Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dbVfA_fXprSS4i2QZkFruITo2AE.roa
File: dbVfA_fXprSS4i2QZkFruITo2AE.roa (raw, json)
Hash identifier: rakhWVMFHWlUieRihs0aD8m0Lp0z1R0bTv8p0JLqNxw=
Subject key identifier: 75:B5:5F:03:F7:D7:A6:B4:92:E2:2D:90:66:41:6B:B8:84:E8:D8:01
Certificate issuer: /CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Certificate serial: 01973F3208B7361E00728116316D80D5C26A
Authority key identifier: 34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dbVfA_fXprSS4i2QZkFruITo2AE.roa
Signing time: Thu 05 Jun 2025 08:25:33 +0000
ROA not before: Thu 05 Jun 2025 08:25:33 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 31.131.12.0/22 maxlen: 22
31.133.192.0/24 maxlen: 24
31.133.193.0/24 maxlen: 24
31.133.194.0/24 maxlen: 24
31.133.195.0/24 maxlen: 24
31.133.196.0/23 maxlen: 23
31.133.198.0/24 maxlen: 24
31.133.199.0/24 maxlen: 24
31.135.1.0/24 maxlen: 24
31.135.7.0/24 maxlen: 24
37.97.122.0/23 maxlen: 23
64.43.66.0/23 maxlen: 23
64.43.68.0/22 maxlen: 22
64.43.80.0/21 maxlen: 21
64.43.88.0/22 maxlen: 22
77.36.8.0/21 maxlen: 21
77.36.28.0/23 maxlen: 23
77.36.30.0/24 maxlen: 24
77.36.32.0/22 maxlen: 22
77.36.36.0/23 maxlen: 23
77.36.38.0/23 maxlen: 23
77.36.40.0/21 maxlen: 21
77.36.48.0/22 maxlen: 22
77.36.52.0/23 maxlen: 23
77.36.80.0/21 maxlen: 21
77.36.89.0/24 maxlen: 24
77.36.90.0/23 maxlen: 23
77.36.92.0/22 maxlen: 22
77.36.96.0/20 maxlen: 20
77.232.192.0/23 maxlen: 24
77.232.194.0/23 maxlen: 23
77.232.196.0/22 maxlen: 22
77.232.200.0/22 maxlen: 22
77.232.204.0/22 maxlen: 22
77.232.208.0/21 maxlen: 21
77.232.220.0/22 maxlen: 22
81.161.12.0/22 maxlen: 22
85.204.196.0/23 maxlen: 24
86.104.132.0/23 maxlen: 24
89.34.74.0/23 maxlen: 24
89.42.232.0/23 maxlen: 24
89.44.100.0/23 maxlen: 24
89.45.92.0/23 maxlen: 24
89.46.112.0/23 maxlen: 24
91.225.34.0/24 maxlen: 24
91.225.35.0/24 maxlen: 24
91.229.16.0/23 maxlen: 23
91.229.31.0/24 maxlen: 24
91.229.156.0/23 maxlen: 23
91.229.158.0/24 maxlen: 24
91.229.159.0/24 maxlen: 24
91.231.223.0/24 maxlen: 24
91.231.224.0/23 maxlen: 23
91.231.226.0/24 maxlen: 24
91.232.16.0/23 maxlen: 23
91.233.2.0/23 maxlen: 23
91.233.202.0/23 maxlen: 23
91.234.150.0/23 maxlen: 23
91.234.220.0/23 maxlen: 23
91.234.222.0/23 maxlen: 23
91.239.0.0/22 maxlen: 22
91.239.178.0/24 maxlen: 24
91.240.156.0/22 maxlen: 22
91.245.176.0/21 maxlen: 21
91.246.188.0/22 maxlen: 22
91.246.196.0/22 maxlen: 22
93.120.8.0/24 maxlen: 24
93.120.9.0/24 maxlen: 24
93.120.27.0/24 maxlen: 24
93.120.28.0/23 maxlen: 23
93.120.30.0/24 maxlen: 24
93.120.48.0/20 maxlen: 20
93.120.64.0/21 maxlen: 21
93.120.75.0/24 maxlen: 24
93.120.76.0/22 maxlen: 22
93.120.80.0/22 maxlen: 22
93.120.85.0/24 maxlen: 24
93.120.86.0/23 maxlen: 23
93.120.88.0/23 maxlen: 23
93.120.90.0/24 maxlen: 24
93.120.92.0/23 maxlen: 23
93.120.94.0/23 maxlen: 23
93.120.112.0/21 maxlen: 21
93.120.124.0/22 maxlen: 22
109.207.140.0/23 maxlen: 23
171.25.223.0/24 maxlen: 24
176.96.56.0/21 maxlen: 21
176.96.176.0/22 maxlen: 22
176.96.180.0/22 maxlen: 22
176.97.144.0/22 maxlen: 22
176.97.148.0/22 maxlen: 22
176.98.56.0/22 maxlen: 22
176.98.60.0/22 maxlen: 22
176.107.64.0/20 maxlen: 24
176.110.106.0/24 maxlen: 24
176.110.114.0/23 maxlen: 23
176.111.0.0/22 maxlen: 22
176.111.4.0/22 maxlen: 22
176.112.84.0/22 maxlen: 22
176.116.40.0/21 maxlen: 21
176.118.88.0/22 maxlen: 22
176.118.92.0/22 maxlen: 22
176.121.96.0/21 maxlen: 21
176.124.176.0/22 maxlen: 22
176.124.180.0/22 maxlen: 22
178.159.148.0/22 maxlen: 22
178.159.152.0/21 maxlen: 21
185.9.236.0/22 maxlen: 22
185.9.240.0/22 maxlen: 22
185.104.196.0/22 maxlen: 24
188.191.248.0/22 maxlen: 22
188.213.233.0/24 maxlen: 24
193.0.190.0/24 maxlen: 24
193.36.192.0/21 maxlen: 21
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.mft
rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 00:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:3f:32:08:b7:36:1e:00:72:81:16:31:6d:80:d5:c2:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=349cbbd5c2cf4195cc6ec7f21f607581a0224daa
Validity
Not Before: Jun 5 08:25:33 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=75b55f03f7d7a6b492e22d9066416bb884e8d801
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:3f:26:fa:cd:24:d0:c9:0c:c3:a6:b8:7b:c4:
e7:41:38:ad:12:3e:96:76:58:7f:ff:b3:7c:47:73:
dc:67:1d:c4:91:4c:c5:d3:bd:71:c6:84:5e:55:39:
fc:e0:7a:d6:11:37:3e:38:e4:0c:98:e0:ef:6a:aa:
61:d2:8b:f6:fa:0d:e9:e6:47:2e:c6:3d:9f:5e:68:
ad:2f:b4:b0:2c:2b:13:13:1f:a3:67:bb:65:d6:0e:
4e:44:9f:2d:bc:de:63:79:e4:58:f1:fc:b7:e7:eb:
75:13:4e:c8:18:e2:ac:b1:20:4a:b1:71:80:2d:ca:
ed:c9:b3:11:58:9b:58:8c:fa:81:cb:1e:dc:ff:9f:
c8:4c:91:b1:f5:6b:b0:f5:9c:b6:b8:2d:29:51:d9:
cf:33:4f:33:59:94:6c:6e:19:6c:aa:cc:8b:b9:9f:
4e:bb:40:81:49:e4:a3:1d:bd:65:2d:9c:9e:ff:ca:
dc:af:e9:24:fe:0e:88:e6:67:81:e4:cc:20:5d:35:
ac:dc:68:b6:4b:5f:63:a1:8c:f9:c7:9c:4d:b2:0b:
6e:69:ca:e3:94:7c:fd:7e:0c:b0:80:97:3e:57:ed:
32:e5:87:ca:50:32:09:fc:fa:f1:a0:48:0c:e0:a5:
17:f3:e6:0f:6c:12:f2:61:9d:59:db:47:01:3e:b8:
bd:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
75:B5:5F:03:F7:D7:A6:B4:92:E2:2D:90:66:41:6B:B8:84:E8:D8:01
X509v3 Authority Key Identifier:
keyid:34:9C:BB:D5:C2:CF:41:95:CC:6E:C7:F2:1F:60:75:81:A0:22:4D:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/NJy71cLPQZXMbsfyH2B1gaAiTao.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/dbVfA_fXprSS4i2QZkFruITo2AE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/cdf5f6-2f18-42c7-930e-dc06dd805960/1/NJy71cLPQZXMbsfyH2B1gaAiTao.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.131.12.0/22
31.133.192.0/21
31.135.1.0/24
31.135.7.0/24
37.97.122.0/23
64.43.66.0-64.43.71.255
64.43.80.0-64.43.91.255
77.36.8.0/21
77.36.28.0-77.36.30.255
77.36.32.0-77.36.53.255
77.36.80.0/21
77.36.89.0-77.36.111.255
77.232.192.0-77.232.215.255
77.232.220.0/22
81.161.12.0/22
85.204.196.0/23
86.104.132.0/23
89.34.74.0/23
89.42.232.0/23
89.44.100.0/23
89.45.92.0/23
89.46.112.0/23
91.225.34.0/23
91.229.16.0/23
91.229.31.0/24
91.229.156.0/22
91.231.223.0-91.231.226.255
91.232.16.0/23
91.233.2.0/23
91.233.202.0/23
91.234.150.0/23
91.234.220.0/22
91.239.0.0/22
91.239.178.0/24
91.240.156.0/22
91.245.176.0/21
91.246.188.0/22
91.246.196.0/22
93.120.8.0/23
93.120.27.0-93.120.30.255
93.120.48.0-93.120.71.255
93.120.75.0-93.120.83.255
93.120.85.0-93.120.90.255
93.120.92.0/22
93.120.112.0/21
93.120.124.0/22
109.207.140.0/23
171.25.223.0/24
176.96.56.0/21
176.96.176.0/21
176.97.144.0/21
176.98.56.0/21
176.107.64.0/20
176.110.106.0/24
176.110.114.0/23
176.111.0.0/21
176.112.84.0/22
176.116.40.0/21
176.118.88.0/21
176.121.96.0/21
176.124.176.0/21
178.159.148.0-178.159.159.255
185.9.236.0-185.9.243.255
185.104.196.0/22
188.191.248.0/22
188.213.233.0/24
193.0.190.0/24
193.36.192.0/21
Signature Algorithm: sha256WithRSAEncryption
36:2e:6d:bd:65:ea:3e:5e:a4:bd:3f:73:01:ea:db:6c:c4:95:
44:11:6f:d2:31:2c:b8:b3:ae:0f:2a:7b:de:41:6a:92:d7:9b:
23:d8:e6:93:2d:43:8b:92:04:2f:9a:42:25:d2:da:94:f2:3f:
3e:13:d4:97:d9:dd:86:37:fa:df:21:e5:86:16:ac:1a:11:85:
f9:90:c7:e8:22:fb:40:1a:aa:61:1d:b1:18:d3:b8:f0:26:9c:
5d:23:1f:35:69:8d:82:16:48:13:c2:04:99:c6:df:17:5a:18:
f6:3f:39:a9:5a:73:64:19:4b:78:ef:e1:a8:b3:f2:ce:35:18:
a1:f0:1e:3a:10:b4:b7:7f:8e:02:f2:19:54:b0:13:94:33:bd:
f6:1f:65:40:9a:1a:3b:ab:f4:15:25:0d:47:d5:a7:99:cd:04:
ec:57:c9:5c:21:d7:2d:81:0c:1c:7e:28:2a:41:83:fa:d6:8a:
bb:ec:6a:47:f3:76:29:c3:df:46:b3:eb:58:50:6a:d6:eb:73:
52:17:a0:50:87:67:3f:9f:d5:9b:3f:5a:3f:dc:73:73:a6:1b:
71:d5:56:da:21:cb:a4:d2:88:71:f5:af:c9:35:23:20:de:87:
6e:f6:c2:fc:5b:ca:62:4c:43:e1:82:90:bf:9e:ed:23:af:95:
f5:8f:9d:c3
-----BEGIN CERTIFICATE-----
MIIHATCCBemgAwIBAgISAZc/Mgi3Nh4AcoEWMW2A1cJqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDM0OWNiYmQ1YzJjZjQxOTVjYzZlYzdmMjFmNjA3NTgxYTAy
MjRkYWEwHhcNMjUwNjA1MDgyNTMzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3NWI1NWYwM2Y3ZDdhNmI0OTJlMjJkOTA2NjQxNmJiODg0ZThkODAxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1T8m+s0k0MkMw6a4e8TnQTitEj6W
dlh//7N8R3PcZx3EkUzF071xxoReVTn84HrWETc+OOQMmODvaqph0ov2+g3p5kcu
xj2fXmitL7SwLCsTEx+jZ7tl1g5ORJ8tvN5jeeRY8fy35+t1E07IGOKssSBKsXGA
LcrtybMRWJtYjPqByx7c/5/ITJGx9Wuw9Zy2uC0pUdnPM08zWZRsbhlsqsyLuZ9O
u0CBSeSjHb1lLZye/8rcr+kk/g6I5meB5MwgXTWs3Gi2S19joYz5x5xNsgtuacrj
lHz9fgywgJc+V+0y5YfKUDIJ/PrxoEgM4KUX8+YPbBLyYZ1Z20cBPri9ewIDAQAB
o4IEDTCCBAkwHQYDVR0OBBYEFHW1XwP316a0kuItkGZBa7iE6NgBMB8GA1UdIwQY
MBaAFDScu9XCz0GVzG7H8h9gdYGgIk2qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUt
ZGMwNmRkODA1OTYwLzEvZGJWZkFfZlhwclNTNGkyUVprRnJ1SVRvMkFFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9jZGY1ZjYtMmYxOC00MmM3LTkzMGUtZGMwNmRkODA1OTYw
LzEvTkp5NzFjTFBRWlhNYnNmeUgyQjFnYUFpVGFvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICIQYIKwYBBQUHAQcBAf8EggIQMIICDDCCAggEAgABMIIC
AAMEAh+DDAMEAx+FwAMEAB+HAQMEAB+HBwMEASVhejAMAwQBQCtCAwQDQCtAMAwD
BARAK1ADBAJAK1gDBANNJAgwDAMEAk0kHAMEAE0kHjAMAwQFTSQgAwQBTSQ0AwQD
TSRQMAwDBABNJFkDBARNJGAwDAMEBk3owAMEA03o0AMEAk3o3AMEAlGhDAMEAVXM
xAMEAVZohAMEAVkiSgMEAVkq6AMEAVksZAMEAVktXAMEAVkucAMEAVvhIgMEAVvl
EAMEAFvlHwMEAlvlnDAMAwQAW+ffAwQAW+fiAwQBW+gQAwQBW+kCAwQBW+nKAwQB
W+qWAwQCW+rcAwQCW+8AAwQAW++yAwQCW/CcAwQDW/WwAwQCW/a8AwQCW/bEAwQB
XXgIMAwDBABdeBsDBABdeB4wDAMEBF14MAMEA114QDAMAwQAXXhLAwQCXXhQMAwD
BABdeFUDBABdeFoDBAJdeFwDBANdeHADBAJdeHwDBAFtz4wDBACrGd8DBAOwYDgD
BAOwYLADBAOwYZADBAOwYjgDBASwa0ADBACwbmoDBAGwbnIDBAOwbwADBAKwcFQD
BAOwdCgDBAOwdlgDBAOweWADBAOwfLAwDAMEArKflAMEBbKfgDAMAwQCuQnsAwQC
uQnwAwQCuWjEAwQCvL/4AwQAvNXpAwQAwQC+AwQDwSTAMA0GCSqGSIb3DQEBCwUA
A4IBAQA2Lm29Zeo+XqS9P3MB6ttsxJVEEW/SMSy4s64PKnveQWqS15sj2OaTLUOL
kgQvmkIl0tqU8j8+E9SX2d2GN/rfIeWGFqwaEYX5kMfoIvtAGqphHbEY07jwJpxd
Ix81aY2CFkgTwgSZxt8XWhj2PzmpWnNkGUt47+Gos/LONRih8B46ELS3f44C8hlU
sBOUM732H2VAmho7q/QVJQ1H1aeZzQTsV8lcIdctgQwcfigqQYP61oq77GpH83Yp
w99Gs+tYUGrW63NSF6BQh2c/n9WbP1o/3HNzphtx1VbaIcuk0ohx9a/JNSMg3odu
9sL8W8piTEPhgpC/nu0jr5X1j53D
-----END CERTIFICATE-----
Generated at Sat Jun 7 10:14:28 2025 by rpki-client