Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/1-R8c_bVMn-6Dsn3jGlIGWdK8ayc.roa
File: 1-R8c_bVMn-6Dsn3jGlIGWdK8ayc.roa (raw, json)
Hash identifier: EqRAYxbTePSl/R56N19k2hQBBBKHkPSSUNSmwkuLZT4=
Subject key identifier: F9:1F:1C:FD:B5:4C:9F:EE:83:B2:7D:E3:1A:52:06:59:D2:BC:6B:27
Certificate issuer: /CN=2663f3db152e055ac145bdbb429e018654204c8d
Certificate serial: 01973F9EC065B777D6E09D3C247362114AA3
Authority key identifier: 26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/1-R8c_bVMn-6Dsn3jGlIGWdK8ayc.roa
Signing time: Thu 05 Jun 2025 10:24:17 +0000
ROA not before: Thu 05 Jun 2025 10:24:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3303
IP address blocks: 46.245.144.0/21 maxlen: 21
78.110.128.0/20 maxlen: 20
91.216.229.0/24 maxlen: 24
138.187.0.0/16 maxlen: 19
138.188.0.0/16 maxlen: 24
138.190.0.0/16 maxlen: 16
164.128.0.0/16 maxlen: 24
185.39.92.0/22 maxlen: 22
185.84.76.0/22 maxlen: 24
185.106.64.0/22 maxlen: 24
188.92.48.0/21 maxlen: 21
193.5.0.0/24 maxlen: 24
193.5.3.0/24 maxlen: 24
193.5.4.0/23 maxlen: 24
193.5.6.0/23 maxlen: 23
193.5.20.0/24 maxlen: 24
193.5.29.0/24 maxlen: 24
193.5.36.0/24 maxlen: 24
193.5.38.0/24 maxlen: 24
193.5.52.0/24 maxlen: 24
193.5.59.0/24 maxlen: 24
193.5.61.0/24 maxlen: 24
193.5.63.0/24 maxlen: 24
193.5.224.0/20 maxlen: 22
193.47.232.0/24 maxlen: 24
193.134.36.0/22 maxlen: 24
193.134.248.0/23 maxlen: 24
193.134.255.0/24 maxlen: 24
193.135.0.0/23 maxlen: 24
193.135.3.0/24 maxlen: 24
193.135.26.0/23 maxlen: 23
193.135.100.0/24 maxlen: 24
193.135.111.0/24 maxlen: 24
193.135.128.0/22 maxlen: 24
193.135.132.0/24 maxlen: 24
193.135.133.0/24 maxlen: 24
193.135.136.0/24 maxlen: 24
193.135.140.0/24 maxlen: 24
193.135.142.0/23 maxlen: 24
193.135.143.0/24 maxlen: 24
193.135.144.0/23 maxlen: 24
193.135.148.0/23 maxlen: 24
193.135.148.0/24 maxlen: 24
193.135.173.0/24 maxlen: 24
193.135.214.0/23 maxlen: 24
193.135.218.0/24 maxlen: 24
193.135.255.0/24 maxlen: 24
193.222.64.0/19 maxlen: 19
193.223.16.0/20 maxlen: 20
193.223.32.0/19 maxlen: 19
193.246.0.0/23 maxlen: 24
193.246.8.0/22 maxlen: 22
193.246.16.0/21 maxlen: 24
193.246.32.0/20 maxlen: 20
193.246.32.0/21 maxlen: 24
193.246.40.0/21 maxlen: 21
193.246.48.0/23 maxlen: 24
193.246.50.0/24 maxlen: 24
193.246.56.0/24 maxlen: 24
193.246.57.0/24 maxlen: 24
193.246.99.0/24 maxlen: 24
193.246.100.0/24 maxlen: 24
193.246.104.0/24 maxlen: 24
193.246.105.0/24 maxlen: 24
193.246.113.0/24 maxlen: 24
193.246.127.0/24 maxlen: 24
193.246.202.0/23 maxlen: 24
193.246.248.0/22 maxlen: 24
193.247.36.0/22 maxlen: 24
193.247.40.0/24 maxlen: 24
193.247.41.0/24 maxlen: 24
193.247.42.0/24 maxlen: 24
193.247.43.0/24 maxlen: 24
193.247.44.0/22 maxlen: 24
193.247.86.0/24 maxlen: 24
193.247.90.0/24 maxlen: 24
193.247.104.0/23 maxlen: 23
193.247.151.0/24 maxlen: 24
193.247.166.0/23 maxlen: 24
193.247.168.0/21 maxlen: 21
193.247.176.0/22 maxlen: 22
193.247.193.0/24 maxlen: 24
193.247.212.0/24 maxlen: 24
193.247.217.0/24 maxlen: 24
193.247.218.0/23 maxlen: 23
193.247.224.0/21 maxlen: 24
193.247.244.0/23 maxlen: 24
193.247.246.0/24 maxlen: 24
193.247.247.0/24 maxlen: 24
193.247.250.0/24 maxlen: 24
193.247.255.0/24 maxlen: 24
194.6.160.0/19 maxlen: 24
194.11.96.0/20 maxlen: 20
194.11.144.0/21 maxlen: 21
194.209.0.0/16 maxlen: 24
195.35.121.0/24 maxlen: 24
195.65.0.0/16 maxlen: 24
195.144.32.0/19 maxlen: 24
195.176.128.0/19 maxlen: 24
195.176.192.0/19 maxlen: 24
212.117.96.0/19 maxlen: 19
212.243.0.0/16 maxlen: 24
217.192.0.0/15 maxlen: 24
2001:918::/32 maxlen: 48
2001:91f::/32 maxlen: 32
2a01:8b00::/32 maxlen: 32
2a02:a90::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 07:00:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:9e:c0:65:b7:77:d6:e0:9d:3c:24:73:62:11:4a:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2663f3db152e055ac145bdbb429e018654204c8d
Validity
Not Before: Jun 5 10:24:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f91f1cfdb54c9fee83b27de31a520659d2bc6b27
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:de:70:85:8b:e0:25:8f:0f:21:4a:87:bd:ed:b9:
78:3f:76:31:41:59:16:b0:db:5e:68:77:03:8e:7e:
e4:eb:c4:08:8b:53:04:54:81:69:f0:e5:55:bc:5e:
d5:c7:3a:77:02:dd:58:d1:73:9e:d4:6c:61:33:4c:
70:69:1e:6f:54:55:0d:b5:39:b2:e5:70:8b:1a:59:
2a:e6:f3:d5:26:27:0a:59:61:ac:b4:fa:e4:0f:26:
f5:07:7e:fe:40:63:05:96:06:df:2d:0a:b7:fa:3a:
ab:16:97:10:c2:1a:41:d6:b3:82:b2:fb:fa:bd:64:
8a:f8:c2:17:f7:8b:63:14:64:d7:df:79:e6:34:92:
92:f7:7d:9c:c4:8d:70:ce:d0:21:bf:77:18:da:ee:
62:75:8d:ec:93:ba:c9:7c:f5:7a:fb:0d:24:8d:4d:
05:7f:26:55:fc:44:6e:55:8a:e1:d2:4f:fe:dd:ed:
10:93:40:5f:ab:ec:ca:77:11:a0:ca:29:2b:60:5c:
ba:64:6a:b0:dd:da:c2:76:08:ab:98:4d:0d:92:03:
26:c8:cd:cb:03:a9:f2:0e:d6:be:c8:3e:25:aa:55:
56:15:79:66:d9:13:53:18:aa:ff:58:28:b8:6b:f8:
b0:c0:f7:1f:8e:69:e7:f0:1b:08:2f:d6:b2:85:7e:
bc:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:1F:1C:FD:B5:4C:9F:EE:83:B2:7D:E3:1A:52:06:59:D2:BC:6B:27
X509v3 Authority Key Identifier:
keyid:26:63:F3:DB:15:2E:05:5A:C1:45:BD:BB:42:9E:01:86:54:20:4C:8D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmPz2xUuBVrBRb27Qp4BhlQgTI0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/1-R8c_bVMn-6Dsn3jGlIGWdK8ayc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/29/c8c6f6-595c-45b1-a76e-bd192676c9bb/1/JmPz2xUuBVrBRb27Qp4BhlQgTI0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.245.144.0/21
78.110.128.0/20
91.216.229.0/24
138.187.0.0-138.188.255.255
138.190.0.0/16
164.128.0.0/16
185.39.92.0/22
185.84.76.0/22
185.106.64.0/22
188.92.48.0/21
193.5.0.0/24
193.5.3.0-193.5.7.255
193.5.20.0/24
193.5.29.0/24
193.5.36.0/24
193.5.38.0/24
193.5.52.0/24
193.5.59.0/24
193.5.61.0/24
193.5.63.0/24
193.5.224.0/20
193.47.232.0/24
193.134.36.0/22
193.134.248.0/23
193.134.255.0-193.135.1.255
193.135.3.0/24
193.135.26.0/23
193.135.100.0/24
193.135.111.0/24
193.135.128.0-193.135.133.255
193.135.136.0/24
193.135.140.0/24
193.135.142.0-193.135.145.255
193.135.148.0/23
193.135.173.0/24
193.135.214.0/23
193.135.218.0/24
193.135.255.0/24
193.222.64.0/19
193.223.16.0-193.223.63.255
193.246.0.0/23
193.246.8.0/22
193.246.16.0/21
193.246.32.0-193.246.50.255
193.246.56.0/23
193.246.99.0-193.246.100.255
193.246.104.0/23
193.246.113.0/24
193.246.127.0/24
193.246.202.0/23
193.246.248.0/22
193.247.36.0-193.247.47.255
193.247.86.0/24
193.247.90.0/24
193.247.104.0/23
193.247.151.0/24
193.247.166.0-193.247.179.255
193.247.193.0/24
193.247.212.0/24
193.247.217.0-193.247.219.255
193.247.224.0/21
193.247.244.0/22
193.247.250.0/24
193.247.255.0/24
194.6.160.0/19
194.11.96.0/20
194.11.144.0/21
194.209.0.0/16
195.35.121.0/24
195.65.0.0/16
195.144.32.0/19
195.176.128.0/19
195.176.192.0/19
212.117.96.0/19
212.243.0.0/16
217.192.0.0/15
IPv6:
2001:918::/32
2001:91f::/32
2a01:8b00::/32
2a02:a90::/32
Signature Algorithm: sha256WithRSAEncryption
bd:9a:70:45:08:69:5e:1b:5b:d7:23:80:29:49:c1:75:2c:9a:
af:5c:11:c1:55:fd:d1:3b:ab:0d:6c:ea:17:76:e3:96:46:5b:
b3:f0:53:20:90:c4:35:e8:a0:0e:91:3c:a0:62:ab:dd:89:1c:
c7:8e:45:1a:a0:ff:ac:cb:56:f2:29:37:40:c6:5f:89:35:9e:
46:e0:58:e7:e6:2b:84:b7:61:df:c4:13:6e:63:ff:8b:ed:1c:
09:f5:6b:bc:20:4d:6a:02:19:1a:ad:12:4c:3f:eb:8c:a6:f9:
f5:ea:ac:84:60:a0:e5:38:e9:e7:ce:cb:31:04:3e:1f:05:19:
8e:ce:69:25:20:da:ee:d9:6d:90:f1:74:12:23:2e:43:db:08:
d5:5f:6e:ea:e5:e5:ef:7a:f1:fc:d3:71:d1:d6:a8:15:d5:93:
f0:cc:62:1d:50:81:8c:33:fc:26:32:45:54:83:18:34:14:bc:
ad:a5:bc:fa:bb:74:1f:9e:95:d4:a7:83:69:10:ee:20:35:68:
ae:3b:01:c1:45:97:90:0d:27:0c:5b:f5:db:05:eb:43:7a:0d:
3a:ca:ca:93:68:ca:42:04:60:e3:75:d4:b1:63:fb:55:cc:f8:
a2:d0:b1:63:82:e9:9a:86:a7:6c:61:2d:d7:bc:8d:38:f7:8b:
fb:07:e0:5a
-----BEGIN CERTIFICATE-----
MIIHPjCCBiagAwIBAgISAZc/nsBlt3fW4J08JHNiEUqjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjNmM2RiMTUyZTA1NWFjMTQ1YmRiYjQyOWUwMTg2NTQy
MDRjOGQwHhcNMjUwNjA1MTAyNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTFmMWNmZGI1NGM5ZmVlODNiMjdkZTMxYTUyMDY1OWQyYmM2YjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3nCFi+Aljw8hSoe97bl4P3YxQVkW
sNteaHcDjn7k68QIi1MEVIFp8OVVvF7Vxzp3At1Y0XOe1GxhM0xwaR5vVFUNtTmy
5XCLGlkq5vPVJicKWWGstPrkDyb1B37+QGMFlgbfLQq3+jqrFpcQwhpB1rOCsvv6
vWSK+MIX94tjFGTX33nmNJKS932cxI1wztAhv3cY2u5idY3sk7rJfPV6+w0kjU0F
fyZV/ERuVYrh0k/+3e0Qk0Bfq+zKdxGgyikrYFy6ZGqw3drCdgirmE0NkgMmyM3L
A6nyDta+yD4lqlVWFXlm2RNTGKr/WCi4a/iwwPcfjmnn8BsIL9ayhX68VwIDAQAB
o4IESjCCBEYwHQYDVR0OBBYEFPkfHP21TJ/ug7J94xpSBlnSvGsnMB8GA1UdIwQY
MBaAFCZj89sVLgVawUW9u0KeAYZUIEyNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1QejJ4VXVCVnJCUmIyN1FwNEJobFFnVEkwLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yOS9jOGM2ZjYtNTk1Yy00NWIxLWE3NmUt
YmQxOTI2NzZjOWJiLzEvMS1SOGNfYlZNbi02RHNuM2pHbElHV2RLOGF5Yy5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvMjkvYzhjNmY2LTU5NWMtNDViMS1hNzZlLWJkMTkyNjc2Yzli
Yi8xL0ptUHoyeFV1QlZyQlJiMjdRcDRCaGxRZ1RJMC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAl0GCCsGAQUFBwEHAQH/BIICTDCCAkgwggIgBAIAATCC
AhgDBAMu9ZADBAROboADBABb2OUwCgMDAIq7AwMAirwDAwCKvgMDAKSAAwQCuSdc
AwQCuVRMAwQCuWpAAwQDvFwwAwQAwQUAMAwDBADBBQMDBAPBBQADBADBBRQDBADB
BR0DBADBBSQDBADBBSYDBADBBTQDBADBBTsDBADBBT0DBADBBT8DBATBBeADBADB
L+gDBALBhiQDBAHBhvgwDAMEAMGG/wMEAcGHAAMEAMGHAwMEAcGHGgMEAMGHZAME
AMGHbzAMAwQHwYeAAwQBwYeEAwQAwYeIAwQAwYeMMAwDBAHBh44DBAHBh5ADBAHB
h5QDBADBh60DBAHBh9YDBADBh9oDBADBh/8DBAXB3kAwDAMEBMHfEAMEBsHfAAME
AcH2AAMEAsH2CAMEA8H2EDAMAwQFwfYgAwQAwfYyAwQBwfY4MAwDBADB9mMDBADB
9mQDBAHB9mgDBADB9nEDBADB9n8DBAHB9soDBALB9vgwDAMEAsH3JAMEBMH3IAME
AMH3VgMEAMH3WgMEAcH3aAMEAMH3lzAMAwQBwfemAwQCwfewAwQAwffBAwQAwffU
MAwDBADB99kDBALB99gDBAPB9+ADBALB9/QDBADB9/oDBADB9/8DBAXCBqADBATC
C2ADBAPCC5ADAwDC0QMEAMMjeQMDAMNBAwQFw5AgAwQFw7CAAwQFw7DAAwQF1HVg
AwMA1PMDAwHZwDAiBAIAAjAcAwUAIAEJGAMFACABCR8DBQAqAYsAAwUAKgIKkDAN
BgkqhkiG9w0BAQsFAAOCAQEAvZpwRQhpXhtb1yOAKUnBdSyar1wRwVX90TurDWzq
F3bjlkZbs/BTIJDENeigDpE8oGKr3Ykcx45FGqD/rMtW8ik3QMZfiTWeRuBY5+Yr
hLdh38QTbmP/i+0cCfVrvCBNagIZGq0STD/rjKb59eqshGCg5Tjp587LMQQ+HwUZ
js5pJSDa7tltkPF0EiMuQ9sI1V9u6uXl73rx/NNx0daoFdWT8MxiHVCBjDP8JjJF
VIMYNBS8raW8+rt0H56V1KeDaRDuIDVorjsBwUWXkA0nDFv12wXrQ3oNOsrKk2jK
QgRg43XUsWP7Vcz4otCxY4LpmoanbGEt17yNOPeL+wfgWg==
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:07:38 2025 by rpki-client