Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/SuBzxwDva5SiJZBSzLVzIi6Hqy0.roa
File: SuBzxwDva5SiJZBSzLVzIi6Hqy0.roa (raw, json)
Hash identifier: Es/7isEtxTE3cWIY701kMbHojuTe3W7FsYpO9MHCV6k=
Subject key identifier: 4A:E0:73:C7:00:EF:6B:94:A2:25:90:52:CC:B5:73:22:2E:87:AB:2D
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 0198EA86DFB92F24ED4537775001C87E85AD
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/SuBzxwDva5SiJZBSzLVzIi6Hqy0.roa
Signing time: Wed 27 Aug 2025 07:56:04 +0000
ROA not before: Wed 27 Aug 2025 07:56:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 37.221.124.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.120.179.0/24 maxlen: 24
86.104.75.0/24 maxlen: 24
89.221.224.0/24 maxlen: 24
91.132.133.0/24 maxlen: 24
91.132.134.0/24 maxlen: 24
91.194.161.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
94.131.10.0/24 maxlen: 24
94.131.13.0/24 maxlen: 24
94.131.14.0/24 maxlen: 24
94.131.96.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
94.131.117.0/24 maxlen: 24
94.131.119.0/24 maxlen: 24
103.113.69.0/24 maxlen: 24
103.231.72.0/24 maxlen: 24
103.231.73.0/24 maxlen: 24
146.19.75.0/24 maxlen: 24
146.19.170.0/24 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.67.0/24 maxlen: 24
176.120.74.0/24 maxlen: 24
185.234.56.0/24 maxlen: 24
185.234.58.0/24 maxlen: 24
185.234.67.0/24 maxlen: 24
185.242.84.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
213.159.65.0/24 maxlen: 24
213.159.67.0/24 maxlen: 24
213.159.68.0/24 maxlen: 24
213.159.69.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c43::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a0b:cf40::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a11:3803::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c00::/32 maxlen: 32
2a11:3c01::/32 maxlen: 32
2a11:4c00::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d84::/32 maxlen: 32
2a14:2d86::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 16:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ea:86:df:b9:2f:24:ed:45:37:77:50:01:c8:7e:85:ad
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Aug 27 07:56:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ae073c700ef6b94a2259052ccb573222e87ab2d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:1e:c7:c3:aa:c7:d6:75:4f:22:56:2c:90:9d:
e2:90:01:3e:93:b1:df:7a:ec:3b:a3:0c:0e:2c:37:
c0:26:00:ca:0d:e3:41:ad:e2:b6:af:b2:19:79:4c:
9e:20:10:cb:3f:5e:17:14:0d:24:d7:fd:6c:eb:bc:
68:ed:52:f8:92:c1:3c:f1:26:bf:8a:d6:e5:7a:6f:
3e:05:a2:2c:47:fc:e5:63:21:7e:d7:db:a0:cb:ef:
22:1f:1c:6b:4f:2a:d0:8c:17:cd:e0:17:e6:64:b4:
04:dd:ea:39:61:c7:45:3c:0d:70:20:e9:4f:d8:d8:
dc:4f:b8:57:72:c1:2b:0f:1d:48:5b:6c:f7:b7:d6:
58:e2:44:72:b3:fc:7e:ac:4b:93:c9:53:04:d3:67:
1e:85:3b:88:d1:05:2b:e1:91:90:26:72:9a:83:59:
1f:dd:6f:32:c5:aa:d9:b2:cb:b6:ba:99:82:e5:dc:
2e:e1:52:6d:28:a1:28:12:5a:5a:f0:06:d9:8f:20:
33:cf:4d:71:c0:c5:1d:92:e8:7c:dd:24:27:31:7c:
08:98:56:38:35:ae:ea:be:76:58:d8:f6:2c:c9:cd:
30:0c:35:8c:04:c2:be:5d:46:d4:d0:77:f2:17:51:
1c:ce:dc:ba:30:91:1c:aa:4d:32:b0:d1:43:94:7e:
ab:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4A:E0:73:C7:00:EF:6B:94:A2:25:90:52:CC:B5:73:22:2E:87:AB:2D
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/SuBzxwDva5SiJZBSzLVzIi6Hqy0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/24
45.67.229.0/24
45.120.179.0/24
86.104.75.0/24
89.221.224.0/24
91.132.133.0-91.132.134.255
91.194.161.0/24
94.131.8.0/24
94.131.10.0/24
94.131.13.0-94.131.14.255
94.131.96.0/24
94.131.100.0/24
94.131.104.0/24
94.131.117.0/24
94.131.119.0/24
103.113.69.0/24
103.231.72.0/23
146.19.75.0/24
146.19.170.0/24
176.120.64.0/24
176.120.67.0/24
176.120.74.0/24
185.234.56.0/24
185.234.58.0/24
185.234.67.0/24
185.242.84.0/24
185.250.148.0/24
213.159.65.0/24
213.159.67.0-213.159.69.255
213.159.77.0-213.159.79.255
IPv6:
2a09:7c43::/32
2a09:7c46::/32
2a0b:cf40::/32
2a0b:cf43::/32
2a11:3803::/32
2a11:3805::/32
2a11:3c00::/31
2a11:4c00::/32
2a11:4c04::/32
2a11:4c06::/32
2a11:7e06::/32
2a14:2d80::/32
2a14:2d83::-2a14:2d84:ffff:ffff:ffff:ffff:ffff:ffff
2a14:2d86::/32
2a14:3081::/32
2a14:3084::/32
2a14:3086::/32
Signature Algorithm: sha256WithRSAEncryption
6a:7e:ba:e0:c8:7f:8d:b8:c0:9a:eb:d3:3e:b7:f7:d3:ec:ad:
c4:4b:c6:ec:25:65:bc:51:8b:73:33:69:ec:f8:f4:28:02:76:
27:0c:46:c1:8e:d6:03:51:35:52:57:7e:45:ce:0f:7a:8e:18:
bd:56:6d:b5:d8:f9:55:38:b4:8f:76:f0:ff:df:f1:86:df:9c:
4f:a6:29:2e:96:3e:fa:4f:86:78:ff:62:4e:89:c2:33:5d:12:
da:bd:52:34:99:b4:3d:50:9f:c7:77:32:59:96:74:8b:46:f6:
41:8f:b9:91:c0:86:2e:00:ab:ec:58:01:16:79:68:6d:06:51:
be:e5:f3:e2:0c:f2:8d:66:b3:3d:88:95:57:91:92:c9:b5:a4:
24:5b:c1:8a:48:de:c8:ec:cd:ef:20:6a:bb:96:91:a3:de:37:
f0:63:54:14:36:32:6b:36:bb:ef:53:9f:03:71:24:6c:2c:3e:
99:b8:52:68:31:8f:e2:84:84:e1:b8:ae:2a:f6:d1:ec:5c:dc:
c5:ce:4e:f8:34:af:c5:42:00:35:6e:8a:31:17:04:6a:01:bf:
25:21:8d:3a:94:09:4a:fc:2f:82:1a:c8:c7:3b:d7:bc:46:71:
bc:aa:05:2e:88:25:2a:6a:92:33:c0:2c:e5:fb:3f:e2:b2:3c:
39:7f:28:c7
-----BEGIN CERTIFICATE-----
MIIGXTCCBUWgAwIBAgISAZjqht+5LyTtRTd3UAHIfoWtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwODI3MDc1NjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0YWUwNzNjNzAwZWY2Yjk0YTIyNTkwNTJjY2I1NzMyMjJlODdhYjJkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuR7Hw6rH1nVPIlYskJ3ikAE+k7Hf
euw7owwOLDfAJgDKDeNBreK2r7IZeUyeIBDLP14XFA0k1/1s67xo7VL4ksE88Sa/
itblem8+BaIsR/zlYyF+19ugy+8iHxxrTyrQjBfN4BfmZLQE3eo5YcdFPA1wIOlP
2NjcT7hXcsErDx1IW2z3t9ZY4kRys/x+rEuTyVME02cehTuI0QUr4ZGQJnKag1kf
3W8yxarZssu2upmC5dwu4VJtKKEoElpa8AbZjyAzz01xwMUdkuh83SQnMXwImFY4
Na7qvnZY2PYsyc0wDDWMBMK+XUbU0HfyF1Eczty6MJEcqk0ysNFDlH6ruQIDAQAB
o4IDaTCCA2UwHQYDVR0OBBYEFErgc8cA72uUoiWQUsy1cyIuh6stMB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvU3VCenh3RHZhNVNpSlpCU3pMVnpJaTZIcXkwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfQYIKwYBBQUHAQcBAf8EggFsMIIBaDCB2wQCAAEwgdQD
BAAl3XwDBAAtQ+UDBAAteLMDBABWaEsDBABZ3eAwDAMEAFuEhQMEAFuEhgMEAFvC
oQMEAF6DCAMEAF6DCjAMAwQAXoMNAwQAXoMOAwQAXoNgAwQAXoNkAwQAXoNoAwQA
XoN1AwQAXoN3AwQAZ3FFAwQBZ+dIAwQAkhNLAwQAkhOqAwQAsHhAAwQAsHhDAwQA
sHhKAwQAueo4AwQAueo6AwQAuepDAwQAufJUAwQAufqUAwQA1Z9BMAwDBADVn0MD
BAHVn0QwDAMEANWfTQMEBNWfQDCBhwQCAAIwgYADBQAqCXxDAwUAKgl8RgMFACoL
z0ADBQAqC89DAwUAKhE4AwMFACoROAUDBQEqETwAAwUAKhFMAAMFACoRTAQDBQAq
EUwGAwUAKhF+BgMFACoULYAwDgMFACoULYMDBQAqFC2EAwUAKhQthgMFACoUMIED
BQAqFDCEAwUAKhQwhjANBgkqhkiG9w0BAQsFAAOCAQEAan664Mh/jbjAmuvTPrf3
0+ytxEvG7CVlvFGLczNp7Pj0KAJ2JwxGwY7WA1E1Uld+Rc4Peo4YvVZttdj5VTi0
j3bw/9/xht+cT6YpLpY++k+GeP9iTonCM10S2r1SNJm0PVCfx3cyWZZ0i0b2QY+5
kcCGLgCr7FgBFnlobQZRvuXz4gzyjWazPYiVV5GSybWkJFvBikjeyOzN7yBqu5aR
o9438GNUFDYyaza771OfA3EkbCw+mbhSaDGP4oSE4biuKvbR7Fzcxc5O+DSvxUIA
NW6KMRcEagG/JSGNOpQJSvwvghrIxzvXvEZxvKoFLoglKmqSM8As5fs/4rI8OX8o
xw==
-----END CERTIFICATE-----
Generated at Sat Sep 6 01:43:33 2025 by rpki-client