Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lE88PDcsjIqhwXVarqJN2wcG1gI.roa
File: lE88PDcsjIqhwXVarqJN2wcG1gI.roa (raw, json)
Hash identifier: mtQnWU28k+wiSin60RvZS0XsT889E5Nh9qVc9CZn2sE=
Subject key identifier: 94:4F:3C:3C:37:2C:8C:8A:A1:C1:75:5A:AE:A2:4D:DB:07:06:D6:02
Certificate issuer: /CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Certificate serial: 019A0DC3BD9414FEF41893D7F07D09F05B33
Authority key identifier: D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lE88PDcsjIqhwXVarqJN2wcG1gI.roa
Signing time: Wed 22 Oct 2025 21:12:03 +0000
ROA not before: Wed 22 Oct 2025 21:12:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44559
IP address blocks: 31.222.248.0/24 maxlen: 24
45.142.39.0/24 maxlen: 24
157.22.20.0/24 maxlen: 24
157.22.21.0/24 maxlen: 24
157.22.22.0/24 maxlen: 24
157.22.23.0/24 maxlen: 24
157.22.24.0/24 maxlen: 24
157.22.25.0/24 maxlen: 24
157.22.26.0/24 maxlen: 24
157.22.27.0/24 maxlen: 24
157.22.28.0/24 maxlen: 24
157.22.29.0/24 maxlen: 24
157.22.30.0/24 maxlen: 24
157.22.31.0/24 maxlen: 24
157.22.32.0/24 maxlen: 24
157.22.33.0/24 maxlen: 24
157.22.34.0/24 maxlen: 24
157.22.35.0/24 maxlen: 24
157.22.36.0/24 maxlen: 24
157.22.37.0/24 maxlen: 24
157.22.38.0/24 maxlen: 24
157.22.39.0/24 maxlen: 24
157.22.40.0/24 maxlen: 24
157.22.42.0/24 maxlen: 24
157.22.43.0/24 maxlen: 24
157.22.48.0/24 maxlen: 24
157.22.49.0/24 maxlen: 24
157.22.51.0/24 maxlen: 24
157.22.52.0/24 maxlen: 24
157.22.53.0/24 maxlen: 24
157.22.54.0/24 maxlen: 24
157.22.55.0/24 maxlen: 24
157.22.56.0/24 maxlen: 24
157.22.57.0/24 maxlen: 24
157.22.59.0/24 maxlen: 24
157.22.60.0/24 maxlen: 24
157.22.61.0/24 maxlen: 24
157.22.62.0/24 maxlen: 24
157.22.63.0/24 maxlen: 24
157.22.64.0/24 maxlen: 24
157.22.65.0/24 maxlen: 24
157.22.66.0/24 maxlen: 24
157.22.67.0/24 maxlen: 24
157.22.68.0/24 maxlen: 24
157.22.69.0/24 maxlen: 24
157.22.70.0/24 maxlen: 24
157.22.71.0/24 maxlen: 24
157.22.76.0/24 maxlen: 24
157.22.77.0/24 maxlen: 24
157.22.78.0/24 maxlen: 24
157.22.79.0/24 maxlen: 24
157.22.80.0/24 maxlen: 24
157.22.81.0/24 maxlen: 24
157.22.82.0/24 maxlen: 24
157.22.83.0/24 maxlen: 24
157.22.84.0/24 maxlen: 24
157.22.85.0/24 maxlen: 24
157.22.86.0/24 maxlen: 24
157.22.87.0/24 maxlen: 24
157.22.88.0/24 maxlen: 24
157.22.89.0/24 maxlen: 24
157.22.90.0/24 maxlen: 24
157.22.91.0/24 maxlen: 24
157.22.92.0/24 maxlen: 24
157.22.93.0/24 maxlen: 24
157.22.94.0/24 maxlen: 24
157.22.95.0/24 maxlen: 24
157.22.96.0/24 maxlen: 24
157.22.98.0/24 maxlen: 24
157.22.99.0/24 maxlen: 24
157.22.104.0/24 maxlen: 24
157.22.105.0/24 maxlen: 24
157.22.107.0/24 maxlen: 24
157.22.108.0/24 maxlen: 24
157.22.109.0/24 maxlen: 24
157.22.110.0/24 maxlen: 24
157.22.111.0/24 maxlen: 24
157.22.112.0/24 maxlen: 24
157.22.113.0/24 maxlen: 24
157.22.114.0/24 maxlen: 24
157.22.115.0/24 maxlen: 24
157.22.117.0/24 maxlen: 24
157.22.118.0/24 maxlen: 24
157.22.119.0/24 maxlen: 24
157.22.120.0/24 maxlen: 24
157.22.121.0/24 maxlen: 24
157.22.122.0/24 maxlen: 24
157.22.123.0/24 maxlen: 24
176.56.37.0/24 maxlen: 24
178.212.143.0/24 maxlen: 24
185.46.175.0/24 maxlen: 24
185.92.211.0/24 maxlen: 24
185.161.79.0/24 maxlen: 24
193.56.29.0/24 maxlen: 24
194.32.238.0/24 maxlen: 24
194.32.239.0/24 maxlen: 24
194.56.180.0/24 maxlen: 24
195.64.110.0/24 maxlen: 24
195.96.146.0/24 maxlen: 24
212.18.103.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.mft
rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 16:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0d:c3:bd:94:14:fe:f4:18:93:d7:f0:7d:09:f0:5b:33
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d76bb48e93e8a0058c5c72a81a8799455307ee56
Validity
Not Before: Oct 22 21:12:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=944f3c3c372c8c8aa1c1755aaea24ddb0706d602
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:d6:7f:36:a3:a2:77:95:7d:09:79:b0:5b:b5:
2d:bc:1f:ef:03:74:bd:da:97:7d:c2:22:52:86:3d:
fb:d6:a7:6f:5a:14:6d:37:b1:27:68:96:bf:0a:61:
9a:67:a1:5e:52:86:6d:30:34:f7:97:cd:af:ac:e4:
1c:13:9a:66:8d:ec:8d:40:1b:21:04:69:a9:ba:4d:
b9:aa:21:f3:e0:59:f9:27:9b:28:9d:37:70:66:e9:
a2:7f:c0:b2:5d:12:0b:a2:ed:86:81:fe:59:e4:b7:
60:45:60:56:4c:f4:f9:b2:2d:d5:72:0e:a5:7e:81:
3b:f1:65:a6:18:a9:02:23:02:27:9a:18:b5:4a:90:
b6:c2:e3:98:2b:ff:34:56:84:20:bf:d8:3e:a7:00:
0b:bc:d9:0e:18:68:35:c5:87:54:6b:df:d5:85:8f:
45:db:ca:a6:b0:df:10:0c:81:47:df:d7:03:f4:b1:
c8:ee:ec:b4:f7:1d:9c:30:4e:2e:a0:a3:c0:0a:fb:
db:d4:eb:36:d0:f2:f8:e9:0f:3c:dc:c1:8e:09:d1:
7a:1f:93:23:57:7c:41:5d:ed:72:d6:15:6a:7d:f1:
1e:8c:aa:0d:59:23:2b:c8:e2:32:8a:a9:ea:c6:1c:
95:50:31:ae:0c:ce:f6:73:6e:94:50:46:67:b7:12:
7a:a1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
94:4F:3C:3C:37:2C:8C:8A:A1:C1:75:5A:AE:A2:4D:DB:07:06:D6:02
X509v3 Authority Key Identifier:
keyid:D7:6B:B4:8E:93:E8:A0:05:8C:5C:72:A8:1A:87:99:45:53:07:EE:56
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/12u0jpPooAWMXHKoGoeZRVMH7lY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/lE88PDcsjIqhwXVarqJN2wcG1gI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/a5bfb6-6a10-4fbc-af48-8bfbdd45cb62/1/12u0jpPooAWMXHKoGoeZRVMH7lY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.248.0/24
45.142.39.0/24
157.22.20.0-157.22.40.255
157.22.42.0/23
157.22.48.0/23
157.22.51.0-157.22.57.255
157.22.59.0-157.22.71.255
157.22.76.0-157.22.96.255
157.22.98.0/23
157.22.104.0/23
157.22.107.0-157.22.115.255
157.22.117.0-157.22.123.255
176.56.37.0/24
178.212.143.0/24
185.46.175.0/24
185.92.211.0/24
185.161.79.0/24
193.56.29.0/24
194.32.238.0/23
194.56.180.0/24
195.64.110.0/24
195.96.146.0/24
212.18.103.0/24
Signature Algorithm: sha256WithRSAEncryption
23:db:59:24:21:9f:a1:7e:4d:b3:93:e9:77:aa:14:01:b0:ca:
f6:b2:2d:81:1f:6a:f4:c4:2b:db:81:35:6d:c0:15:ad:c7:4e:
67:59:8a:11:d8:83:6c:9c:d1:19:a9:d8:fe:8f:1d:52:10:57:
d3:7d:97:73:1d:a3:e9:f9:28:4a:b5:b4:d4:b6:02:ea:1f:8a:
2e:dd:95:67:29:75:6f:f8:0f:02:03:cd:99:74:9e:85:32:1b:
35:a1:cb:48:f9:05:cd:3f:3e:20:e1:12:90:c0:89:9a:69:ee:
d3:3d:e9:5f:02:e3:c8:9f:39:29:c9:bd:38:71:d4:b6:0e:9f:
d7:03:d7:47:27:99:fa:8e:fb:49:1d:ea:9e:3b:67:1d:0d:97:
42:76:77:8d:56:d8:1e:ec:75:6d:8c:b7:b7:98:5e:a3:df:85:
2a:59:a4:4d:16:2c:88:31:84:bc:82:b7:40:7a:c4:31:44:af:
53:50:ac:34:5b:cf:8d:9a:04:d5:6f:ee:0a:a7:b6:8a:a0:c8:
2d:e9:b3:5e:8c:59:9c:37:01:03:72:7a:09:c3:95:39:23:d8:
cd:dc:2f:60:f6:8f:1e:06:75:8c:d7:f2:75:f3:26:6a:35:15:
43:54:58:33:75:5d:39:27:1e:15:14:c2:81:a2:0f:70:aa:ba:
5c:65:ee:af
-----BEGIN CERTIFICATE-----
MIIFtjCCBJ6gAwIBAgISAZoNw72UFP70GJPX8H0J8FszMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQ3NmJiNDhlOTNlOGEwMDU4YzVjNzJhODFhODc5OTQ1NTMw
N2VlNTYwHhcNMjUxMDIyMjExMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NDRmM2MzYzM3MmM4YzhhYTFjMTc1NWFhZWEyNGRkYjA3MDZkNjAyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqtZ/NqOid5V9CXmwW7UtvB/vA3S9
2pd9wiJShj371qdvWhRtN7EnaJa/CmGaZ6FeUoZtMDT3l82vrOQcE5pmjeyNQBsh
BGmpuk25qiHz4Fn5J5sonTdwZumif8CyXRILou2Ggf5Z5LdgRWBWTPT5si3Vcg6l
foE78WWmGKkCIwInmhi1SpC2wuOYK/80VoQgv9g+pwALvNkOGGg1xYdUa9/VhY9F
28qmsN8QDIFH39cD9LHI7uy09x2cME4uoKPACvvb1Os20PL46Q883MGOCdF6H5Mj
V3xBXe1y1hVqffEejKoNWSMryOIyiqnqxhyVUDGuDM72c26UUEZntxJ6oQIDAQAB
o4ICwjCCAr4wHQYDVR0OBBYEFJRPPDw3LIyKocF1Wq6iTdsHBtYCMB8GA1UdIwQY
MBaAFNdrtI6T6KAFjFxyqBqHmUVTB+5WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgt
OGJmYmRkNDVjYjYyLzEvbEU4OFBEY3NqSXFod1hWYXJxSk4yd2NHMWdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9hNWJmYjYtNmExMC00ZmJjLWFmNDgtOGJmYmRkNDVjYjYy
LzEvMTJ1MGpwUG9vQVdNWEhLb0dvZVpSVk1IN2xZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHXBggrBgEFBQcBBwEB/wSBxzCBxDCBwQQCAAEwgboDBAAf
3vgDBAAtjicwDAMEAp0WFAMEAJ0WKAMEAZ0WKgMEAZ0WMDAMAwQAnRYzAwQBnRY4
MAwDBACdFjsDBAOdFkAwDAMEAp0WTAMEAJ0WYAMEAZ0WYgMEAZ0WaDAMAwQAnRZr
AwQCnRZwMAwDBACdFnUDBAKdFngDBACwOCUDBACy1I8DBAC5Lq8DBAC5XNMDBAC5
oU8DBADBOB0DBAHCIO4DBADCOLQDBADDQG4DBADDYJIDBADUEmcwDQYJKoZIhvcN
AQELBQADggEBACPbWSQhn6F+TbOT6XeqFAGwyvayLYEfavTEK9uBNW3AFa3HTmdZ
ihHYg2yc0Rmp2P6PHVIQV9N9l3Mdo+n5KEq1tNS2Auofii7dlWcpdW/4DwIDzZl0
noUyGzWhy0j5Bc0/PiDhEpDAiZpp7tM96V8C48ifOSnJvThx1LYOn9cD10cnmfqO
+0kd6p47Zx0Nl0J2d41W2B7sdW2Mt7eYXqPfhSpZpE0WLIgxhLyCt0B6xDFEr1NQ
rDRbz42aBNVv7gqntoqgyC3ps16MWZw3AQNyegnDlTkj2M3cL2D2jx4GdYzX8nXz
Jmo1FUNUWDN1XTknHhUUwoGiD3Cqulxl7q8=
-----END CERTIFICATE-----
Generated at Tue Nov 4 20:50:17 2025 by rpki-client