
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OiQ4Rd9OJUGQ798H-77FK1uTPuw.roa
File: OiQ4Rd9OJUGQ798H-77FK1uTPuw.roa (raw, json)
Hash identifier: OYSrfcSonyP87gEHzJWFDf1QCoB9hpLtpuFirEV2r8I=
Subject key identifier: 3A:24:38:45:DF:4E:25:41:90:EF:DF:07:FB:BE:C5:2B:5B:93:3E:EC
Certificate issuer: /CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Certificate serial: 01988027FA375E6EF7C59EBB5B7B7A363E87
Authority key identifier: 8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OiQ4Rd9OJUGQ798H-77FK1uTPuw.roa
Signing time: Wed 06 Aug 2025 16:12:40 +0000
ROA not before: Wed 06 Aug 2025 16:12:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 35346
IP address blocks: 45.67.116.0/24 maxlen: 24
91.242.64.0/18 maxlen: 24
91.242.68.0/23 maxlen: 24
91.242.70.0/23 maxlen: 24
91.242.72.0/23 maxlen: 24
91.242.74.0/24 maxlen: 24
91.242.80.0/24 maxlen: 24
91.242.82.0/24 maxlen: 24
91.242.99.0/24 maxlen: 24
91.242.102.0/24 maxlen: 24
91.242.103.0/24 maxlen: 24
91.242.108.0/22 maxlen: 22
91.242.112.0/20 maxlen: 20
91.242.112.0/24 maxlen: 24
91.242.113.0/24 maxlen: 24
91.242.114.0/24 maxlen: 24
91.242.115.0/24 maxlen: 24
91.242.116.0/24 maxlen: 24
91.242.117.0/24 maxlen: 24
91.242.118.0/24 maxlen: 24
91.242.119.0/24 maxlen: 24
91.242.120.0/24 maxlen: 24
91.242.121.0/24 maxlen: 24
91.242.122.0/24 maxlen: 24
178.175.176.0/22 maxlen: 24
194.114.144.0/24 maxlen: 25
194.114.144.128/27 maxlen: 27
2a07:5540::/29 maxlen: 29
2a07:c040::/29 maxlen: 29
2a09:700::/29 maxlen: 29
2a09:15c0::/29 maxlen: 29
2a09:3ac0::/29 maxlen: 29
2a09:4440::/29 maxlen: 29
2a09:4c40::/29 maxlen: 29
2a09:63c0::/29 maxlen: 29
2a09:7640::/29 maxlen: 29
2a09:7b40::/29 maxlen: 29
2a09:7f00::/29 maxlen: 29
2a09:a480::/29 maxlen: 29
2a09:bdc0::/29 maxlen: 29
2a09:ca40::/29 maxlen: 29
2a09:e400::/29 maxlen: 29
2a09:f6c0::/29 maxlen: 29
2a09:f940::/29 maxlen: 29
2a09:fdc0::/29 maxlen: 29
2a0a:3700::/29 maxlen: 29
2a0a:3780::/29 maxlen: 29
2a0a:6000::/29 maxlen: 29
2a0a:ef00::/29 maxlen: 29
2a0b:280::/29 maxlen: 29
2a0b:5d00::/29 maxlen: 29
2a0c:380::/29 maxlen: 29
2a0c:3600::/32 maxlen: 32
2a0c:3780::/29 maxlen: 29
2a0c:57c0::/29 maxlen: 29
2a0c:ae00::/29 maxlen: 29
2a0d:1a00::/29 maxlen: 29
2a0d:dac0::/29 maxlen: 29
2a0d:fb00::/29 maxlen: 29
2a0e:f80::/29 maxlen: 29
2a0e:2080::/29 maxlen: 29
2a0e:2500::/29 maxlen: 29
2a0e:3380::/29 maxlen: 29
2a0e:3540::/29 maxlen: 29
2a0e:3c40::/29 maxlen: 29
2a0e:7880::/29 maxlen: 29
2a0e:b000::/29 maxlen: 29
2a0e:c3c0::/29 maxlen: 29
2a0e:c700::/29 maxlen: 29
2a0e:c800::/29 maxlen: 29
2a0e:d180::/29 maxlen: 29
2a0e:d880::/29 maxlen: 29
2a0e:e540::/29 maxlen: 29
2a0e:e8c0::/29 maxlen: 29
2a0e:e940::/29 maxlen: 29
2a0e:f540::/29 maxlen: 29
2a0f:740::/29 maxlen: 29
2a0f:1b40::/29 maxlen: 29
2a0f:3900::/29 maxlen: 29
2a0f:4840::/29 maxlen: 29
2a0f:6200::/29 maxlen: 29
2a0f:82c0::/29 maxlen: 29
2a0f:9380::/29 maxlen: 29
2a0f:b200::/29 maxlen: 29
2a0f:da00::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.mft
rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:27:fa:37:5e:6e:f7:c5:9e:bb:5b:7b:7a:36:3e:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bab30683859ec7e0206fe9265363e8e3971a9a8
Validity
Not Before: Aug 6 16:12:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3a243845df4e254190efdf07fbbec52b5b933eec
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:2d:06:fd:c0:ad:73:47:31:e5:08:2a:5d:35:
53:ac:a9:f4:07:3f:8f:89:cf:3c:89:17:01:d7:3e:
84:b8:fd:b4:3a:a8:ab:a9:86:b4:c0:70:c8:8a:78:
5f:ad:45:53:3c:ab:87:54:53:3c:ae:10:69:92:ed:
27:17:9a:53:d4:ed:56:0d:89:fa:6b:6f:b4:01:93:
76:13:9e:67:14:24:1d:52:8b:78:c9:4e:9d:66:51:
d7:ca:4f:ad:b1:f8:b5:9b:fa:f3:97:ea:98:86:60:
d3:86:f6:32:a8:7e:fd:7c:26:a2:b8:c0:20:97:e8:
2a:5f:a1:67:88:6c:64:85:b8:f8:e0:ff:bd:b8:75:
e8:4d:af:45:f7:c1:6f:1e:40:cf:16:99:36:33:19:
ff:f6:6d:2c:33:0d:7a:9a:2e:73:c9:9f:18:51:80:
2f:a2:96:5d:36:a9:3e:a4:cf:bc:81:a3:53:c1:be:
f2:e3:88:1f:41:ff:68:1d:31:79:ed:74:24:f1:b0:
04:34:2d:51:72:80:9c:ed:2e:74:ec:bc:0f:af:0c:
bc:04:6d:04:52:c5:31:2f:3c:a6:41:de:b7:e4:86:
3c:8a:ad:d2:da:62:e7:db:95:52:95:88:01:c5:ad:
dd:51:5e:e1:3c:59:cf:70:e7:ca:08:fc:a2:75:1c:
0f:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3A:24:38:45:DF:4E:25:41:90:EF:DF:07:FB:BE:C5:2B:5B:93:3E:EC
X509v3 Authority Key Identifier:
keyid:8B:AB:30:68:38:59:EC:7E:02:06:FE:92:65:36:3E:8E:39:71:A9:A8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i6swaDhZ7H4CBv6SZTY-jjlxqag.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/OiQ4Rd9OJUGQ798H-77FK1uTPuw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2b/81fd1a-47a7-45d8-be74-3ac9e56c3089/1/i6swaDhZ7H4CBv6SZTY-jjlxqag.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.67.116.0/24
91.242.64.0/18
178.175.176.0/22
194.114.144.0/24
IPv6:
2a07:5540::/29
2a07:c040::/29
2a09:700::/29
2a09:15c0::/29
2a09:3ac0::/29
2a09:4440::/29
2a09:4c40::/29
2a09:63c0::/29
2a09:7640::/29
2a09:7b40::/29
2a09:7f00::/29
2a09:a480::/29
2a09:bdc0::/29
2a09:ca40::/29
2a09:e400::/29
2a09:f6c0::/29
2a09:f940::/29
2a09:fdc0::/29
2a0a:3700::/29
2a0a:3780::/29
2a0a:6000::/29
2a0a:ef00::/29
2a0b:280::/29
2a0b:5d00::/29
2a0c:380::/29
2a0c:3600::/32
2a0c:3780::/29
2a0c:57c0::/29
2a0c:ae00::/29
2a0d:1a00::/29
2a0d:dac0::/29
2a0d:fb00::/29
2a0e:f80::/29
2a0e:2080::/29
2a0e:2500::/29
2a0e:3380::/29
2a0e:3540::/29
2a0e:3c40::/29
2a0e:7880::/29
2a0e:b000::/29
2a0e:c3c0::/29
2a0e:c700::/29
2a0e:c800::/29
2a0e:d180::/29
2a0e:d880::/29
2a0e:e540::/29
2a0e:e8c0::/29
2a0e:e940::/29
2a0e:f540::/29
2a0f:740::/29
2a0f:1b40::/29
2a0f:3900::/29
2a0f:4840::/29
2a0f:6200::/29
2a0f:82c0::/29
2a0f:9380::/29
2a0f:b200::/29
2a0f:da00::/29
Signature Algorithm: sha256WithRSAEncryption
92:55:0e:5b:d4:2d:ba:68:82:6a:3f:31:72:37:e3:40:44:c0:
e2:3f:ce:50:15:13:1c:b9:f2:28:69:5b:e3:c2:c9:31:71:88:
6b:19:ce:35:6b:a0:91:49:64:22:24:f5:44:8c:3c:87:58:f2:
d3:80:69:b8:e7:73:68:cc:a9:b7:c3:27:03:e7:65:5c:0d:62:
2d:24:9d:ff:f4:bd:1b:9e:0d:bf:01:9d:92:f9:64:29:b1:30:
0d:36:af:cb:ee:36:df:12:1e:45:58:fd:1d:c7:b3:29:08:f0:
ca:54:41:e0:40:f7:aa:a7:7a:07:94:33:86:37:46:c4:e7:61:
47:2a:d4:f2:ab:62:af:31:4f:76:1a:76:b4:5e:59:51:38:54:
9f:f9:81:f5:6f:b7:1b:01:de:88:97:66:c6:38:8b:e4:df:c8:
a2:41:0c:aa:8d:28:86:37:14:54:f9:c5:37:15:2e:99:f6:0f:
df:21:90:95:94:98:4b:13:73:b8:08:3b:9a:f8:e8:9d:60:dc:
20:cb:7e:bb:92:43:48:6a:bf:f7:71:51:f7:87:79:7b:8a:12:
64:f0:d7:f7:54:fa:f2:0b:d8:6d:f3:b9:5a:9d:e9:70:9f:08:
d8:65:33:15:03:d6:a0:1e:b4:37:1e:de:a3:e5:9c:5c:ee:e3:
b1:1f:3e:90
-----BEGIN CERTIFICATE-----
MIIGtzCCBZ+gAwIBAgISAZiAJ/o3Xm73xZ67W3t6Nj6HMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYWIzMDY4Mzg1OWVjN2UwMjA2ZmU5MjY1MzYzZThlMzk3
MWE5YTgwHhcNMjUwODA2MTYxMjQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYTI0Mzg0NWRmNGUyNTQxOTBlZmRmMDdmYmJlYzUyYjViOTMzZWVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAli0G/cCtc0cx5QgqXTVTrKn0Bz+P
ic88iRcB1z6EuP20OqirqYa0wHDIinhfrUVTPKuHVFM8rhBpku0nF5pT1O1WDYn6
a2+0AZN2E55nFCQdUot4yU6dZlHXyk+tsfi1m/rzl+qYhmDThvYyqH79fCaiuMAg
l+gqX6FniGxkhbj44P+9uHXoTa9F98FvHkDPFpk2Mxn/9m0sMw16mi5zyZ8YUYAv
opZdNqk+pM+8gaNTwb7y44gfQf9oHTF57XQk8bAENC1RcoCc7S507LwPrwy8BG0E
UsUxLzymQd635IY8iq3S2mLn25VSlYgBxa3dUV7hPFnPcOfKCPyidRwPbQIDAQAB
o4IDwzCCA78wHQYDVR0OBBYEFDokOEXfTiVBkO/fB/u+xStbkz7sMB8GA1UdIwQY
MBaAFIurMGg4Wex+Agb+kmU2Po45camoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQt
M2FjOWU1NmMzMDg5LzEvT2lRNFJkOU9KVUdRNzk4SC03N0ZLMXVUUHV3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yYi84MWZkMWEtNDdhNy00NWQ4LWJlNzQtM2FjOWU1NmMzMDg5
LzEvaTZzd2FEaFo3SDRDQnY2U1pUWS1qamx4cWFnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIB1wYIKwYBBQUHAQcBAf8EggHGMIIBwjAeBAIAATAYAwQA
LUN0AwQGW/JAAwQCsq+wAwQAwnKQMIIBngQCAAIwggGWAwUDKgdVQAMFAyoHwEAD
BQMqCQcAAwUDKgkVwAMFAyoJOsADBQMqCURAAwUDKglMQAMFAyoJY8ADBQMqCXZA
AwUDKgl7QAMFAyoJfwADBQMqCaSAAwUDKgm9wAMFAyoJykADBQMqCeQAAwUDKgn2
wAMFAyoJ+UADBQMqCf3AAwUDKgo3AAMFAyoKN4ADBQMqCmAAAwUDKgrvAAMFAyoL
AoADBQMqC10AAwUDKgwDgAMFACoMNgADBQMqDDeAAwUDKgxXwAMFAyoMrgADBQMq
DRoAAwUDKg3awAMFAyoN+wADBQMqDg+AAwUDKg4ggAMFAyoOJQADBQMqDjOAAwUD
Kg41QAMFAyoOPEADBQMqDniAAwUDKg6wAAMFAyoOw8ADBQMqDscAAwUDKg7IAAMF
AyoO0YADBQMqDtiAAwUDKg7lQAMFAyoO6MADBQMqDulAAwUDKg71QAMFAyoPB0AD
BQMqDxtAAwUDKg85AAMFAyoPSEADBQMqD2IAAwUDKg+CwAMFAyoPk4ADBQMqD7IA
AwUDKg/aADANBgkqhkiG9w0BAQsFAAOCAQEAklUOW9QtumiCaj8xcjfjQETA4j/O
UBUTHLnyKGlb48LJMXGIaxnONWugkUlkIiT1RIw8h1jy04BpuOdzaMypt8MnA+dl
XA1iLSSd//S9G54NvwGdkvlkKbEwDTavy+423xIeRVj9HcezKQjwylRB4ED3qqd6
B5QzhjdGxOdhRyrU8qtirzFPdhp2tF5ZUThUn/mB9W+3GwHeiJdmxjiL5N/IokEM
qo0ohjcUVPnFNxUumfYP3yGQlZSYSxNzuAg7mvjonWDcIMt+u5JDSGq/93FR94d5
e4oSZPDX91T68gvYbfO5Wp3pcJ8I2GUzFQPWoB60Nx7eo+WcXO7jsR8+kA==
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:38:46 2025 by rpki-client