Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1Thh-ddTZfVIqD8iLx2me0HFkyk.roa
File: 1Thh-ddTZfVIqD8iLx2me0HFkyk.roa (raw, json)
Hash identifier: JiNDcNhegE9v4OeDpVXiQordNiQilAq3rgA4Fmqk5iE=
Subject key identifier: D5:38:61:F9:D7:53:65:F5:48:A8:3F:22:2F:1D:A6:7B:41:C5:93:29
Certificate issuer: /CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Certificate serial: 019919D6CFAB0842393004C359E2070BFF24
Authority key identifier: D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1Thh-ddTZfVIqD8iLx2me0HFkyk.roa
Signing time: Fri 05 Sep 2025 12:25:32 +0000
ROA not before: Fri 05 Sep 2025 12:25:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62235
IP address blocks: 5.183.56.0/22 maxlen: 24
5.183.56.0/23 maxlen: 24
5.183.58.0/23 maxlen: 24
37.156.76.0/22 maxlen: 24
37.156.108.0/22 maxlen: 24
37.156.108.0/23 maxlen: 24
37.156.110.0/23 maxlen: 24
45.14.204.0/22 maxlen: 24
45.14.204.0/23 maxlen: 24
45.14.206.0/24 maxlen: 24
45.14.207.0/24 maxlen: 24
45.86.184.0/23 maxlen: 24
45.86.186.0/23 maxlen: 24
85.204.200.0/21 maxlen: 24
85.204.200.0/22 maxlen: 24
85.204.204.0/22 maxlen: 24
87.247.128.0/22 maxlen: 24
87.247.128.0/23 maxlen: 24
87.247.130.0/23 maxlen: 24
89.35.231.0/24 maxlen: 24
89.39.167.0/24 maxlen: 24
89.44.82.0/24 maxlen: 24
89.45.220.0/22 maxlen: 24
89.45.220.0/23 maxlen: 24
89.45.222.0/23 maxlen: 24
89.46.35.0/24 maxlen: 24
89.46.37.0/24 maxlen: 24
89.46.39.0/24 maxlen: 24
89.46.247.0/24 maxlen: 24
92.119.0.0/22 maxlen: 24
92.119.0.0/23 maxlen: 24
92.119.2.0/23 maxlen: 24
94.177.0.0/22 maxlen: 24
94.177.0.0/23 maxlen: 24
94.177.2.0/23 maxlen: 24
185.41.244.0/22 maxlen: 24
185.41.244.0/23 maxlen: 24
185.41.246.0/23 maxlen: 24
185.56.76.0/22 maxlen: 24
185.56.76.0/23 maxlen: 24
185.56.78.0/23 maxlen: 24
185.87.128.0/22 maxlen: 24
185.87.128.0/23 maxlen: 24
185.87.130.0/23 maxlen: 24
185.228.244.0/22 maxlen: 24
185.228.246.0/23 maxlen: 24
188.212.16.0/22 maxlen: 24
188.212.16.0/23 maxlen: 24
188.212.18.0/23 maxlen: 24
188.213.80.0/22 maxlen: 24
188.213.80.0/23 maxlen: 24
188.213.82.0/23 maxlen: 24
188.213.83.0/24 maxlen: 24
188.214.112.0/21 maxlen: 24
188.214.112.0/22 maxlen: 24
188.214.116.0/22 maxlen: 24
188.214.118.0/24 maxlen: 24
194.124.56.0/22 maxlen: 24
194.124.56.0/23 maxlen: 24
194.124.58.0/23 maxlen: 24
195.82.98.0/23 maxlen: 24
195.82.98.0/24 maxlen: 24
195.82.99.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.mft
rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 10 Sep 2025 06:00:30 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:19:d6:cf:ab:08:42:39:30:04:c3:59:e2:07:0b:ff:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d475fb0934cf6a58dccef110875dbe5e3e8b6b75
Validity
Not Before: Sep 5 12:25:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d53861f9d75365f548a83f222f1da67b41c59329
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:e8:b1:3d:e4:67:07:f3:d6:87:0d:47:ca:19:
c1:28:17:4a:1b:15:b0:9a:e0:49:26:1c:af:d8:7c:
94:c7:ef:12:0c:7d:77:ca:8c:10:b0:2f:fc:f9:05:
f6:e7:8f:12:4f:df:52:e6:05:ec:0f:72:ff:01:ba:
35:70:48:b7:b0:60:25:e7:c0:22:fb:b3:59:8e:eb:
27:d1:ea:28:5a:82:0a:cc:5c:f6:6b:a1:3f:25:64:
e4:c1:46:dd:36:30:5e:a2:d1:d5:c0:0d:8e:6d:87:
8e:1b:60:c6:b8:4f:c6:5c:da:73:f7:8f:aa:bb:84:
82:d5:68:dc:a1:fb:9e:12:c4:ee:0e:a7:86:c3:15:
c1:cd:36:bf:71:55:0f:f0:0c:63:92:2f:15:54:20:
c0:bc:f8:5c:65:dc:cb:16:b2:65:76:b9:fc:47:5e:
38:74:96:0f:f3:39:2a:1e:ea:c5:4a:54:bd:a6:d1:
59:67:47:50:93:45:37:ba:79:a0:7e:bf:95:80:c1:
9c:e8:a5:b7:28:17:1a:41:fe:f5:2e:06:29:4a:84:
30:fd:31:46:0f:4b:c5:d2:e2:fa:2e:e0:53:bf:3d:
18:43:58:cb:1b:5c:90:e1:5c:b3:89:f8:b9:3c:5a:
ef:19:9f:75:1c:5f:fa:a4:f8:f0:bb:20:2f:6d:5d:
9e:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:38:61:F9:D7:53:65:F5:48:A8:3F:22:2F:1D:A6:7B:41:C5:93:29
X509v3 Authority Key Identifier:
keyid:D4:75:FB:09:34:CF:6A:58:DC:CE:F1:10:87:5D:BE:5E:3E:8B:6B:75
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1HX7CTTPaljczvEQh12-Xj6La3U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1Thh-ddTZfVIqD8iLx2me0HFkyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c8/bff4aa-4f07-4129-8ad6-c7914ab64273/1/1HX7CTTPaljczvEQh12-Xj6La3U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.183.56.0/22
37.156.76.0/22
37.156.108.0/22
45.14.204.0/22
45.86.184.0/22
85.204.200.0/21
87.247.128.0/22
89.35.231.0/24
89.39.167.0/24
89.44.82.0/24
89.45.220.0/22
89.46.35.0/24
89.46.37.0/24
89.46.39.0/24
89.46.247.0/24
92.119.0.0/22
94.177.0.0/22
185.41.244.0/22
185.56.76.0/22
185.87.128.0/22
185.228.244.0/22
188.212.16.0/22
188.213.80.0/22
188.214.112.0/21
194.124.56.0/22
195.82.98.0/23
Signature Algorithm: sha256WithRSAEncryption
0d:16:12:54:c5:30:19:9c:29:4d:11:e2:c5:39:5d:72:8c:d8:
a4:c5:46:40:c9:31:0b:76:e4:81:07:fd:bd:26:74:7f:32:ba:
9b:d6:f8:29:33:47:7e:f6:03:3a:82:39:9a:60:95:53:5e:57:
63:10:1c:d7:9a:f8:d1:94:3e:e7:2d:4a:f7:91:d7:7a:63:cc:
eb:8f:3c:7f:01:66:d8:9e:e5:d6:04:51:0e:96:9e:73:d9:7d:
bd:00:7c:96:b6:69:69:57:08:e0:11:a9:5c:36:f4:3e:0e:36:
41:6f:10:4d:7e:5a:34:39:01:18:07:48:90:1e:1c:a0:76:de:
0a:4d:6f:cf:5e:3d:c1:ee:08:e1:8e:0e:56:67:6c:d8:85:c4:
f5:e4:2c:23:9d:11:b6:0d:51:13:fe:60:88:8a:c4:8e:75:aa:
2c:75:f0:82:e1:3c:28:0b:4a:4b:33:59:c7:c3:cf:d4:31:a4:
5e:93:ec:92:b1:d1:f2:6a:9e:3f:86:0f:67:1e:fd:98:5a:6a:
e6:9d:c7:9c:2f:63:a2:90:c4:02:63:0e:45:b8:64:1d:cb:9f:
b0:39:ae:d6:1f:28:a1:87:c9:07:ab:1e:02:87:8f:39:d2:43:
c1:5d:1e:c1:c6:46:b7:0e:34:d1:3c:2f:71:6b:fb:6d:e0:02:
83:93:78:0d
-----BEGIN CERTIFICATE-----
MIIFmDCCBICgAwIBAgISAZkZ1s+rCEI5MATDWeIHC/8kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ0NzVmYjA5MzRjZjZhNThkY2NlZjExMDg3NWRiZTVlM2U4
YjZiNzUwHhcNMjUwOTA1MTIyNTMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTM4NjFmOWQ3NTM2NWY1NDhhODNmMjIyZjFkYTY3YjQxYzU5MzI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+ixPeRnB/PWhw1HyhnBKBdKGxWw
muBJJhyv2HyUx+8SDH13yowQsC/8+QX2548ST99S5gXsD3L/Abo1cEi3sGAl58Ai
+7NZjusn0eooWoIKzFz2a6E/JWTkwUbdNjBeotHVwA2ObYeOG2DGuE/GXNpz94+q
u4SC1WjcofueEsTuDqeGwxXBzTa/cVUP8Axjki8VVCDAvPhcZdzLFrJldrn8R144
dJYP8zkqHurFSlS9ptFZZ0dQk0U3unmgfr+VgMGc6KW3KBcaQf71LgYpSoQw/TFG
D0vF0uL6LuBTvz0YQ1jLG1yQ4Vyzifi5PFrvGZ91HF/6pPjwuyAvbV2edwIDAQAB
o4ICpDCCAqAwHQYDVR0OBBYEFNU4YfnXU2X1SKg/Ii8dpntBxZMpMB8GA1UdIwQY
MBaAFNR1+wk0z2pY3M7xEIddvl4+i2t1MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYt
Yzc5MTRhYjY0MjczLzEvMVRoaC1kZFRaZlZJcUQ4aUx4Mm1lMEhGa3lrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jOC9iZmY0YWEtNGYwNy00MTI5LThhZDYtYzc5MTRhYjY0Mjcz
LzEvMUhYN0NUVFBhbGpjenZFUWgxMi1YajZMYTNVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG5BggrBgEFBQcBBwEB/wSBqTCBpjCBowQCAAEwgZwDBAIF
tzgDBAIlnEwDBAIlnGwDBAItDswDBAItVrgDBANVzMgDBAJX94ADBABZI+cDBABZ
J6cDBABZLFIDBAJZLdwDBABZLiMDBABZLiUDBABZLicDBABZLvcDBAJcdwADBAJe
sQADBAK5KfQDBAK5OEwDBAK5V4ADBAK55PQDBAK81BADBAK81VADBAO81nADBALC
fDgDBAHDUmIwDQYJKoZIhvcNAQELBQADggEBAA0WElTFMBmcKU0R4sU5XXKM2KTF
RkDJMQt25IEH/b0mdH8yupvW+CkzR372AzqCOZpglVNeV2MQHNea+NGUPuctSveR
13pjzOuPPH8BZtie5dYEUQ6WnnPZfb0AfJa2aWlXCOARqVw29D4ONkFvEE1+WjQ5
ARgHSJAeHKB23gpNb89ePcHuCOGODlZnbNiFxPXkLCOdEbYNURP+YIiKxI51qix1
8ILhPCgLSkszWcfDz9QxpF6T7JKx0fJqnj+GD2ce/Zhaauadx5wvY6KQxAJjDkW4
ZB3Ln7A5rtYfKKGHyQerHgKHjznSQ8FdHsHGRrcONNE8L3Fr+23gAoOTeA0=
-----END CERTIFICATE-----
Generated at Tue Sep 9 14:17:16 2025 by rpki-client