Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/DxWg3FoqPiSPowxTYXf08vKoD9E.roa
File: DxWg3FoqPiSPowxTYXf08vKoD9E.roa (raw, json)
Hash identifier: Oq/kkmlZEN5XGFpx8HpsuEdCe2L9wxdowthqlyHT7z0=
Subject key identifier: 0F:15:A0:DC:5A:2A:3E:24:8F:A3:0C:53:61:77:F4:F2:F2:A8:0F:D1
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 01995C7D5C8DFEA88B380014EDA6CA625FD1
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/DxWg3FoqPiSPowxTYXf08vKoD9E.roa
Signing time: Thu 18 Sep 2025 11:02:23 +0000
ROA not before: Thu 18 Sep 2025 11:02:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.10.192.0/24 maxlen: 32
45.10.193.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
81.21.232.0/22 maxlen: 32
86.105.183.0/24 maxlen: 32
87.239.255.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
103.21.52.0/24 maxlen: 32
103.24.232.0/22 maxlen: 32
103.71.60.0/24 maxlen: 32
103.76.255.0/24 maxlen: 32
103.81.230.0/23 maxlen: 23
103.145.75.0/24 maxlen: 32
103.204.222.0/23 maxlen: 32
103.221.52.0/22 maxlen: 32
103.228.200.0/22 maxlen: 32
103.251.26.0/23 maxlen: 23
104.36.50.0/24 maxlen: 32
116.206.96.0/22 maxlen: 32
137.59.60.0/22 maxlen: 32
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
199.249.223.0/24 maxlen: 32
2a01:4740::/32 maxlen: 48
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:5c:7d:5c:8d:fe:a8:8b:38:00:14:ed:a6:ca:62:5f:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Sep 18 11:02:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0f15a0dc5a2a3e248fa30c536177f4f2f2a80fd1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c1:f2:b1:b6:67:60:ae:63:de:4f:9c:32:7b:56:
8c:b8:0c:e0:82:4b:4c:01:75:e7:fe:76:12:64:6d:
7e:8f:c5:d4:4f:29:ef:48:70:5c:08:5d:32:2c:b8:
53:cd:2f:4b:93:ca:28:76:92:8a:46:a4:48:e8:dd:
7f:cf:81:2f:d3:80:e7:ff:ac:3c:45:af:67:82:ed:
68:a3:a4:ff:55:4f:ad:24:fb:ee:6d:22:22:5a:42:
ec:89:08:9a:72:19:cc:ae:ef:18:03:b7:16:ff:0c:
25:d6:d6:72:81:a7:80:76:5c:9c:9e:c4:31:5c:72:
17:ce:83:cb:ff:26:a6:2a:23:a9:59:d3:11:25:0f:
59:d8:42:36:c9:70:97:16:53:3a:65:7d:44:7a:36:
6b:6d:0e:94:83:fc:e2:02:26:fb:ce:d4:18:44:b4:
c7:1f:3a:92:18:44:b8:8d:f8:43:df:de:64:e2:d9:
8d:40:0c:4a:2b:c1:68:16:ab:56:b0:2a:c6:3f:16:
2b:d2:d2:c0:9e:71:a0:46:62:8b:1d:d4:2f:da:3d:
84:b6:aa:7e:31:f0:a0:69:ae:1d:cc:c7:0c:34:74:
97:1d:90:d4:61:b0:94:f6:c9:ef:0e:8a:00:f5:18:
6d:37:86:24:f2:44:f0:0c:a7:99:31:5b:2a:a3:90:
12:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0F:15:A0:DC:5A:2A:3E:24:8F:A3:0C:53:61:77:F4:F2:F2:A8:0F:D1
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/DxWg3FoqPiSPowxTYXf08vKoD9E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.10.192.0/23
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
81.21.232.0/22
86.105.183.0/24
87.239.255.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
103.21.52.0/24
103.24.232.0/22
103.71.60.0/24
103.76.255.0/24
103.81.230.0/23
103.145.75.0/24
103.204.222.0/23
103.221.52.0/22
103.228.200.0/22
103.251.26.0/23
104.36.50.0/24
116.206.96.0/22
137.59.60.0/22
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
199.249.223.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
78:05:55:4c:85:d6:f9:28:91:cf:fb:a2:25:b6:5f:c8:3c:69:
ae:b0:14:78:1c:02:1f:e9:0e:6a:78:7c:c4:d6:70:e3:bf:e7:
1e:50:3b:ce:28:61:9c:60:ee:44:b0:cf:ed:3f:91:29:cd:f9:
4f:44:67:6b:8f:12:22:a5:c4:2b:ac:cf:87:34:ee:0b:89:49:
8e:59:e9:fe:94:b5:52:86:f9:31:be:64:e3:72:6d:54:89:bf:
67:ea:69:5a:09:96:d3:bc:9e:f1:8d:fc:1d:ff:f3:1b:87:0f:
2a:64:af:18:ae:f9:29:55:2a:11:53:68:24:98:f3:b7:a7:e5:
a6:f5:ab:e0:9c:b2:90:3b:68:50:f9:19:0d:da:3e:6e:a8:4c:
f3:87:0e:a4:dc:c0:db:5b:45:1e:3e:76:61:31:37:ed:cb:66:
3f:db:b5:37:c7:3a:f2:f5:15:72:9e:6d:b1:ab:c7:9b:24:51:
ae:07:f3:79:7e:f2:a2:c8:28:44:8b:07:a2:02:e3:41:73:5c:
21:34:13:9c:0a:7f:9e:23:1c:b5:fd:e2:bc:05:0a:11:8b:e1:
c5:45:1d:83:d0:3d:22:ce:17:53:92:af:0b:2c:1b:4f:0d:e7:
fa:bd:9c:e1:8a:5a:cf:cb:c9:80:57:9c:cd:a3:50:31:44:9b:
0d:9d:b3:a8
-----BEGIN CERTIFICATE-----
MIIGojCCBYqgAwIBAgISAZlcfVyN/qiLOAAU7abKYl/RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwOTE4MTEwMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZjE1YTBkYzVhMmEzZTI0OGZhMzBjNTM2MTc3ZjRmMmYyYTgwZmQxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwfKxtmdgrmPeT5wye1aMuAzggktM
AXXn/nYSZG1+j8XUTynvSHBcCF0yLLhTzS9Lk8oodpKKRqRI6N1/z4Ev04Dn/6w8
Ra9ngu1oo6T/VU+tJPvubSIiWkLsiQiachnMru8YA7cW/wwl1tZygaeAdlycnsQx
XHIXzoPL/yamKiOpWdMRJQ9Z2EI2yXCXFlM6ZX1EejZrbQ6Ug/ziAib7ztQYRLTH
HzqSGES4jfhD395k4tmNQAxKK8FoFqtWsCrGPxYr0tLAnnGgRmKLHdQv2j2Etqp+
MfCgaa4dzMcMNHSXHZDUYbCU9snvDooA9RhtN4Yk8kTwDKeZMVsqo5AS4QIDAQAB
o4IDrjCCA6owHQYDVR0OBBYEFA8VoNxaKj4kj6MMU2F39PLyqA/RMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvRHhXZzNGb3FQaVNQb3d4VFlYZjA4dktvRDlFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBwgYIKwYBBQUHAQcBAf8EggGxMIIBrTCCASoEAgABMIIB
IgMEAAWargMEAS0KwAMEAi1fGAMEAi2QWAMEAi2VHDAMAwQALZmdAwQFLZmAAwQC
LZzgAwQAUPYeAwQCURXoAwQAVmm3AwQAV+//AwQAWSP5AwQAWSgYAwQAWSzNAwQA
W+TYAwQAXi7OAwQAZxU0AwQCZxjoAwQAZ0c8AwQAZ0z/AwQBZ1HmAwQAZ5FLAwQB
Z8zeAwQCZ900AwQCZ+TIAwQBZ/saAwQAaCQyAwQCdM5gAwQCiTs8AwQAuST+AwQA
uWCiAwQBuWxoAwQCuZOMAwQCuZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUAwQA
ubjkAwQAubw9AwQAucm8AwQCudlAAwQAufLZAwQAvHeaAwQAwSRZAwQAwy/CAwQA
x/nfMH0EAgACMHcDBQAqAUdAAwUDKgUowAMFAyoF9MADBQMqBjBAAwUDKgZGwAMF
AyoGSgADBQMqBlAAAwUDKgZXAAMFAyoG34ADBQMqBuSAAwUDKgdHgAMFAyoHnIAD
BQMqB/LAAwUDKgowgAMFAyoLP0ADBQMqDNjAAwUDKgzsQDANBgkqhkiG9w0BAQsF
AAOCAQEAeAVVTIXW+SiRz/uiJbZfyDxprrAUeBwCH+kOanh8xNZw47/nHlA7zihh
nGDuRLDP7T+RKc35T0Rna48SIqXEK6zPhzTuC4lJjlnp/pS1Uob5Mb5k43JtVIm/
Z+ppWgmW07ye8Y38Hf/zG4cPKmSvGK75KVUqEVNoJJjzt6flpvWr4JyykDtoUPkZ
Ddo+bqhM84cOpNzA21tFHj52YTE37ctmP9u1N8c68vUVcp5tsavHmyRRrgfzeX7y
osgoRIsHogLjQXNcITQTnAp/niMctf3ivAUKEYvhxUUdg9A9Is4XU5KvCywbTw3n
+r2c4Ypaz8vJgFeczaNQMUSbDZ2zqA==
-----END CERTIFICATE-----
Generated at Sun Oct 19 16:10:33 2025 by rpki-client