Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/hd8f9GXaZg6VqPO3GnT_Jn8EtPg.roa
File: hd8f9GXaZg6VqPO3GnT_Jn8EtPg.roa (raw, json)
Hash identifier: LitGGda2Jk/OSIgKSm4T+WW9T8l6YL8v5aCrz79cl4o=
Subject key identifier: 85:DF:1F:F4:65:DA:66:0E:95:A8:F3:B7:1A:74:FF:26:7F:04:B4:F8
Certificate issuer: /CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Certificate serial: 01992A257DC0C8142EB99F086493E41669DF
Authority key identifier: BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/hd8f9GXaZg6VqPO3GnT_Jn8EtPg.roa
Signing time: Mon 08 Sep 2025 16:25:24 +0000
ROA not before: Mon 08 Sep 2025 16:25:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 37.221.124.0/22 maxlen: 24
45.67.228.0/24 maxlen: 24
45.67.229.0/24 maxlen: 24
45.67.231.0/24 maxlen: 24
45.120.176.0/22 maxlen: 24
62.3.12.0/24 maxlen: 24
74.119.192.0/24 maxlen: 24
74.119.193.0/24 maxlen: 24
74.119.194.0/24 maxlen: 24
74.119.195.0/24 maxlen: 24
80.71.157.0/24 maxlen: 24
80.92.204.0/24 maxlen: 24
80.92.205.0/24 maxlen: 24
80.92.206.0/24 maxlen: 24
86.104.72.0/22 maxlen: 24
89.221.224.0/24 maxlen: 24
89.221.225.0/24 maxlen: 24
91.132.132.0/22 maxlen: 24
91.194.161.0/24 maxlen: 24
91.225.217.0/24 maxlen: 24
91.225.218.0/24 maxlen: 24
91.225.219.0/24 maxlen: 24
94.131.8.0/24 maxlen: 24
94.131.9.0/24 maxlen: 24
94.131.10.0/24 maxlen: 24
94.131.13.0/24 maxlen: 24
94.131.14.0/24 maxlen: 24
94.131.20.0/24 maxlen: 24
94.131.96.0/24 maxlen: 24
94.131.100.0/24 maxlen: 24
94.131.101.0/24 maxlen: 24
94.131.104.0/24 maxlen: 24
94.131.109.0/24 maxlen: 24
94.131.110.0/24 maxlen: 24
94.131.111.0/24 maxlen: 24
94.131.117.0/24 maxlen: 24
94.131.118.0/24 maxlen: 24
94.131.119.0/24 maxlen: 24
94.131.120.0/24 maxlen: 24
94.232.247.0/24 maxlen: 24
103.35.188.0/22 maxlen: 24
103.106.0.0/22 maxlen: 24
103.113.68.0/22 maxlen: 24
103.231.72.0/22 maxlen: 24
146.19.75.0/24 maxlen: 24
146.19.170.0/24 maxlen: 24
176.120.64.0/22 maxlen: 24
176.120.64.0/24 maxlen: 24
176.120.72.0/22 maxlen: 24
185.234.56.0/22 maxlen: 24
185.234.64.0/22 maxlen: 24
185.235.240.0/22 maxlen: 24
185.236.232.0/22 maxlen: 24
185.242.84.0/24 maxlen: 24
185.242.85.0/24 maxlen: 24
185.242.86.0/24 maxlen: 24
185.242.87.0/24 maxlen: 24
185.250.148.0/24 maxlen: 24
185.250.150.0/24 maxlen: 24
185.250.151.0/24 maxlen: 24
185.252.215.0/24 maxlen: 24
193.203.202.0/24 maxlen: 24
194.54.156.0/24 maxlen: 24
194.54.157.0/24 maxlen: 24
194.54.158.0/24 maxlen: 24
194.54.159.0/24 maxlen: 24
194.62.42.0/24 maxlen: 24
194.246.114.0/24 maxlen: 24
194.246.115.0/24 maxlen: 24
195.42.232.0/22 maxlen: 24
195.149.87.0/24 maxlen: 24
213.159.64.0/21 maxlen: 24
213.159.72.0/21 maxlen: 24
213.159.76.0/24 maxlen: 24
213.159.77.0/24 maxlen: 24
213.159.78.0/24 maxlen: 24
213.159.79.0/24 maxlen: 24
2a09:7c40::/32 maxlen: 32
2a09:7c41::/32 maxlen: 32
2a09:7c42::/32 maxlen: 32
2a09:7c43::/32 maxlen: 32
2a09:7c44::/32 maxlen: 32
2a09:7c45::/32 maxlen: 32
2a09:7c46::/32 maxlen: 32
2a09:7c47::/32 maxlen: 32
2a0b:cf40::/32 maxlen: 32
2a0b:cf43::/32 maxlen: 32
2a0b:cf45::/32 maxlen: 32
2a0b:cf46::/32 maxlen: 32
2a0b:cf47::/32 maxlen: 32
2a11:3805::/32 maxlen: 32
2a11:3c00::/32 maxlen: 32
2a11:3c01::/32 maxlen: 32
2a11:3c02::/32 maxlen: 32
2a11:3c03::/32 maxlen: 32
2a11:4c00::/32 maxlen: 32
2a11:4c01::/32 maxlen: 32
2a11:4c04::/32 maxlen: 32
2a11:4c05::/32 maxlen: 32
2a11:4c06::/32 maxlen: 32
2a11:7e06::/32 maxlen: 32
2a14:2d80::/32 maxlen: 32
2a14:2d81::/32 maxlen: 32
2a14:2d82::/32 maxlen: 32
2a14:2d83::/32 maxlen: 32
2a14:2d84::/32 maxlen: 32
2a14:2d85::/32 maxlen: 32
2a14:2d86::/32 maxlen: 32
2a14:2d87::/32 maxlen: 32
2a14:2e80::/32 maxlen: 32
2a14:2f80::/32 maxlen: 32
2a14:3080::/32 maxlen: 32
2a14:3081::/32 maxlen: 32
2a14:3082::/32 maxlen: 32
2a14:3083::/32 maxlen: 32
2a14:3084::/32 maxlen: 32
2a14:3085::/32 maxlen: 32
2a14:3086::/32 maxlen: 32
2a14:3087::/32 maxlen: 32
2a14:3880::/32 maxlen: 32
2a14:3883:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.mft
rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:2a:25:7d:c0:c8:14:2e:b9:9f:08:64:93:e4:16:69:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bb830630f23b070a2b7bdf529f73948c97eacd40
Validity
Not Before: Sep 8 16:25:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=85df1ff465da660e95a8f3b71a74ff267f04b4f8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:ae:a9:52:46:76:1d:49:28:8f:23:76:27:98:
08:91:bc:0e:12:bd:2b:f5:bc:00:a9:ce:30:53:f0:
50:bf:d5:7e:3f:4c:3f:e0:3c:fd:72:41:ca:48:4f:
01:55:c9:e4:72:c9:70:63:04:68:c6:ba:e2:b8:76:
0f:91:f7:e0:9c:ed:92:df:85:b6:31:44:df:da:55:
6f:9e:0c:d1:98:8a:eb:36:42:ae:89:5a:41:fa:4b:
a9:a3:1a:d3:d9:97:b5:90:e0:d2:80:b2:41:d5:d6:
30:f0:49:cd:41:39:41:e1:d5:a2:b2:00:1c:54:df:
82:45:ed:53:08:76:c5:32:12:3b:e5:26:49:3e:26:
00:13:c0:d6:17:4d:3b:fb:84:a2:65:a8:1c:80:19:
cc:25:19:c2:4d:71:c0:9d:8d:15:98:c5:b9:db:ee:
0f:30:70:25:19:1f:a1:3d:92:9b:9a:56:01:05:2a:
85:82:f5:80:d6:5a:0c:ee:64:ba:60:0a:92:e3:e3:
bd:01:0d:b8:97:70:03:54:03:72:d9:31:0b:b5:2a:
6e:f4:61:d1:3e:50:82:c6:94:34:40:21:28:99:c1:
4a:1b:69:8d:d5:eb:82:8a:d6:fe:66:95:b8:bf:11:
ef:74:aa:8c:5d:20:64:7e:c3:b5:dd:9a:3b:80:7f:
35:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
85:DF:1F:F4:65:DA:66:0E:95:A8:F3:B7:1A:74:FF:26:7F:04:B4:F8
X509v3 Authority Key Identifier:
keyid:BB:83:06:30:F2:3B:07:0A:2B:7B:DF:52:9F:73:94:8C:97:EA:CD:40
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/u4MGMPI7Bwore99Sn3OUjJfqzUA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/hd8f9GXaZg6VqPO3GnT_Jn8EtPg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9e/f76e20-5859-415d-86b3-119efcbb2023/1/u4MGMPI7Bwore99Sn3OUjJfqzUA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.221.124.0/22
45.67.228.0/23
45.67.231.0/24
45.120.176.0/22
62.3.12.0/24
74.119.192.0/22
80.71.157.0/24
80.92.204.0-80.92.206.255
86.104.72.0/22
89.221.224.0/23
91.132.132.0/22
91.194.161.0/24
91.225.217.0-91.225.219.255
94.131.8.0-94.131.10.255
94.131.13.0-94.131.14.255
94.131.20.0/24
94.131.96.0/24
94.131.100.0/23
94.131.104.0/24
94.131.109.0-94.131.111.255
94.131.117.0-94.131.120.255
94.232.247.0/24
103.35.188.0/22
103.106.0.0/22
103.113.68.0/22
103.231.72.0/22
146.19.75.0/24
146.19.170.0/24
176.120.64.0/22
176.120.72.0/22
185.234.56.0/22
185.234.64.0/22
185.235.240.0/22
185.236.232.0/22
185.242.84.0/22
185.250.148.0/24
185.250.150.0/23
185.252.215.0/24
193.203.202.0/24
194.54.156.0/22
194.62.42.0/24
194.246.114.0/23
195.42.232.0/22
195.149.87.0/24
213.159.64.0/20
IPv6:
2a09:7c40::/29
2a0b:cf40::/32
2a0b:cf43::/32
2a0b:cf45::-2a0b:cf47:ffff:ffff:ffff:ffff:ffff:ffff
2a11:3805::/32
2a11:3c00::/30
2a11:4c00::/31
2a11:4c04::-2a11:4c06:ffff:ffff:ffff:ffff:ffff:ffff
2a11:7e06::/32
2a14:2d80::/29
2a14:2e80::/32
2a14:2f80::/32
2a14:3080::/29
2a14:3880::/32
2a14:3883:1::/48
Signature Algorithm: sha256WithRSAEncryption
74:43:a8:77:a1:d2:01:7a:ac:a4:d9:b5:c8:bf:97:a0:f2:4d:
27:c7:ce:41:24:9f:43:bc:01:39:02:f1:22:8d:a8:53:2e:d5:
c1:4f:ed:03:0b:fe:50:57:ad:36:26:75:3c:f6:66:4f:63:a1:
df:b8:ec:99:db:96:d6:a3:26:7a:e0:90:ef:23:00:4a:0e:43:
80:fe:27:44:79:36:e2:30:f8:5b:bf:62:9c:10:0c:20:be:52:
63:59:07:b6:41:d1:50:42:39:88:c6:7d:91:a7:cd:4c:b3:7a:
9d:04:32:79:55:b3:b9:e6:94:6c:66:04:58:23:a2:77:e5:a6:
cf:e0:27:ab:a6:65:bb:c3:ff:3d:40:ad:ce:87:1d:a6:9f:21:
85:c3:3b:ec:fa:c2:db:ea:3f:c0:f2:ca:37:c5:21:89:1a:30:
e8:55:dc:d6:da:99:52:91:0c:e2:92:7a:1d:cf:0c:2a:c9:b9:
53:b3:32:b3:c5:8d:83:fe:ec:a6:db:b1:93:bf:46:33:6a:d4:
cd:3c:5f:75:25:b4:e5:73:ef:e7:a9:f6:c3:a3:17:4f:3e:43:
58:d0:84:ef:5f:b9:0e:4a:f3:cc:a5:f2:73:66:d4:8c:ea:2a:
b1:d4:36:80:43:14:f9:24:d4:c8:8a:28:b4:12:ab:99:20:08:
4d:91:e8:b8
-----BEGIN CERTIFICATE-----
MIIGxTCCBa2gAwIBAgISAZkqJX3AyBQuuZ8IZJPkFmnfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJiODMwNjMwZjIzYjA3MGEyYjdiZGY1MjlmNzM5NDhjOTdl
YWNkNDAwHhcNMjUwOTA4MTYyNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4NWRmMWZmNDY1ZGE2NjBlOTVhOGYzYjcxYTc0ZmYyNjdmMDRiNGY4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt66pUkZ2HUkojyN2J5gIkbwOEr0r
9bwAqc4wU/BQv9V+P0w/4Dz9ckHKSE8BVcnkcslwYwRoxrriuHYPkffgnO2S34W2
MUTf2lVvngzRmIrrNkKuiVpB+kupoxrT2Ze1kODSgLJB1dYw8EnNQTlB4dWisgAc
VN+CRe1TCHbFMhI75SZJPiYAE8DWF007+4SiZagcgBnMJRnCTXHAnY0VmMW52+4P
MHAlGR+hPZKbmlYBBSqFgvWA1loM7mS6YAqS4+O9AQ24l3ADVANy2TELtSpu9GHR
PlCCxpQ0QCEomcFKG2mN1euCitb+ZpW4vxHvdKqMXSBkfsO13Zo7gH81IQIDAQAB
o4ID0TCCA80wHQYDVR0OBBYEFIXfH/Rl2mYOlajztxp0/yZ/BLT4MB8GA1UdIwQY
MBaAFLuDBjDyOwcKK3vfUp9zlIyX6s1AMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMt
MTE5ZWZjYmIyMDIzLzEvaGQ4ZjlHWGFaZzZWcVBPM0duVF9KbjhFdFBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85ZS9mNzZlMjAtNTg1OS00MTVkLTg2YjMtMTE5ZWZjYmIyMDIz
LzEvdTRNR01QSTdCd29yZTk5U24zT1VqSmZxelVBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB5QYIKwYBBQUHAQcBAf8EggHUMIIB0DCCAUYEAgABMIIB
PgMEAiXdfAMEAS1D5AMEAC1D5wMEAi14sAMEAD4DDAMEAkp3wAMEAFBHnTAMAwQC
UFzMAwQAUFzOAwQCVmhIAwQBWd3gAwQCW4SEAwQAW8KhMAwDBABb4dkDBAJb4dgw
DAMEA16DCAMEAF6DCjAMAwQAXoMNAwQAXoMOAwQAXoMUAwQAXoNgAwQBXoNkAwQA
XoNoMAwDBABeg20DBAReg2AwDAMEAF6DdQMEAF6DeAMEAF7o9wMEAmcjvAMEAmdq
AAMEAmdxRAMEAmfnSAMEAJITSwMEAJITqgMEArB4QAMEArB4SAMEArnqOAMEArnq
QAMEArnr8AMEArns6AMEArnyVAMEALn6lAMEAbn6lgMEALn81wMEAMHLygMEAsI2
nAMEAMI+KgMEAcL2cgMEAsMq6AMEAMOVVwMEBNWfQDCBgwQCAAIwfQMFAyoJfEAD
BQAqC89AAwUAKgvPQzAOAwUAKgvPRQMFAyoLz0ADBQAqETgFAwUCKhE8AAMFASoR
TAAwDgMFAioRTAQDBQAqEUwGAwUAKhF+BgMFAyoULYADBQAqFC6AAwUAKhQvgAMF
AyoUMIADBQAqFDiAAwcAKhQ4gwABMA0GCSqGSIb3DQEBCwUAA4IBAQB0Q6h3odIB
eqyk2bXIv5eg8k0nx85BJJ9DvAE5AvEijahTLtXBT+0DC/5QV602JnU89mZPY6Hf
uOyZ25bWoyZ64JDvIwBKDkOA/idEeTbiMPhbv2KcEAwgvlJjWQe2QdFQQjmIxn2R
p81Ms3qdBDJ5VbO55pRsZgRYI6J35abP4CerpmW7w/89QK3Ohx2mnyGFwzvs+sLb
6j/A8so3xSGJGjDoVdzW2plSkQziknodzwwqyblTszKzxY2D/uym27GTv0YzatTN
PF91JbTlc+/nqfbDoxdPPkNY0ITvX7kOSvPMpfJzZtSM6iqx1DaAQxT5JNTIiii0
EquZIAhNkei4
-----END CERTIFICATE-----
Generated at Tue Sep 9 15:51:11 2025 by rpki-client