Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3Uha8oL2vXNx6cM4zZdHEEIC4Uc.roa
File: 3Uha8oL2vXNx6cM4zZdHEEIC4Uc.roa (raw, json)
Hash identifier: aZhL4jUzNiCePmIRKIoMMUTAHPLACauiwjNAwQa9CKs=
Subject key identifier: DD:48:5A:F2:82:F6:BD:73:71:E9:C3:38:CD:97:47:10:42:02:E1:47
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0199CE25F770DD3DFBC2A19BCBBBE142F1E8
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3Uha8oL2vXNx6cM4zZdHEEIC4Uc.roa
Signing time: Fri 10 Oct 2025 12:43:38 +0000
ROA not before: Fri 10 Oct 2025 12:43:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 37.202.220.0/24 maxlen: 24
151.240.8.0/24 maxlen: 24
151.240.28.0/24 maxlen: 24
151.240.60.0/23 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.80.0/23 maxlen: 24
151.240.110.0/24 maxlen: 24
151.240.118.0/23 maxlen: 24
151.240.148.0/23 maxlen: 24
151.240.165.0/24 maxlen: 24
151.240.226.0/23 maxlen: 24
151.240.243.0/24 maxlen: 24
151.240.244.0/24 maxlen: 24
151.240.245.0/24 maxlen: 24
151.240.246.0/24 maxlen: 24
151.240.247.0/24 maxlen: 24
151.240.249.0/24 maxlen: 24
151.240.250.0/24 maxlen: 24
151.240.251.0/24 maxlen: 24
151.240.252.0/24 maxlen: 24
151.240.253.0/24 maxlen: 24
151.241.12.0/24 maxlen: 24
151.241.26.0/24 maxlen: 24
151.241.31.0/24 maxlen: 24
151.241.36.0/24 maxlen: 24
151.241.37.0/24 maxlen: 24
151.241.78.0/24 maxlen: 24
151.241.79.0/24 maxlen: 24
151.241.89.0/24 maxlen: 24
151.241.90.0/24 maxlen: 24
151.242.76.0/23 maxlen: 24
151.242.128.0/24 maxlen: 24
151.242.134.0/24 maxlen: 24
151.242.143.0/24 maxlen: 24
151.242.156.0/23 maxlen: 24
151.242.202.0/23 maxlen: 24
151.242.205.0/24 maxlen: 24
151.242.236.0/22 maxlen: 24
151.243.96.0/24 maxlen: 24
151.243.110.0/24 maxlen: 24
151.243.138.0/23 maxlen: 24
151.243.142.0/24 maxlen: 24
151.243.144.0/23 maxlen: 24
151.243.147.0/24 maxlen: 24
151.243.148.0/23 maxlen: 24
151.243.157.0/24 maxlen: 24
151.243.158.0/24 maxlen: 24
151.243.170.0/24 maxlen: 24
151.243.172.0/24 maxlen: 24
151.243.173.0/24 maxlen: 24
151.243.174.0/24 maxlen: 24
151.244.12.0/24 maxlen: 24
151.244.14.0/24 maxlen: 24
151.244.24.0/24 maxlen: 24
151.244.30.0/24 maxlen: 24
151.244.32.0/24 maxlen: 24
151.244.48.0/24 maxlen: 24
151.244.50.0/24 maxlen: 24
151.244.63.0/24 maxlen: 24
151.244.64.0/24 maxlen: 24
151.244.66.0/23 maxlen: 24
151.244.102.0/24 maxlen: 24
151.244.109.0/24 maxlen: 24
151.244.113.0/24 maxlen: 24
151.244.119.0/24 maxlen: 24
151.244.135.0/24 maxlen: 24
151.244.196.0/24 maxlen: 24
151.244.226.0/23 maxlen: 24
151.244.248.0/24 maxlen: 24
151.245.42.0/24 maxlen: 24
151.245.44.0/24 maxlen: 24
151.245.48.0/24 maxlen: 24
151.245.60.0/24 maxlen: 24
151.245.61.0/24 maxlen: 24
151.245.63.0/24 maxlen: 24
151.245.64.0/22 maxlen: 24
151.245.88.0/24 maxlen: 24
151.245.91.0/24 maxlen: 24
151.245.224.0/23 maxlen: 24
151.245.226.0/23 maxlen: 24
151.246.160.0/23 maxlen: 24
151.246.164.0/23 maxlen: 24
151.246.176.0/24 maxlen: 24
151.246.180.0/24 maxlen: 24
151.246.181.0/24 maxlen: 24
151.246.246.0/23 maxlen: 24
151.246.250.0/23 maxlen: 24
151.246.252.0/23 maxlen: 24
151.247.130.0/23 maxlen: 24
151.247.161.0/24 maxlen: 24
151.247.162.0/24 maxlen: 24
151.247.163.0/24 maxlen: 24
151.247.164.0/24 maxlen: 24
151.247.165.0/24 maxlen: 24
151.247.167.0/24 maxlen: 24
151.247.169.0/24 maxlen: 24
151.247.170.0/24 maxlen: 24
151.247.248.0/24 maxlen: 24
151.247.249.0/24 maxlen: 24
151.247.250.0/24 maxlen: 24
151.247.253.0/24 maxlen: 24
151.247.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:ce:25:f7:70:dd:3d:fb:c2:a1:9b:cb:bb:e1:42:f1:e8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Oct 10 12:43:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=dd485af282f6bd7371e9c338cd9747104202e147
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:1e:16:ba:2d:0c:30:df:f9:17:a1:48:3b:37:
55:05:5a:5b:4f:55:3f:e6:76:01:ba:6d:ed:86:21:
81:93:a9:e1:af:20:1a:6f:11:d8:40:e5:3a:d4:56:
d8:60:4e:86:ba:85:f7:e8:11:5f:42:20:eb:78:dc:
1b:a3:d6:0f:03:59:b7:ce:c9:2c:bb:d1:f7:2b:e4:
08:84:ea:22:14:56:c4:62:6d:db:16:e8:80:07:e5:
c0:43:71:eb:ed:fd:91:37:7a:96:c2:72:36:ab:8e:
19:6f:04:9d:c4:0e:9b:1f:b7:00:9e:8d:3b:68:85:
53:be:1e:00:34:4a:ab:3e:48:1c:97:01:1d:77:83:
38:dd:78:be:75:6e:54:7c:2e:de:88:2f:46:e8:d0:
98:4e:6d:a3:03:87:9a:9b:d2:33:6f:e9:61:ab:32:
46:43:37:72:c8:82:c4:08:dc:1d:a3:08:0f:13:d5:
60:58:52:c5:94:62:65:d2:8d:37:2f:84:86:3b:01:
86:07:9c:9c:bf:95:4e:1a:3f:ce:0e:5f:e1:3d:a4:
fd:b6:14:26:9d:38:f6:7c:ed:f4:73:29:c5:40:ae:
b9:a5:1e:44:88:9e:64:ba:d9:81:6e:2e:b9:26:ee:
74:5f:09:d9:b9:62:c1:ad:d5:dd:e9:0f:6d:e1:48:
19:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
DD:48:5A:F2:82:F6:BD:73:71:E9:C3:38:CD:97:47:10:42:02:E1:47
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/3Uha8oL2vXNx6cM4zZdHEEIC4Uc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.220.0/24
151.240.8.0/24
151.240.28.0/24
151.240.60.0/23
151.240.72.0/24
151.240.74.0/24
151.240.80.0/23
151.240.110.0/24
151.240.118.0/23
151.240.148.0/23
151.240.165.0/24
151.240.226.0/23
151.240.243.0-151.240.247.255
151.240.249.0-151.240.253.255
151.241.12.0/24
151.241.26.0/24
151.241.31.0/24
151.241.36.0/23
151.241.78.0/23
151.241.89.0-151.241.90.255
151.242.76.0/23
151.242.128.0/24
151.242.134.0/24
151.242.143.0/24
151.242.156.0/23
151.242.202.0/23
151.242.205.0/24
151.242.236.0/22
151.243.96.0/24
151.243.110.0/24
151.243.138.0/23
151.243.142.0/24
151.243.144.0/23
151.243.147.0-151.243.149.255
151.243.157.0-151.243.158.255
151.243.170.0/24
151.243.172.0-151.243.174.255
151.244.12.0/24
151.244.14.0/24
151.244.24.0/24
151.244.30.0/24
151.244.32.0/24
151.244.48.0/24
151.244.50.0/24
151.244.63.0-151.244.64.255
151.244.66.0/23
151.244.102.0/24
151.244.109.0/24
151.244.113.0/24
151.244.119.0/24
151.244.135.0/24
151.244.196.0/24
151.244.226.0/23
151.244.248.0/24
151.245.42.0/24
151.245.44.0/24
151.245.48.0/24
151.245.60.0/23
151.245.63.0-151.245.67.255
151.245.88.0/24
151.245.91.0/24
151.245.224.0/22
151.246.160.0/23
151.246.164.0/23
151.246.176.0/24
151.246.180.0/23
151.246.246.0/23
151.246.250.0-151.246.253.255
151.247.130.0/23
151.247.161.0-151.247.165.255
151.247.167.0/24
151.247.169.0-151.247.170.255
151.247.248.0-151.247.250.255
151.247.253.0-151.247.254.255
Signature Algorithm: sha256WithRSAEncryption
55:cd:1d:6b:d6:bf:29:4b:9d:d2:d7:85:66:27:ce:de:35:78:
fe:e5:f4:92:4f:10:9c:ae:d7:30:8d:e9:44:2a:09:2a:6d:00:
b1:cb:9e:11:a4:2b:ad:30:da:74:3f:6e:e6:78:31:8b:bd:06:
66:d8:65:43:f2:01:e5:60:ec:2e:bb:79:fd:70:b3:64:08:8e:
81:8d:13:68:42:63:d1:61:1f:03:2b:5e:2b:e6:b9:fa:74:63:
85:b5:af:bc:4b:fe:4b:34:98:71:01:84:f3:a9:50:89:79:d1:
f1:66:c5:f0:fb:96:05:ad:68:a8:8f:c2:33:d8:74:37:eb:dc:
a2:e1:bb:c4:ed:d4:9e:40:d6:f4:c0:b8:21:1a:33:a9:f7:ec:
ab:0a:3e:7b:df:08:44:47:08:d5:f9:ab:17:ce:90:22:2b:ca:
0f:db:1e:a7:d5:46:8c:1c:61:a6:77:ab:9e:04:03:45:f7:e4:
d1:fa:f1:07:d6:f0:b8:8c:16:b3:25:48:db:87:2f:e6:01:33:
db:41:ce:e5:0f:7e:a9:06:a4:38:7f:d1:1d:26:ee:b1:e6:16:
dc:24:40:59:9b:1e:cb:08:ef:df:63:19:1e:b1:7a:9a:75:20:
c6:c4:19:3a:1d:bf:48:ed:1b:bb:ea:33:79:45:8d:e6:1c:6d:
4e:bf:83:f8
-----BEGIN CERTIFICATE-----
MIIHJTCCBg2gAwIBAgISAZnOJfdw3T37wqGby7vhQvHoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUxMDEwMTI0MzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkZDQ4NWFmMjgyZjZiZDczNzFlOWMzMzhjZDk3NDcxMDQyMDJlMTQ3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzB4Wui0MMN/5F6FIOzdVBVpbT1U/
5nYBum3thiGBk6nhryAabxHYQOU61FbYYE6GuoX36BFfQiDreNwbo9YPA1m3zsks
u9H3K+QIhOoiFFbEYm3bFuiAB+XAQ3Hr7f2RN3qWwnI2q44ZbwSdxA6bH7cAno07
aIVTvh4ANEqrPkgclwEdd4M43Xi+dW5UfC7eiC9G6NCYTm2jA4eam9Izb+lhqzJG
QzdyyILECNwdowgPE9VgWFLFlGJl0o03L4SGOwGGB5ycv5VOGj/ODl/hPaT9thQm
nTj2fO30cynFQK65pR5EiJ5kutmBbi65Ju50XwnZuWLBrdXd6Q9t4UgZRQIDAQAB
o4IEMTCCBC0wHQYDVR0OBBYEFN1IWvKC9r1zcenDOM2XRxBCAuFHMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvM1VoYThvTDJ2WE54NmNNNHpaZEhFRUlDNFVjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICRQYIKwYBBQUHAQcBAf8EggI0MIICMDCCAiwEAgABMIIC
JAMEACXK3AMEAJfwCAMEAJfwHAMEAZfwPAMEAJfwSAMEAJfwSgMEAZfwUAMEAJfw
bgMEAZfwdgMEAZfwlAMEAJfwpQMEAZfw4jAMAwQAl/DzAwQDl/DwMAwDBACX8PkD
BAGX8PwDBACX8QwDBACX8RoDBACX8R8DBAGX8SQDBAGX8U4wDAMEAJfxWQMEAJfx
WgMEAZfyTAMEAJfygAMEAJfyhgMEAJfyjwMEAZfynAMEAZfyygMEAJfyzQMEApfy
7AMEAJfzYAMEAJfzbgMEAZfzigMEAJfzjgMEAZfzkDAMAwQAl/OTAwQBl/OUMAwD
BACX850DBACX854DBACX86owDAMEApfzrAMEAJfzrgMEAJf0DAMEAJf0DgMEAJf0
GAMEAJf0HgMEAJf0IAMEAJf0MAMEAJf0MjAMAwQAl/Q/AwQAl/RAAwQBl/RCAwQA
l/RmAwQAl/RtAwQAl/RxAwQAl/R3AwQAl/SHAwQAl/TEAwQBl/TiAwQAl/T4AwQA
l/UqAwQAl/UsAwQAl/UwAwQBl/U8MAwDBACX9T8DBAKX9UADBACX9VgDBACX9VsD
BAKX9eADBAGX9qADBAGX9qQDBACX9rADBAGX9rQDBAGX9vYwDAMEAZf2+gMEAZf2
/AMEAZf3gjAMAwQAl/ehAwQBl/ekAwQAl/enMAwDBACX96kDBACX96owDAMEA5f3
+AMEAJf3+jAMAwQAl/f9AwQAl/f+MA0GCSqGSIb3DQEBCwUAA4IBAQBVzR1r1r8p
S53S14VmJ87eNXj+5fSSTxCcrtcwjelEKgkqbQCxy54RpCutMNp0P27meDGLvQZm
2GVD8gHlYOwuu3n9cLNkCI6BjRNoQmPRYR8DK14r5rn6dGOFta+8S/5LNJhxAYTz
qVCJedHxZsXw+5YFrWioj8Iz2HQ369yi4bvE7dSeQNb0wLghGjOp9+yrCj573whE
RwjV+asXzpAiK8oP2x6n1UaMHGGmd6ueBANF9+TR+vEH1vC4jBazJUjbhy/mATPb
Qc7lD36pBqQ4f9EdJu6x5hbcJEBZmx7LCO/fYxkesXqadSDGxBk6Hb9I7Ru76jN5
RY3mHG1Ov4P4
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:34:28 2025 by rpki-client