Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/uwhIinHo8oKLRZU-I0QLHW4j-jA.roa
File: uwhIinHo8oKLRZU-I0QLHW4j-jA.roa (raw, json)
Hash identifier: M5iRoJO8qLftrIvR+1zZpeCyg+r178qXaTedvkn17JY=
Subject key identifier: BB:08:48:8A:71:E8:F2:82:8B:45:95:3E:23:44:0B:1D:6E:23:FA:30
Certificate issuer: /CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Certificate serial: 019938362148017D0E7997F64A6B6E82E7DA
Authority key identifier: E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/uwhIinHo8oKLRZU-I0QLHW4j-jA.roa
Signing time: Thu 11 Sep 2025 09:58:15 +0000
ROA not before: Thu 11 Sep 2025 09:58:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9125
IP address blocks: 5.172.33.0/24 maxlen: 24
5.172.34.0/23 maxlen: 23
5.172.34.0/24 maxlen: 24
5.172.36.0/22 maxlen: 22
5.172.36.0/23 maxlen: 23
89.23.65.0/24 maxlen: 24
89.23.67.0/24 maxlen: 24
89.23.68.0/23 maxlen: 23
89.23.70.0/24 maxlen: 24
89.23.74.0/24 maxlen: 24
89.23.75.0/24 maxlen: 24
89.23.77.0/24 maxlen: 24
89.23.78.0/24 maxlen: 24
89.23.79.0/24 maxlen: 24
89.23.83.0/24 maxlen: 24
89.23.84.0/24 maxlen: 24
89.23.86.0/24 maxlen: 24
89.23.88.0/24 maxlen: 24
89.23.90.0/24 maxlen: 24
92.42.248.0/22 maxlen: 22
92.42.252.0/24 maxlen: 24
92.42.253.0/24 maxlen: 24
92.42.254.0/24 maxlen: 24
92.42.255.0/24 maxlen: 24
93.93.192.0/21 maxlen: 21
95.140.112.0/22 maxlen: 22
95.140.115.0/24 maxlen: 24
95.140.116.0/22 maxlen: 22
95.140.120.0/23 maxlen: 23
95.140.124.0/22 maxlen: 22
95.140.125.0/24 maxlen: 24
109.111.224.0/24 maxlen: 24
109.111.225.0/24 maxlen: 24
109.111.226.0/24 maxlen: 24
109.111.227.0/24 maxlen: 24
109.111.228.0/24 maxlen: 24
109.111.229.0/24 maxlen: 24
109.111.230.0/23 maxlen: 23
109.111.232.0/22 maxlen: 22
109.111.236.0/22 maxlen: 22
109.111.240.0/24 maxlen: 24
109.111.243.0/24 maxlen: 24
109.111.244.0/24 maxlen: 24
109.111.245.0/24 maxlen: 24
109.111.246.0/24 maxlen: 24
109.111.247.0/24 maxlen: 24
109.111.248.0/24 maxlen: 24
109.111.249.0/24 maxlen: 24
109.111.250.0/24 maxlen: 24
109.111.252.0/23 maxlen: 23
109.111.254.0/24 maxlen: 24
178.254.128.0/21 maxlen: 21
178.254.133.0/24 maxlen: 24
178.254.136.0/22 maxlen: 22
178.254.140.0/22 maxlen: 22
178.254.144.0/24 maxlen: 24
178.254.145.0/24 maxlen: 24
178.254.146.0/24 maxlen: 24
178.254.148.0/24 maxlen: 24
178.254.149.0/24 maxlen: 24
178.254.151.0/24 maxlen: 24
178.254.152.0/24 maxlen: 24
178.254.153.0/24 maxlen: 24
178.254.154.0/24 maxlen: 24
178.254.155.0/24 maxlen: 24
178.254.156.0/24 maxlen: 24
178.254.157.0/24 maxlen: 24
178.254.158.0/24 maxlen: 24
178.254.159.0/24 maxlen: 24
178.254.163.0/24 maxlen: 24
178.254.165.0/24 maxlen: 24
178.254.169.0/24 maxlen: 24
178.254.172.0/24 maxlen: 24
178.254.175.0/24 maxlen: 24
178.254.177.0/24 maxlen: 24
178.254.183.0/24 maxlen: 24
178.254.184.0/24 maxlen: 24
178.254.187.0/24 maxlen: 24
178.254.188.0/22 maxlen: 24
185.157.44.0/24 maxlen: 24
193.104.68.0/24 maxlen: 24
217.169.208.0/20 maxlen: 20
217.169.208.0/22 maxlen: 22
217.169.212.0/22 maxlen: 22
217.169.216.0/22 maxlen: 22
217.169.219.0/24 maxlen: 24
217.169.220.0/22 maxlen: 22
2a02:b58::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.mft
rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 14:00:40 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:38:36:21:48:01:7d:0e:79:97:f6:4a:6b:6e:82:e7:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e9713ef25277e13dd73f44196fda5cec0fd9ce16
Validity
Not Before: Sep 11 09:58:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb08488a71e8f2828b45953e23440b1d6e23fa30
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:d2:50:88:5d:87:79:d2:b4:37:8c:59:50:16:
0a:5f:58:82:32:08:6b:9c:25:40:38:04:6f:e4:7c:
97:0c:b0:51:ac:d9:12:1c:03:9e:2f:65:61:2b:a7:
20:79:46:72:c5:e9:26:3f:d0:04:2a:3c:c5:ac:9c:
42:d0:9b:59:3f:ea:91:38:72:ac:53:2f:f0:53:cb:
4c:d3:53:3f:6e:06:f9:5b:26:91:12:4f:b9:56:ae:
0f:5f:fc:5d:cc:c0:65:47:70:9f:b2:a5:b2:38:dc:
18:2e:61:80:12:3f:54:e8:e0:a4:b8:76:39:37:cd:
a3:60:de:e8:5d:1b:34:fe:58:de:a2:b6:21:e8:01:
cd:eb:6d:00:88:de:5b:66:98:2f:72:d3:e3:a3:ba:
ca:4f:04:ec:f2:80:65:05:f0:95:47:85:2d:9b:dd:
6d:d5:d6:63:61:dc:ba:5b:11:2c:f7:b3:c9:34:64:
50:9f:d5:15:cf:47:51:f6:5f:0d:93:fa:8b:d3:e1:
7a:65:d6:61:31:98:4c:fe:7f:1d:94:33:f8:6b:ae:
b7:3e:e5:7e:4f:c3:65:12:87:c8:9d:3d:62:00:df:
2f:90:c9:a8:6b:6d:34:d7:86:46:06:23:ed:92:3d:
a9:d1:50:3a:30:34:f4:5e:20:5c:eb:8d:0e:a3:36:
30:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:08:48:8A:71:E8:F2:82:8B:45:95:3E:23:44:0B:1D:6E:23:FA:30
X509v3 Authority Key Identifier:
keyid:E9:71:3E:F2:52:77:E1:3D:D7:3F:44:19:6F:DA:5C:EC:0F:D9:CE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/uwhIinHo8oKLRZU-I0QLHW4j-jA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/25/e176eb-56f2-4807-b101-0f66c1887916/1/6XE-8lJ34T3XP0QZb9pc7A_ZzhY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.172.33.0-5.172.39.255
89.23.65.0/24
89.23.67.0-89.23.70.255
89.23.74.0/23
89.23.77.0-89.23.79.255
89.23.83.0-89.23.84.255
89.23.86.0/24
89.23.88.0/24
89.23.90.0/24
92.42.248.0/21
93.93.192.0/21
95.140.112.0-95.140.121.255
95.140.124.0/22
109.111.224.0-109.111.240.255
109.111.243.0-109.111.250.255
109.111.252.0-109.111.254.255
178.254.128.0-178.254.146.255
178.254.148.0/23
178.254.151.0-178.254.159.255
178.254.163.0/24
178.254.165.0/24
178.254.169.0/24
178.254.172.0/24
178.254.175.0/24
178.254.177.0/24
178.254.183.0-178.254.184.255
178.254.187.0-178.254.191.255
185.157.44.0/24
193.104.68.0/24
217.169.208.0/20
IPv6:
2a02:b58::/32
Signature Algorithm: sha256WithRSAEncryption
82:e1:67:88:79:c5:27:00:a5:0e:34:71:ae:f4:4c:67:86:4e:
34:c2:cd:51:5b:be:5c:2d:26:a8:74:45:24:6d:af:4c:5c:a7:
2a:fa:65:59:58:7d:9c:d3:95:ec:67:f2:00:35:69:92:df:7c:
b9:fc:f9:8b:d2:56:e8:24:74:88:54:30:e4:44:54:ee:b0:8a:
13:9c:38:7e:cf:ef:8c:7a:ed:2f:9c:b9:2d:d0:f0:63:34:62:
17:9b:87:d4:2e:a8:67:e2:2c:8d:81:8a:c6:73:5f:20:50:45:
2b:2f:95:da:f1:85:89:a9:60:9b:47:7d:77:ff:48:0b:1c:cc:
05:62:e0:e7:6b:09:44:52:e9:78:91:59:02:7d:4b:8e:78:56:
56:03:a5:d1:cf:f8:05:2b:87:12:14:91:1c:15:1a:05:c2:96:
89:c5:5d:54:c0:f7:45:8c:47:73:a6:91:89:c0:07:b2:65:13:
5f:bc:e8:22:29:2f:01:c6:79:d0:05:5d:37:87:32:eb:82:92:
55:b7:93:01:53:a3:18:63:07:6b:3b:d8:c8:d8:1e:ba:bd:4c:
91:26:70:b8:ae:d2:4e:56:31:c4:14:98:df:6f:93:cd:1b:31:
36:50:83:0f:d6:03:12:a9:7b:b4:8c:16:64:ce:74:8c:53:54:
87:f4:c3:11
-----BEGIN CERTIFICATE-----
MIIGJDCCBQygAwIBAgISAZk4NiFIAX0OeZf2SmtugufaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU5NzEzZWYyNTI3N2UxM2RkNzNmNDQxOTZmZGE1Y2VjMGZk
OWNlMTYwHhcNMjUwOTExMDk1ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjA4NDg4YTcxZThmMjgyOGI0NTk1M2UyMzQ0MGIxZDZlMjNmYTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA39JQiF2HedK0N4xZUBYKX1iCMghr
nCVAOARv5HyXDLBRrNkSHAOeL2VhK6cgeUZyxekmP9AEKjzFrJxC0JtZP+qROHKs
Uy/wU8tM01M/bgb5WyaREk+5Vq4PX/xdzMBlR3CfsqWyONwYLmGAEj9U6OCkuHY5
N82jYN7oXRs0/ljeorYh6AHN620AiN5bZpgvctPjo7rKTwTs8oBlBfCVR4Utm91t
1dZjYdy6WxEs97PJNGRQn9UVz0dR9l8Nk/qL0+F6ZdZhMZhM/n8dlDP4a663PuV+
T8NlEofInT1iAN8vkMmoa20014ZGBiPtkj2p0VA6MDT0XiBc640OozYwhQIDAQAB
o4IDMDCCAywwHQYDVR0OBBYEFLsISIpx6PKCi0WVPiNECx1uI/owMB8GA1UdIwQY
MBaAFOlxPvJSd+E91z9EGW/aXOwP2c4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEt
MGY2NmMxODg3OTE2LzEvdXdoSWluSG84b0tMUlpVLUkwUUxIVzRqLWpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yNS9lMTc2ZWItNTZmMi00ODA3LWIxMDEtMGY2NmMxODg3OTE2
LzEvNlhFLThsSjM0VDNYUDBRWmI5cGM3QV9aemhZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBRAYIKwYBBQUHAQcBAf8EggEzMIIBLzCCARwEAgABMIIB
FDAMAwQABawhAwQDBawgAwQAWRdBMAwDBABZF0MDBABZF0YDBAFZF0owDAMEAFkX
TQMEBFkXQDAMAwQAWRdTAwQAWRdUAwQAWRdWAwQAWRdYAwQAWRdaAwQDXCr4AwQD
XV3AMAwDBARfjHADBAFfjHgDBAJfjHwwDAMEBW1v4AMEAG1v8DAMAwQAbW/zAwQA
bW/6MAwDBAJtb/wDBABtb/4wDAMEB7L+gAMEALL+kgMEAbL+lDAMAwQAsv6XAwQF
sv6AAwQAsv6jAwQAsv6lAwQAsv6pAwQAsv6sAwQAsv6vAwQAsv6xMAwDBACy/rcD
BACy/rgwDAMEALL+uwMEBrL+gAMEALmdLAMEAMFoRAMEBNmp0DANBAIAAjAHAwUA
KgILWDANBgkqhkiG9w0BAQsFAAOCAQEAguFniHnFJwClDjRxrvRMZ4ZONMLNUVu+
XC0mqHRFJG2vTFynKvplWVh9nNOV7GfyADVpkt98ufz5i9JW6CR0iFQw5ERU7rCK
E5w4fs/vjHrtL5y5LdDwYzRiF5uH1C6oZ+IsjYGKxnNfIFBFKy+V2vGFialgm0d9
d/9ICxzMBWLg52sJRFLpeJFZAn1LjnhWVgOl0c/4BSuHEhSRHBUaBcKWicVdVMD3
RYxHc6aRicAHsmUTX7zoIikvAcZ50AVdN4cy64KSVbeTAVOjGGMHazvYyNgeur1M
kSZwuK7STlYxxBSY32+TzRsxNlCDD9YDEql7tIwWZM50jFNUh/TDEQ==
-----END CERTIFICATE-----
Generated at Sat Sep 13 23:19:09 2025 by rpki-client