Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/LbbuvYNCQUioVv8zQH-Fc5UlHII.roa
File: LbbuvYNCQUioVv8zQH-Fc5UlHII.roa (raw, json)
Hash identifier: YzZ+diVYTspWHIE3LvR+g+W1S6ZTUYeSZQdRtZ8vrSI=
Subject key identifier: 2D:B6:EE:BD:83:42:41:48:A8:56:FF:33:40:7F:85:73:95:25:1C:82
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 0198377CD88F41F0F50C20D637384324FC45
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/LbbuvYNCQUioVv8zQH-Fc5UlHII.roa
Signing time: Wed 23 Jul 2025 13:33:05 +0000
ROA not before: Wed 23 Jul 2025 13:33:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.187.33.0/24 maxlen: 24
37.235.48.0/24 maxlen: 24
37.235.51.0/24 maxlen: 24
45.151.73.0/24 maxlen: 24
45.151.74.0/24 maxlen: 24
45.153.127.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.136.0/24 maxlen: 24
83.172.138.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.159.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.121.0/24 maxlen: 24
89.31.120.0/24 maxlen: 24
89.31.121.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.40.105.0/24 maxlen: 24
89.46.232.0/24 maxlen: 24
89.46.233.0/24 maxlen: 24
89.46.234.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.236.0/24 maxlen: 24
91.132.92.0/24 maxlen: 24
91.132.93.0/24 maxlen: 24
91.132.95.0/24 maxlen: 24
92.243.64.0/24 maxlen: 24
93.113.99.0/24 maxlen: 24
93.113.215.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.207.0/24 maxlen: 24
103.57.248.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.251.0/24 maxlen: 24
134.255.211.0/24 maxlen: 24
149.154.157.0/24 maxlen: 24
149.154.158.0/24 maxlen: 24
149.154.159.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.15.0/24 maxlen: 24
151.236.16.0/24 maxlen: 24
151.236.17.0/24 maxlen: 24
151.236.18.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.21.0/24 maxlen: 24
151.236.22.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
158.255.208.0/24 maxlen: 24
158.255.213.0/24 maxlen: 24
158.255.214.0/24 maxlen: 24
158.255.215.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.26.239.0/24 maxlen: 24
185.76.78.0/24 maxlen: 24
185.76.79.0/24 maxlen: 24
185.122.187.0/24 maxlen: 24
185.193.48.0/24 maxlen: 24
185.195.64.0/24 maxlen: 24
185.195.66.0/24 maxlen: 24
188.190.0.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.2.0/24 maxlen: 24
188.214.32.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
213.111.176.0/24 maxlen: 24
213.111.178.0/24 maxlen: 24
213.111.180.0/24 maxlen: 24
213.111.182.0/24 maxlen: 24
213.111.183.0/24 maxlen: 24
213.111.184.0/24 maxlen: 24
213.111.185.0/24 maxlen: 24
213.111.188.0/24 maxlen: 24
213.111.191.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
2a03:f80:32::/48 maxlen: 48
2a03:f80:33::/48 maxlen: 48
2a03:f80:39::/48 maxlen: 48
2a03:f80:40::/48 maxlen: 48
2a03:f80:41::/48 maxlen: 48
2a03:f80:44::/48 maxlen: 48
2a03:f80:45::/48 maxlen: 48
2a03:f80:46::/48 maxlen: 48
2a03:f80:47::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:49::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:65::/48 maxlen: 48
2a03:f80:81::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:381::/48 maxlen: 48
2a03:f80:852::/48 maxlen: 48
2a03:f80:971::/48 maxlen: 48
2a03:f80:4416::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:7c:d8:8f:41:f0:f5:0c:20:d6:37:38:43:24:fc:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Jul 23 13:33:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2db6eebd83424148a856ff33407f857395251c82
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8d:b1:7a:e7:59:ae:34:73:f2:a4:80:b6:3f:44:
bf:a7:91:6b:11:84:58:c4:bf:0e:ad:d4:8e:4f:e3:
41:a5:93:ae:0e:cb:71:2a:d7:2f:a9:60:a9:8e:5a:
ce:8e:7c:06:a3:a9:14:48:5b:ab:16:b6:05:86:fe:
3b:c7:44:d3:fa:9f:3a:45:2f:6d:2b:b9:ab:67:53:
1e:f1:89:2b:a4:98:2f:32:9b:56:7b:85:b3:0b:56:
f9:8b:0d:ab:33:5d:a9:b8:d6:f0:9a:ba:1e:85:19:
13:25:30:73:fb:90:61:49:43:0c:13:6c:cc:e9:4b:
03:c8:de:c7:03:bc:9e:0b:4a:9a:4d:40:f1:dc:77:
1c:c0:2c:1e:5e:d9:8a:ce:74:f7:08:20:e2:98:55:
57:c9:2b:84:c2:ea:15:a7:40:be:ad:5e:43:23:55:
1f:6e:82:f9:b1:9c:73:86:a9:9c:88:34:f9:fb:9e:
f7:ea:3d:06:de:5c:97:25:d6:c7:b8:8b:7a:d6:cf:
13:71:11:43:9f:d3:28:da:c6:6c:92:de:48:79:fe:
2f:5f:74:fa:53:62:59:26:77:16:c0:51:1d:ca:e8:
49:0f:74:36:9a:8b:f9:81:12:52:23:a1:9b:7d:b0:
49:e6:3f:5a:3b:80:b9:4c:67:c0:3e:b6:e8:da:f2:
01:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
2D:B6:EE:BD:83:42:41:48:A8:56:FF:33:40:7F:85:73:95:25:1C:82
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/LbbuvYNCQUioVv8zQH-Fc5UlHII.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.187.33.0/24
37.235.48.0/24
37.235.51.0/24
45.151.73.0-45.151.74.255
45.153.127.0/24
46.183.187.0/24
83.172.134.0-83.172.136.255
83.172.138.0/24
83.172.150.0/24
83.172.159.0/24
83.243.120.0/23
89.31.120.0/23
89.31.123.0/24
89.40.105.0/24
89.46.232.0-89.46.236.255
91.132.92.0/23
91.132.95.0/24
92.243.64.0/24
93.113.99.0/24
93.113.215.0/24
95.156.204.0/24
95.156.207.0/24
103.57.248.0/23
103.57.251.0/24
134.255.211.0/24
149.154.157.0-149.154.159.255
151.236.4.0/24
151.236.11.0/24
151.236.15.0-151.236.18.255
151.236.20.0-151.236.22.255
151.236.25.0/24
158.255.208.0/24
158.255.213.0-158.255.215.255
176.126.99.0/24
185.26.236.0/24
185.26.238.0/23
185.76.78.0/23
185.122.187.0/24
185.193.48.0/24
185.195.64.0/24
185.195.66.0/24
188.190.0.0-188.190.2.255
188.214.32.0/24
193.3.55.0/24
213.111.176.0/24
213.111.178.0/24
213.111.180.0/24
213.111.182.0-213.111.185.255
213.111.188.0/24
213.111.191.0/24
213.183.55.0/24
IPv6:
2a03:f80:32::/47
2a03:f80:39::/48
2a03:f80:40::/47
2a03:f80:44::-2a03:f80:49:ffff:ffff:ffff:ffff:ffff
2a03:f80:61::/48
2a03:f80:65::/48
2a03:f80:81::/48
2a03:f80:358::/48
2a03:f80:381::/48
2a03:f80:852::/48
2a03:f80:971::/48
2a03:f80:4416::/48
2a03:f80:ed51::/48
Signature Algorithm: sha256WithRSAEncryption
62:62:f6:0f:76:82:8a:7b:5e:27:f5:79:a1:99:00:1c:bb:26:
12:f9:ea:b2:09:ca:9c:b3:46:cb:99:9d:18:20:f5:d2:c2:c1:
e6:6f:1d:f0:8e:cc:db:b3:ea:4b:36:ac:f9:31:3c:84:ae:f3:
cc:82:22:23:dd:24:17:bd:3c:b7:37:55:53:83:0c:64:75:da:
5c:ad:dd:c2:c7:9b:bb:74:1c:6e:c8:47:69:03:64:86:2e:b3:
7a:7f:73:f9:1f:4e:9e:5c:2f:86:35:2a:40:8e:fa:ef:f7:aa:
6b:19:c1:ca:e1:a1:47:b8:d7:18:26:16:96:6c:07:d2:d3:9d:
0b:25:53:d9:6c:58:f8:fe:04:91:f3:8c:1b:83:ac:a0:77:85:
5a:82:88:0c:d1:47:a8:1d:2e:40:2d:a9:21:1c:3e:1e:e6:e4:
32:ec:c6:2a:7c:cb:05:93:e5:41:d6:2c:75:96:74:66:18:11:
57:59:e1:91:8f:8d:a8:9d:bb:77:41:23:bd:18:09:99:be:52:
cb:b8:7b:f1:be:d5:79:a3:0e:39:d6:06:a1:6a:35:0c:5a:3e:
c6:c7:9e:6a:3e:ee:3c:c1:cd:04:b5:f5:e0:d1:e3:66:ee:65:
f9:ff:98:77:1e:07:3b:7f:a0:76:6c:cf:f6:9c:ab:6c:ea:e1:
10:f2:4e:b0
-----BEGIN CERTIFICATE-----
MIIHBDCCBeygAwIBAgISAZg3fNiPQfD1DCDWNzhDJPxFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwNzIzMTMzMzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyZGI2ZWViZDgzNDI0MTQ4YTg1NmZmMzM0MDdmODU3Mzk1MjUxYzgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAjbF651muNHPypIC2P0S/p5FrEYRY
xL8OrdSOT+NBpZOuDstxKtcvqWCpjlrOjnwGo6kUSFurFrYFhv47x0TT+p86RS9t
K7mrZ1Me8YkrpJgvMptWe4WzC1b5iw2rM12puNbwmroehRkTJTBz+5BhSUMME2zM
6UsDyN7HA7yeC0qaTUDx3HccwCweXtmKznT3CCDimFVXySuEwuoVp0C+rV5DI1Uf
boL5sZxzhqmciDT5+5736j0G3lyXJdbHuIt61s8TcRFDn9Mo2sZskt5Ief4vX3T6
U2JZJncWwFEdyuhJD3Q2mov5gRJSI6GbfbBJ5j9aO4C5TGfAPrbo2vIBLQIDAQAB
o4IEEDCCBAwwHQYDVR0OBBYEFC227r2DQkFIqFb/M0B/hXOVJRyCMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvTGJidXZZTkNRVWlvVnY4elFILUZjNVVsSElJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICJAYIKwYBBQUHAQcBAf8EggITMIICDzCCAYEEAgABMIIB
eQMEAAW7IQMEACXrMAMEACXrMzAMAwQALZdJAwQALZdKAwQALZl/AwQALre7MAwD
BAFTrIYDBABTrIgDBABTrIoDBABTrJYDBABTrJ8DBAFT83gDBAFZH3gDBABZH3sD
BABZKGkwDAMEA1ku6AMEAFku7AMEAVuEXAMEAFuEXwMEAFzzQAMEAF1xYwMEAF1x
1wMEAF+czAMEAF+czwMEAWc5+AMEAGc5+wMEAIb/0zAMAwQAlZqdAwQFlZqAAwQA
l+wEAwQAl+wLMAwDBACX7A8DBACX7BIwDAMEApfsFAMEAJfsFgMEAJfsGQMEAJ7/
0DAMAwQAnv/VAwQDnv/QAwQAsH5jAwQAuRrsAwQBuRruAwQBuUxOAwQAuXq7AwQA
ucEwAwQAucNAAwQAucNCMAsDAwG8vgMEALy+AgMEALzWIAMEAMEDNwMEANVvsAME
ANVvsgMEANVvtDAMAwQB1W+2AwQB1W+4AwQA1W+8AwQA1W+/AwQA1bc3MIGHBAIA
AjCBgAMHASoDD4AAMgMHACoDD4AAOQMHASoDD4AAQDASAwcCKgMPgABEAwcBKgMP
gABIAwcAKgMPgABhAwcAKgMPgABlAwcAKgMPgACBAwcAKgMPgANYAwcAKgMPgAOB
AwcAKgMPgAhSAwcAKgMPgAlxAwcAKgMPgEQWAwcAKgMPgO1RMA0GCSqGSIb3DQEB
CwUAA4IBAQBiYvYPdoKKe14n9XmhmQAcuyYS+eqyCcqcs0bLmZ0YIPXSwsHmbx3w
jszbs+pLNqz5MTyErvPMgiIj3SQXvTy3N1VTgwxkddpcrd3Cx5u7dBxuyEdpA2SG
LrN6f3P5H06eXC+GNSpAjvrv96prGcHK4aFHuNcYJhaWbAfS050LJVPZbFj4/gSR
84wbg6ygd4VagogM0UeoHS5ALakhHD4e5uQy7MYqfMsFk+VB1ix1lnRmGBFXWeGR
j42onbt3QSO9GAmZvlLLuHvxvtV5ow451gahajUMWj7Gx55qPu48wc0EtfXg0eNm
7mX5/5h3Hgc7f6B2bM/2nKts6uEQ8k6w
-----END CERTIFICATE-----
Generated at Fri Aug 8 20:54:09 2025 by rpki-client