Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/wE3JGjCTncHLzTL_AuLaJMjm2wc.roa
File: wE3JGjCTncHLzTL_AuLaJMjm2wc.roa (raw, json)
Hash identifier: S+XVdQ95lJj4wBrp1P1yzyxzgh96fhZLZi5m5fwuT1Q=
Subject key identifier: C0:4D:C9:1A:30:93:9D:C1:CB:CD:32:FF:02:E2:DA:24:C8:E6:DB:07
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 019A1C7778EBBCA9F998F9A27FEBD3275FDC
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/wE3JGjCTncHLzTL_AuLaJMjm2wc.roa
Signing time: Sat 25 Oct 2025 17:43:03 +0000
ROA not before: Sat 25 Oct 2025 17:43:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
68.168.32.0/19 maxlen: 19
68.168.32.0/22 maxlen: 22
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.80.0/21 maxlen: 21
140.228.88.0/22 maxlen: 22
140.228.92.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.168.0/21 maxlen: 21
143.58.176.0/21 maxlen: 21
143.58.184.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.192.0/21 maxlen: 21
143.58.200.0/21 maxlen: 21
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.232.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
143.58.240.0/21 maxlen: 21
143.58.248.0/21 maxlen: 21
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.116.0/22 maxlen: 22
152.37.120.0/22 maxlen: 22
152.37.124.0/23 maxlen: 23
152.37.126.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.210.212.0/22 maxlen: 22
188.210.212.0/23 maxlen: 23
188.210.214.0/23 maxlen: 23
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.64.0/21 maxlen: 21
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.78.0/23 maxlen: 23
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:d000::/36 maxlen: 36
2a01:4b00:e000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:1c:77:78:eb:bc:a9:f9:98:f9:a2:7f:eb:d3:27:5f:dc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Oct 25 17:43:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c04dc91a30939dc1cbcd32ff02e2da24c8e6db07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:db:b1:6b:b0:b5:cd:df:7c:ea:f3:fd:12:de:f2:
da:36:9d:d2:ec:cc:38:5c:02:51:ac:c1:94:02:b3:
fa:1c:f2:4e:ec:a7:30:cd:6f:29:86:8f:2c:71:47:
a1:cb:9b:74:f1:34:e4:e3:3c:59:3d:f4:e5:c7:6b:
35:6d:32:7e:53:74:15:50:91:2a:af:cd:95:66:69:
f6:3e:44:7b:3e:d8:8f:31:0b:ee:5f:7c:05:ca:4e:
38:23:5a:5e:06:f5:19:55:f2:58:39:b6:b1:6c:a5:
f2:5b:71:39:57:9c:f0:4a:3d:5f:18:79:03:40:28:
f9:44:cf:f1:d7:83:31:53:5d:f6:16:cf:ea:cd:04:
81:d8:b9:fd:08:c9:ab:94:ff:99:b8:a8:f3:9d:aa:
ad:c2:76:58:44:ca:f7:a7:08:b7:8d:32:dd:44:a7:
06:f4:94:e8:6c:96:23:e5:11:84:95:8b:ad:e1:67:
f1:c1:32:0d:e6:88:23:af:9d:64:82:97:5d:ad:a7:
d2:f1:81:03:63:8c:63:e0:93:aa:0d:48:99:20:aa:
e3:a1:4a:62:34:60:2f:26:7a:35:fa:9a:85:ac:9a:
04:f4:1e:45:28:ba:f9:19:d3:15:0f:18:00:82:73:
f9:0d:12:53:03:98:02:03:e6:62:8a:14:49:c7:ac:
b3:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C0:4D:C9:1A:30:93:9D:C1:CB:CD:32:FF:02:E2:DA:24:C8:E6:DB:07
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/wE3JGjCTncHLzTL_AuLaJMjm2wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
68.168.32.0/19
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
01:af:f7:ed:3c:cd:05:c1:98:9f:53:15:de:60:56:34:43:cc:
c1:f9:48:0e:f0:69:bf:92:7e:80:8d:d4:c4:d7:e4:a5:42:31:
95:8e:b6:69:46:ac:da:b8:ef:d6:b5:6a:d0:6a:df:bb:eb:02:
2e:a7:45:1a:a3:33:c5:23:86:15:e0:5a:12:25:1d:a0:a7:0a:
08:ba:a6:b4:1c:5e:c5:bc:35:e7:67:7e:39:59:55:a1:ad:bb:
36:87:f9:85:b2:04:5d:a7:4c:d8:24:ec:81:92:72:93:80:98:
0f:af:eb:27:64:92:af:55:bf:a3:0a:97:05:ca:2b:18:fb:50:
f9:4d:6d:53:f4:ae:28:38:bd:f8:e1:c2:c3:1f:02:ba:a0:a1:
36:f3:71:71:eb:8d:76:87:3b:a8:b1:eb:87:d0:14:73:f8:6f:
24:34:0c:19:35:87:21:02:f7:4e:6f:48:d5:60:d7:04:39:da:
4d:bc:1c:e1:4b:da:5a:4e:74:1e:0d:7d:b1:86:a0:10:11:79:
c9:e7:08:a2:03:0e:fc:90:d1:56:f7:17:a8:db:7c:80:40:51:
93:5a:a3:98:90:4f:a2:32:61:d7:c0:3e:87:e4:f9:7e:5d:8e:
82:f1:1a:b8:17:00:e8:9f:e0:2e:58:cf:14:9d:d2:b0:01:46:
7c:d8:5c:9c
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZocd3jrvKn5mPmif+vTJ1/cMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjUxMDI1MTc0MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMDRkYzkxYTMwOTM5ZGMxY2JjZDMyZmYwMmUyZGEyNGM4ZTZkYjA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA27FrsLXN33zq8/0S3vLaNp3S7Mw4
XAJRrMGUArP6HPJO7KcwzW8pho8scUehy5t08TTk4zxZPfTlx2s1bTJ+U3QVUJEq
r82VZmn2PkR7PtiPMQvuX3wFyk44I1peBvUZVfJYObaxbKXyW3E5V5zwSj1fGHkD
QCj5RM/x14MxU132Fs/qzQSB2Ln9CMmrlP+ZuKjznaqtwnZYRMr3pwi3jTLdRKcG
9JTobJYj5RGElYut4WfxwTIN5ogjr51kgpddrafS8YEDY4xj4JOqDUiZIKrjoUpi
NGAvJno1+pqFrJoE9B5FKLr5GdMVDxgAgnP5DRJTA5gCA+ZiihRJx6yznwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFMBNyRowk53By80y/wLi2iTI5tsHMB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvd0UzSkdqQ1RuY0hMelRMX0F1TGFKTWptMndjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAIf
DvgDBAIlnEgDBAVEqCADBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZ
J4gDBAJZLCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAME
BpglQAMEArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDAN
BAIAAjAHAwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEAAa/37TzNBcGYn1MV3mBW
NEPMwflIDvBpv5J+gI3UxNfkpUIxlY62aUas2rjv1rVq0Grfu+sCLqdFGqMzxSOG
FeBaEiUdoKcKCLqmtBxexbw152d+OVlVoa27Nof5hbIEXadM2CTsgZJyk4CYD6/r
J2SSr1W/owqXBcorGPtQ+U1tU/SuKDi9+OHCwx8CuqChNvNxceuNdoc7qLHrh9AU
c/hvJDQMGTWHIQL3Tm9I1WDXBDnaTbwc4UvaWk50Hg19sYagEBF5yecIogMO/JDR
VvcXqNt8gEBRk1qjmJBPojJh18A+h+T5fl2OgvEauBcA6J/gLljPFJ3SsAFGfNhc
nA==
-----END CERTIFICATE-----
Generated at Wed Nov 5 16:55:36 2025 by rpki-client