Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/GYXH5jrngs3vZAINFfgrNRwhj6Q.roa
File: GYXH5jrngs3vZAINFfgrNRwhj6Q.roa (raw, json)
Hash identifier: tndoIaicJ4OjxOJzM5171qBo/ET2G0zXyUo6a+02Cpg=
Subject key identifier: 19:85:C7:E6:3A:E7:82:CD:EF:64:02:0D:15:F8:2B:35:1C:21:8F:A4
Certificate issuer: /CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Certificate serial: 019913B2BA16CDF4C5A2516B9C29BEF87921
Authority key identifier: A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/GYXH5jrngs3vZAINFfgrNRwhj6Q.roa
Signing time: Thu 04 Sep 2025 07:48:24 +0000
ROA not before: Thu 04 Sep 2025 07:48:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42473
IP address blocks: 37.235.3.0/24 maxlen: 24
37.235.4.0/24 maxlen: 24
37.235.5.0/24 maxlen: 24
37.235.7.0/24 maxlen: 24
37.252.224.0/19 maxlen: 32
37.252.226.0/24 maxlen: 24
37.252.228.0/24 maxlen: 32
37.252.234.0/24 maxlen: 24
37.252.243.0/24 maxlen: 24
37.252.244.0/24 maxlen: 24
37.252.251.0/24 maxlen: 24
37.252.253.0/24 maxlen: 24
45.84.252.0/24 maxlen: 24
45.132.61.0/24 maxlen: 24
45.132.62.0/23 maxlen: 24
94.16.98.0/24 maxlen: 24
94.16.100.0/24 maxlen: 24
94.16.125.0/24 maxlen: 24
94.16.126.0/24 maxlen: 24
144.208.192.0/18 maxlen: 32
144.208.204.0/24 maxlen: 24
144.208.205.0/24 maxlen: 24
144.208.206.0/24 maxlen: 24
144.208.207.0/24 maxlen: 24
144.208.212.0/22 maxlen: 32
144.208.216.0/24 maxlen: 24
144.208.217.0/24 maxlen: 24
144.208.219.0/24 maxlen: 24
144.208.221.0/24 maxlen: 24
144.208.222.0/24 maxlen: 24
144.208.223.0/24 maxlen: 24
144.208.224.0/24 maxlen: 24
144.208.225.0/24 maxlen: 24
144.208.226.0/24 maxlen: 24
144.208.228.0/24 maxlen: 24
144.208.229.0/24 maxlen: 24
144.208.230.0/24 maxlen: 24
144.208.231.0/24 maxlen: 24
144.208.232.0/24 maxlen: 24
144.208.233.0/24 maxlen: 24
144.208.235.0/24 maxlen: 24
144.208.236.0/24 maxlen: 24
144.208.237.0/24 maxlen: 24
144.208.238.0/24 maxlen: 24
144.208.240.0/24 maxlen: 24
144.208.241.0/24 maxlen: 24
144.208.242.0/24 maxlen: 24
144.208.244.0/24 maxlen: 24
144.208.254.0/24 maxlen: 24
144.208.255.0/24 maxlen: 24
176.123.54.0/23 maxlen: 23
178.255.152.0/21 maxlen: 32
185.2.176.0/22 maxlen: 32
185.2.176.0/24 maxlen: 24
185.50.232.0/23 maxlen: 23
185.50.235.0/24 maxlen: 24
185.81.206.0/24 maxlen: 24
185.81.209.0/24 maxlen: 24
185.116.96.0/24 maxlen: 24
185.116.97.0/24 maxlen: 24
185.116.98.0/24 maxlen: 24
185.116.99.0/24 maxlen: 24
185.228.148.0/22 maxlen: 22
188.65.72.0/21 maxlen: 32
188.172.192.0/18 maxlen: 32
188.172.208.0/24 maxlen: 24
188.172.230.0/23 maxlen: 23
188.172.247.0/24 maxlen: 24
188.172.249.0/24 maxlen: 24
188.172.254.0/24 maxlen: 24
193.33.114.0/23 maxlen: 32
194.1.206.0/24 maxlen: 32
213.227.160.0/19 maxlen: 32
213.227.184.0/24 maxlen: 24
217.146.0.0/19 maxlen: 24
217.146.6.0/24 maxlen: 24
217.146.7.0/24 maxlen: 24
2a00:11c0::/32 maxlen: 128
2a00:11c0:13::/48 maxlen: 48
2a00:11c0:19::/48 maxlen: 48
2a00:11c0:22::/48 maxlen: 48
2a00:11c0:24::/48 maxlen: 48
2a00:11c0:29::/48 maxlen: 48
2a00:11c0:40::/48 maxlen: 48
2a00:11c0:41::/48 maxlen: 48
2a00:11c0:42::/48 maxlen: 48
2a00:11c0:43::/48 maxlen: 48
2a00:11c0:46::/48 maxlen: 48
2a00:11c0:4a::/48 maxlen: 48
2a00:11c0:5c::/48 maxlen: 48
2a00:11c0:66::/48 maxlen: 48
2a00:11c0:6c::/48 maxlen: 48
2a00:11c0:79::/48 maxlen: 48
2a00:11c0:80::/48 maxlen: 48
2a00:11c0:83::/48 maxlen: 48
2a00:11c0:84::/48 maxlen: 48
2a00:11c0:86::/48 maxlen: 48
2a00:11c0:87::/48 maxlen: 48
2a00:11c0:88::/48 maxlen: 48
2a00:11c0:96::/48 maxlen: 48
2a00:11c0:97::/48 maxlen: 48
2a00:11c0:98::/48 maxlen: 48
2a00:11c0:99::/48 maxlen: 48
2a00:11c0:9a::/48 maxlen: 48
2a00:11c0:dc::/48 maxlen: 48
2a00:11c0:dd::/48 maxlen: 48
2a00:11c0:de::/48 maxlen: 48
2a00:11c0:1011::/48 maxlen: 48
2a00:11c0:1014::/48 maxlen: 48
2a00:11c0:1334::/48 maxlen: 48
2a00:11c0:1335::/48 maxlen: 48
2a00:11c0:1798::/48 maxlen: 48
2a00:11c0:179a::/48 maxlen: 48
2a00:11c0:179b::/48 maxlen: 48
2a00:11c0:9021::/48 maxlen: 48
2a01:aea0::/32 maxlen: 32
2a01:aea0::/40 maxlen: 40
2a01:aea0:dd1::/48 maxlen: 48
2a01:aea0:df1::/48 maxlen: 48
2a05:8900:28::/48 maxlen: 48
2a05:8900:36::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.mft
rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 17:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:13:b2:ba:16:cd:f4:c5:a2:51:6b:9c:29:be:f8:79:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a539afebace899a8ee0bb4f8bb4475fe247a1528
Validity
Not Before: Sep 4 07:48:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1985c7e63ae782cdef64020d15f82b351c218fa4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:4a:79:45:37:37:b5:51:03:91:fe:bb:2f:0b:
d8:08:32:4f:df:17:2a:bd:23:9c:42:ab:dc:6a:a3:
4b:70:f0:99:7e:6f:47:00:96:c8:85:2f:63:f7:fa:
ac:b3:c2:12:69:6e:54:d6:21:94:0b:49:60:1c:ce:
a3:09:52:65:26:d9:04:ad:ee:28:65:7b:7e:97:ea:
bb:df:48:f2:c1:53:6a:b6:59:08:84:d8:96:1a:77:
70:f1:2d:b0:3a:1b:cb:2d:17:cf:cf:a1:ae:57:9e:
a0:05:1f:66:da:5a:1e:cd:a1:12:76:ae:bd:ee:e6:
c5:13:78:3d:13:2e:1e:fe:2c:3d:f4:ad:db:11:06:
32:fc:d5:5f:cf:6b:10:eb:15:ed:e0:a1:0a:f4:79:
f3:73:f3:66:13:15:fb:55:09:83:97:02:05:ec:a0:
a5:8c:4e:3e:be:1e:a1:9d:c6:79:3e:79:2f:87:2d:
3b:bf:0f:d8:89:f0:ad:a7:4a:cc:aa:25:48:27:c8:
39:76:ed:6c:f1:b0:f2:aa:90:c9:47:d7:1c:01:15:
31:d2:c1:c7:41:d3:d0:07:c8:a2:f1:9f:f7:df:23:
42:e2:3a:4e:de:88:87:b2:70:4e:19:6f:b0:6e:ad:
20:89:af:8b:c8:d4:bb:c1:c1:b0:ea:d0:ee:76:dd:
86:c9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
19:85:C7:E6:3A:E7:82:CD:EF:64:02:0D:15:F8:2B:35:1C:21:8F:A4
X509v3 Authority Key Identifier:
keyid:A5:39:AF:EB:AC:E8:99:A8:EE:0B:B4:F8:BB:44:75:FE:24:7A:15:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pTmv66zomajuC7T4u0R1_iR6FSg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/GYXH5jrngs3vZAINFfgrNRwhj6Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/98c4ee-2f59-45a7-adb6-74139591312e/1/pTmv66zomajuC7T4u0R1_iR6FSg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.235.3.0-37.235.5.255
37.235.7.0/24
37.252.224.0/19
45.84.252.0/24
45.132.61.0-45.132.63.255
94.16.98.0/24
94.16.100.0/24
94.16.125.0-94.16.126.255
144.208.192.0/18
176.123.54.0/23
178.255.152.0/21
185.2.176.0/22
185.50.232.0/23
185.50.235.0/24
185.81.206.0/24
185.81.209.0/24
185.116.96.0/22
185.228.148.0/22
188.65.72.0/21
188.172.192.0/18
193.33.114.0/23
194.1.206.0/24
213.227.160.0/19
217.146.0.0/19
IPv6:
2a00:11c0::/32
2a01:aea0::/32
2a05:8900:28::/48
2a05:8900:36::/48
Signature Algorithm: sha256WithRSAEncryption
bd:17:8f:d4:0e:27:6a:94:cb:c3:ef:87:37:3c:73:3b:c6:46:
94:24:37:8b:47:f0:b1:57:33:c3:50:17:4a:3d:01:4a:e5:f8:
c2:e5:6b:a6:11:ff:00:ee:2c:ee:59:ab:3e:8a:ef:6a:52:bf:
02:3b:7f:ae:f4:c7:b4:4f:b8:44:82:25:35:c3:c2:a4:dc:d7:
ba:77:b6:69:67:a9:97:4c:a4:e7:5f:c3:95:f7:b9:19:fd:7d:
3d:bf:b3:de:68:2b:a9:90:57:93:3c:f7:6f:90:f5:d9:98:dc:
7b:98:57:c1:9a:9f:11:84:8c:4c:86:c4:ea:25:e4:f5:57:ea:
45:e2:eb:e8:05:46:d9:45:6b:ae:d3:97:c9:b9:0a:57:cf:8c:
1b:bc:cc:73:2b:4d:78:91:ab:08:9d:07:52:a8:c8:be:9f:ff:
4f:b0:04:49:ae:df:95:68:49:69:d2:79:b3:bf:02:61:45:fe:
77:e3:38:d8:7b:f9:2b:54:76:55:95:ba:cc:fc:43:59:2a:4b:
0f:4b:38:a5:d4:ca:40:a2:a9:7f:31:e9:ff:86:a4:ca:d0:ba:
b6:4d:72:ea:1c:17:69:61:04:64:8d:7b:c4:ef:ae:70:00:9e:
57:d6:14:29:df:33:e0:96:9c:a9:b9:68:21:ef:ef:47:25:fb:
27:de:6b:ca
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZkTsroWzfTFolFrnCm++HkhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MzlhZmViYWNlODk5YThlZTBiYjRmOGJiNDQ3NWZlMjQ3
YTE1MjgwHhcNMjUwOTA0MDc0ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxOTg1YzdlNjNhZTc4MmNkZWY2NDAyMGQxNWY4MmIzNTFjMjE4ZmE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAokp5RTc3tVEDkf67LwvYCDJP3xcq
vSOcQqvcaqNLcPCZfm9HAJbIhS9j9/qss8ISaW5U1iGUC0lgHM6jCVJlJtkEre4o
ZXt+l+q730jywVNqtlkIhNiWGndw8S2wOhvLLRfPz6GuV56gBR9m2loezaESdq69
7ubFE3g9Ey4e/iw99K3bEQYy/NVfz2sQ6xXt4KEK9Hnzc/NmExX7VQmDlwIF7KCl
jE4+vh6hncZ5Pnkvhy07vw/YifCtp0rMqiVIJ8g5du1s8bDyqpDJR9ccARUx0sHH
QdPQB8ii8Z/33yNC4jpO3oiHsnBOGW+wbq0gia+LyNS7wcGw6tDudt2GyQIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFBmFx+Y654LN72QCDRX4KzUcIY+kMB8GA1UdIwQY
MBaAFKU5r+us6Jmo7gu0+LtEdf4kehUoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYt
NzQxMzk1OTEzMTJlLzEvR1lYSDVqcm5nczN2WkFJTkZmZ3JOUndoajZRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS85OGM0ZWUtMmY1OS00NWE3LWFkYjYtNzQxMzk1OTEzMTJl
LzEvcFRtdjY2em9tYWp1QzdUNHUwUjFfaVI2RlNnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCBrwQCAAEwgagwDAME
ACXrAwMEASXrBAMEACXrBwMEBSX84AMEAC1U/DAMAwQALYQ9AwQGLYQAAwQAXhBi
AwQAXhBkMAwDBABeEH0DBABeEH4DBAaQ0MADBAGwezYDBAOy/5gDBAK5ArADBAG5
MugDBAC5MusDBAC5Uc4DBAC5UdEDBAK5dGADBAK55JQDBAO8QUgDBAa8rMADBAHB
IXIDBADCAc4DBAXV46ADBAXZkgAwJgQCAAIwIAMFACoAEcADBQAqAa6gAwcAKgWJ
AAAoAwcAKgWJAAA2MA0GCSqGSIb3DQEBCwUAA4IBAQC9F4/UDidqlMvD74c3PHM7
xkaUJDeLR/CxVzPDUBdKPQFK5fjC5WumEf8A7izuWas+iu9qUr8CO3+u9Me0T7hE
giU1w8Kk3Ne6d7ZpZ6mXTKTnX8OV97kZ/X09v7PeaCupkFeTPPdvkPXZmNx7mFfB
mp8RhIxMhsTqJeT1V+pF4uvoBUbZRWuu05fJuQpXz4wbvMxzK014kasInQdSqMi+
n/9PsARJrt+VaElp0nmzvwJhRf534zjYe/krVHZVlbrM/ENZKksPSzil1MpAoql/
Men/hqTK0Lq2TXLqHBdpYQRkjXvE765wAJ5X1hQp3zPglpypuWgh7+9HJfsn3mvK
-----END CERTIFICATE-----
Generated at Wed Sep 10 00:01:34 2025 by rpki-client