Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/1-URZqQquaOMP-9g7rT4jquZDbLY.roa
File: 1-URZqQquaOMP-9g7rT4jquZDbLY.roa (raw, json)
Hash identifier: 9avlk18PNZo3C/1d4M2snDrA2piYc891rXihkOFd4Fw=
Subject key identifier: F9:44:59:A9:0A:AE:68:E3:0F:FB:D8:3B:AD:3E:23:AA:E6:43:6C:B6
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 0196F1D20092C75950EBACE6815B04EDFCBE
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/1-URZqQquaOMP-9g7rT4jquZDbLY.roa
Signing time: Wed 21 May 2025 07:49:53 +0000
ROA not before: Wed 21 May 2025 07:49:53 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29518
IP address blocks: 5.44.192.0/20 maxlen: 20
5.172.144.0/21 maxlen: 21
31.192.192.0/20 maxlen: 20
31.208.0.0/16 maxlen: 16
31.209.0.0/18 maxlen: 18
37.17.248.0/21 maxlen: 21
46.162.64.0/18 maxlen: 18
46.236.64.0/18 maxlen: 18
62.182.0.0/21 maxlen: 21
62.220.160.0/19 maxlen: 19
77.53.0.0/16 maxlen: 16
79.138.0.0/17 maxlen: 17
80.244.64.0/19 maxlen: 19
81.88.0.0/20 maxlen: 20
81.186.240.0/20 maxlen: 20
82.117.96.0/19 maxlen: 19
82.209.128.0/18 maxlen: 18
83.209.0.0/16 maxlen: 16
83.219.192.0/19 maxlen: 19
83.233.0.0/16 maxlen: 16
85.8.0.0/18 maxlen: 18
85.30.0.0/18 maxlen: 18
85.235.0.0/19 maxlen: 19
85.235.17.0/24 maxlen: 24
85.235.18.0/23 maxlen: 23
85.235.20.0/22 maxlen: 22
85.235.24.0/24 maxlen: 24
85.238.192.0/19 maxlen: 19
87.96.128.0/17 maxlen: 17
87.236.88.0/21 maxlen: 21
87.241.64.0/18 maxlen: 18
87.251.192.0/19 maxlen: 19
87.253.64.0/19 maxlen: 19
88.83.32.0/19 maxlen: 19
88.129.0.0/16 maxlen: 16
89.160.0.0/17 maxlen: 17
89.233.192.0/18 maxlen: 18
89.236.0.0/18 maxlen: 18
89.236.0.0/23 maxlen: 23
89.236.2.0/23 maxlen: 23
89.236.4.0/22 maxlen: 22
89.236.8.0/23 maxlen: 23
89.236.11.0/24 maxlen: 24
89.236.15.0/24 maxlen: 24
89.236.17.0/24 maxlen: 24
89.236.18.0/23 maxlen: 23
89.236.20.0/22 maxlen: 22
89.236.24.0/23 maxlen: 23
89.236.26.0/24 maxlen: 24
89.236.35.0/24 maxlen: 24
89.236.36.0/23 maxlen: 23
89.236.38.0/24 maxlen: 24
89.236.47.0/24 maxlen: 24
89.236.48.0/24 maxlen: 24
89.236.53.0/24 maxlen: 24
89.236.54.0/23 maxlen: 23
89.236.56.0/22 maxlen: 22
91.191.128.0/20 maxlen: 20
91.232.59.0/24 maxlen: 24
91.232.60.0/23 maxlen: 23
94.198.64.0/21 maxlen: 21
94.245.0.0/18 maxlen: 18
94.245.0.0/20 maxlen: 20
94.245.16.0/20 maxlen: 20
94.245.48.0/20 maxlen: 20
94.255.128.0/17 maxlen: 17
95.155.192.0/18 maxlen: 18
109.124.128.0/18 maxlen: 18
109.225.64.0/18 maxlen: 18
146.247.80.0/21 maxlen: 21
178.132.248.0/21 maxlen: 21
178.251.240.0/21 maxlen: 21
185.18.164.0/22 maxlen: 22
185.52.180.0/22 maxlen: 22
185.58.144.0/22 maxlen: 22
185.113.96.0/22 maxlen: 22
188.120.160.0/19 maxlen: 19
188.122.128.0/19 maxlen: 19
193.23.57.0/24 maxlen: 24
195.78.224.0/22 maxlen: 22
195.238.255.0/24 maxlen: 24
213.21.64.0/18 maxlen: 18
213.142.0.0/19 maxlen: 19
213.185.0.0/19 maxlen: 19
213.185.4.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
213.185.7.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.10.0/24 maxlen: 24
213.185.12.0/22 maxlen: 22
213.185.16.0/23 maxlen: 23
213.185.20.0/23 maxlen: 23
213.185.24.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
217.72.48.0/20 maxlen: 20
217.72.52.0/23 maxlen: 23
217.72.54.0/24 maxlen: 24
217.72.56.0/22 maxlen: 22
217.72.60.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
217.76.80.0/20 maxlen: 20
217.78.32.0/20 maxlen: 20
217.115.32.0/19 maxlen: 19
217.118.208.0/20 maxlen: 20
2001:7a0::/32 maxlen: 32
2001:9c8::/29 maxlen: 29
2a00:1598::/29 maxlen: 29
2a00:8280::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
2a02:7b8::/32 maxlen: 32
2a02:23c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 18:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f1:d2:00:92:c7:59:50:eb:ac:e6:81:5b:04:ed:fc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: May 21 07:49:53 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f94459a90aae68e30ffbd83bad3e23aae6436cb6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:3f:62:a2:2f:f6:1b:10:92:03:82:bf:7a:ef:
04:0a:73:a3:22:89:82:ce:b3:ef:dc:98:fd:02:0b:
14:ae:92:8e:33:39:82:d8:73:33:58:13:3b:31:13:
be:fd:d7:59:2c:53:60:05:fd:c0:10:68:58:d4:c5:
66:7e:78:93:f9:bf:21:cc:7e:b3:7c:b2:7d:00:b2:
bc:f0:a9:8a:7b:b7:12:9f:82:ca:9f:f3:0c:f0:e8:
88:d7:df:58:b8:e6:ab:cb:08:83:be:22:94:56:1c:
e0:8e:8a:ae:5d:34:ca:2d:e8:b9:80:03:67:dc:a9:
a4:a8:6c:5b:47:13:ee:a8:c7:cd:e5:f5:51:14:2b:
80:10:48:eb:f8:1a:12:46:b2:78:d0:29:05:48:7b:
2f:7a:3c:7d:f6:4c:9e:e8:75:18:1d:6a:94:28:15:
86:25:65:bf:c5:9c:ab:d9:ac:84:ee:8f:8e:58:56:
c7:2c:55:fa:dc:86:55:ee:c7:0d:3b:04:1a:88:c7:
bc:ca:d1:6c:99:f0:af:b5:d0:5e:c4:5d:67:fd:53:
53:d8:f8:d6:ae:b7:64:39:c5:7e:06:57:46:39:fb:
a4:f1:15:c0:0d:73:9d:7d:fd:29:ff:35:0a:02:46:
02:af:40:a9:f2:0a:6d:76:33:31:18:bd:c4:1e:c7:
82:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:44:59:A9:0A:AE:68:E3:0F:FB:D8:3B:AD:3E:23:AA:E6:43:6C:B6
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/1-URZqQquaOMP-9g7rT4jquZDbLY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.192.0/20
5.172.144.0/21
31.192.192.0/20
31.208.0.0-31.209.63.255
37.17.248.0/21
46.162.64.0/18
46.236.64.0/18
62.182.0.0/21
62.220.160.0/19
77.53.0.0/16
79.138.0.0/17
80.244.64.0/19
81.88.0.0/20
81.186.240.0/20
82.117.96.0/19
82.209.128.0/18
83.209.0.0/16
83.219.192.0/19
83.233.0.0/16
85.8.0.0/18
85.30.0.0/18
85.235.0.0/19
85.238.192.0/19
87.96.128.0/17
87.236.88.0/21
87.241.64.0/18
87.251.192.0/19
87.253.64.0/19
88.83.32.0/19
88.129.0.0/16
89.160.0.0/17
89.233.192.0/18
89.236.0.0/18
91.191.128.0/20
91.232.59.0-91.232.61.255
94.198.64.0/21
94.245.0.0/18
94.255.128.0/17
95.155.192.0/18
109.124.128.0/18
109.225.64.0/18
146.247.80.0/21
178.132.248.0/21
178.251.240.0/21
185.18.164.0/22
185.52.180.0/22
185.58.144.0/22
185.113.96.0/22
188.120.160.0/19
188.122.128.0/19
193.23.57.0/24
195.78.224.0/22
195.238.255.0/24
213.21.64.0/18
213.142.0.0/19
213.185.0.0/19
217.72.48.0/20
217.76.80.0/20
217.78.32.0/20
217.115.32.0/19
217.118.208.0/20
IPv6:
2001:7a0::/32
2001:9c8::/29
2a00:1598::/29
2a00:8280::/32
2a01:b700::/32
2a02:7b8::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
7e:db:7b:05:5d:ce:63:04:dc:f1:a1:ca:25:88:23:8d:09:05:
76:64:8d:03:20:f9:a9:aa:29:46:82:19:02:5c:60:e0:fb:76:
89:4b:c7:21:01:fa:12:cd:cc:80:6f:d3:d8:82:a8:7a:b4:c9:
ec:11:86:4d:5c:76:86:2e:61:57:ad:b8:8d:79:0b:2c:58:1f:
0e:75:50:a4:cd:07:c7:b5:37:95:98:87:e2:07:c9:bd:ca:96:
0d:1b:47:36:c3:ee:fb:e2:47:1c:47:84:b3:6c:53:11:0e:ed:
06:a2:5e:fd:51:48:44:a3:47:97:b0:10:bf:a6:2b:8d:b9:7b:
b3:83:21:78:90:bb:60:05:1a:eb:60:0c:cf:bd:37:e2:4c:81:
cc:78:6e:87:50:4b:d8:39:fe:32:36:08:24:1d:ff:b8:29:0c:
aa:0d:62:44:8d:4c:de:5e:31:18:55:eb:6b:bd:80:5e:72:a0:
7a:dc:b8:0f:93:2a:bf:93:08:c2:9c:3f:c6:b2:c3:4a:cc:c1:
7b:2d:08:29:ac:d0:57:15:ed:e4:ac:47:b7:1a:e1:32:ea:ce:
1e:1b:4e:7b:5b:44:0b:75:0b:1b:1f:58:62:b3:9d:20:b3:54:
5c:e5:b1:c1:93:c7:90:a4:b3:82:63:02:85:96:ff:e7:47:6f:
20:e0:b8:27
-----BEGIN CERTIFICATE-----
MIIGtDCCBZygAwIBAgISAZbx0gCSx1lQ66zmgVsE7fy+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjUwNTIxMDc0OTUzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOTQ0NTlhOTBhYWU2OGUzMGZmYmQ4M2JhZDNlMjNhYWU2NDM2Y2I2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsj9ioi/2GxCSA4K/eu8ECnOjIomC
zrPv3Jj9AgsUrpKOMzmC2HMzWBM7MRO+/ddZLFNgBf3AEGhY1MVmfniT+b8hzH6z
fLJ9ALK88KmKe7cSn4LKn/MM8OiI199YuOarywiDviKUVhzgjoquXTTKLei5gANn
3KmkqGxbRxPuqMfN5fVRFCuAEEjr+BoSRrJ40CkFSHsvejx99kye6HUYHWqUKBWG
JWW/xZyr2ayE7o+OWFbHLFX63IZV7scNOwQaiMe8ytFsmfCvtdBexF1n/VNT2PjW
rrdkOcV+BldGOfuk8RXADXOdff0p/zUKAkYCr0Cp8gptdjMxGL3EHseCuQIDAQAB
o4IDwDCCA7wwHQYDVR0OBBYEFPlEWakKrmjjD/vYO60+I6rmQ2y2MB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvMS1VUlpxUXF1YU9NUC05ZzdyVDRqcXVaRGJMWS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvNDEvODk5MzgwLWFkMjctNDRlYi04YzJlLWIwYmFkMThmMDJk
MC8xL0RPRXdqcTFxMngwSVhuNVpFS0RMTGVWcW95NC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAdMGCCsGAQUFBwEHAQH/BIIBwjCCAb4wggGBBAIAATCC
AXkDBAQFLMADBAMFrJADBAQfwMAwCwMDBB/QAwQGH9EAAwQDJRH4AwQGLqJAAwQG
LuxAAwQDPrYAAwQFPtygAwMATTUDBAdPigADBAVQ9EADBARRWAADBARRuvADBAVS
dWADBAZS0YADAwBT0QMEBVPbwAMDAFPpAwQGVQgAAwQGVR4AAwQFVesAAwQFVe7A
AwQHV2CAAwQDV+xYAwQGV/FAAwQFV/vAAwQFV/1AAwQFWFMgAwMAWIEDBAdZoAAD
BAZZ6cADBAZZ7AADBARbv4AwDAMEAFvoOwMEAVvoPAMEA17GQAMEBl71AAMEB17/
gAMEBl+bwAMEBm18gAMEBm3hQAMEA5L3UAMEA7KE+AMEA7L78AMEArkSpAMEArk0
tAMEArk6kAMEArlxYAMEBbx4oAMEBbx6gAMEAMEXOQMEAsNO4AMEAMPu/wMEBtUV
QAMEBdWOAAMEBdW5AAMEBNlIMAMEBNlMUAMEBNlOIAMEBdlzIAMEBNl20DA3BAIA
AjAxAwUAIAEHoAMFAyABCcgDBQMqABWYAwUAKgCCgAMFACoBtwADBQAqAge4AwUA
KgIjwDANBgkqhkiG9w0BAQsFAAOCAQEAftt7BV3OYwTc8aHKJYgjjQkFdmSNAyD5
qaopRoIZAlxg4Pt2iUvHIQH6Es3MgG/T2IKoerTJ7BGGTVx2hi5hV624jXkLLFgf
DnVQpM0Hx7U3lZiH4gfJvcqWDRtHNsPu++JHHEeEs2xTEQ7tBqJe/VFIRKNHl7AQ
v6Yrjbl7s4MheJC7YAUa62AMz7034kyBzHhuh1BL2Dn+MjYIJB3/uCkMqg1iRI1M
3l4xGFXra72AXnKgety4D5Mqv5MIwpw/xrLDSszBey0IKazQVxXt5KxHtxrhMurO
HhtOe1tEC3ULGx9YYrOdILNUXOWxwZPHkKSzgmMChZb/50dvIOC4Jw==
-----END CERTIFICATE-----
Generated at Sun Jun 8 00:58:39 2025 by rpki-client