Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Dv1S1YEzH17LpAC-2GG3sT10oCs.roa
File: Dv1S1YEzH17LpAC-2GG3sT10oCs.roa (raw, json)
Hash identifier: hsPpxwvn6cSJNv+yA/RdWENbwgkgG1OHn52ADocHRrc=
Subject key identifier: 0E:FD:52:D5:81:33:1F:5E:CB:A4:00:BE:D8:61:B7:B1:3D:74:A0:2B
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019A24E389F75CA2647A1C714D4FDEEA0518
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Dv1S1YEzH17LpAC-2GG3sT10oCs.roa
Signing time: Mon 27 Oct 2025 08:58:03 +0000
ROA not before: Mon 27 Oct 2025 08:58:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
5.187.33.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.48.0/24 maxlen: 24
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.151.0/24 maxlen: 24
83.172.153.0/24 maxlen: 24
83.172.169.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.40.105.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.122.184.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.3.0/24 maxlen: 24
188.190.6.0/24 maxlen: 24
188.190.7.0/24 maxlen: 24
188.211.166.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
213.111.177.0/24 maxlen: 24
213.111.182.0/24 maxlen: 24
213.111.183.0/24 maxlen: 24
213.111.184.0/24 maxlen: 24
213.111.186.0/24 maxlen: 24
213.111.187.0/24 maxlen: 24
213.111.188.0/24 maxlen: 24
213.111.191.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:32::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f80:ed91::/48 maxlen: 48
2a03:f82:abcd::/48 maxlen: 48
2a03:f82:abcd:43::/64 maxlen: 64
2a03:f87:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:24:e3:89:f7:5c:a2:64:7a:1c:71:4d:4f:de:ea:05:18
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Oct 27 08:58:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0efd52d581331f5ecba400bed861b7b13d74a02b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a9:46:81:1d:fb:9d:88:8c:83:2f:8c:18:25:46:
6b:63:ec:80:23:fe:3d:9f:8e:98:d3:5f:df:d1:19:
83:ac:12:57:86:f2:f0:4c:1d:a2:ad:3a:09:10:c2:
9d:42:7e:e8:c8:0c:4b:bb:3d:29:3a:fc:f9:09:20:
c8:69:42:e3:9e:10:d2:c8:ae:0b:13:56:f0:60:49:
98:af:c5:00:66:28:d7:14:16:4c:3c:74:df:01:23:
0d:e5:c9:92:ab:2c:a2:34:99:e9:42:06:9b:e0:32:
66:d6:b7:86:1d:5e:1d:2c:d6:ee:c9:da:fd:af:73:
df:98:bd:6b:36:a7:8c:a5:85:20:12:90:25:f8:55:
17:fd:c6:0f:4a:da:24:36:58:54:7f:16:e1:5f:f3:
d2:11:93:75:05:16:f0:fd:01:99:eb:5a:8c:1a:41:
2c:0c:47:6b:17:d1:85:6a:7c:0a:20:0a:51:d9:f0:
31:87:22:8d:b6:98:b5:69:b4:58:ba:85:24:48:1a:
b8:d3:9f:e1:89:54:d6:64:40:a7:08:af:76:64:75:
e9:82:ba:40:72:8f:84:a2:aa:65:d4:b4:1b:3d:88:
b8:4d:af:6e:15:6f:c3:8f:3f:da:66:e4:b4:f0:79:
37:3a:7a:3b:db:8b:ba:94:d1:17:1b:1c:ae:fc:1c:
79:b7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:FD:52:D5:81:33:1F:5E:CB:A4:00:BE:D8:61:B7:B1:3D:74:A0:2B
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/Dv1S1YEzH17LpAC-2GG3sT10oCs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
5.187.33.0/24
37.235.48.0/20
45.153.125.0/24
46.183.187.0/24
83.172.134.0/23
83.172.150.0/23
83.172.153.0/24
83.172.169.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.40.105.0/24
89.46.235.0/24
89.46.238.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.204.0/23
103.57.249.0-103.57.250.255
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
176.126.99.0/24
185.26.236.0-185.26.238.255
185.122.184.0/24
185.193.51.0/24
185.195.65.0/24
188.190.1.0/24
188.190.3.0/24
188.190.6.0/23
188.211.166.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
193.3.55.0/24
213.111.177.0/24
213.111.182.0-213.111.184.255
213.111.186.0-213.111.188.255
213.111.191.0/24
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:31::-2a03:f80:32:ffff:ffff:ffff:ffff:ffff
2a03:f80:48::/48
2a03:f80:56::/47
2a03:f80:61::/48
2a03:f80:70::/48
2a03:f80:354::/48
2a03:f80:357::-2a03:f80:359:ffff:ffff:ffff:ffff:ffff
2a03:f80:370::/47
2a03:f80:3991::/48
2a03:f80:ad15::/48
2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
2a03:f80:ed31::/48
2a03:f80:ed51::/48
2a03:f80:ed91::/48
2a03:f82:abcd::/48
2a03:f87:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
41:dd:1f:2d:83:a6:37:8c:0c:c7:5b:68:f0:9d:cc:bc:45:2b:
fa:e4:f9:4e:22:22:f2:d1:c3:8a:e6:24:fd:b3:ff:13:91:1b:
a1:d8:84:0a:10:9c:01:38:56:75:4b:cd:bd:31:ce:f6:99:77:
87:db:ce:00:bb:e6:74:9d:93:05:77:33:4b:1d:bf:e4:84:26:
08:d2:3a:78:29:28:c6:7b:4c:d4:c1:6d:94:ac:83:55:f7:d0:
32:51:b0:a4:68:7c:ac:bc:e4:74:cd:5a:e7:c0:9d:2a:8c:85:
0a:42:97:8b:b7:9a:1d:ac:40:32:c3:41:8b:7b:7a:cd:d9:4d:
de:a4:69:cb:d1:60:c0:2f:62:48:5f:4d:22:52:2a:d6:c6:17:
af:c3:26:bc:c6:fc:ac:12:fb:42:b4:01:d7:66:6b:c9:75:aa:
e6:4a:56:9c:68:31:ca:22:55:86:7e:58:c6:c0:5e:16:88:38:
d3:19:24:e1:de:c2:0c:7b:49:69:ef:81:f0:55:ac:ae:a4:30:
65:41:ba:3e:2a:d4:8e:c9:26:42:33:70:74:24:26:c1:92:67:
84:0a:87:64:d0:c0:de:19:c4:61:27:63:5e:bc:45:10:51:0a:
bc:04:cc:0d:99:ae:60:a0:3d:f0:11:c9:75:32:e9:49:91:46:
d2:ba:cb:fe
-----BEGIN CERTIFICATE-----
MIIHBzCCBe+gAwIBAgISAZok44n3XKJkehxxTU/e6gUYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUxMDI3MDg1ODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWZkNTJkNTgxMzMxZjVlY2JhNDAwYmVkODYxYjdiMTNkNzRhMDJiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqUaBHfudiIyDL4wYJUZrY+yAI/49
n46Y01/f0RmDrBJXhvLwTB2irToJEMKdQn7oyAxLuz0pOvz5CSDIaULjnhDSyK4L
E1bwYEmYr8UAZijXFBZMPHTfASMN5cmSqyyiNJnpQgab4DJm1reGHV4dLNbuydr9
r3PfmL1rNqeMpYUgEpAl+FUX/cYPStokNlhUfxbhX/PSEZN1BRbw/QGZ61qMGkEs
DEdrF9GFanwKIApR2fAxhyKNtpi1abRYuoUkSBq405/hiVTWZECnCK92ZHXpgrpA
co+Eoqpl1LQbPYi4Ta9uFW/Djz/aZuS08Hk3Ono724u6lNEXGxyu/Bx5twIDAQAB
o4IEEzCCBA8wHQYDVR0OBBYEFA79UtWBMx9ey6QAvthht7E9dKArMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvRHYxUzFZRXpIMTdMcEFDLTJHRzNzVDEwb0NzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICJwYIKwYBBQUHAQcBAf8EggIWMIICEjCCAUoEAgABMIIB
QgMEAAW0cgMEAAW7IQMEBCXrMAMEAC2ZfQMEAC63uwMEAVOshgMEAVOslgMEAFOs
mQMEAFOsqQMEAFPzeAMEAVPzegMEAFT3PQMEAFZqdwMEAFkfewMEAFkoaQMEAFku
6wMEAFku7gMEAFuEXgMEAVvjzAMEAFzzQgMEAV+czDAMAwQAZzn5AwQAZzn6AwQA
hv/SMAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/0QMEAJ7/1AMEALB+YzAMAwQC
uRrsAwQAuRruAwQAuXq4AwQAucEzAwQAucNBAwQAvL4BAwQAvL4DAwQBvL4GAwQA
vNOmMAwDBAC81iEDBAC81iIDBAG81iYDBADBAzcDBADVb7EwDAMEAdVvtgMEANVv
uDAMAwQB1W+6AwQA1W+8AwQA1W+/MAwDBAHVtzYDBAHVtzgwgcEEAgACMIG6AwcA
KgMPgAAHMBIDBwAqAw+AADEDBwAqAw+AADIDBwAqAw+AAEgDBwEqAw+AAFYDBwAq
Aw+AAGEDBwAqAw+AAHADBwAqAw+AA1QwEgMHACoDD4ADVwMHASoDD4ADWAMHASoD
D4ADcAMHACoDD4A5kQMHACoDD4CtFTASAwcAKgMPgO0VAwcDKgMPgO0QAwcAKgMP
gO0xAwcAKgMPgO1RAwcAKgMPgO2RAwcAKgMPgqvNAwcAKgMPh///MA0GCSqGSIb3
DQEBCwUAA4IBAQBB3R8tg6Y3jAzHW2jwncy8RSv65PlOIiLy0cOK5iT9s/8TkRuh
2IQKEJwBOFZ1S829Mc72mXeH284Au+Z0nZMFdzNLHb/khCYI0jp4KSjGe0zUwW2U
rINV99AyUbCkaHysvOR0zVrnwJ0qjIUKQpeLt5odrEAyw0GLe3rN2U3epGnL0WDA
L2JIX00iUirWxhevwya8xvysEvtCtAHXZmvJdarmSlacaDHKIlWGfljGwF4WiDjT
GSTh3sIMe0lp74HwVayupDBlQbo+KtSOySZCM3B0JCbBkmeECodk0MDeGcRhJ2Ne
vEUQUQq8BMwNma5goD3wEcl1MulJkUbSusv+
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:22:36 2025 by rpki-client