Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/vk_GtFEXTwYRBCAgUHHv_ETb-i8.roa
File: vk_GtFEXTwYRBCAgUHHv_ETb-i8.roa (raw, json)
Hash identifier: DTHAkp6w1RyDjKvGkhN1ETcfrpfufgrsq2OK7DZvW8w=
Subject key identifier: BE:4F:C6:B4:51:17:4F:06:11:04:20:20:50:71:EF:FC:44:DB:FA:2F
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 01985159EF1E78830987256CC70030616A22
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/vk_GtFEXTwYRBCAgUHHv_ETb-i8.roa
Signing time: Mon 28 Jul 2025 14:05:05 +0000
ROA not before: Mon 28 Jul 2025 14:05:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.80.0/21 maxlen: 21
140.228.88.0/22 maxlen: 22
140.228.92.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.168.0/21 maxlen: 21
143.58.176.0/21 maxlen: 21
143.58.184.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.192.0/21 maxlen: 21
143.58.200.0/21 maxlen: 21
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.232.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
143.58.240.0/21 maxlen: 21
143.58.248.0/21 maxlen: 21
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.116.0/22 maxlen: 22
152.37.120.0/22 maxlen: 22
152.37.124.0/23 maxlen: 23
152.37.126.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.210.212.0/22 maxlen: 22
188.210.212.0/23 maxlen: 23
188.210.214.0/23 maxlen: 23
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.64.0/21 maxlen: 21
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.78.0/23 maxlen: 23
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:d000::/36 maxlen: 36
2a01:4b00:e000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 17:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:51:59:ef:1e:78:83:09:87:25:6c:c7:00:30:61:6a:22
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Jul 28 14:05:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=be4fc6b451174f06110420205071effc44dbfa2f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:3d:c1:d5:d9:ed:8d:ea:e3:0e:c4:a5:46:03:
a7:28:9a:b1:3e:7f:fb:0f:21:ae:dc:1a:ec:5e:a1:
cc:00:94:22:7b:70:a1:8a:0c:bd:89:18:18:81:65:
7c:3c:b9:45:90:6e:b6:78:e8:fc:45:f0:7f:35:92:
dd:ad:19:f2:c0:38:29:cb:7b:03:71:80:db:e7:5a:
cb:cd:6e:52:36:42:67:60:6f:d9:4d:dd:bc:ac:16:
2e:c9:c7:e5:35:35:77:9b:90:67:e7:db:8b:1b:d6:
7b:bc:cb:56:53:25:29:5a:b7:ca:3c:5e:77:20:a7:
95:61:07:6f:0b:e1:76:92:f8:01:94:46:db:d5:3c:
cc:27:95:79:ef:b0:8b:bb:b1:bb:0f:8b:ce:b6:3d:
e5:86:2e:9b:c7:c1:9a:02:00:21:66:f3:c5:ad:90:
31:08:02:17:a9:c5:75:6c:c7:50:98:bb:95:64:9c:
02:16:97:63:ef:37:c7:01:e3:f3:37:e4:a7:a0:b9:
fd:d2:59:65:06:14:33:04:8a:07:c2:38:2c:92:bb:
f9:69:0a:69:3d:91:ad:4a:ad:a5:5a:89:72:f1:07:
6f:0f:66:1f:c0:10:5e:09:63:59:7f:13:7a:67:e1:
c8:d7:e0:31:1f:6b:5a:06:16:49:1f:6c:6e:7b:50:
66:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BE:4F:C6:B4:51:17:4F:06:11:04:20:20:50:71:EF:FC:44:DB:FA:2F
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/vk_GtFEXTwYRBCAgUHHv_ETb-i8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
37:a2:2c:45:6e:eb:4b:51:c1:86:ba:65:44:34:0f:a2:c3:42:
1e:16:d9:12:bb:76:6f:4c:e8:6e:ca:41:da:4c:3c:41:87:f3:
a4:68:c0:69:30:f4:bb:ac:dc:9d:db:dd:c7:c9:1c:6a:f4:9f:
6e:eb:42:73:2b:de:33:5e:91:9b:35:4e:ca:ad:eb:10:b4:8a:
43:77:8e:81:29:af:eb:19:35:59:32:69:65:e9:6e:7e:75:eb:
91:78:48:74:fc:f4:5f:f6:9d:a4:21:64:1d:bd:e1:de:98:bc:
c1:aa:2b:ef:5b:02:28:64:97:80:fc:7e:eb:67:20:8f:c6:c3:
62:62:dd:0e:02:77:32:dc:19:aa:fb:18:25:62:ad:c3:72:07:
be:4e:e4:d9:08:d5:27:24:50:77:42:70:b7:f4:b7:d6:bc:97:
9a:ef:30:1f:57:c4:83:8c:de:69:a5:cf:78:ad:df:17:b7:eb:
95:ef:79:39:96:80:44:c0:a2:3d:8a:a0:5e:ad:5a:eb:ee:71:
1b:97:23:e7:6c:c4:0f:76:c7:b5:af:6d:db:65:58:10:32:57:
be:45:62:12:6f:d1:21:4f:65:52:ba:41:12:c4:d8:e4:5f:9b:
a5:48:1b:55:2a:a9:0a:a6:28:7f:ad:1e:48:c9:c7:a3:c2:9d:
dc:21:0a:0e
-----BEGIN CERTIFICATE-----
MIIFlzCCBH+gAwIBAgISAZhRWe8eeIMJhyVsxwAwYWoiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjUwNzI4MTQwNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZTRmYzZiNDUxMTc0ZjA2MTEwNDIwMjA1MDcxZWZmYzQ0ZGJmYTJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkD3B1dntjerjDsSlRgOnKJqxPn/7
DyGu3BrsXqHMAJQie3Chigy9iRgYgWV8PLlFkG62eOj8RfB/NZLdrRnywDgpy3sD
cYDb51rLzW5SNkJnYG/ZTd28rBYuycflNTV3m5Bn59uLG9Z7vMtWUyUpWrfKPF53
IKeVYQdvC+F2kvgBlEbb1TzMJ5V577CLu7G7D4vOtj3lhi6bx8GaAgAhZvPFrZAx
CAIXqcV1bMdQmLuVZJwCFpdj7zfHAePzN+SnoLn90lllBhQzBIoHwjgskrv5aQpp
PZGtSq2lWoly8QdvD2YfwBBeCWNZfxN6Z+HI1+AxH2taBhZJH2xue1Bm7QIDAQAB
o4ICozCCAp8wHQYDVR0OBBYEFL5PxrRRF08GEQQgIFBx7/xE2/ovMB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvdmtfR3RGRVhUd1lSQkNBZ1VISHZfRVRiLWk4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG4BggrBgEFBQcBBwEB/wSBqDCBpTCBkwQCAAEwgYwDBAIf
DvgDBAIlnEgDBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZJ4gDBAJZ
LCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAMEBpglQAME
ArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDANBAIAAjAH
AwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEAN6IsRW7rS1HBhrplRDQPosNCHhbZ
Ert2b0zobspB2kw8QYfzpGjAaTD0u6zcndvdx8kcavSfbutCcyveM16RmzVOyq3r
ELSKQ3eOgSmv6xk1WTJpZelufnXrkXhIdPz0X/adpCFkHb3h3pi8waor71sCKGSX
gPx+62cgj8bDYmLdDgJ3MtwZqvsYJWKtw3IHvk7k2QjVJyRQd0Jwt/S31ryXmu8w
H1fEg4zeaaXPeK3fF7frle95OZaARMCiPYqgXq1a6+5xG5cj52zED3bHta9t22VY
EDJXvkViEm/RIU9lUrpBEsTY5F+bpUgbVSqpCqYof60eSMnHo8Kd3CEKDg==
-----END CERTIFICATE-----
Generated at Sun Aug 10 21:12:59 2025 by rpki-client