Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/QXjuOZgIB7V4oeaWX_BSYxvGQAU.roa
File: QXjuOZgIB7V4oeaWX_BSYxvGQAU.roa (raw, json)
Hash identifier: 5m//oQGydvMXsHbRUuZAe1hKShJ2UuaSj0j4KmQCCK0=
Subject key identifier: 41:78:EE:39:98:08:07:B5:78:A1:E6:96:5F:F0:52:63:1B:C6:40:05
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 019A06AE7EB962D30DFF2B9C1F28C1EC324B
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/QXjuOZgIB7V4oeaWX_BSYxvGQAU.roa
Signing time: Tue 21 Oct 2025 12:11:30 +0000
ROA not before: Tue 21 Oct 2025 12:11:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 198949
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
46.165.64.0/18 maxlen: 24
62.8.0.0/19 maxlen: 24
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.62.169.0/24 maxlen: 24
62.85.128.0/19 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.84.0.0/16 maxlen: 24
77.128.0.0/13 maxlen: 24
77.136.0.0/16 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.137.224.0/19 maxlen: 24
77.140.0.0/14 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
77.233.96.0/19 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
78.159.0.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.132.32.0/19 maxlen: 24
79.174.192.0/18 maxlen: 24
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.124.0.0/15 maxlen: 24
80.185.0.0/16 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.185.0.0/16 maxlen: 24
81.220.0.0/16 maxlen: 24
82.151.0.0/19 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
85.68.0.0/15 maxlen: 24
85.117.128.0/19 maxlen: 24
85.168.0.0/14 maxlen: 24
85.192.192.0/18 maxlen: 24
86.63.224.0/19 maxlen: 24
86.64.0.0/12 maxlen: 24
87.100.0.0/17 maxlen: 24
87.231.0.0/16 maxlen: 24
87.255.128.0/19 maxlen: 24
88.136.0.0/13 maxlen: 24
88.219.0.0/16 maxlen: 24
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
89.170.0.0/16 maxlen: 24
89.185.160.0/19 maxlen: 24
91.68.0.0/14 maxlen: 24
91.88.0.0/16 maxlen: 24
91.91.0.0/16 maxlen: 24
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
93.182.192.0/18 maxlen: 24
93.191.80.0/21 maxlen: 24
95.136.128.0/17 maxlen: 24
95.157.128.0/18 maxlen: 24
95.157.192.0/18 maxlen: 18
95.168.0.0/19 maxlen: 24
95.171.128.0/19 maxlen: 24
95.174.160.0/19 maxlen: 24
95.175.160.0/19 maxlen: 24
95.181.220.0/22 maxlen: 24
109.0.0.0/11 maxlen: 24
130.0.96.0/19 maxlen: 19
141.170.216.0/21 maxlen: 24
159.20.8.0/21 maxlen: 24
176.52.224.0/20 maxlen: 20
178.18.176.0/20 maxlen: 24
178.19.0.0/20 maxlen: 24
185.39.216.0/22 maxlen: 24
185.147.204.0/22 maxlen: 24
185.147.232.0/22 maxlen: 22
185.150.120.0/22 maxlen: 24
188.7.0.0/16 maxlen: 24
188.141.128.0/17 maxlen: 24
188.224.0.0/17 maxlen: 24
194.6.128.0/19 maxlen: 24
194.153.88.0/23 maxlen: 24
194.153.90.0/24 maxlen: 24
194.153.92.0/24 maxlen: 24
194.153.97.0/24 maxlen: 24
194.183.192.0/19 maxlen: 24
194.242.176.0/20 maxlen: 24
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.23.160.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.176.192.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.222.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:5e80::/32 maxlen: 48
2a00:6200::/29 maxlen: 48
2a00:7180::/32 maxlen: 48
2a00:8380::/32 maxlen: 48
2a00:8d80::/32 maxlen: 48
2a00:9380::/32 maxlen: 32
2a00:a580::/32 maxlen: 48
2a00:b280::/32 maxlen: 48
2a00:ba80::/32 maxlen: 48
2a00:c780::/32 maxlen: 48
2a00:cc80::/32 maxlen: 48
2a00:d780::/32 maxlen: 48
2a00:e880::/32 maxlen: 48
2a00:ec80::/29 maxlen: 48
2a00:ec80::/32 maxlen: 48
2a00:ec81::/32 maxlen: 48
2a02:8400::/25 maxlen: 48
2a04:800::/29 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 25 Oct 2025 12:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:ae:7e:b9:62:d3:0d:ff:2b:9c:1f:28:c1:ec:32:4b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Oct 21 12:11:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4178ee39980807b578a1e6965ff052631bc64005
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:c8:3c:7a:ce:56:c0:3b:72:d5:42:b2:dd:24:
e7:29:dd:5e:b2:3f:f3:78:30:f5:d1:18:ac:64:94:
8c:e3:5c:a2:1f:73:e3:2c:f3:3d:5c:d0:cb:64:a4:
b5:24:a4:a8:ab:45:1b:7d:e1:22:ce:87:3c:a8:af:
ac:9a:1f:47:4a:e0:88:b1:72:ae:2d:96:16:4c:e4:
cf:3f:e5:c9:80:d7:69:af:0c:28:2e:3a:c2:30:19:
40:09:a2:b2:56:22:80:c8:5e:fa:8c:9b:02:ee:b2:
f1:d5:09:ff:e0:de:9a:bd:75:04:bf:ec:72:d5:e5:
e9:a1:ef:95:cc:89:86:67:9d:25:32:06:46:22:5e:
7a:25:6d:24:a3:07:e1:b6:ff:25:73:3b:34:81:84:
18:4f:9a:90:f2:64:e8:2a:c2:0c:bb:db:fa:df:0f:
d4:12:4a:70:a7:9e:b5:a3:0f:34:e9:39:fc:d3:8c:
60:7e:6e:1e:1b:ae:d4:ac:b8:a2:ca:da:2a:19:7d:
25:56:a3:d8:ff:b1:f0:e8:d8:2c:e5:36:8e:1f:45:
be:af:a4:0f:6d:73:e7:8c:ac:77:85:db:69:85:89:
fb:69:9d:7c:09:76:0b:d7:f3:a6:b7:d1:e6:1c:53:
8e:19:9f:ad:d6:de:dc:3f:4e:89:cb:3e:5b:1f:99:
39:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
41:78:EE:39:98:08:07:B5:78:A1:E6:96:5F:F0:52:63:1B:C6:40:05
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/QXjuOZgIB7V4oeaWX_BSYxvGQAU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
46.165.64.0/18
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.85.128.0/19
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.84.0.0/16
77.128.0.0-77.136.255.255
77.137.196.0-77.137.255.255
77.140.0.0-77.159.255.255
77.192.0.0/12
77.233.96.0/19
78.112.0.0/12
78.155.128.0/19
78.159.0.0/19
79.80.0.0/12
79.132.32.0/19
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.185.0.0/16
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.151.0.0/19
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.117.128.0/19
85.168.0.0/14
85.192.192.0/18
86.63.224.0-86.79.255.255
87.100.0.0/17
87.231.0.0/16
87.255.128.0/19
88.136.0.0/13
88.219.0.0/16
89.2.0.0/15
89.156.0.0/14
89.170.0.0/16
89.185.160.0/19
91.68.0.0/14
91.88.0.0/16
91.91.0.0/16
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
93.182.192.0/18
93.191.80.0/21
95.136.128.0/17
95.157.128.0/17
95.168.0.0/19
95.171.128.0/19
95.174.160.0/19
95.175.160.0/19
95.181.220.0/22
109.0.0.0/11
130.0.96.0/19
141.170.216.0/21
159.20.8.0/21
176.52.224.0/20
178.18.176.0/20
178.19.0.0/20
185.39.216.0/22
185.147.204.0/22
185.147.232.0/22
185.150.120.0/22
188.7.0.0/16
188.141.128.0/17
188.224.0.0/17
194.6.128.0/19
194.153.88.0-194.153.90.255
194.153.92.0/24
194.153.97.0/24
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.23.160.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.176.192.0/19
213.203.64.0/18
213.222.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:5e80::/32
2a00:6200::/29
2a00:7180::/32
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:a580::/32
2a00:b280::/32
2a00:ba80::/32
2a00:c780::/32
2a00:cc80::/32
2a00:d780::/32
2a00:e880::/32
2a00:ec80::/29
2a02:8400::/25
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
98:ed:52:78:fd:b4:a2:ee:4e:42:b5:c5:06:ef:97:3e:4e:ef:
73:80:c4:2e:01:8d:04:77:9e:af:08:08:94:ac:d9:e1:dc:62:
5f:30:90:eb:e9:f9:9d:b7:23:c9:f5:8d:87:83:f6:6d:c9:53:
8c:bf:6e:92:ac:df:e1:28:bd:b8:dc:a9:66:0b:9e:a2:85:6c:
e8:b8:da:10:06:b3:5a:cf:d7:50:4a:d9:bc:cb:b8:77:3d:9b:
8f:88:cf:79:1e:d6:70:51:be:56:ec:ed:da:3d:93:65:ed:a1:
d4:d2:29:03:75:a9:a8:d7:7a:99:04:d3:79:40:76:aa:c5:97:
dd:cb:f8:97:5b:92:eb:c1:78:dc:d6:3f:1d:28:3e:ff:ce:b7:
00:69:37:b2:26:b7:d3:53:bc:23:b3:c9:29:71:a3:c7:d2:b5:
ab:aa:43:2b:39:70:d0:20:b9:c7:bc:b5:38:4a:43:77:cd:04:
0f:1a:00:9d:5c:02:93:b9:a3:4a:e2:45:1f:5b:3f:a8:fb:8c:
e5:9b:48:39:96:8d:56:24:7d:1f:ea:c4:a6:df:cd:22:83:10:
32:c0:e7:40:c9:74:d1:6f:72:d4:dc:fa:d7:42:30:32:57:ca:
5e:d0:06:15:f7:0e:e1:f9:21:53:50:a1:7d:5d:39:e7:1d:b6:
8d:9b:f0:e3
-----BEGIN CERTIFICATE-----
MIIIBjCCBu6gAwIBAgISAZoGrn65YtMN/yucHyjB7DJLMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUxMDIxMTIxMTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MTc4ZWUzOTk4MDgwN2I1NzhhMWU2OTY1ZmYwNTI2MzFiYzY0MDA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAycg8es5WwDty1UKy3STnKd1esj/z
eDD10RisZJSM41yiH3PjLPM9XNDLZKS1JKSoq0UbfeEizoc8qK+smh9HSuCIsXKu
LZYWTOTPP+XJgNdprwwoLjrCMBlACaKyViKAyF76jJsC7rLx1Qn/4N6avXUEv+xy
1eXpoe+VzImGZ50lMgZGIl56JW0kowfhtv8lczs0gYQYT5qQ8mToKsIMu9v63w/U
Ekpwp561ow806Tn804xgfm4eG67UrLiiytoqGX0lVqPY/7Hw6Ngs5TaOH0W+r6QP
bXPnjKx3hdtphYn7aZ18CXYL1/Omt9HmHFOOGZ+t1t7cP06Jyz5bH5k5nQIDAQAB
o4IFEjCCBQ4wHQYDVR0OBBYEFEF47jmYCAe1eKHmll/wUmMbxkAFMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvUVhqdU9aZ0lCN1Y0b2VhV1hfQlNZeHZHUUFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIDJgYIKwYBBQUHAQcBAf8EggMVMIIDETCCApUEAgABMIIC
jQMDAyVAAwQFLiMAAwQGLqVAAwQFPggAAwMAPicDBAc+PoADBAU+VYADBAc+aoAD
BAU+gaADBAY+8UADAwBNVDAKAwMHTYADAwBNiDALAwQCTYnEAwMBTYgwCgMDAk2M
AwMFTYADAwRNwAMEBU3pYAMDBE5wAwQFTpuAAwQFTp8AAwMET1ADBAVPhCADBAZP
rsADBARQRiADAwFQdgMDAVB8AwMAULkDBAdQ7AADBAZRAQADAwJRQAMDAFG5AwMA
UdwDBAVSlwADAwBS2AMEB1ONgAMDAlQEAwQGVDeAAwMDVGADBAVUzYADAwFVRAME
BVV1gAMDAlWoAwQGVcDAMAsDBAVWP+ADAwRWQAMEB1dkAAMDAFfnAwQFV/+AAwMD
WIgDAwBY2wMDAVkCAwMCWZwDAwBZqgMEBVm5oAMDAltEAwMAW1gDAwBbWwMEBFuX
cAMDA1xYAwMFXQADBAZdtsADBANdv1ADBAdfiIADBAdfnYADBAVfqAADBAVfq4AD
BAVfrqADBAVfr6ADBAJftdwDAwVtAAMEBYIAYAMEA42q2AMEA58UCAMEBLA04AME
BLISsAMEBLITAAMEArkn2AMEArmTzAMEArmT6AMEArmWeAMDALwHAwQHvI2AAwQH
vOAAAwQFwgaAMAwDBAPCmVgDBADCmVoDBADCmVwDBADCmWEDBAXCt8ADBATC8rAD
BAbDAwADBAXDB2ADBAXDYmADAwDDcwMDAMOEAwQFw5LAAwQF1BegAwQF1B5gAwQF
1CeAAwQF1F6gAwMA1MYDBAXVgCADBAXVkMADBAXVqaADBAXVsMADBAbVy0ADBAbV
3kADAwDV3wMDANX1AwQE2RPAAwQE2UZQAwQE2XDgMHYEAgACMHADBQAqAF6AAwUD
KgBiAAMFACoAcYADBQAqAIOAAwUAKgCNgAMFACoAk4ADBQAqAKWAAwUAKgCygAMF
ACoAuoADBQAqAMeAAwUAKgDMgAMFACoA14ADBQAqAOiAAwUDKgDsgAMFByoChAAD
BQMqBAgAMA0GCSqGSIb3DQEBCwUAA4IBAQCY7VJ4/bSi7k5CtcUG75c+Tu9zgMQu
AY0Ed56vCAiUrNnh3GJfMJDr6fmdtyPJ9Y2Hg/ZtyVOMv26SrN/hKL243KlmC56i
hWzouNoQBrNaz9dQStm8y7h3PZuPiM95HtZwUb5W7O3aPZNl7aHU0ikDdamo13qZ
BNN5QHaqxZfdy/iXW5LrwXjc1j8dKD7/zrcAaTeyJrfTU7wjs8kpcaPH0rWrqkMr
OXDQILnHvLU4SkN3zQQPGgCdXAKTuaNK4kUfWz+o+4zlm0g5lo1WJH0f6sSm380i
gxAywOdAyXTRb3LU3PrXQjAyV8pe0AYV9w7h+SFTUKF9XTnnHbaNm/Dj
-----END CERTIFICATE-----
Generated at Fri Oct 24 21:25:31 2025 by rpki-client