Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/jAsntzTtn92HQL9aHBlPKpQ9oi4.roa
File: jAsntzTtn92HQL9aHBlPKpQ9oi4.roa (raw, json)
Hash identifier: t92FrYwTTmbFWyaQiww/KtMDvrJ45VQgGGv2qRGnF4g=
Subject key identifier: 8C:0B:27:B7:34:ED:9F:DD:87:40:BF:5A:1C:19:4F:2A:94:3D:A2:2E
Certificate issuer: /CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Certificate serial: 019914A9EB66D05002BFD9FA9127F8C9F8B5
Authority key identifier: A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/jAsntzTtn92HQL9aHBlPKpQ9oi4.roa
Signing time: Thu 04 Sep 2025 12:18:24 +0000
ROA not before: Thu 04 Sep 2025 12:18:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210079
IP address blocks: 5.35.100.0/24 maxlen: 24
5.35.101.0/24 maxlen: 24
5.35.102.0/24 maxlen: 24
37.143.8.0/23 maxlen: 23
37.143.10.0/23 maxlen: 23
37.143.12.0/23 maxlen: 23
37.143.14.0/23 maxlen: 23
46.254.16.0/23 maxlen: 23
46.254.18.0/23 maxlen: 23
46.254.20.0/23 maxlen: 23
46.254.22.0/24 maxlen: 24
46.254.23.0/24 maxlen: 24
91.201.40.0/22 maxlen: 22
91.218.228.0/23 maxlen: 23
91.218.230.0/23 maxlen: 23
95.181.224.0/24 maxlen: 24
95.181.225.0/24 maxlen: 24
95.181.226.0/24 maxlen: 24
95.181.227.0/24 maxlen: 24
95.181.228.0/24 maxlen: 24
95.181.229.0/24 maxlen: 24
95.181.230.0/24 maxlen: 24
95.181.231.0/24 maxlen: 24
95.183.8.0/23 maxlen: 23
95.183.10.0/24 maxlen: 24
95.183.11.0/24 maxlen: 24
95.183.12.0/24 maxlen: 24
95.183.13.0/24 maxlen: 24
95.183.14.0/24 maxlen: 24
95.183.15.0/24 maxlen: 24
178.57.216.0/23 maxlen: 24
178.57.218.0/23 maxlen: 24
178.57.220.0/23 maxlen: 23
178.57.220.0/24 maxlen: 24
178.57.221.0/24 maxlen: 24
178.57.222.0/23 maxlen: 24
178.217.100.0/24 maxlen: 24
178.217.101.0/24 maxlen: 24
185.11.246.0/23 maxlen: 23
185.12.92.0/22 maxlen: 22
185.12.92.0/24 maxlen: 24
185.12.93.0/24 maxlen: 24
185.12.94.0/24 maxlen: 24
185.12.95.0/24 maxlen: 24
185.22.232.0/23 maxlen: 23
185.22.234.0/23 maxlen: 23
185.87.192.0/24 maxlen: 24
185.87.193.0/24 maxlen: 24
185.87.194.0/24 maxlen: 24
185.87.195.0/24 maxlen: 24
185.87.196.0/24 maxlen: 24
185.87.197.0/24 maxlen: 24
185.87.198.0/24 maxlen: 24
185.87.199.0/24 maxlen: 24
185.221.152.0/22 maxlen: 24
185.221.154.0/24 maxlen: 24
185.221.155.0/24 maxlen: 24
212.8.247.0/24 maxlen: 24
217.144.96.0/24 maxlen: 24
217.144.97.0/24 maxlen: 24
217.144.98.0/24 maxlen: 24
217.144.99.0/24 maxlen: 24
217.144.100.0/24 maxlen: 24
217.144.101.0/24 maxlen: 24
217.144.103.0/24 maxlen: 24
2a03:80c0::/48 maxlen: 48
2a03:80c0:1::/48 maxlen: 48
2a03:c980:db::/48 maxlen: 48
2a03:c980:e5::/48 maxlen: 48
2a03:c980:5fb5::/48 maxlen: 48
2a03:c980:5fb7::/48 maxlen: 48
2a03:c980:b239::/48 maxlen: 48
2a03:c980:b916::/48 maxlen: 48
2a03:c980:b957::/48 maxlen: 48
2a03:c980:beef::/48 maxlen: 48
2a03:c980:d990::/48 maxlen: 48
2a03:c980:dead::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.mft
rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 11 Sep 2025 02:00:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:a9:eb:66:d0:50:02:bf:d9:fa:91:27:f8:c9:f8:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a952d0d266557385836aab7ae3fdced4ca74ad89
Validity
Not Before: Sep 4 12:18:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8c0b27b734ed9fdd8740bf5a1c194f2a943da22e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:25:d6:c7:a4:49:6d:4b:42:d1:c8:c3:3f:e8:
f6:5f:28:d7:a6:95:48:68:bf:8e:85:90:af:6b:df:
e8:45:ab:c3:5d:45:e3:d5:ae:c4:88:1d:69:77:5b:
c8:1a:1a:5d:cf:d0:ec:a8:fd:a8:95:15:8e:f3:c7:
7b:6c:23:2e:af:1d:2c:c3:99:a3:04:a8:2c:4c:71:
18:77:ad:2d:0b:58:fc:ee:d0:71:a7:57:5e:5c:aa:
3b:f1:3d:98:76:22:6f:9c:4c:2f:26:b3:94:7e:00:
3e:b8:10:70:6d:3e:73:3e:e5:0a:92:82:c3:2b:75:
9b:a9:78:09:3d:b2:c7:45:75:77:a1:44:b4:9b:68:
d8:d1:35:85:91:42:d1:34:42:95:78:92:e9:9f:60:
ec:61:52:f9:35:1e:17:07:2a:e8:45:06:65:46:ae:
9a:d9:4e:c0:e1:56:6d:7d:2d:97:6d:09:85:f0:c1:
5b:38:c9:2f:4e:5d:90:36:c3:43:11:22:2f:70:ca:
bb:05:7f:23:ca:7e:44:02:26:c9:db:70:66:23:c0:
e4:0d:28:fa:31:b6:0d:94:6b:f9:92:8a:2d:c0:15:
3d:bc:8c:57:3b:7f:7f:53:b8:84:53:46:24:02:9b:
84:fb:80:37:31:b0:28:f6:d2:6d:10:5c:60:c7:f1:
c5:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8C:0B:27:B7:34:ED:9F:DD:87:40:BF:5A:1C:19:4F:2A:94:3D:A2:2E
X509v3 Authority Key Identifier:
keyid:A9:52:D0:D2:66:55:73:85:83:6A:AB:7A:E3:FD:CE:D4:CA:74:AD:89
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/jAsntzTtn92HQL9aHBlPKpQ9oi4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/270a91-cbfd-4503-b960-4c21a505f346/1/qVLQ0mZVc4WDaqt64_3O1Mp0rYk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.35.100.0-5.35.102.255
37.143.8.0/21
46.254.16.0/21
91.201.40.0/22
91.218.228.0/22
95.181.224.0/21
95.183.8.0/21
178.57.216.0/21
178.217.100.0/23
185.11.246.0/23
185.12.92.0/22
185.22.232.0/22
185.87.192.0/21
185.221.152.0/22
212.8.247.0/24
217.144.96.0-217.144.101.255
217.144.103.0/24
IPv6:
2a03:80c0::/47
2a03:c980:db::/48
2a03:c980:e5::/48
2a03:c980:5fb5::/48
2a03:c980:5fb7::/48
2a03:c980:b239::/48
2a03:c980:b916::/48
2a03:c980:b957::/48
2a03:c980:beef::/48
2a03:c980:d990::/48
2a03:c980:dead::/48
Signature Algorithm: sha256WithRSAEncryption
98:98:32:33:ad:11:e7:13:d5:cf:c0:ab:d1:67:55:71:9a:2f:
e9:f3:31:f4:30:ba:e8:d4:60:88:42:12:12:ef:b5:ad:c0:2c:
f6:52:a6:84:04:86:ae:31:e2:b8:5a:af:ee:5c:3c:4c:a5:9b:
e3:25:92:21:31:7b:10:3a:31:91:62:1d:a2:7a:f5:74:0e:0b:
e4:97:76:31:d6:14:86:a8:28:34:b6:69:7a:e7:a2:60:e8:6c:
4d:1b:1c:4e:cf:ee:a5:49:b0:10:06:7e:14:c4:df:5f:63:3e:
9e:45:13:02:f4:c2:76:39:26:92:c0:57:11:09:3a:0d:45:2b:
b7:27:f3:19:99:23:b7:9b:cb:05:d4:85:7e:5c:a4:61:5c:83:
83:44:94:52:3d:18:dc:dc:98:a6:43:3d:f5:3d:48:72:6f:bf:
15:1d:54:63:90:4b:a2:f5:c1:03:95:ef:53:9d:ca:b1:41:0d:
2d:44:b2:d1:2b:82:1e:3f:37:da:4e:e1:02:c9:bf:6a:1e:19:
40:ea:8e:a9:a3:ed:1e:2e:2f:5c:b5:e7:9e:b4:53:48:eb:4b:
eb:0f:27:d3:73:f0:82:5f:5e:55:3c:47:dd:9f:2c:a8:7a:46:
a8:aa:9d:85:2d:52:24:d7:cb:34:0f:6d:72:a3:d0:60:d6:0f:
a5:a7:8f:05
-----BEGIN CERTIFICATE-----
MIIF2zCCBMOgAwIBAgISAZkUqetm0FACv9n6kSf4yfi1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE5NTJkMGQyNjY1NTczODU4MzZhYWI3YWUzZmRjZWQ0Y2E3
NGFkODkwHhcNMjUwOTA0MTIxODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YzBiMjdiNzM0ZWQ5ZmRkODc0MGJmNWExYzE5NGYyYTk0M2RhMjJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyCXWx6RJbUtC0cjDP+j2XyjXppVI
aL+OhZCva9/oRavDXUXj1a7EiB1pd1vIGhpdz9DsqP2olRWO88d7bCMurx0sw5mj
BKgsTHEYd60tC1j87tBxp1deXKo78T2YdiJvnEwvJrOUfgA+uBBwbT5zPuUKkoLD
K3WbqXgJPbLHRXV3oUS0m2jY0TWFkULRNEKVeJLpn2DsYVL5NR4XByroRQZlRq6a
2U7A4VZtfS2XbQmF8MFbOMkvTl2QNsNDESIvcMq7BX8jyn5EAibJ23BmI8DkDSj6
MbYNlGv5kootwBU9vIxXO39/U7iEU0YkApuE+4A3MbAo9tJtEFxgx/HF0QIDAQAB
o4IC5zCCAuMwHQYDVR0OBBYEFIwLJ7c07Z/dh0C/WhwZTyqUPaIuMB8GA1UdIwQY
MBaAFKlS0NJmVXOFg2qreuP9ztTKdK2JMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAt
NGMyMWE1MDVmMzQ2LzEvakFzbnR6VHRuOTJIUUw5YUhCbFBLcFE5b2k0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi8yNzBhOTEtY2JmZC00NTAzLWI5NjAtNGMyMWE1MDVmMzQ2
LzEvcVZMUTBtWlZjNFdEYXF0NjRfM08xTXAwcllrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIH8BggrBgEFBQcBBwEB/wSB7DCB6TB8BAIAATB2MAwDBAIF
I2QDBAAFI2YDBAMljwgDBAMu/hADBAJbySgDBAJb2uQDBANfteADBANftwgDBAOy
OdgDBAGy2WQDBAG5C/YDBAK5DFwDBAK5FugDBAO5V8ADBAK53ZgDBADUCPcwDAME
BdmQYAMEAdmQZAMEANmQZzBpBAIAAjBjAwcBKgOAwAAAAwcAKgPJgADbAwcAKgPJ
gADlAwcAKgPJgF+1AwcAKgPJgF+3AwcAKgPJgLI5AwcAKgPJgLkWAwcAKgPJgLlX
AwcAKgPJgL7vAwcAKgPJgNmQAwcAKgPJgN6tMA0GCSqGSIb3DQEBCwUAA4IBAQCY
mDIzrRHnE9XPwKvRZ1Vxmi/p8zH0MLro1GCIQhIS77WtwCz2UqaEBIauMeK4Wq/u
XDxMpZvjJZIhMXsQOjGRYh2ievV0Dgvkl3Yx1hSGqCg0tml656Jg6GxNGxxOz+6l
SbAQBn4UxN9fYz6eRRMC9MJ2OSaSwFcRCToNRSu3J/MZmSO3m8sF1IV+XKRhXIOD
RJRSPRjc3JimQz31PUhyb78VHVRjkEui9cEDle9TncqxQQ0tRLLRK4IePzfaTuEC
yb9qHhlA6o6po+0eLi9cteeetFNI60vrDyfTc/CCX15VPEfdnyyoekaoqp2FLVIk
18s0D21yo9Bg1g+lp48F
-----END CERTIFICATE-----
Generated at Wed Sep 10 10:12:26 2025 by rpki-client