Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/RCBQ78HrA6zcu7jc8sKk6jncLUU.roa
File: RCBQ78HrA6zcu7jc8sKk6jncLUU.roa (raw, json)
Hash identifier: oDJBQCIPyt+/lFWpzZ5c4//GWpOPhBAX9DdpdyWzxdU=
Subject key identifier: 44:20:50:EF:C1:EB:03:AC:DC:BB:B8:DC:F2:C2:A4:EA:39:DC:2D:45
Certificate issuer: /CN=adac830ccaa74783dd961fab241a228d7cc6f808
Certificate serial: 019A106B0F7EB8EDD6DF17AFD7C5FB8FF94D
Authority key identifier: AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/RCBQ78HrA6zcu7jc8sKk6jncLUU.roa
Signing time: Thu 23 Oct 2025 09:34:03 +0000
ROA not before: Thu 23 Oct 2025 09:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15774
IP address blocks: 31.216.170.0/24 maxlen: 24
37.61.176.0/21 maxlen: 32
46.20.64.0/20 maxlen: 32
46.166.65.0/24 maxlen: 24
46.166.79.0/24 maxlen: 24
46.166.80.0/23 maxlen: 24
46.166.80.0/24 maxlen: 24
46.166.81.0/24 maxlen: 24
46.166.82.0/24 maxlen: 24
46.166.83.0/24 maxlen: 24
46.166.84.0/22 maxlen: 23
46.166.88.0/23 maxlen: 23
46.166.91.0/24 maxlen: 24
46.166.93.0/24 maxlen: 24
46.166.94.0/24 maxlen: 24
46.166.95.0/24 maxlen: 24
46.182.128.0/22 maxlen: 22
46.182.131.0/24 maxlen: 24
46.226.240.0/21 maxlen: 32
62.33.122.0/23 maxlen: 32
62.249.131.0/24 maxlen: 24
79.132.96.0/19 maxlen: 32
81.4.192.0/18 maxlen: 32
81.18.128.0/19 maxlen: 32
83.234.10.0/24 maxlen: 24
83.234.54.0/24 maxlen: 32
83.234.136.0/23 maxlen: 23
83.234.168.0/23 maxlen: 32
83.234.240.0/21 maxlen: 21
89.186.234.0/24 maxlen: 24
91.204.96.0/22 maxlen: 32
94.251.20.0/24 maxlen: 24
109.74.208.0/20 maxlen: 32
109.233.172.0/22 maxlen: 32
164.177.176.0/21 maxlen: 32
176.104.128.0/21 maxlen: 21
176.104.152.0/22 maxlen: 22
176.104.156.0/22 maxlen: 22
176.104.160.0/22 maxlen: 22
176.104.164.0/22 maxlen: 22
176.125.64.0/18 maxlen: 18
178.76.194.0/23 maxlen: 23
178.76.196.0/22 maxlen: 22
178.76.205.0/24 maxlen: 24
178.76.207.0/24 maxlen: 24
178.76.208.0/23 maxlen: 23
178.76.210.0/23 maxlen: 23
178.76.212.0/24 maxlen: 24
178.76.214.0/24 maxlen: 24
178.76.216.0/21 maxlen: 21
178.76.224.0/19 maxlen: 24
178.76.234.0/24 maxlen: 24
185.6.236.0/22 maxlen: 32
185.43.84.0/23 maxlen: 32
185.43.86.0/23 maxlen: 32
185.61.24.0/22 maxlen: 32
2a00:1138::/32 maxlen: 128
2a03:3700::/36 maxlen: 128
2a03:3700:1000::/36 maxlen: 128
2a03:3700:2000::/36 maxlen: 128
2a03:3700:3000::/36 maxlen: 128
2a03:3700:4000::/36 maxlen: 128
2a03:3700:5000::/36 maxlen: 128
2a03:3700:6000::/36 maxlen: 128
2a03:3700:7000::/36 maxlen: 128
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.mft
rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 28 Oct 2025 03:00:45 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:10:6b:0f:7e:b8:ed:d6:df:17:af:d7:c5:fb:8f:f9:4d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adac830ccaa74783dd961fab241a228d7cc6f808
Validity
Not Before: Oct 23 09:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=442050efc1eb03acdcbbb8dcf2c2a4ea39dc2d45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e8:8b:5b:ac:9d:0e:2c:74:89:53:1c:15:d7:d4:
3c:44:2b:a4:4c:53:46:e1:45:07:4d:94:cd:57:bd:
33:fb:e7:5c:d8:5a:7d:26:da:a4:0a:23:a5:f4:a0:
1d:b8:42:c8:42:4f:6a:aa:38:81:ae:3e:5e:28:75:
76:88:61:1a:d3:32:e3:6f:67:72:ac:96:73:5d:73:
a7:b8:e9:ce:78:54:15:e7:a5:09:23:9d:de:3b:07:
89:43:93:d9:0b:1c:14:a4:0e:34:f0:93:c9:73:7d:
4b:22:72:ea:c7:8d:69:8d:37:16:0f:9e:07:b2:5a:
86:de:45:c3:4c:de:18:81:77:c6:05:8a:3b:8f:6f:
4b:f2:88:da:96:3f:c3:ba:fb:0d:80:0f:7e:d0:06:
97:98:29:71:d5:78:11:09:9d:8b:e2:3e:5f:c0:c4:
98:cd:8e:4e:f5:54:8a:02:a9:e6:40:e2:95:95:a7:
ea:02:81:56:33:0c:77:83:66:d4:d0:32:b1:89:f4:
30:29:c1:c2:82:20:1a:a5:11:04:b4:b8:b2:13:c7:
78:d7:9e:43:fe:3f:02:08:b1:5b:88:f4:21:eb:81:
50:94:e9:fe:fd:52:7a:b8:aa:5c:63:16:cd:56:1b:
84:fa:b7:57:e9:6f:9a:4e:b2:f1:8b:a6:4d:b5:4d:
37:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:20:50:EF:C1:EB:03:AC:DC:BB:B8:DC:F2:C2:A4:EA:39:DC:2D:45
X509v3 Authority Key Identifier:
keyid:AD:AC:83:0C:CA:A7:47:83:DD:96:1F:AB:24:1A:22:8D:7C:C6:F8:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rayDDMqnR4Pdlh-rJBoijXzG-Ag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/RCBQ78HrA6zcu7jc8sKk6jncLUU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/82/325c8d-d368-4eee-9ca8-929f7d635f4b/1/rayDDMqnR4Pdlh-rJBoijXzG-Ag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.216.170.0/24
37.61.176.0/21
46.20.64.0/20
46.166.65.0/24
46.166.79.0-46.166.89.255
46.166.91.0/24
46.166.93.0-46.166.95.255
46.182.128.0/22
46.226.240.0/21
62.33.122.0/23
62.249.131.0/24
79.132.96.0/19
81.4.192.0/18
81.18.128.0/19
83.234.10.0/24
83.234.54.0/24
83.234.136.0/23
83.234.168.0/23
83.234.240.0/21
89.186.234.0/24
91.204.96.0/22
94.251.20.0/24
109.74.208.0/20
109.233.172.0/22
164.177.176.0/21
176.104.128.0/21
176.104.152.0-176.104.167.255
176.125.64.0/18
178.76.194.0-178.76.199.255
178.76.205.0/24
178.76.207.0-178.76.212.255
178.76.214.0/24
178.76.216.0-178.76.255.255
185.6.236.0/22
185.43.84.0/22
185.61.24.0/22
IPv6:
2a00:1138::/32
2a03:3700::/33
Signature Algorithm: sha256WithRSAEncryption
db:9e:c4:c0:04:e0:e3:d1:13:72:9f:e9:fa:f6:4a:14:22:ad:
72:e1:98:86:3b:ae:17:4a:be:0e:6b:d4:8e:67:71:55:b2:24:
e2:95:39:c6:e4:fd:01:6b:74:04:8e:76:1e:ac:bf:26:07:e2:
3c:3f:05:b3:2b:d4:8c:31:53:0f:66:9a:dc:f8:3f:10:0a:1b:
22:12:03:f0:cc:e0:40:32:47:09:a7:ae:77:2f:70:2b:88:d0:
38:3c:0d:43:4f:5c:f5:c0:e3:de:48:05:19:b2:84:1f:b8:cf:
4c:70:f1:7e:7d:c7:fc:48:93:5e:01:88:5e:e9:63:3e:7e:b8:
cc:89:97:46:5a:0e:b5:a7:9b:78:0e:41:30:cb:7a:f5:be:66:
e4:21:6c:4c:a6:62:0c:72:d8:0f:95:70:b2:cd:f6:58:ef:5e:
ef:13:13:a3:b1:12:bd:aa:d1:df:1d:22:9f:27:ed:32:73:55:
50:6d:b8:f0:97:56:0c:db:d3:15:02:d8:ea:35:fe:3d:bd:a4:
24:e9:ae:cb:16:08:06:8d:18:40:fc:c3:69:81:db:97:28:75:
01:dd:93:61:0e:75:38:04:9a:11:0e:4a:7b:b5:2c:7e:91:d9:
b1:58:ca:61:92:97:c1:ee:ce:55:44:b1:d6:30:50:68:49:53:
70:26:45:51
-----BEGIN CERTIFICATE-----
MIIGHzCCBQegAwIBAgISAZoQaw9+uO3W3xev18X7j/lNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkYWM4MzBjY2FhNzQ3ODNkZDk2MWZhYjI0MWEyMjhkN2Nj
NmY4MDgwHhcNMjUxMDIzMDkzNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDIwNTBlZmMxZWIwM2FjZGNiYmI4ZGNmMmMyYTRlYTM5ZGMyZDQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6ItbrJ0OLHSJUxwV19Q8RCukTFNG
4UUHTZTNV70z++dc2Fp9JtqkCiOl9KAduELIQk9qqjiBrj5eKHV2iGEa0zLjb2dy
rJZzXXOnuOnOeFQV56UJI53eOweJQ5PZCxwUpA408JPJc31LInLqx41pjTcWD54H
slqG3kXDTN4YgXfGBYo7j29L8ojalj/DuvsNgA9+0AaXmClx1XgRCZ2L4j5fwMSY
zY5O9VSKAqnmQOKVlafqAoFWMwx3g2bU0DKxifQwKcHCgiAapREEtLiyE8d4155D
/j8CCLFbiPQh64FQlOn+/VJ6uKpcYxbNVhuE+rdX6W+aTrLxi6ZNtU03dwIDAQAB
o4IDKzCCAycwHQYDVR0OBBYEFEQgUO/B6wOs3Lu43PLCpOo53C1FMB8GA1UdIwQY
MBaAFK2sgwzKp0eD3ZYfqyQaIo18xvgIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgt
OTI5ZjdkNjM1ZjRiLzEvUkNCUTc4SHJBNnpjdTdqYzhzS2s2am5jTFVVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Mi8zMjVjOGQtZDM2OC00ZWVlLTljYTgtOTI5ZjdkNjM1ZjRi
LzEvcmF5RERNcW5SNFBkbGgtckpCb2lqWHpHLUFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBPwYIKwYBBQUHAQcBAf8EggEuMIIBKjCCAQ8EAgABMIIB
BwMEAB/YqgMEAyU9sAMEBC4UQAMEAC6mQTAMAwQALqZPAwQBLqZYAwQALqZbMAwD
BAAupl0DBAUupkADBAIutoADBAMu4vADBAE+IXoDBAA++YMDBAVPhGADBAZRBMAD
BAVREoADBABT6goDBABT6jYDBAFT6ogDBAFT6qgDBANT6vADBABZuuoDBAJbzGAD
BABe+xQDBARtStADBAJt6awDBAOksbADBAOwaIAwDAMEA7BomAMEA7BooAMEBrB9
QDAMAwQBskzCAwQDskzAAwQAskzNMAwDBACyTM8DBACyTNQDBACyTNYwCwMEA7JM
2AMDALJMAwQCuQbsAwQCuStUAwQCuT0YMBUEAgACMA8DBQAqABE4AwYHKgM3AAAw
DQYJKoZIhvcNAQELBQADggEBANuexMAE4OPRE3Kf6fr2ShQirXLhmIY7rhdKvg5r
1I5ncVWyJOKVOcbk/QFrdASOdh6svyYH4jw/BbMr1IwxUw9mmtz4PxAKGyISA/DM
4EAyRwmnrncvcCuI0Dg8DUNPXPXA495IBRmyhB+4z0xw8X59x/xIk14BiF7pYz5+
uMyJl0ZaDrWnm3gOQTDLevW+ZuQhbEymYgxy2A+VcLLN9ljvXu8TE6OxEr2q0d8d
Ip8n7TJzVVBtuPCXVgzb0xUC2Oo1/j29pCTprssWCAaNGED8w2mB25codQHdk2EO
dTgEmhEOSnu1LH6R2bFYymGSl8HuzlVEsdYwUGhJU3AmRVE=
-----END CERTIFICATE-----
Generated at Mon Oct 27 09:35:42 2025 by rpki-client