
c0:f5:ce:d5:ae:2c:e2:31:f9:fe:5b:2c:65:e5:0b:0c:ba:40:
e7:0b:12:44:a9:61:56:d7:8a:e2:ff:ef:00:17:f7:89:18:45:
cc:2d:fb:42:14:bc:cc:a6:79:ca:db:9f:ef:a9:01:9e:74:8e:
e4:a9:cf:d2:15:67:4b:36:21:62:e1:45:10:38:45:fd:d4:f4:
40:eb:9f:9b:bd:cd:2c:91:00:e2:fb:2b:24:06:20:df:8d:e8:
a0:e2:5b:98:8e:61:23:dd:ba:04:cf:ae:5b:a4:03:97:2b:dd:
20:a2:aa:72
-----BEGIN CERTIFICATE-----
MIIGYDCCBUigAwIBAgISAZkLDSu30gIOoSIek9s7T+5yMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY2ZGY3NzQyODkwMTczOTI3OTM1MjA2YTI4ZWZiZjQ4MTIz
ZTc4N2MwHhcNMjUwOTAyMTUzMDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDNhNzYwOTNhMGZjZjM2MDM0MzU1YTE2ODJiNWRkMDcxYmExYWQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxE5s0hbsVGcxdaNCHw85gyUB5oyf
aR4o72WqNuXeJOReWMLfvhJjVb0//tA5CxjFSkxgwMthZkMSLwgiCpjva9K3NdHn
1xc+KUpdvMAEmT/axDbYQ5qPBxtpATvBCo1zh5PbOrcA+p1TlqLDblXV1aVuAZqc
+0GvXHMMiW9lrr2krbMvBGABi5ieQSyGtwOFsRbsSHy1gADsaqfM4NXNOR76M9AI
Fg1vuuZsqLYUItCmFR+lJDEnnsXsa248NV3SPbqZ4UAbEmzIAsNU7VFcyLEXMPf9
ps6AAHWdwtII29Z+z1rYZf1mudRgFJ3n83Aj+kvPwFg7rwsASCgSL6fgXQIDAQAB
o4IDbDCCA2gwHQYDVR0OBBYEFKQ6dgk6D882A0NVoWgrXdBxuhrXMB8GA1UdIwQY
MBaAFGbfd0KJAXOSeTUgaijvv0gSPnh8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYt
MDk3ODdmMTUyYWRlLzEvcERwMkNUb1B6ellEUTFXaGFDdGQwSEc2R3RjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMS9lODQzNDAtMTI4YS00NDk3LTk0NmYtMDk3ODdmMTUyYWRl
LzEvWnQ5M1Fva0JjNUo1TlNCcUtPLV9TQkktZUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgAYIKwYBBQUHAQcBAf8EggFvMIIBazCCAUoEAgABMIIB
QgMEAwUW4AMEAi1TTAMEBT4sQAMEBT5FIAMEBT5IgAMEBj5pQAMDAD7oAwQHTSwA
AwQDTUl4AwQGTWuAAwQDTinQAwQGTo0AAwQEUEAwAwQEUEWAAwQEUFlQAwQHUOqA
AwQFUsNgAwQFU9sgAwQGWZHAAwQDXVx4AwQDXV9oAwQHXh4AAwQHbaqAAwQDgrlA
AwMAsCMDBAK5A0wDBAK5CMwDBAK5ipgDBAK5xMwDBAPBKWADBAXBwEADBADB8nEw
DAMEAMHycwMEAMHydAMEAMIB0gMEAsJP8AMEBcJ+QAMEBcKPoAMEBcKZAAMEBcKa
oAMEBcMmQAMEBcNGQAMDAMOTAwQFw8iAAwMAw+ADBAXD4iADBAXUE0ADBAXUI+AD
BAXUWCADBAXUZsADBAXUZ+ADBAfU8YADBAbVzYADBATZQzAwGwQCAAIwFQMFAyAB
C5gDBQAqALMAAwUDKgSywDANBgkqhkiG9w0BAQsFAAOCAQEAAn/OKaYLXlhKuIhZ
Qs6G9in15pqTZFec8L7Bx6XAheD7NQGsz8s0YRZKILLnv7yAk6G7AJxbgMf/54y3
Fxe7HtmClZcwvzdACEd9Y/gQTuYP2XIl/YwUnV38JQQJic/Iuz/xgpfnVOd5ovYq
CWIE4zPOJKDcKpqEdLZ3gc9E/Bk+0YV5yAaxV1MtTPLTcYwYwPXO1a4s4jH5/lss
ZeULDLpA5wsSRKlhVteK4v/vABf3iRhFzC37QhS8zKZ5ytuf76kBnnSO5KnP0hVn
SzYhYuFFEDhF/dT0QOufm73NLJEA4vsrJAYg343ooOJbmI5hI926BM+uW6QDlyvd
IKKqcg==
-----END CERTIFICATE-----
Generated at Mon Sep 8 10:40:01 2025 by rpki-client