Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/h8Rooww-YtXgZdj5PaYT_SFfSvw.roa
File: h8Rooww-YtXgZdj5PaYT_SFfSvw.roa (raw, json)
Hash identifier: u6xVJHYA1uzH6xbwrO/RW/GLLxj+VO2zqxgk0PQuKro=
Subject key identifier: 87:C4:68:A3:0C:3E:62:D5:E0:65:D8:F9:3D:A6:13:FD:21:5F:4A:FC
Certificate issuer: /CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Certificate serial: 0199429B90CAA70D1DA2746659881A2D0C5E
Authority key identifier: 0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/h8Rooww-YtXgZdj5PaYT_SFfSvw.roa
Signing time: Sat 13 Sep 2025 10:25:15 +0000
ROA not before: Sat 13 Sep 2025 10:25:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29518
IP address blocks: 5.44.192.0/20 maxlen: 20
5.172.144.0/21 maxlen: 21
31.192.192.0/20 maxlen: 20
31.208.0.0/16 maxlen: 16
31.209.0.0/18 maxlen: 18
37.17.248.0/21 maxlen: 21
46.162.64.0/18 maxlen: 18
46.236.64.0/18 maxlen: 18
62.182.0.0/21 maxlen: 21
62.220.160.0/19 maxlen: 19
77.53.0.0/16 maxlen: 16
79.138.0.0/17 maxlen: 17
80.244.64.0/19 maxlen: 19
81.88.0.0/20 maxlen: 20
81.186.240.0/20 maxlen: 20
82.117.96.0/19 maxlen: 19
82.209.128.0/18 maxlen: 18
83.209.0.0/16 maxlen: 16
83.219.192.0/19 maxlen: 19
83.233.0.0/16 maxlen: 16
85.8.0.0/18 maxlen: 18
85.30.0.0/18 maxlen: 18
85.235.0.0/19 maxlen: 19
85.235.17.0/24 maxlen: 24
85.235.18.0/23 maxlen: 23
85.235.20.0/22 maxlen: 22
85.235.24.0/24 maxlen: 24
85.238.192.0/19 maxlen: 19
87.96.128.0/17 maxlen: 17
87.236.88.0/21 maxlen: 21
87.241.64.0/18 maxlen: 18
87.251.192.0/19 maxlen: 19
87.253.64.0/19 maxlen: 19
88.83.32.0/19 maxlen: 19
88.129.0.0/16 maxlen: 16
89.160.0.0/17 maxlen: 17
89.233.192.0/18 maxlen: 18
89.236.0.0/18 maxlen: 18
89.236.0.0/23 maxlen: 23
89.236.2.0/23 maxlen: 23
89.236.4.0/22 maxlen: 22
89.236.8.0/23 maxlen: 23
89.236.11.0/24 maxlen: 24
89.236.15.0/24 maxlen: 24
89.236.17.0/24 maxlen: 24
89.236.18.0/23 maxlen: 23
89.236.20.0/22 maxlen: 22
89.236.24.0/23 maxlen: 23
89.236.26.0/24 maxlen: 24
89.236.35.0/24 maxlen: 24
89.236.36.0/23 maxlen: 23
89.236.38.0/24 maxlen: 24
89.236.47.0/24 maxlen: 24
89.236.48.0/24 maxlen: 24
89.236.53.0/24 maxlen: 24
89.236.54.0/23 maxlen: 23
89.236.56.0/22 maxlen: 22
91.232.59.0/24 maxlen: 24
91.232.60.0/23 maxlen: 23
94.198.64.0/21 maxlen: 21
94.245.0.0/18 maxlen: 18
94.245.0.0/20 maxlen: 20
94.245.16.0/20 maxlen: 20
94.245.48.0/20 maxlen: 20
94.255.128.0/17 maxlen: 17
95.155.192.0/18 maxlen: 18
109.124.128.0/18 maxlen: 18
109.225.64.0/18 maxlen: 18
146.247.80.0/21 maxlen: 21
178.132.248.0/21 maxlen: 21
178.251.240.0/21 maxlen: 21
185.18.164.0/22 maxlen: 22
185.52.180.0/22 maxlen: 22
185.58.144.0/22 maxlen: 22
185.113.96.0/22 maxlen: 22
188.120.160.0/19 maxlen: 19
188.122.128.0/19 maxlen: 19
193.23.57.0/24 maxlen: 24
195.78.224.0/22 maxlen: 22
195.238.255.0/24 maxlen: 24
213.21.64.0/18 maxlen: 18
213.142.0.0/19 maxlen: 19
213.185.0.0/19 maxlen: 19
213.185.4.0/24 maxlen: 24
213.185.6.0/24 maxlen: 24
213.185.7.0/24 maxlen: 24
213.185.8.0/23 maxlen: 23
213.185.10.0/24 maxlen: 24
213.185.12.0/22 maxlen: 22
213.185.16.0/23 maxlen: 23
213.185.20.0/23 maxlen: 23
213.185.24.0/24 maxlen: 24
213.185.26.0/24 maxlen: 24
217.72.48.0/20 maxlen: 20
217.72.52.0/23 maxlen: 23
217.72.54.0/24 maxlen: 24
217.72.56.0/22 maxlen: 22
217.72.60.0/23 maxlen: 23
217.72.62.0/24 maxlen: 24
217.76.80.0/20 maxlen: 20
217.115.32.0/19 maxlen: 19
2001:7a0::/32 maxlen: 32
2001:9c8::/29 maxlen: 29
2a00:1598::/29 maxlen: 29
2a00:8280::/32 maxlen: 32
2a01:b700::/32 maxlen: 32
2a02:7b8::/32 maxlen: 32
2a02:23c0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:42:9b:90:ca:a7:0d:1d:a2:74:66:59:88:1a:2d:0c:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ce1308ead6adb1d085e7e5910a0cb2de56aa32e
Validity
Not Before: Sep 13 10:25:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=87c468a30c3e62d5e065d8f93da613fd215f4afc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:d1:37:41:86:e2:5c:38:f3:3a:4d:d0:92:f7:
c7:f2:71:4d:04:0b:ca:62:cb:e8:82:95:41:eb:e0:
5f:82:2c:8b:6b:1b:30:7c:7d:4c:38:d8:11:ff:d0:
f5:37:10:ae:89:69:17:04:a9:c2:f8:ba:8d:eb:28:
56:77:3b:ca:05:36:dc:b8:9c:05:68:e2:b7:43:2c:
f1:88:d7:f4:f9:7a:58:12:03:e2:db:9b:70:eb:a3:
7e:d4:df:ed:0e:6c:f7:87:b5:79:e0:d4:cd:c7:5a:
e2:1f:c3:1d:11:ed:45:53:12:93:b4:43:3c:a4:52:
5f:57:15:e8:32:7f:17:c5:38:a4:17:65:19:6c:d8:
29:6a:4c:c9:6e:86:7d:d3:51:7d:47:62:13:5f:8c:
a2:be:64:70:84:34:82:1f:ce:45:2d:5a:e8:d5:3f:
a7:9f:37:21:0e:07:d2:9c:28:e1:74:97:72:f4:ef:
ee:54:1a:7c:9d:c7:a9:71:2d:c6:63:ad:b6:15:db:
54:b3:3e:05:47:d5:bf:0c:3c:c6:43:1a:f9:ea:d5:
98:9c:2a:0e:23:1d:ea:73:cd:ea:2e:a9:06:dc:12:
b6:ec:1f:59:c8:1a:f9:f9:ae:a5:6b:1e:ce:fb:ca:
31:08:98:f6:b6:b7:ad:85:cd:c6:26:d9:7a:ef:7c:
b5:a3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
87:C4:68:A3:0C:3E:62:D5:E0:65:D8:F9:3D:A6:13:FD:21:5F:4A:FC
X509v3 Authority Key Identifier:
keyid:0C:E1:30:8E:AD:6A:DB:1D:08:5E:7E:59:10:A0:CB:2D:E5:6A:A3:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/h8Rooww-YtXgZdj5PaYT_SFfSvw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/41/899380-ad27-44eb-8c2e-b0bad18f02d0/1/DOEwjq1q2x0IXn5ZEKDLLeVqoy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.44.192.0/20
5.172.144.0/21
31.192.192.0/20
31.208.0.0-31.209.63.255
37.17.248.0/21
46.162.64.0/18
46.236.64.0/18
62.182.0.0/21
62.220.160.0/19
77.53.0.0/16
79.138.0.0/17
80.244.64.0/19
81.88.0.0/20
81.186.240.0/20
82.117.96.0/19
82.209.128.0/18
83.209.0.0/16
83.219.192.0/19
83.233.0.0/16
85.8.0.0/18
85.30.0.0/18
85.235.0.0/19
85.238.192.0/19
87.96.128.0/17
87.236.88.0/21
87.241.64.0/18
87.251.192.0/19
87.253.64.0/19
88.83.32.0/19
88.129.0.0/16
89.160.0.0/17
89.233.192.0/18
89.236.0.0/18
91.232.59.0-91.232.61.255
94.198.64.0/21
94.245.0.0/18
94.255.128.0/17
95.155.192.0/18
109.124.128.0/18
109.225.64.0/18
146.247.80.0/21
178.132.248.0/21
178.251.240.0/21
185.18.164.0/22
185.52.180.0/22
185.58.144.0/22
185.113.96.0/22
188.120.160.0/19
188.122.128.0/19
193.23.57.0/24
195.78.224.0/22
195.238.255.0/24
213.21.64.0/18
213.142.0.0/19
213.185.0.0/19
217.72.48.0/20
217.76.80.0/20
217.115.32.0/19
IPv6:
2001:7a0::/32
2001:9c8::/29
2a00:1598::/29
2a00:8280::/32
2a01:b700::/32
2a02:7b8::/32
2a02:23c0::/32
Signature Algorithm: sha256WithRSAEncryption
74:66:ed:07:9d:26:3f:1c:7d:d1:e9:a3:48:fd:2b:63:24:15:
71:0e:f0:45:b4:0d:71:86:c6:96:1e:97:1d:e5:48:49:eb:3e:
59:18:c0:73:b6:a0:b9:e5:a3:e9:85:3d:e8:ef:2c:48:07:21:
f9:ec:6e:90:82:8f:30:d7:66:58:dc:c3:78:c8:cf:79:a6:74:
5f:44:1f:16:b5:55:86:86:44:ac:ea:37:f0:88:31:67:e9:31:
67:aa:d6:81:e7:5e:c6:df:6a:5d:2e:cd:ae:dd:03:d6:44:5a:
b6:9f:95:c5:8a:39:68:69:af:9e:6a:2c:42:4d:83:71:6d:ee:
9a:c8:6d:82:ec:94:71:b1:87:02:9e:b9:d9:20:51:4f:c2:fe:
00:4c:2a:e9:a1:b0:d2:e1:52:f2:5e:d3:21:98:2d:fe:3f:5e:
6a:4a:f9:73:53:5b:69:ca:3a:df:ec:c1:b0:cf:7a:d8:97:d6:
33:8e:56:1a:da:09:11:82:d0:d0:10:ff:ae:a0:8b:ab:3c:14:
77:ef:2a:e4:fd:e0:16:0e:cb:b6:71:92:4f:7e:80:41:3d:26:
57:42:ce:4a:62:fd:2d:3b:ff:54:29:5f:6d:05:ee:e0:b4:9a:
ec:32:cb:ce:3f:f5:68:c6:07:20:3b:ba:9f:0e:87:1c:01:5c:
c9:7f:b9:c5
-----BEGIN CERTIFICATE-----
MIIGoTCCBYmgAwIBAgISAZlCm5DKpw0donRmWYgaLQxeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBjZTEzMDhlYWQ2YWRiMWQwODVlN2U1OTEwYTBjYjJkZTU2
YWEzMmUwHhcNMjUwOTEzMTAyNTE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4N2M0NjhhMzBjM2U2MmQ1ZTA2NWQ4ZjkzZGE2MTNmZDIxNWY0YWZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwdE3QYbiXDjzOk3QkvfH8nFNBAvK
YsvogpVB6+BfgiyLaxswfH1MONgR/9D1NxCuiWkXBKnC+LqN6yhWdzvKBTbcuJwF
aOK3QyzxiNf0+XpYEgPi25tw66N+1N/tDmz3h7V54NTNx1riH8MdEe1FUxKTtEM8
pFJfVxXoMn8XxTikF2UZbNgpakzJboZ901F9R2ITX4yivmRwhDSCH85FLVro1T+n
nzchDgfSnCjhdJdy9O/uVBp8ncepcS3GY622FdtUsz4FR9W/DDzGQxr56tWYnCoO
Ix3qc83qLqkG3BK27B9ZyBr5+a6lax7O+8oxCJj2trethc3GJtl673y1owIDAQAB
o4IDrTCCA6kwHQYDVR0OBBYEFIfEaKMMPmLV4GXY+T2mE/0hX0r8MB8GA1UdIwQY
MBaAFAzhMI6tatsdCF5+WRCgyy3laqMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUt
YjBiYWQxOGYwMmQwLzEvaDhSb293dy1ZdFhnWmRqNVBhWVRfU0ZmU3Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80MS84OTkzODAtYWQyNy00NGViLThjMmUtYjBiYWQxOGYwMmQw
LzEvRE9Fd2pxMXEyeDBJWG41WkVLRExMZVZxb3k0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwQYIKwYBBQUHAQcBAf8EggGwMIIBrDCCAW8EAgABMIIB
ZwMEBAUswAMEAwWskAMEBB/AwDALAwMEH9ADBAYf0QADBAMlEfgDBAYuokADBAYu
7EADBAM+tgADBAU+3KADAwBNNQMEB0+KAAMEBVD0QAMEBFFYAAMEBFG68AMEBVJ1
YAMEBlLRgAMDAFPRAwQFU9vAAwMAU+kDBAZVCAADBAZVHgADBAVV6wADBAVV7sAD
BAdXYIADBANX7FgDBAZX8UADBAVX+8ADBAVX/UADBAVYUyADAwBYgQMEB1mgAAME
BlnpwAMEBlnsADAMAwQAW+g7AwQBW+g8AwQDXsZAAwQGXvUAAwQHXv+AAwQGX5vA
AwQGbXyAAwQGbeFAAwQDkvdQAwQDsoT4AwQDsvvwAwQCuRKkAwQCuTS0AwQCuTqQ
AwQCuXFgAwQFvHigAwQFvHqAAwQAwRc5AwQCw07gAwQAw+7/AwQG1RVAAwQF1Y4A
AwQF1bkAAwQE2UgwAwQE2UxQAwQF2XMgMDcEAgACMDEDBQAgAQegAwUDIAEJyAMF
AyoAFZgDBQAqAIKAAwUAKgG3AAMFACoCB7gDBQAqAiPAMA0GCSqGSIb3DQEBCwUA
A4IBAQB0Zu0HnSY/HH3R6aNI/StjJBVxDvBFtA1xhsaWHpcd5UhJ6z5ZGMBztqC5
5aPphT3o7yxIByH57G6Qgo8w12ZY3MN4yM95pnRfRB8WtVWGhkSs6jfwiDFn6TFn
qtaB517G32pdLs2u3QPWRFq2n5XFijloaa+eaixCTYNxbe6ayG2C7JRxsYcCnrnZ
IFFPwv4ATCrpobDS4VLyXtMhmC3+P15qSvlzU1tpyjrf7MGwz3rYl9YzjlYa2gkR
gtDQEP+uoIurPBR37yrk/eAWDsu2cZJPfoBBPSZXQs5KYv0tO/9UKV9tBe7gtJrs
MsvOP/VoxgcgO7qfDoccAVzJf7nF
-----END CERTIFICATE-----
Generated at Mon Oct 20 00:49:30 2025 by rpki-client