Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/2O9YGeEI3fzUEFpFvP1u-b3Ibyg.roa
File: 2O9YGeEI3fzUEFpFvP1u-b3Ibyg.roa (raw, json)
Hash identifier: R4Rmlm/nMzEHsZQ9s0PSBkkp23SzfSYe1CpZL+CYBKg=
Subject key identifier: D8:EF:58:19:E1:08:DD:FC:D4:10:5A:45:BC:FD:6E:F9:BD:C8:6F:28
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199A357789EE4932BC1B8E7A511526B71DB
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/2O9YGeEI3fzUEFpFvP1u-b3Ibyg.roa
Signing time: Thu 02 Oct 2025 05:14:02 +0000
ROA not before: Thu 02 Oct 2025 05:14:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212238
IP address blocks: 79.121.132.0/22 maxlen: 24
79.121.132.0/23 maxlen: 24
79.121.134.0/23 maxlen: 24
79.121.140.0/22 maxlen: 24
79.121.140.0/23 maxlen: 24
79.121.142.0/23 maxlen: 24
79.121.144.0/23 maxlen: 24
79.121.148.0/22 maxlen: 24
79.121.148.0/23 maxlen: 24
79.121.150.0/23 maxlen: 24
79.121.154.0/23 maxlen: 24
79.121.156.0/23 maxlen: 24
79.121.162.0/23 maxlen: 24
79.121.164.0/22 maxlen: 24
79.121.164.0/23 maxlen: 24
79.121.166.0/23 maxlen: 24
79.121.168.0/23 maxlen: 24
79.121.178.0/23 maxlen: 24
79.121.180.0/23 maxlen: 24
79.121.184.0/23 maxlen: 24
79.121.200.0/21 maxlen: 24
79.121.212.0/22 maxlen: 24
79.121.212.0/23 maxlen: 24
79.121.214.0/23 maxlen: 24
79.121.216.0/22 maxlen: 24
79.121.216.0/23 maxlen: 24
79.121.218.0/23 maxlen: 24
79.121.222.0/23 maxlen: 24
79.121.226.0/23 maxlen: 24
79.121.232.0/22 maxlen: 24
79.121.232.0/23 maxlen: 24
79.121.234.0/23 maxlen: 24
79.121.238.0/23 maxlen: 24
92.244.174.0/23 maxlen: 24
92.244.176.0/23 maxlen: 24
92.244.180.0/23 maxlen: 24
92.244.182.0/23 maxlen: 24
92.244.184.0/23 maxlen: 24
92.244.190.0/23 maxlen: 24
93.152.73.0/24 maxlen: 24
93.152.87.0/24 maxlen: 24
95.177.0.0/23 maxlen: 24
95.177.8.0/23 maxlen: 24
95.177.20.0/23 maxlen: 24
95.177.54.0/23 maxlen: 24
95.177.64.0/23 maxlen: 24
95.177.68.0/22 maxlen: 24
95.177.68.0/23 maxlen: 24
95.177.70.0/23 maxlen: 24
95.177.72.0/23 maxlen: 24
95.177.76.0/22 maxlen: 24
95.177.76.0/23 maxlen: 24
95.177.78.0/23 maxlen: 24
95.177.80.0/22 maxlen: 24
95.177.80.0/23 maxlen: 24
95.177.82.0/23 maxlen: 24
95.177.104.0/22 maxlen: 24
95.177.104.0/23 maxlen: 24
95.177.106.0/23 maxlen: 24
95.177.114.0/23 maxlen: 24
95.177.124.0/22 maxlen: 24
95.177.124.0/23 maxlen: 24
95.177.126.0/23 maxlen: 24
109.174.176.0/22 maxlen: 24
109.174.180.0/22 maxlen: 24
109.174.184.0/22 maxlen: 24
109.174.188.0/22 maxlen: 24
109.204.6.0/23 maxlen: 24
109.204.12.0/23 maxlen: 24
109.204.20.0/23 maxlen: 24
109.204.28.0/23 maxlen: 24
109.204.32.0/23 maxlen: 24
109.204.40.0/23 maxlen: 24
109.204.44.0/23 maxlen: 24
109.204.50.0/23 maxlen: 24
109.204.54.0/23 maxlen: 24
109.204.58.0/23 maxlen: 24
109.204.60.0/23 maxlen: 24
109.204.72.0/23 maxlen: 24
109.204.82.0/23 maxlen: 24
109.204.92.0/23 maxlen: 24
109.204.95.0/24 maxlen: 24
109.204.101.0/24 maxlen: 24
109.204.112.0/23 maxlen: 24
109.204.120.0/23 maxlen: 24
109.204.124.0/23 maxlen: 24
195.40.26.0/23 maxlen: 24
195.40.30.0/23 maxlen: 24
195.40.100.0/23 maxlen: 24
195.40.114.0/23 maxlen: 24
195.40.118.0/23 maxlen: 24
195.40.166.0/23 maxlen: 24
195.40.180.0/24 maxlen: 24
195.172.102.0/23 maxlen: 24
195.172.110.0/23 maxlen: 24
195.172.112.0/23 maxlen: 24
195.172.124.0/24 maxlen: 24
195.172.204.0/23 maxlen: 24
195.172.214.0/23 maxlen: 24
195.172.216.0/23 maxlen: 24
195.172.218.0/23 maxlen: 24
195.172.220.0/23 maxlen: 24
195.172.222.0/23 maxlen: 24
212.134.78.0/24 maxlen: 24
212.135.10.0/23 maxlen: 24
212.135.174.0/24 maxlen: 24
212.135.178.0/24 maxlen: 24
212.135.190.0/23 maxlen: 24
212.135.236.0/23 maxlen: 24
217.79.104.0/22 maxlen: 24
217.79.116.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 01:22:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a3:57:78:9e:e4:93:2b:c1:b8:e7:a5:11:52:6b:71:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 2 05:14:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d8ef5819e108ddfcd4105a45bcfd6ef9bdc86f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:12:46:e2:a4:b1:98:bb:ac:ef:3d:33:71:3f:
ca:11:3a:61:69:3c:65:ca:ba:1b:ec:1d:25:88:5a:
e7:77:a6:94:46:bd:b8:dd:3f:ba:6f:6c:83:8d:8e:
f3:ee:28:4a:81:4b:94:6e:40:ae:58:b7:6a:88:e3:
a0:b4:92:a9:5b:f0:97:1f:e9:a7:df:49:f3:fd:e5:
53:f9:1e:24:cb:3b:76:79:29:18:7a:3a:62:e2:42:
5a:45:c6:4c:f7:72:50:18:f9:81:52:6e:78:3f:48:
54:31:00:11:fa:2e:3f:de:66:1a:97:3c:29:cf:fc:
3f:6f:a7:ab:eb:5c:0a:2f:92:2d:65:02:8f:69:af:
43:81:43:83:6f:9a:42:ff:17:18:26:9a:fa:e9:90:
ea:d3:8c:5f:7c:26:2b:22:11:0c:2a:f5:e8:78:86:
0d:19:06:4a:34:bd:7f:22:c5:04:e2:98:49:a0:e5:
4a:00:6c:9a:5a:8f:a0:c2:ca:0a:41:b9:56:ad:be:
be:e6:22:23:7b:02:4c:bd:61:15:f1:f1:56:d3:4a:
60:ef:44:38:c9:0b:80:e2:ae:b7:58:d8:94:2b:37:
77:b4:64:51:57:d5:3f:3a:46:4d:52:ca:bc:13:b9:
3d:18:f4:5e:ff:b5:8e:01:f5:8d:4d:73:0f:0c:d9:
26:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:EF:58:19:E1:08:DD:FC:D4:10:5A:45:BC:FD:6E:F9:BD:C8:6F:28
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/2O9YGeEI3fzUEFpFvP1u-b3Ibyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.121.132.0/22
79.121.140.0-79.121.145.255
79.121.148.0/22
79.121.154.0-79.121.157.255
79.121.162.0-79.121.169.255
79.121.178.0-79.121.181.255
79.121.184.0/23
79.121.200.0/21
79.121.212.0-79.121.219.255
79.121.222.0/23
79.121.226.0/23
79.121.232.0/22
79.121.238.0/23
92.244.174.0-92.244.177.255
92.244.180.0-92.244.185.255
92.244.190.0/23
93.152.73.0/24
93.152.87.0/24
95.177.0.0/23
95.177.8.0/23
95.177.20.0/23
95.177.54.0/23
95.177.64.0/23
95.177.68.0-95.177.73.255
95.177.76.0-95.177.83.255
95.177.104.0/22
95.177.114.0/23
95.177.124.0/22
109.174.176.0/20
109.204.6.0/23
109.204.12.0/23
109.204.20.0/23
109.204.28.0/23
109.204.32.0/23
109.204.40.0/23
109.204.44.0/23
109.204.50.0/23
109.204.54.0/23
109.204.58.0-109.204.61.255
109.204.72.0/23
109.204.82.0/23
109.204.92.0/23
109.204.95.0/24
109.204.101.0/24
109.204.112.0/23
109.204.120.0/23
109.204.124.0/23
195.40.26.0/23
195.40.30.0/23
195.40.100.0/23
195.40.114.0/23
195.40.118.0/23
195.40.166.0/23
195.40.180.0/24
195.172.102.0/23
195.172.110.0-195.172.113.255
195.172.124.0/24
195.172.204.0/23
195.172.214.0-195.172.223.255
212.134.78.0/24
212.135.10.0/23
212.135.174.0/24
212.135.178.0/24
212.135.190.0/23
212.135.236.0/23
217.79.104.0/22
217.79.116.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:75:59:d7:b4:23:ca:67:a1:a4:9a:cf:72:93:67:92:d9:1e:
ba:b3:b5:db:35:10:5e:6c:50:6d:43:86:ca:30:fc:71:10:74:
9c:28:41:cb:4b:9f:93:d5:e0:ab:a1:5b:f4:82:bd:91:f9:3d:
14:3d:97:d0:5d:35:51:81:18:d9:71:37:5b:6c:fb:dd:fa:68:
2c:e5:7d:77:7c:18:89:6a:f4:18:fc:cc:a5:23:68:69:d3:40:
34:fa:4a:18:49:9c:d5:7b:63:03:18:e0:a8:35:2f:8a:76:c9:
06:86:5b:ac:ac:98:6f:bc:f5:5c:b6:a0:3d:1e:23:c1:68:b4:
dc:f9:c2:50:78:67:92:68:eb:7a:bf:f1:7e:4b:3f:fb:6c:51:
42:3a:d8:af:c8:65:d3:9f:9b:4e:35:62:c6:e9:eb:89:6c:45:
f7:32:6a:b1:38:53:e7:11:87:53:77:4d:d7:f0:12:3c:76:2b:
81:ef:01:ed:35:70:f3:4f:da:4b:a0:56:4e:44:48:e3:75:39:
ea:be:4b:60:54:cd:e4:8c:14:89:eb:50:d3:b2:d5:76:05:b4:
f2:02:40:ff:54:fb:20:f0:89:e3:3d:03:4e:14:b4:49:24:ab:
6d:af:bc:4e:9e:b2:0f:e9:f8:b0:19:f4:8a:97:00:a8:97:7f:
66:60:b5:e8
-----BEGIN CERTIFICATE-----
MIIG8zCCBdugAwIBAgISAZmjV3ie5JMrwbjnpRFSa3HbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDAyMDUxNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkOGVmNTgxOWUxMDhkZGZjZDQxMDVhNDViY2ZkNmVmOWJkYzg2ZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArhJG4qSxmLus7z0zcT/KETphaTxl
yrob7B0liFrnd6aURr243T+6b2yDjY7z7ihKgUuUbkCuWLdqiOOgtJKpW/CXH+mn
30nz/eVT+R4kyzt2eSkYejpi4kJaRcZM93JQGPmBUm54P0hUMQAR+i4/3mYalzwp
z/w/b6er61wKL5ItZQKPaa9DgUODb5pC/xcYJpr66ZDq04xffCYrIhEMKvXoeIYN
GQZKNL1/IsUE4phJoOVKAGyaWo+gwsoKQblWrb6+5iIjewJMvWEV8fFW00pg70Q4
yQuA4q63WNiUKzd3tGRRV9U/OkZNUsq8E7k9GPRe/7WOAfWNTXMPDNkmIQIDAQAB
o4ID/zCCA/swHQYDVR0OBBYEFNjvWBnhCN381BBaRbz9bvm9yG8oMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvMk85WUdlRUkzZnpVRUZwRnZQMXUtYjNJYnlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICEwYIKwYBBQUHAQcBAf8EggICMIIB/jCCAfoEAgABMIIB
8gMEAk95hDAMAwQCT3mMAwQBT3mQAwQCT3mUMAwDBAFPeZoDBAFPeZwwDAMEAU95
ogMEAU95qDAMAwQBT3myAwQBT3m0AwQBT3m4AwQDT3nIMAwDBAJPedQDBAJPedgD
BAFPed4DBAFPeeIDBAJPeegDBAFPee4wDAMEAVz0rgMEAVz0sDAMAwQCXPS0AwQB
XPS4AwQBXPS+AwQAXZhJAwQAXZhXAwQBX7EAAwQBX7EIAwQBX7EUAwQBX7E2AwQB
X7FAMAwDBAJfsUQDBAFfsUgwDAMEAl+xTAMEAl+xUAMEAl+xaAMEAV+xcgMEAl+x
fAMEBG2usAMEAW3MBgMEAW3MDAMEAW3MFAMEAW3MHAMEAW3MIAMEAW3MKAMEAW3M
LAMEAW3MMgMEAW3MNjAMAwQBbcw6AwQBbcw8AwQBbcxIAwQBbcxSAwQBbcxcAwQA
bcxfAwQAbcxlAwQBbcxwAwQBbcx4AwQBbcx8AwQBwygaAwQBwygeAwQBwyhkAwQB
wyhyAwQBwyh2AwQBwyimAwQAwyi0AwQBw6xmMAwDBAHDrG4DBAHDrHADBADDrHwD
BAHDrMwwDAMEAcOs1gMEBcOswAMEANSGTgMEAdSHCgMEANSHrgMEANSHsgMEAdSH
vgMEAdSH7AMEAtlPaAMEAtlPdDANBgkqhkiG9w0BAQsFAAOCAQEAw3VZ17Qjymeh
pJrPcpNnktkeurO12zUQXmxQbUOGyjD8cRB0nChBy0ufk9Xgq6Fb9IK9kfk9FD2X
0F01UYEY2XE3W2z73fpoLOV9d3wYiWr0GPzMpSNoadNANPpKGEmc1XtjAxjgqDUv
inbJBoZbrKyYb7z1XLagPR4jwWi03PnCUHhnkmjrer/xfks/+2xRQjrYr8hl05+b
TjVixunriWxF9zJqsThT5xGHU3dN1/ASPHYrge8B7TVw80/aS6BWTkRI43U56r5L
YFTN5IwUietQ07LVdgW08gJA/1T7IPCJ4z0DThS0SSSrba+8Tp6yD+n4sBn0ipcA
qJd/ZmC16A==
-----END CERTIFICATE-----
Generated at Sun Oct 19 08:29:48 2025 by rpki-client