Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ttAnXllamFmBtbR_DYOny1OSmYs.roa
File: ttAnXllamFmBtbR_DYOny1OSmYs.roa (raw, json)
Hash identifier: e98MJzYR91mKGrKILF7fKjR02eJfGXannZIuUuXRiAM=
Subject key identifier: B6:D0:27:5E:59:5A:98:59:81:B5:B4:7F:0D:83:A7:CB:53:92:99:8B
Certificate issuer: /CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Certificate serial: 019A06AE7E81E7A544DC0DA8F22BA02FD899
Authority key identifier: A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ttAnXllamFmBtbR_DYOny1OSmYs.roa
Signing time: Tue 21 Oct 2025 12:11:30 +0000
ROA not before: Tue 21 Oct 2025 12:11:30 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15557
IP address blocks: 37.64.0.0/13 maxlen: 24
46.35.0.0/19 maxlen: 24
62.8.0.0/19 maxlen: 19
62.39.0.0/16 maxlen: 24
62.62.128.0/17 maxlen: 24
62.106.128.0/17 maxlen: 24
62.129.160.0/19 maxlen: 24
62.241.64.0/18 maxlen: 24
77.128.0.0/13 maxlen: 24
77.136.0.0/16 maxlen: 24
77.137.196.0/22 maxlen: 24
77.137.200.0/21 maxlen: 24
77.137.208.0/20 maxlen: 24
77.140.0.0/15 maxlen: 24
77.142.0.0/16 maxlen: 24
77.144.0.0/12 maxlen: 24
77.192.0.0/12 maxlen: 24
78.112.0.0/12 maxlen: 24
78.155.128.0/19 maxlen: 24
79.80.0.0/12 maxlen: 24
79.174.192.0/18 maxlen: 24
80.70.32.0/20 maxlen: 24
80.118.0.0/15 maxlen: 24
80.118.4.0/24 maxlen: 24
80.124.0.0/15 maxlen: 24
80.236.0.0/17 maxlen: 24
81.1.0.0/18 maxlen: 24
81.64.0.0/14 maxlen: 24
81.65.0.0/16 maxlen: 16
81.185.0.0/16 maxlen: 24
81.220.0.0/16 maxlen: 24
82.216.0.0/16 maxlen: 24
83.141.128.0/17 maxlen: 24
84.4.0.0/14 maxlen: 24
84.55.128.0/18 maxlen: 24
84.96.0.0/13 maxlen: 24
84.205.128.0/19 maxlen: 24
84.205.144.0/20 maxlen: 20
85.68.0.0/15 maxlen: 24
85.168.0.0/14 maxlen: 24
86.64.0.0/12 maxlen: 24
86.66.127.0/24 maxlen: 24
87.231.0.0/16 maxlen: 24
88.136.0.0/13 maxlen: 24
88.136.0.0/14 maxlen: 24
88.140.0.0/15 maxlen: 24
88.142.0.0/16 maxlen: 24
88.143.251.0/24 maxlen: 24
88.143.252.0/24 maxlen: 24
88.143.253.0/24 maxlen: 24
88.143.254.0/24 maxlen: 24
88.143.255.0/24 maxlen: 24
88.219.0.0/16 maxlen: 16
89.2.0.0/15 maxlen: 24
89.156.0.0/14 maxlen: 24
91.68.0.0/14 maxlen: 24
91.68.0.0/22 maxlen: 22
91.151.112.0/20 maxlen: 24
92.88.0.0/13 maxlen: 24
93.0.0.0/11 maxlen: 24
93.191.80.0/21 maxlen: 21
95.157.192.0/18 maxlen: 18
109.0.0.0/11 maxlen: 24
141.170.216.0/21 maxlen: 24
185.147.204.0/22 maxlen: 24
194.6.128.0/19 maxlen: 19
194.183.192.0/19 maxlen: 19
194.242.176.0/20 maxlen: 20
195.3.0.0/18 maxlen: 24
195.7.96.0/19 maxlen: 24
195.98.96.0/19 maxlen: 24
195.115.0.0/16 maxlen: 24
195.132.0.0/16 maxlen: 24
195.146.192.0/19 maxlen: 24
212.30.96.0/19 maxlen: 24
212.39.128.0/19 maxlen: 24
212.94.160.0/19 maxlen: 24
212.198.0.0/16 maxlen: 24
213.128.32.0/19 maxlen: 24
213.144.192.0/19 maxlen: 24
213.169.160.0/19 maxlen: 24
213.203.64.0/18 maxlen: 24
213.223.0.0/16 maxlen: 24
213.245.0.0/16 maxlen: 24
217.19.192.0/20 maxlen: 24
217.70.80.0/20 maxlen: 24
217.112.224.0/20 maxlen: 24
2a00:6200::/29 maxlen: 48
2a00:8380::/32 maxlen: 32
2a00:8d80::/32 maxlen: 32
2a00:9380::/32 maxlen: 32
2a00:b280::/32 maxlen: 32
2a00:c780::/32 maxlen: 32
2a00:cc80::/32 maxlen: 32
2a00:d780::/32 maxlen: 32
2a00:ec80::/32 maxlen: 32
2a02:8400::/25 maxlen: 48
2a02:8400::/48 maxlen: 48
2a02:8400:11::/48 maxlen: 48
2a02:8400:12::/48 maxlen: 48
2a02:8400:13::/48 maxlen: 48
2a02:8400:14::/48 maxlen: 48
2a02:8440:5000::/36 maxlen: 36
2a04:800::/29 maxlen: 29
2a04:800::/30 maxlen: 30
2a04:807::/48 maxlen: 48
2a04:807:1::/48 maxlen: 48
2a04:807:2::/48 maxlen: 48
2a04:807:3::/48 maxlen: 48
2a04:807:4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.mft
rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 23 Oct 2025 06:00:19 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:06:ae:7e:81:e7:a5:44:dc:0d:a8:f2:2b:a0:2f:d8:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a0ef5fbbfca7a93cfee965eeb6bdee6fb43c403e
Validity
Not Before: Oct 21 12:11:30 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b6d0275e595a985981b5b47f0d83a7cb5392998b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f5:80:27:28:b7:f3:fb:21:6b:81:53:c1:a4:
ad:f1:bd:b0:20:61:65:21:d8:8f:f3:e9:4c:3e:75:
da:16:b4:9c:05:19:f2:f7:14:b5:93:c3:7f:32:b0:
51:25:44:0d:d2:80:d3:ef:09:64:8b:4a:8a:49:13:
b4:6a:2b:16:86:42:37:2b:85:98:33:7a:0c:ca:7a:
e8:5f:60:88:a6:a7:dc:10:e0:f6:ae:bf:ff:a9:8d:
b3:a5:9c:ed:4f:ac:1a:f1:9d:a9:83:bc:97:5d:c2:
30:24:b0:62:67:d8:41:88:f4:b4:48:95:b8:11:1b:
39:77:f4:ba:f5:54:4b:f6:31:86:fe:c7:5c:27:e8:
21:99:e5:f6:d6:ad:55:87:73:de:a0:d0:cf:37:74:
34:3b:1d:3b:cd:d2:b7:a0:4c:8c:46:88:7e:09:80:
7f:fa:b0:0d:70:23:1c:bc:a3:00:c9:61:fa:0a:a8:
34:bc:65:e0:7b:cd:08:e1:fc:26:ac:76:05:31:b0:
44:81:aa:8f:69:a2:bb:6d:96:29:ab:58:11:98:09:
2b:57:85:da:2e:79:9e:7e:4c:6e:78:b9:c1:2e:79:
5f:25:a0:22:85:f1:8f:87:e0:32:df:d4:06:94:84:
3d:ec:7e:8f:17:cb:8e:82:1d:56:40:e1:cc:1f:60:
57:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B6:D0:27:5E:59:5A:98:59:81:B5:B4:7F:0D:83:A7:CB:53:92:99:8B
X509v3 Authority Key Identifier:
keyid:A0:EF:5F:BB:FC:A7:A9:3C:FE:E9:65:EE:B6:BD:EE:6F:B4:3C:40:3E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/oO9fu_ynqTz-6WXutr3ub7Q8QD4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/ttAnXllamFmBtbR_DYOny1OSmYs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/fe915c-bf70-4602-8a3c-0292b020150a/1/oO9fu_ynqTz-6WXutr3ub7Q8QD4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.64.0.0/13
46.35.0.0/19
62.8.0.0/19
62.39.0.0/16
62.62.128.0/17
62.106.128.0/17
62.129.160.0/19
62.241.64.0/18
77.128.0.0-77.136.255.255
77.137.196.0-77.137.223.255
77.140.0.0-77.142.255.255
77.144.0.0/12
77.192.0.0/12
78.112.0.0/12
78.155.128.0/19
79.80.0.0/12
79.174.192.0/18
80.70.32.0/20
80.118.0.0/15
80.124.0.0/15
80.236.0.0/17
81.1.0.0/18
81.64.0.0/14
81.185.0.0/16
81.220.0.0/16
82.216.0.0/16
83.141.128.0/17
84.4.0.0/14
84.55.128.0/18
84.96.0.0/13
84.205.128.0/19
85.68.0.0/15
85.168.0.0/14
86.64.0.0/12
87.231.0.0/16
88.136.0.0/13
88.219.0.0/16
89.2.0.0/15
89.156.0.0/14
91.68.0.0/14
91.151.112.0/20
92.88.0.0/13
93.0.0.0/11
93.191.80.0/21
95.157.192.0/18
109.0.0.0/11
141.170.216.0/21
185.147.204.0/22
194.6.128.0/19
194.183.192.0/19
194.242.176.0/20
195.3.0.0/18
195.7.96.0/19
195.98.96.0/19
195.115.0.0/16
195.132.0.0/16
195.146.192.0/19
212.30.96.0/19
212.39.128.0/19
212.94.160.0/19
212.198.0.0/16
213.128.32.0/19
213.144.192.0/19
213.169.160.0/19
213.203.64.0/18
213.223.0.0/16
213.245.0.0/16
217.19.192.0/20
217.70.80.0/20
217.112.224.0/20
IPv6:
2a00:6200::/29
2a00:8380::/32
2a00:8d80::/32
2a00:9380::/32
2a00:b280::/32
2a00:c780::/32
2a00:cc80::/32
2a00:d780::/32
2a00:ec80::/32
2a02:8400::/25
2a04:800::/29
Signature Algorithm: sha256WithRSAEncryption
28:4d:ac:24:74:ce:3e:69:9b:eb:db:b4:05:b1:0c:d4:3d:0d:
25:c8:b1:00:e8:cb:2a:09:19:b3:d3:b3:ea:76:49:d3:ff:7c:
c2:a9:98:99:c7:95:01:35:97:ed:5f:50:3d:6e:64:34:2a:06:
53:f4:4d:b1:86:01:67:bb:93:2b:7b:9f:37:15:8b:f0:68:ec:
7d:73:7e:c0:84:7a:0c:24:7e:15:93:94:f8:31:50:e4:36:95:
41:e5:57:21:81:32:ce:b4:83:33:e6:be:59:ec:60:e6:be:d2:
df:08:b9:2b:01:17:9c:74:80:6e:49:24:fc:f2:67:a9:8d:69:
a8:6f:b3:a0:82:dc:ce:cf:58:89:9b:9e:2d:7b:06:93:68:90:
32:5e:0f:cc:93:c3:3d:06:05:99:93:d8:eb:af:51:78:bc:71:
5b:58:ba:2b:ff:25:8b:bb:7d:09:10:36:65:7c:c7:c8:7a:b3:
b2:9f:27:04:79:29:79:85:6b:77:d2:94:64:79:53:0c:06:1b:
59:52:79:cb:cf:58:bf:0f:b9:75:29:06:fb:3f:f3:62:0b:e8:
ff:b1:e9:11:69:a4:eb:6a:df:9b:15:be:a9:7a:6a:e7:05:e9:
2c:43:91:34:8c:dd:62:d8:dd:85:4c:45:d2:57:fc:47:68:d7:
72:46:e7:d9
-----BEGIN CERTIFICATE-----
MIIG7zCCBdegAwIBAgISAZoGrn6B56VE3A2o8iugL9iZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEwZWY1ZmJiZmNhN2E5M2NmZWU5NjVlZWI2YmRlZTZmYjQz
YzQwM2UwHhcNMjUxMDIxMTIxMTMwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNmQwMjc1ZTU5NWE5ODU5ODFiNWI0N2YwZDgzYTdjYjUzOTI5OThiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/WAJyi38/sha4FTwaSt8b2wIGFl
IdiP8+lMPnXaFrScBRny9xS1k8N/MrBRJUQN0oDT7wlki0qKSRO0aisWhkI3K4WY
M3oMynroX2CIpqfcEOD2rr//qY2zpZztT6wa8Z2pg7yXXcIwJLBiZ9hBiPS0SJW4
ERs5d/S69VRL9jGG/sdcJ+ghmeX21q1Vh3PeoNDPN3Q0Ox07zdK3oEyMRoh+CYB/
+rANcCMcvKMAyWH6Cqg0vGXge80I4fwmrHYFMbBEgaqPaaK7bZYpq1gRmAkrV4Xa
LnmefkxueLnBLnlfJaAihfGPh+Ay39QGlIQ97H6PF8uOgh1WQOHMH2BXywIDAQAB
o4ID+zCCA/cwHQYDVR0OBBYEFLbQJ15ZWphZgbW0fw2Dp8tTkpmLMB8GA1UdIwQY
MBaAFKDvX7v8p6k8/ull7ra97m+0PEA+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2Mt
MDI5MmIwMjAxNTBhLzEvdHRBblhsbGFtRm1CdGJSX0RZT255MU9TbVlzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi9mZTkxNWMtYmY3MC00NjAyLThhM2MtMDI5MmIwMjAxNTBh
LzEvb085ZnVfeW5xVHotNldYdXRyM3ViN1E4UUQ0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICDwYIKwYBBQUHAQcBAf8EggH+MIIB+jCCAaEEAgABMIIB
mQMDAyVAAwQFLiMAAwQFPggAAwMAPicDBAc+PoADBAc+aoADBAU+gaADBAY+8UAw
CgMDB02AAwMATYgwDAMEAk2JxAMEBU2JwDAKAwMCTYwDAwBNjgMDBE2QAwMETcAD
AwROcAMEBU6bgAMDBE9QAwQGT67AAwQEUEYgAwMBUHYDAwFQfAMEB1DsAAMEBlEB
AAMDAlFAAwMAUbkDAwBR3AMDAFLYAwQHU42AAwMCVAQDBAZUN4ADAwNUYAMEBVTN
gAMDAVVEAwMCVagDAwRWQAMDAFfnAwMDWIgDAwBY2wMDAVkCAwMCWZwDAwJbRAME
BFuXcAMDA1xYAwMFXQADBANdv1ADBAZfncADAwVtAAMEA42q2AMEArmTzAMEBcIG
gAMEBcK3wAMEBMLysAMEBsMDAAMEBcMHYAMEBcNiYAMDAMNzAwMAw4QDBAXDksAD
BAXUHmADBAXUJ4ADBAXUXqADAwDUxgMEBdWAIAMEBdWQwAMEBdWpoAMEBtXLQAMD
ANXfAwMA1fUDBATZE8ADBATZRlADBATZcOAwUwQCAAIwTQMFAyoAYgADBQAqAIOA
AwUAKgCNgAMFACoAk4ADBQAqALKAAwUAKgDHgAMFACoAzIADBQAqANeAAwUAKgDs
gAMFByoChAADBQMqBAgAMA0GCSqGSIb3DQEBCwUAA4IBAQAoTawkdM4+aZvr27QF
sQzUPQ0lyLEA6MsqCRmz07PqdknT/3zCqZiZx5UBNZftX1A9bmQ0KgZT9E2xhgFn
u5Mre583FYvwaOx9c37AhHoMJH4Vk5T4MVDkNpVB5VchgTLOtIMz5r5Z7GDmvtLf
CLkrARecdIBuSST88mepjWmob7OggtzOz1iJm54tewaTaJAyXg/Mk8M9BgWZk9jr
r1F4vHFbWLor/yWLu30JEDZlfMfIerOynycEeSl5hWt30pRkeVMMBhtZUnnLz1i/
D7l1KQb7P/NiC+j/sekRaaTrat+bFb6pemrnBeksQ5E0jN1i2N2FTEXSV/xHaNdy
RufZ
-----END CERTIFICATE-----
Generated at Wed Oct 22 12:05:42 2025 by rpki-client