Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/BdEPl2Neefl4GoaE_iupoW4vob4.roa
File: BdEPl2Neefl4GoaE_iupoW4vob4.roa (raw, json)
Hash identifier: iJi1nUHFyZuED4JVs82b7kN1M64TmmDeD6kSjvIrHS0=
Subject key identifier: 05:D1:0F:97:63:5E:79:F9:78:1A:86:84:FE:2B:A9:A1:6E:2F:A1:BE
Certificate issuer: /CN=85aaadc568f6c928fd764d421d42c71cf5791954
Certificate serial: 01985AB8FB481477BF79A36EA112930BDD30
Authority key identifier: 85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/BdEPl2Neefl4GoaE_iupoW4vob4.roa
Signing time: Wed 30 Jul 2025 09:45:29 +0000
ROA not before: Wed 30 Jul 2025 09:45:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44092
IP address blocks: 31.25.32.0/21 maxlen: 24
45.145.200.0/22 maxlen: 22
45.145.200.0/24 maxlen: 24
45.145.201.0/24 maxlen: 24
45.145.202.0/24 maxlen: 24
45.145.203.0/24 maxlen: 24
77.242.128.0/20 maxlen: 24
77.242.128.0/24 maxlen: 24
77.242.129.0/24 maxlen: 24
77.242.130.0/24 maxlen: 24
77.242.131.0/24 maxlen: 24
77.242.132.0/24 maxlen: 24
77.242.133.0/24 maxlen: 24
77.242.134.0/24 maxlen: 24
77.242.135.0/24 maxlen: 24
77.242.136.0/24 maxlen: 24
77.242.137.0/24 maxlen: 24
77.242.138.0/24 maxlen: 24
77.242.139.0/24 maxlen: 24
77.242.140.0/24 maxlen: 24
77.242.141.0/24 maxlen: 24
77.242.142.0/24 maxlen: 24
77.242.143.0/24 maxlen: 24
85.208.200.0/22 maxlen: 22
85.208.200.0/24 maxlen: 24
85.208.201.0/24 maxlen: 24
85.208.202.0/24 maxlen: 24
85.208.203.0/24 maxlen: 24
89.37.70.0/23 maxlen: 24
89.37.70.0/24 maxlen: 24
89.37.71.0/24 maxlen: 24
178.23.8.0/21 maxlen: 24
178.210.232.0/21 maxlen: 24
185.56.156.0/22 maxlen: 24
185.71.244.0/22 maxlen: 24
185.71.244.0/24 maxlen: 24
185.71.246.0/24 maxlen: 24
185.171.232.0/22 maxlen: 22
185.171.232.0/24 maxlen: 24
185.171.233.0/24 maxlen: 24
185.171.234.0/24 maxlen: 24
185.171.235.0/24 maxlen: 24
185.178.252.0/22 maxlen: 24
185.191.104.0/22 maxlen: 22
185.191.104.0/24 maxlen: 24
185.191.105.0/24 maxlen: 24
185.191.106.0/24 maxlen: 24
185.191.107.0/24 maxlen: 24
185.215.144.0/22 maxlen: 22
185.215.144.0/24 maxlen: 24
185.215.145.0/24 maxlen: 24
185.215.146.0/24 maxlen: 24
185.215.147.0/24 maxlen: 24
185.219.116.0/22 maxlen: 22
185.219.116.0/24 maxlen: 24
185.219.117.0/24 maxlen: 24
185.219.118.0/24 maxlen: 24
185.219.119.0/24 maxlen: 24
185.236.48.0/23 maxlen: 23
185.248.227.0/24 maxlen: 24
185.255.29.0/24 maxlen: 24
188.191.56.0/22 maxlen: 24
188.191.56.0/24 maxlen: 24
188.191.57.0/24 maxlen: 24
188.191.58.0/24 maxlen: 24
188.191.59.0/24 maxlen: 24
212.28.168.0/21 maxlen: 21
217.28.64.0/22 maxlen: 22
217.28.64.0/24 maxlen: 24
217.28.65.0/24 maxlen: 24
217.28.66.0/24 maxlen: 24
217.28.67.0/24 maxlen: 24
2a02:53e0::/32 maxlen: 32
2a05:3680::/29 maxlen: 29
2a0b:7b80::/29 maxlen: 29
2a0f:de80::/29 maxlen: 29
2a13:56c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 20:46:39 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5a:b8:fb:48:14:77:bf:79:a3:6e:a1:12:93:0b:dd:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85aaadc568f6c928fd764d421d42c71cf5791954
Validity
Not Before: Jul 30 09:45:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=05d10f97635e79f9781a8684fe2ba9a16e2fa1be
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e6:af:45:fd:05:db:3c:33:b5:42:ea:5c:45:28:
ef:0c:4b:09:42:65:6f:c2:24:52:8c:9e:60:dc:32:
d8:9b:66:7f:fc:ba:6f:ca:e2:40:b1:34:f2:92:e3:
59:11:b9:11:52:f6:3f:43:04:38:27:89:ec:00:19:
21:54:1c:f9:6d:4d:ef:db:3c:17:2b:b5:93:d2:98:
2b:ac:f9:f2:41:4c:37:4b:d5:a7:05:a7:67:a8:fd:
40:f7:6c:6d:0e:44:c6:33:cf:81:d7:e8:d4:ff:11:
df:78:44:00:e8:5d:0f:db:d1:52:4d:a9:1b:45:dc:
fb:96:c2:91:c5:12:2e:82:2b:fe:45:ea:c2:c3:57:
f1:0e:06:59:44:6b:33:ff:d7:af:81:83:01:1a:a7:
98:e8:fa:56:cc:ec:9a:f4:71:43:ac:1b:df:f5:fb:
9b:26:da:47:99:26:75:bb:3b:ec:d3:d5:64:4f:4d:
b4:6f:a8:c0:1c:13:11:11:9c:f6:46:41:e8:f0:08:
a1:24:38:cf:d4:be:65:b4:0b:f6:71:2e:95:96:3f:
a4:3f:41:67:c0:15:be:52:b5:b1:4e:4f:12:fa:6c:
a0:79:c3:70:8d:c6:6a:19:c0:83:14:80:0a:7c:1f:
45:0e:db:57:70:a6:be:30:eb:91:29:de:bc:3c:b8:
02:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
05:D1:0F:97:63:5E:79:F9:78:1A:86:84:FE:2B:A9:A1:6E:2F:A1:BE
X509v3 Authority Key Identifier:
keyid:85:AA:AD:C5:68:F6:C9:28:FD:76:4D:42:1D:42:C7:1C:F5:79:19:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/haqtxWj2ySj9dk1CHULHHPV5GVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/BdEPl2Neefl4GoaE_iupoW4vob4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/0ebdd4-2617-4d31-a8c3-45ea38da2218/1/haqtxWj2ySj9dk1CHULHHPV5GVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.32.0/21
45.145.200.0/22
77.242.128.0/20
85.208.200.0/22
89.37.70.0/23
178.23.8.0/21
178.210.232.0/21
185.56.156.0/22
185.71.244.0/22
185.171.232.0/22
185.178.252.0/22
185.191.104.0/22
185.215.144.0/22
185.219.116.0/22
185.236.48.0/23
185.248.227.0/24
185.255.29.0/24
188.191.56.0/22
212.28.168.0/21
217.28.64.0/22
IPv6:
2a02:53e0::/32
2a05:3680::/29
2a0b:7b80::/29
2a0f:de80::/29
2a13:56c0::/29
Signature Algorithm: sha256WithRSAEncryption
3a:51:05:17:cb:8a:77:f1:7d:d7:65:20:6e:a8:4f:32:6c:22:
bc:c2:56:b4:10:ce:c4:f2:c4:21:0f:4d:8f:40:e2:50:23:39:
07:d5:c2:d5:b3:4e:29:1b:22:ba:7b:f9:38:17:5b:7e:29:00:
d5:5b:02:6b:39:a5:d2:4a:e9:51:1e:8f:a1:3d:d0:d8:93:fe:
30:2b:11:31:6d:bd:a9:6d:f1:d7:88:a5:c5:7b:b6:7a:96:bc:
7d:05:3e:9f:f2:bb:b6:90:5c:d6:8a:fa:a0:1c:31:1a:44:76:
a9:f6:f0:97:c8:c3:75:bc:a4:c5:9b:45:c7:d5:91:8a:ec:3c:
19:8b:e4:88:a1:91:1b:0c:50:1c:b6:9d:b1:63:5e:3c:9c:aa:
0c:3c:c6:f7:ae:18:4d:fc:16:99:16:45:87:e2:8c:4c:3e:d0:
52:9a:23:a2:5d:27:9d:5b:79:9f:0b:80:97:f4:88:80:13:5a:
36:f2:fc:5d:c8:39:41:74:6d:95:94:9e:4e:f2:fc:e1:ac:5f:
98:94:0d:a0:ad:19:54:01:cb:a7:12:8b:93:e3:aa:d7:09:0e:
6d:f2:89:22:a9:d6:9e:4c:6a:61:2b:f9:47:f3:95:3b:d1:21:
02:12:13:73:49:cf:78:a6:77:3d:4c:92:0e:0a:9f:0b:9b:3b:
83:2a:08:7e
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZhauPtIFHe/eaNuoRKTC90wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1YWFhZGM1NjhmNmM5MjhmZDc2NGQ0MjFkNDJjNzFjZjU3
OTE5NTQwHhcNMjUwNzMwMDk0NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNWQxMGY5NzYzNWU3OWY5NzgxYTg2ODRmZTJiYTlhMTZlMmZhMWJlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5q9F/QXbPDO1QupcRSjvDEsJQmVv
wiRSjJ5g3DLYm2Z//LpvyuJAsTTykuNZEbkRUvY/QwQ4J4nsABkhVBz5bU3v2zwX
K7WT0pgrrPnyQUw3S9WnBadnqP1A92xtDkTGM8+B1+jU/xHfeEQA6F0P29FSTakb
Rdz7lsKRxRIugiv+RerCw1fxDgZZRGsz/9evgYMBGqeY6PpWzOya9HFDrBvf9fub
JtpHmSZ1uzvs09VkT020b6jAHBMREZz2RkHo8AihJDjP1L5ltAv2cS6Vlj+kP0Fn
wBW+UrWxTk8S+mygecNwjcZqGcCDFIAKfB9FDttXcKa+MOuRKd68PLgCZwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFAXRD5djXnn5eBqGhP4rqaFuL6G+MB8GA1UdIwQY
MBaAFIWqrcVo9sko/XZNQh1Cxxz1eRlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMt
NDVlYTM4ZGEyMjE4LzEvQmRFUGwyTmVlZmw0R29hRV9pdXBvVzR2b2I0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8wZWJkZDQtMjYxNy00ZDMxLWE4YzMtNDVlYTM4ZGEyMjE4
LzEvaGFxdHhXajJ5U2o5ZGsxQ0hVTEhIUFY1R1ZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzB+BAIAATB4AwQDHxkg
AwQCLZHIAwQETfKAAwQCVdDIAwQBWSVGAwQDshcIAwQDstLoAwQCuTicAwQCuUf0
AwQCuavoAwQCubL8AwQCub9oAwQCudeQAwQCudt0AwQBuewwAwQAufjjAwQAuf8d
AwQCvL84AwQD1ByoAwQC2RxAMCkEAgACMCMDBQAqAlPgAwUDKgU2gAMFAyoLe4AD
BQMqD96AAwUDKhNWwDANBgkqhkiG9w0BAQsFAAOCAQEAOlEFF8uKd/F912UgbqhP
MmwivMJWtBDOxPLEIQ9Nj0DiUCM5B9XC1bNOKRsiunv5OBdbfikA1VsCazml0krp
UR6PoT3Q2JP+MCsRMW29qW3x14ilxXu2epa8fQU+n/K7tpBc1or6oBwxGkR2qfbw
l8jDdbykxZtFx9WRiuw8GYvkiKGRGwxQHLadsWNePJyqDDzG964YTfwWmRZFh+KM
TD7QUpojol0nnVt5nwuAl/SIgBNaNvL8Xcg5QXRtlZSeTvL84axfmJQNoK0ZVAHL
pxKLk+Oq1wkObfKJIqnWnkxqYSv5R/OVO9EhAhITc0nPeKZ3PUySDgqfC5s7gyoI
fg==
-----END CERTIFICATE-----
Generated at Thu Aug 7 04:34:41 2025 by rpki-client