Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/1UFvvpbQowasUvap5PgWxR7ZHQM.roa
File: 1UFvvpbQowasUvap5PgWxR7ZHQM.roa (raw, json)
Hash identifier: cstJIipWCq4rApZKewY4Sy3q5g3XVtYXYMHVBMpCXwg=
Subject key identifier: D5:41:6F:BE:96:D0:A3:06:AC:52:F6:A9:E4:F8:16:C5:1E:D9:1D:03
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01992A2667EB8BEB7A7F5A5637C5CD4650C1
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/1UFvvpbQowasUvap5PgWxR7ZHQM.roa
Signing time: Mon 08 Sep 2025 16:26:23 +0000
ROA not before: Mon 08 Sep 2025 16:26:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 37.221.124.0/24 maxlen: 24
37.221.125.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.120.179.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
80.71.157.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
86.104.72.0/24 maxlen: 24
86.104.74.0/24 maxlen: 24
86.104.75.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.132.133.0/24 maxlen: 24
91.132.134.0/24 maxlen: 24
91.132.135.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
94.131.9.0/24 maxlen: 24
94.131.10.0/24 maxlen: 24
94.131.13.0/24 maxlen: 24
94.131.14.0/24 maxlen: 24
94.131.96.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
94.131.117.0/24 maxlen: 24
94.131.118.0/24 maxlen: 24
94.131.119.0/24 maxlen: 24
94.131.120.0/24 maxlen: 24
94.232.247.0/24 maxlen: 24
103.35.188.0/24 maxlen: 24
103.35.189.0/24 maxlen: 24
103.35.190.0/24 maxlen: 24
103.35.191.0/24 maxlen: 24
103.113.69.0/24 maxlen: 24
103.113.70.0/24 maxlen: 24
103.113.71.0/24 maxlen: 24
103.231.72.0/24 maxlen: 24
103.231.73.0/24 maxlen: 24
146.19.75.0/24 maxlen: 24
146.19.170.0/24 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.65.0/24 maxlen: 24
176.120.67.0/24 maxlen: 24
176.120.74.0/24 maxlen: 24
176.120.75.0/24 maxlen: 24
185.234.56.0/24 maxlen: 24
185.234.58.0/24 maxlen: 24
185.234.64.0/24 maxlen: 24
185.234.67.0/24 maxlen: 24
185.235.240.0/24 maxlen: 24
185.235.241.0/24 maxlen: 24
185.236.232.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
185.252.215.0/24 maxlen: 24
195.42.233.0/24 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/24 maxlen: 24
213.159.65.0/24 maxlen: 24
213.159.67.0/24 maxlen: 24
213.159.68.0/24 maxlen: 24
213.159.69.0/24 maxlen: 24
213.159.73.0/24 maxlen: 24
213.159.74.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a0b:cf40::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a0b:cf47::/32 maxlen: 32
2a11:3803::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c00::/32 maxlen: 32
2a11:3c01::/32 maxlen: 32
2a11:4c00::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d84::/32 maxlen: 32
2a14:2d86::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3082::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
2a14:3883:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2a:26:67:eb:8b:eb:7a:7f:5a:56:37:c5:cd:46:50:c1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Sep 8 16:26:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d5416fbe96d0a306ac52f6a9e4f816c51ed91d03
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d2:25:86:0b:20:6f:b7:bc:dc:25:7f:e5:4f:
50:ea:d9:46:cd:4d:08:7d:84:fc:bd:86:a6:8f:6c:
42:1a:f3:df:eb:71:d6:1c:0d:5d:08:ed:ea:d5:96:
4e:56:dd:11:ba:bf:4a:62:16:42:64:a9:1c:39:69:
85:33:91:33:17:45:f2:3e:4f:00:67:17:fe:16:00:
28:3c:00:2f:44:5f:4f:e9:bd:28:07:d8:87:c4:40:
b6:ce:9d:dc:52:eb:41:53:36:8d:3e:1a:f3:66:01:
92:47:b3:b0:23:93:71:cf:65:9f:7c:a4:b4:df:b0:
c5:7f:12:d0:fd:43:4d:2b:7e:13:a8:de:5e:9e:c4:
7a:ff:cb:41:7a:03:1c:9e:c4:1b:b9:21:69:25:c5:
7e:bc:5d:18:fa:38:a3:96:38:89:62:fa:1c:75:f6:
37:75:4d:48:c4:3b:36:a2:ab:e5:e5:29:9a:0f:76:
8c:38:6f:62:31:6e:52:99:9e:9c:64:f0:26:74:36:
0c:79:62:e5:59:a4:cc:55:bd:68:57:06:54:39:47:
fe:82:eb:7f:1e:32:25:b2:3a:ee:61:e3:19:38:ca:
2f:20:2f:4f:31:2b:b3:e3:16:34:e5:db:6b:7c:83:
71:81:a8:b3:d3:54:8d:f6:7c:23:fb:60:42:4e:26:
8b:01
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:41:6F:BE:96:D0:A3:06:AC:52:F6:A9:E4:F8:16:C5:1E:D9:1D:03
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/1UFvvpbQowasUvap5PgWxR7ZHQM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/23
45.67.229.0/24
45.120.179.0/24
74.119.192.0/24
74.119.194.0/24
80.71.157.0/24
80.92.204.0/23
86.104.72.0/24
86.104.74.0/23
89.221.224.0/24
91.132.133.0-91.132.135.255
91.194.161.0/24
94.131.8.0-94.131.10.255
94.131.13.0-94.131.14.255
94.131.96.0/24
94.131.100.0/23
94.131.104.0/24
94.131.109.0-94.131.111.255
94.131.117.0-94.131.120.255
94.232.247.0/24
103.35.188.0/22
103.113.69.0-103.113.71.255
103.231.72.0/23
146.19.75.0/24
146.19.170.0/24
176.120.64.0/23
176.120.67.0/24
176.120.74.0/23
185.234.56.0/24
185.234.58.0/24
185.234.64.0/24
185.234.67.0/24
185.235.240.0/23
185.236.232.0/24
185.242.84.0/24
185.242.87.0/24
185.250.148.0/24
185.250.151.0/24
185.252.215.0/24
195.42.233.0/24
195.149.87.0/24
213.159.64.0/23
213.159.67.0-213.159.69.255
213.159.73.0-213.159.74.255
213.159.77.0-213.159.79.255
IPv6:
2a09:7c41::-2a09:7c43:ffff:ffff:ffff:ffff:ffff:ffff
2a09:7c46::/32
2a0b:cf40::/32
2a0b:cf43::/32
2a0b:cf47::/32
2a11:3803::/32
2a11:3805::/32
2a11:3c00::/31
2a11:4c00::/32
2a11:4c04::/32
2a11:4c06::/32
2a11:7e06::/32
2a14:2d80::/32
2a14:2d83::-2a14:2d84:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2d86::/32
2a14:2f80::/32
2a14:3081::-2a14:3082:ffff:ffff:ffff:ffff:ffff:ffff
2a14:3084::/32
2a14:3086::/32
2a14:3883:1::/48
Signature Algorithm: sha256WithRSAEncryption
98:13:28:00:4a:f2:cb:db:66:2e:3b:ef:c1:b9:b5:ee:fd:c2:
5c:e3:28:bc:7b:e8:3c:1a:96:fb:97:67:39:1b:12:14:54:d2:
10:81:44:48:a6:5c:30:f4:ce:03:f2:7f:99:b8:1e:16:29:b6:
66:95:28:da:4e:ba:18:07:81:ff:72:f9:37:da:30:46:ec:fa:
80:50:66:90:0c:ab:2f:3f:59:67:0b:c3:e8:3b:73:c2:f3:05:
65:a2:4f:41:a7:d1:4c:b7:7a:9c:ca:93:f0:16:a8:56:a7:26:
b1:b5:29:63:d6:95:50:e6:45:59:28:33:5b:3d:b8:e0:a7:2e:
cd:c3:0c:02:75:11:90:19:82:fc:34:d3:a6:40:d7:55:78:68:
e1:fa:84:04:3e:7b:cb:c7:30:7a:74:ff:7c:8d:9d:30:7f:c9:
4b:f1:a9:57:30:c6:91:be:96:9d:a4:b6:95:da:a8:5b:af:29:
0e:39:bf:f4:0d:44:1f:3e:d5:2e:f8:4b:15:86:58:82:f9:2c:
55:88:dc:a9:3e:1d:72:82:8d:8e:d3:ce:b6:5c:21:bd:4b:5b:
ed:b0:66:9d:5d:13:9e:d6:a1:85:04:38:db:99:af:4d:f5:f5:
67:21:76:b4:39:37:1e:49:36:fc:56:1e:4b:79:d7:2e:c1:46:
61:21:cf:30
-----BEGIN CERTIFICATE-----
MIIHCjCCBfKgAwIBAgISAZkqJmfri+t6f1pWN8XNRlDBMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwOTA4MTYyNjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTQxNmZiZTk2ZDBhMzA2YWM1MmY2YTllNGY4MTZjNTFlZDkxZDAzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtIlhgsgb7e83CV/5U9Q6tlGzU0I
fYT8vYamj2xCGvPf63HWHA1dCO3q1ZZOVt0Rur9KYhZCZKkcOWmFM5EzF0XyPk8A
Zxf+FgAoPAAvRF9P6b0oB9iHxEC2zp3cUutBUzaNPhrzZgGSR7OwI5Nxz2WffKS0
37DFfxLQ/UNNK34TqN5ensR6/8tBegMcnsQbuSFpJcV+vF0Y+jijljiJYvocdfY3
dU1IxDs2oqvl5SmaD3aMOG9iMW5SmZ6cZPAmdDYMeWLlWaTMVb1oVwZUOUf+gut/
HjIlsjruYeMZOMovIC9PMSuz4xY05dtrfINxgaiz01SN9nwj+2BCTiaLAQIDAQAB
o4IEFjCCBBIwHQYDVR0OBBYEFNVBb76W0KMGrFL2qeT4FsUe2R0DMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvMVVGdnZwYlFvd2FzVXZhcDVQZ1d4UjdaSFFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICKgYIKwYBBQUHAQcBAf8EggIZMIICFTCCAV4EAgABMIIB
VgMEASXdfAMEAC1D5QMEAC14swMEAEp3wAMEAEp3wgMEAFBHnQMEAVBczAMEAFZo
SAMEAVZoSgMEAFnd4DAMAwQAW4SFAwQDW4SAAwQAW8KhMAwDBANegwgDBABegwow
DAMEAF6DDQMEAF6DDgMEAF6DYAMEAV6DZAMEAF6DaDAMAwQAXoNtAwQEXoNgMAwD
BABeg3UDBABeg3gDBABe6PcDBAJnI7wwDAMEAGdxRQMEA2dxQAMEAWfnSAMEAJIT
SwMEAJITqgMEAbB4QAMEALB4QwMEAbB4SgMEALnqOAMEALnqOgMEALnqQAMEALnq
QwMEAbnr8AMEALns6AMEALnyVAMEALnyVwMEALn6lAMEALn6lwMEALn81wMEAMMq
6QMEAMOVVwMEAdWfQDAMAwQA1Z9DAwQB1Z9EMAwDBADVn0kDBADVn0owDAMEANWf
TQMEBNWfQDCBsAQCAAIwgakwDgMFACoJfEEDBQIqCXxAAwUAKgl8RgMFACoLz0AD
BQAqC89DAwUAKgvPRwMFACoROAMDBQAqETgFAwUBKhE8AAMFACoRTAADBQAqEUwE
AwUAKhFMBgMFACoRfgYDBQAqFC2AMA4DBQAqFC2DAwUAKhQthAMFACoULYYDBQAq
FC+AMA4DBQAqFDCBAwUAKhQwggMFACoUMIQDBQAqFDCGAwcAKhQ4gwABMA0GCSqG
SIb3DQEBCwUAA4IBAQCYEygASvLL22YuO+/BubXu/cJc4yi8e+g8Gpb7l2c5GxIU
VNIQgURIplww9M4D8n+ZuB4WKbZmlSjaTroYB4H/cvk32jBG7PqAUGaQDKsvP1ln
C8PoO3PC8wVlok9Bp9FMt3qcypPwFqhWpyaxtSlj1pVQ5kVZKDNbPbjgpy7NwwwC
dRGQGYL8NNOmQNdVeGjh+oQEPnvLxzB6dP98jZ0wf8lL8alXMMaRvpadpLaV2qhb
rykOOb/0DUQfPtUu+EsVhliC+SxViNypPh1ygo2O0862XCG9S1vtsGadXROe1qGF
BDjbma9N9fVnIXa0OTceSTb8Vh5LedcuwUZhIc8w
-----END CERTIFICATE-----
Generated at Tue Sep 9 15:47:31 2025 by rpki-client