Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2IjIn5-Dwhcvj70-1kO_VkHVX88.roa
File: 2IjIn5-Dwhcvj70-1kO_VkHVX88.roa (raw, json)
Hash identifier: q4O8C7dpi9pUkbak0WlvIoH+UpFvLB3r5co6TSV8yiA=
Subject key identifier: D8:88:C8:9F:9F:83:C2:17:2F:8F:BD:3E:D6:43:BF:56:41:D5:5F:CF
Certificate issuer: /CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Certificate serial: 0198552F60C67BC942A63BB88C7DBBDF24D2
Authority key identifier: 54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2IjIn5-Dwhcvj70-1kO_VkHVX88.roa
Signing time: Tue 29 Jul 2025 07:57:05 +0000
ROA not before: Tue 29 Jul 2025 07:57:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20804
IP address blocks: 81.15.128.0/17 maxlen: 17
81.15.136.0/23 maxlen: 23
81.15.156.0/24 maxlen: 24
81.15.174.0/24 maxlen: 24
81.15.175.0/24 maxlen: 24
81.15.182.0/23 maxlen: 23
81.15.187.0/24 maxlen: 24
81.15.191.0/24 maxlen: 24
81.15.194.0/24 maxlen: 24
81.15.195.0/24 maxlen: 24
81.15.198.0/23 maxlen: 23
81.15.198.0/24 maxlen: 24
81.15.199.0/24 maxlen: 24
81.15.201.0/24 maxlen: 24
81.15.202.0/24 maxlen: 24
81.15.203.0/24 maxlen: 24
81.15.204.0/23 maxlen: 23
81.15.209.0/24 maxlen: 24
81.15.214.0/23 maxlen: 23
81.15.216.0/24 maxlen: 24
81.15.217.0/24 maxlen: 24
81.15.218.0/23 maxlen: 23
81.15.218.0/24 maxlen: 24
81.15.222.0/23 maxlen: 23
81.15.222.0/24 maxlen: 24
81.15.224.0/22 maxlen: 22
81.15.225.0/24 maxlen: 24
81.15.227.0/24 maxlen: 24
81.15.230.0/24 maxlen: 24
81.15.232.0/22 maxlen: 22
81.15.232.0/24 maxlen: 24
81.15.236.0/24 maxlen: 24
81.15.237.0/24 maxlen: 24
81.15.238.0/24 maxlen: 24
81.15.239.0/24 maxlen: 24
81.15.240.0/23 maxlen: 23
81.15.242.0/24 maxlen: 24
81.15.244.0/23 maxlen: 23
81.15.254.0/23 maxlen: 23
81.15.254.0/24 maxlen: 24
81.15.255.0/24 maxlen: 24
82.177.0.0/16 maxlen: 16
82.177.0.0/23 maxlen: 23
82.177.2.0/24 maxlen: 24
82.177.4.0/22 maxlen: 22
82.177.9.0/24 maxlen: 24
82.177.10.0/23 maxlen: 23
82.177.14.0/23 maxlen: 23
82.177.16.0/24 maxlen: 24
82.177.27.0/24 maxlen: 24
82.177.35.0/24 maxlen: 24
82.177.37.0/24 maxlen: 24
82.177.48.0/21 maxlen: 21
82.177.48.0/24 maxlen: 24
82.177.50.0/24 maxlen: 24
82.177.52.0/23 maxlen: 23
82.177.54.0/24 maxlen: 24
82.177.59.0/24 maxlen: 24
82.177.68.0/22 maxlen: 22
82.177.72.0/21 maxlen: 21
82.177.80.0/21 maxlen: 21
82.177.102.0/23 maxlen: 24
82.177.108.0/23 maxlen: 23
82.177.112.0/22 maxlen: 22
82.177.140.0/23 maxlen: 23
82.177.164.0/24 maxlen: 24
82.177.192.0/24 maxlen: 24
82.177.194.0/24 maxlen: 24
82.177.195.0/24 maxlen: 24
82.177.196.0/22 maxlen: 22
82.177.196.0/24 maxlen: 24
82.177.199.0/24 maxlen: 24
82.177.206.0/24 maxlen: 24
82.177.249.0/24 maxlen: 24
82.177.251.0/24 maxlen: 24
82.177.252.0/24 maxlen: 24
88.220.0.0/17 maxlen: 17
88.220.60.0/23 maxlen: 23
88.220.81.0/24 maxlen: 24
88.220.84.0/24 maxlen: 24
88.220.107.0/24 maxlen: 24
88.220.113.0/24 maxlen: 24
88.220.114.0/24 maxlen: 24
88.220.116.0/24 maxlen: 24
88.220.117.0/24 maxlen: 24
88.220.120.0/22 maxlen: 22
88.220.128.0/18 maxlen: 18
88.220.132.0/23 maxlen: 23
88.220.152.0/23 maxlen: 23
88.220.165.0/24 maxlen: 24
88.220.181.0/24 maxlen: 24
88.220.185.0/24 maxlen: 24
88.220.192.0/20 maxlen: 20
88.220.208.0/20 maxlen: 20
88.220.224.0/19 maxlen: 19
88.220.252.0/24 maxlen: 24
88.220.253.0/24 maxlen: 24
194.183.32.0/19 maxlen: 19
194.183.32.0/23 maxlen: 23
194.183.34.0/23 maxlen: 23
194.183.54.0/24 maxlen: 24
194.183.55.0/24 maxlen: 24
194.183.56.0/23 maxlen: 23
195.136.0.0/16 maxlen: 16
195.136.4.0/22 maxlen: 22
195.136.16.0/22 maxlen: 22
195.136.21.0/24 maxlen: 24
195.136.25.0/24 maxlen: 24
195.136.27.0/24 maxlen: 24
195.136.32.158/32 maxlen: 32
195.136.32.201/32 maxlen: 32
195.136.34.0/23 maxlen: 23
195.136.38.0/23 maxlen: 23
195.136.65.0/24 maxlen: 24
195.136.88.0/22 maxlen: 22
195.136.113.0/24 maxlen: 24
195.136.148.0/22 maxlen: 22
195.136.156.0/23 maxlen: 23
195.136.164.0/23 maxlen: 23
195.136.174.0/23 maxlen: 23
195.136.176.0/22 maxlen: 22
213.172.160.0/19 maxlen: 19
2a00:4120::/32 maxlen: 32
2a00:4120:8000:2::/64 maxlen: 64
2a00:4120:8000:4::/64 maxlen: 64
2a00:4120:8000:5::/64 maxlen: 64
2a00:4120:8000:70::/65 maxlen: 65
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.mft
rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 20:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:2f:60:c6:7b:c9:42:a6:3b:b8:8c:7d:bb:df:24:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=546834e68890f3986a1b0457ce0f54ae03c2d76b
Validity
Not Before: Jul 29 07:57:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d888c89f9f83c2172f8fbd3ed643bf5641d55fcf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a7:0d:bd:f3:f6:24:b2:db:50:f4:d0:28:fa:ab:
5e:7e:3e:7a:38:c0:8f:d1:48:31:9b:8e:8a:90:7e:
e5:23:2c:3a:c0:78:bd:d3:ad:24:38:31:54:39:91:
08:8a:a3:41:bb:b3:9f:77:e4:29:77:75:f0:39:6c:
d3:8b:94:42:9e:8b:4b:0c:a7:68:dd:59:44:e1:7c:
a3:84:cc:2e:bb:e6:e1:0e:da:ba:8a:9a:b0:62:bc:
bb:17:20:bb:5b:87:bd:28:49:9d:9b:7a:3c:e6:d3:
b5:14:a8:08:0b:1a:b6:62:f9:57:4b:f4:4c:42:14:
99:ef:3e:0a:d1:2d:d7:42:be:d7:3b:c1:d2:d9:4e:
98:1b:74:97:48:f9:f0:89:4e:70:9a:49:2e:3b:6d:
da:e5:38:68:51:01:40:4e:42:6c:fc:77:be:3f:be:
a9:e2:84:f4:75:46:a6:43:4e:e6:26:41:ff:8f:f7:
e1:bc:4a:75:b4:56:a9:77:0d:75:3a:6a:8a:92:3d:
0c:82:c4:56:cf:b6:05:57:ed:78:2b:4a:ae:51:7e:
80:46:99:e8:ea:d2:1e:c7:7c:82:e3:33:79:5e:90:
50:1a:7b:29:4a:26:f1:b1:f4:d7:92:f0:31:55:7d:
95:31:d4:09:5c:9e:1a:89:0a:d8:94:42:23:25:45:
e5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D8:88:C8:9F:9F:83:C2:17:2F:8F:BD:3E:D6:43:BF:56:41:D5:5F:CF
X509v3 Authority Key Identifier:
keyid:54:68:34:E6:88:90:F3:98:6A:1B:04:57:CE:0F:54:AE:03:C2:D7:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VGg05oiQ85hqGwRXzg9UrgPC12s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/2IjIn5-Dwhcvj70-1kO_VkHVX88.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/69/5f2f0b-fd82-44fa-b634-52766b24baa4/1/VGg05oiQ85hqGwRXzg9UrgPC12s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.15.128.0/17
82.177.0.0/16
88.220.0.0/16
194.183.32.0/19
195.136.0.0/16
213.172.160.0/19
IPv6:
2a00:4120::/32
Signature Algorithm: sha256WithRSAEncryption
09:0b:f3:0a:70:bb:8d:b4:d3:66:a1:7b:9c:71:7b:e1:58:ac:
a9:ea:31:e0:87:e7:c8:5f:8b:35:a3:ff:fb:08:fb:31:b5:f8:
68:64:5e:99:53:bf:d1:2d:e1:9a:e7:8b:fa:d0:f4:0b:26:e8:
d2:98:d6:f8:87:48:11:37:f2:47:6c:94:ce:b7:0b:b8:12:18:
bc:91:fd:07:06:dd:40:09:1f:c4:c1:10:c9:d5:03:f1:2b:80:
2f:e3:5c:c1:ff:1d:fb:7f:50:03:70:e3:f2:9f:1d:6c:0e:b5:
f9:2f:61:ee:c9:f3:4b:bc:72:09:74:3a:30:85:22:60:97:cb:
a6:f2:9e:47:a2:b1:af:b0:9d:59:7d:4c:8d:3e:bf:fe:f3:66:
c2:89:7d:4f:9d:c2:0e:d2:af:b9:69:37:85:8a:46:58:11:46:
51:6b:7f:47:0c:09:86:ca:32:ee:8e:5a:75:b8:d4:6c:5e:8c:
04:fd:94:e6:f8:70:16:c9:49:d8:6f:56:83:ff:3d:05:63:df:
c1:1d:c0:7a:62:46:1b:57:ee:4d:91:23:dd:7f:56:3a:20:3f:
f3:0f:c1:a2:90:be:7e:07:c0:0c:53:8e:ac:cb:96:67:50:1c:
c5:f1:28:ca:5f:a8:64:56:63:d7:30:2b:f7:4c:b5:c2:da:dc:
a4:93:96:ee
-----BEGIN CERTIFICATE-----
MIIFJzCCBA+gAwIBAgISAZhVL2DGe8lCpju4jH273yTSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU0NjgzNGU2ODg5MGYzOTg2YTFiMDQ1N2NlMGY1NGFlMDNj
MmQ3NmIwHhcNMjUwNzI5MDc1NzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkODg4Yzg5ZjlmODNjMjE3MmY4ZmJkM2VkNjQzYmY1NjQxZDU1ZmNmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApw298/YksttQ9NAo+qtefj56OMCP
0Ugxm46KkH7lIyw6wHi9060kODFUOZEIiqNBu7Ofd+Qpd3XwOWzTi5RCnotLDKdo
3VlE4XyjhMwuu+bhDtq6ipqwYry7FyC7W4e9KEmdm3o85tO1FKgICxq2YvlXS/RM
QhSZ7z4K0S3XQr7XO8HS2U6YG3SXSPnwiU5wmkkuO23a5ThoUQFATkJs/He+P76p
4oT0dUamQ07mJkH/j/fhvEp1tFapdw11OmqKkj0MgsRWz7YFV+14K0quUX6ARpno
6tIex3yC4zN5XpBQGnspSibxsfTXkvAxVX2VMdQJXJ4aiQrYlEIjJUXlVwIDAQAB
o4ICMzCCAi8wHQYDVR0OBBYEFNiIyJ+fg8IXL4+9PtZDv1ZB1V/PMB8GA1UdIwQY
MBaAFFRoNOaIkPOYahsEV84PVK4DwtdrMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQt
NTI3NjZiMjRiYWE0LzEvMklqSW41LUR3aGN2ajcwLTFrT19Wa0hWWDg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82OS81ZjJmMGItZmQ4Mi00NGZhLWI2MzQtNTI3NjZiMjRiYWE0
LzEvVkdnMDVvaVE4NWhxR3dSWHpnOVVyZ1BDMTJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEkGCCsGAQUFBwEHAQH/BDowODAnBAIAATAhAwQHUQ+AAwMA
UrEDAwBY3AMEBcK3IAMDAMOIAwQF1aygMA0EAgACMAcDBQAqAEEgMA0GCSqGSIb3
DQEBCwUAA4IBAQAJC/MKcLuNtNNmoXuccXvhWKyp6jHgh+fIX4s1o//7CPsxtfho
ZF6ZU7/RLeGa54v60PQLJujSmNb4h0gRN/JHbJTOtwu4Ehi8kf0HBt1ACR/EwRDJ
1QPxK4Av41zB/x37f1ADcOPynx1sDrX5L2HuyfNLvHIJdDowhSJgl8um8p5HorGv
sJ1ZfUyNPr/+82bCiX1PncIO0q+5aTeFikZYEUZRa39HDAmGyjLujlp1uNRsXowE
/ZTm+HAWyUnYb1aD/z0FY9/BHcB6YkYbV+5NkSPdf1Y6ID/zD8GikL5+B8AMU46s
y5ZnUBzF8SjKX6hkVmPXMCv3TLXC2tykk5bu
-----END CERTIFICATE-----
Generated at Sat Aug 9 05:37:20 2025 by rpki-client