Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/01g5y437H2m0RBS60K8v_5CH25Y.roa
File: 01g5y437H2m0RBS60K8v_5CH25Y.roa (raw, json)
Hash identifier: 6whrCWSU/OFo5FWbCgWTtdfsQVzcFfU3y10vUs1oFTE=
Subject key identifier: D3:58:39:CB:8D:FB:1F:69:B4:44:14:BA:D0:AF:2F:FF:90:87:DB:96
Certificate issuer: /CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Certificate serial: 019901FB63A407E399D9F116A9E66D082BD8
Authority key identifier: E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/01g5y437H2m0RBS60K8v_5CH25Y.roa
Signing time: Sun 31 Aug 2025 21:14:36 +0000
ROA not before: Sun 31 Aug 2025 21:14:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5610
IP address blocks: 37.188.128.0/17 maxlen: 17
37.188.128.0/21 maxlen: 21
37.188.136.0/21 maxlen: 21
37.188.144.0/20 maxlen: 20
37.188.144.0/21 maxlen: 21
37.188.152.0/21 maxlen: 21
37.188.160.0/20 maxlen: 20
37.188.160.0/21 maxlen: 21
37.188.168.0/21 maxlen: 21
37.188.176.0/20 maxlen: 20
37.188.176.0/21 maxlen: 21
37.188.184.0/21 maxlen: 21
37.188.192.0/23 maxlen: 23
37.188.194.0/23 maxlen: 23
37.188.224.0/21 maxlen: 21
37.188.232.0/21 maxlen: 21
37.188.240.0/20 maxlen: 20
37.188.240.0/21 maxlen: 21
37.188.248.0/21 maxlen: 21
80.188.0.0/16 maxlen: 16
80.188.0.0/17 maxlen: 17
80.188.40.0/24 maxlen: 24
80.188.120.0/24 maxlen: 24
80.188.128.0/17 maxlen: 17
80.188.131.0/24 maxlen: 24
80.188.165.0/24 maxlen: 24
80.188.170.0/24 maxlen: 24
80.188.200.0/24 maxlen: 24
80.188.202.0/24 maxlen: 24
80.188.222.0/24 maxlen: 24
80.188.225.0/24 maxlen: 24
81.90.160.0/20 maxlen: 20
81.90.168.0/21 maxlen: 21
81.90.168.0/24 maxlen: 24
81.90.170.0/24 maxlen: 24
81.90.173.0/24 maxlen: 24
83.69.32.0/19 maxlen: 19
83.208.0.0/16 maxlen: 16
83.208.0.0/18 maxlen: 18
83.208.64.0/18 maxlen: 18
83.208.128.0/19 maxlen: 19
83.208.220.0/22 maxlen: 22
85.70.0.0/15 maxlen: 15
85.70.0.0/16 maxlen: 16
85.70.0.0/17 maxlen: 17
85.70.128.0/17 maxlen: 17
85.71.0.0/16 maxlen: 16
85.71.224.0/19 maxlen: 19
85.160.0.0/15 maxlen: 15
85.193.0.0/18 maxlen: 18
88.83.160.0/19 maxlen: 19
88.83.175.0/24 maxlen: 24
88.100.0.0/14 maxlen: 14
88.100.0.0/15 maxlen: 15
88.102.0.0/15 maxlen: 15
88.102.0.0/16 maxlen: 16
88.103.218.0/24 maxlen: 24
90.176.32.0/19 maxlen: 19
90.176.64.0/18 maxlen: 18
90.176.128.0/17 maxlen: 17
90.176.170.0/24 maxlen: 24
90.177.0.0/16 maxlen: 16
90.178.0.0/15 maxlen: 15
90.180.0.0/14 maxlen: 14
90.181.0.0/16 maxlen: 16
90.182.0.0/16 maxlen: 16
90.182.6.0/24 maxlen: 24
90.182.108.0/24 maxlen: 24
90.182.109.0/24 maxlen: 24
90.182.110.0/24 maxlen: 24
90.182.134.0/24 maxlen: 24
90.182.146.0/24 maxlen: 24
90.182.161.0/24 maxlen: 24
90.182.221.0/24 maxlen: 24
90.183.0.0/16 maxlen: 16
90.183.57.0/24 maxlen: 24
90.183.72.0/24 maxlen: 24
90.183.76.0/24 maxlen: 24
90.183.77.0/24 maxlen: 24
90.183.78.0/24 maxlen: 24
90.183.108.0/24 maxlen: 24
92.243.192.0/19 maxlen: 19
109.80.0.0/15 maxlen: 15
109.81.112.0/20 maxlen: 20
109.81.160.0/20 maxlen: 20
109.81.208.0/24 maxlen: 24
109.81.209.0/24 maxlen: 24
109.81.210.0/24 maxlen: 24
109.81.211.0/24 maxlen: 24
109.81.212.0/24 maxlen: 24
109.81.213.0/24 maxlen: 24
109.81.214.0/24 maxlen: 24
109.81.215.0/24 maxlen: 24
160.218.0.0/16 maxlen: 16
160.218.13.0/24 maxlen: 24
185.61.228.0/22 maxlen: 22
194.228.0.0/16 maxlen: 16
194.228.0.0/17 maxlen: 17
194.228.11.0/24 maxlen: 24
194.228.13.0/24 maxlen: 24
194.228.20.0/24 maxlen: 24
194.228.32.0/24 maxlen: 24
194.228.59.0/24 maxlen: 24
194.228.68.0/24 maxlen: 24
194.228.72.0/22 maxlen: 22
194.228.76.0/24 maxlen: 24
194.228.79.0/24 maxlen: 24
194.228.128.0/17 maxlen: 17
217.117.208.0/20 maxlen: 20
217.194.160.0/20 maxlen: 20
2001:41d8::/32 maxlen: 32
2a00:1028::/29 maxlen: 29
2a00:1028::/32 maxlen: 32
2a00:1028:d::/48 maxlen: 48
2a02:9b8::/31 maxlen: 31
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.mft
rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Sep 2025 14:16:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:01:fb:63:a4:07:e3:99:d9:f1:16:a9:e6:6d:08:2b:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e5d6c6e8bced40bd032d17718c1b1e39ae841ae8
Validity
Not Before: Aug 31 21:14:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d35839cb8dfb1f69b44414bad0af2fff9087db96
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:93:1e:c8:ab:2b:43:bd:66:e1:ef:6b:5d:b5:
51:ad:27:e9:0a:45:a7:1b:4c:78:86:0f:c6:d8:96:
3c:ce:08:1c:94:7c:fa:c3:b9:00:47:ad:37:f7:5d:
0a:69:2e:2d:95:1c:98:5b:44:a4:67:6b:a3:a8:ff:
53:5b:60:41:85:cb:8e:34:9a:ec:51:73:5f:5b:ab:
87:10:f8:66:88:87:a6:e8:46:3e:a2:12:00:8d:c0:
df:99:7d:4e:4d:eb:b0:68:cb:1c:10:ec:02:cf:1e:
a4:d4:97:ef:03:6b:63:19:0c:15:8b:2e:c7:d0:50:
79:b5:59:d6:d4:19:d9:3a:5b:20:ae:27:85:48:d2:
47:4f:5d:6b:07:bd:51:61:4f:3a:a1:c8:86:f8:52:
1b:a8:26:ef:b6:63:47:cc:92:60:ec:56:3c:c8:b6:
fe:5c:ae:43:82:de:c0:c0:9a:1f:4c:17:58:f1:81:
12:26:12:f0:2d:05:e2:e4:72:2b:25:e5:dd:80:b5:
25:e0:29:6c:80:95:02:26:29:73:75:8b:29:f5:fe:
95:46:7d:d0:ab:6d:97:ae:90:19:7c:a1:18:06:d8:
57:e6:8b:73:c6:06:ee:80:c9:de:00:16:67:6b:f5:
7b:eb:40:34:f4:89:64:4c:4c:19:e0:2d:52:85:f9:
b3:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D3:58:39:CB:8D:FB:1F:69:B4:44:14:BA:D0:AF:2F:FF:90:87:DB:96
X509v3 Authority Key Identifier:
keyid:E5:D6:C6:E8:BC:ED:40:BD:03:2D:17:71:8C:1B:1E:39:AE:84:1A:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5dbG6LztQL0DLRdxjBseOa6EGug.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/01g5y437H2m0RBS60K8v_5CH25Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/0894f7-e24d-4728-8cad-bd249b625797/1/5dbG6LztQL0DLRdxjBseOa6EGug.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.188.128.0/17
80.188.0.0/16
81.90.160.0/20
83.69.32.0/19
83.208.0.0/16
85.70.0.0/15
85.160.0.0/15
85.193.0.0/18
88.83.160.0/19
88.100.0.0/14
90.176.32.0-90.183.255.255
92.243.192.0/19
109.80.0.0/15
160.218.0.0/16
185.61.228.0/22
194.228.0.0/16
217.117.208.0/20
217.194.160.0/20
IPv6:
2001:41d8::/32
2a00:1028::/29
2a02:9b8::/31
Signature Algorithm: sha256WithRSAEncryption
34:24:ea:cf:ec:66:80:ba:8e:4c:c8:e8:22:ba:b7:f5:50:67:
2b:22:7c:2a:9d:19:f2:91:f3:c5:44:0f:e5:e6:7f:df:e6:f4:
8b:51:a0:c6:05:ee:b7:e9:a8:e4:bb:cc:fc:ca:10:a1:e6:5e:
11:db:a7:21:73:3a:fc:fd:89:22:13:ef:f1:f3:65:27:ab:c1:
51:97:24:18:b0:5f:5d:97:25:e1:b9:b0:c3:b8:67:9b:b1:07:
e1:1e:55:71:10:a4:33:0e:5d:e3:8f:b1:14:6f:85:9e:9f:7c:
f3:5a:2e:9b:93:21:5b:39:50:4f:67:1e:bc:e6:4b:69:6f:d4:
a5:2c:d8:06:9d:a4:3b:71:fc:06:13:d6:d3:7f:8c:32:33:53:
57:97:d5:c3:5e:b9:f5:f7:5d:f5:7d:b1:b4:be:2e:68:5c:da:
06:e2:19:2f:69:9e:a8:41:5c:f0:81:fb:47:90:9a:89:24:89:
20:e6:d9:da:54:27:f3:e5:78:78:1e:31:46:2e:78:03:2b:67:
b2:ec:01:7c:59:9e:2d:68:7a:18:b3:99:e7:d7:e9:ef:10:4c:
c0:f0:1a:5d:07:11:b3:a1:e6:9c:b9:d5:35:5b:54:52:7f:18:
bd:f8:0d:95:99:e0:39:a3:da:27:4e:f2:9c:32:7d:fb:e4:2e:
77:e1:f4:aa
-----BEGIN CERTIFICATE-----
MIIFgjCCBGqgAwIBAgISAZkB+2OkB+OZ2fEWqeZtCCvYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU1ZDZjNmU4YmNlZDQwYmQwMzJkMTc3MThjMWIxZTM5YWU4
NDFhZTgwHhcNMjUwODMxMjExNDM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMzU4MzljYjhkZmIxZjY5YjQ0NDE0YmFkMGFmMmZmZjkwODdkYjk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0JMeyKsrQ71m4e9rXbVRrSfpCkWn
G0x4hg/G2JY8zggclHz6w7kAR603910KaS4tlRyYW0SkZ2ujqP9TW2BBhcuONJrs
UXNfW6uHEPhmiIem6EY+ohIAjcDfmX1OTeuwaMscEOwCzx6k1JfvA2tjGQwViy7H
0FB5tVnW1BnZOlsgrieFSNJHT11rB71RYU86ociG+FIbqCbvtmNHzJJg7FY8yLb+
XK5Dgt7AwJofTBdY8YESJhLwLQXi5HIrJeXdgLUl4ClsgJUCJilzdYsp9f6VRn3Q
q22XrpAZfKEYBthX5otzxgbugMneABZna/V760A09IlkTEwZ4C1ShfmzMQIDAQAB
o4ICjjCCAoowHQYDVR0OBBYEFNNYOcuN+x9ptEQUutCvL/+Qh9uWMB8GA1UdIwQY
MBaAFOXWxui87UC9Ay0XcYwbHjmuhBroMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQt
YmQyNDliNjI1Nzk3LzEvMDFnNXk0MzdIMm0wUkJTNjBLOHZfNUNIMjVZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC8wODk0ZjctZTI0ZC00NzI4LThjYWQtYmQyNDliNjI1Nzk3
LzEvNWRiRzZMenRRTDBETFJkeGpCc2VPYTZFR3VnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGjBggrBgEFBQcBBwEB/wSBkzCBkDBxBAIAATBrAwQHJbyA
AwMAULwDBARRWqADBAVTRSADAwBT0AMDAVVGAwMBVaADBAZVwQADBAVYU6ADAwJY
ZDALAwQFWrAgAwMDWrADBAVc88ADAwFtUAMDAKDaAwQCuT3kAwMAwuQDBATZddAD
BATZwqAwGwQCAAIwFQMFACABQdgDBQMqABAoAwUBKgIJuDANBgkqhkiG9w0BAQsF
AAOCAQEANCTqz+xmgLqOTMjoIrq39VBnKyJ8Kp0Z8pHzxUQP5eZ/3+b0i1GgxgXu
t+mo5LvM/MoQoeZeEdunIXM6/P2JIhPv8fNlJ6vBUZckGLBfXZcl4bmww7hnm7EH
4R5VcRCkMw5d44+xFG+Fnp9881oum5MhWzlQT2cevOZLaW/UpSzYBp2kO3H8BhPW
03+MMjNTV5fVw1659fdd9X2xtL4uaFzaBuIZL2meqEFc8IH7R5CaiSSJIObZ2lQn
8+V4eB4xRi54AytnsuwBfFmeLWh6GLOZ59fp7xBMwPAaXQcRs6HmnLnVNVtUUn8Y
vfgNlZngOaPaJ07ynDJ9++Qud+H0qg==
-----END CERTIFICATE-----
Generated at Thu Sep 11 19:35:48 2025 by rpki-client