Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-dXeRyLQ2h5iY61wyQYsnZop8U0.roa
File: 1-dXeRyLQ2h5iY61wyQYsnZop8U0.roa (raw, json)
Hash identifier: VksJJDi+mFi9d03gQteI9OdvqeK1wf1qsWpRg82seh0=
Subject key identifier: F9:D5:DE:47:22:D0:DA:1E:62:63:AD:70:C9:06:2C:9D:9A:29:F1:4D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019A4E30F94F8CF83D4B45ADF8CEA0784DCD
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-dXeRyLQ2h5iY61wyQYsnZop8U0.roa
Signing time: Tue 04 Nov 2025 09:27:03 +0000
ROA not before: Tue 04 Nov 2025 09:27:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 80.240.88.0/21 maxlen: 24
81.168.109.0/24 maxlen: 24
82.152.8.0/24 maxlen: 24
82.152.176.0/23 maxlen: 23
82.152.250.0/24 maxlen: 24
82.152.251.0/24 maxlen: 24
82.152.254.0/24 maxlen: 24
82.153.64.0/24 maxlen: 24
82.153.91.0/24 maxlen: 24
82.153.136.0/22 maxlen: 22
82.153.217.0/24 maxlen: 24
82.163.18.0/24 maxlen: 24
82.163.24.0/21 maxlen: 24
89.213.0.0/22 maxlen: 24
89.213.0.0/24 maxlen: 24
89.213.1.0/24 maxlen: 24
89.213.5.0/24 maxlen: 24
89.213.6.0/24 maxlen: 24
89.213.7.0/24 maxlen: 24
89.213.42.0/24 maxlen: 24
89.213.43.0/24 maxlen: 24
89.213.44.0/23 maxlen: 24
89.213.45.0/24 maxlen: 24
89.213.49.0/24 maxlen: 24
89.213.50.0/23 maxlen: 23
89.213.50.0/24 maxlen: 24
89.213.51.0/24 maxlen: 24
89.213.55.0/24 maxlen: 24
89.213.56.0/22 maxlen: 22
89.213.56.0/24 maxlen: 24
89.213.59.0/24 maxlen: 24
89.213.97.0/24 maxlen: 24
89.213.99.0/24 maxlen: 24
89.213.104.0/24 maxlen: 24
89.213.105.0/24 maxlen: 24
89.213.120.0/24 maxlen: 24
89.213.123.0/24 maxlen: 24
89.213.128.0/24 maxlen: 24
89.213.130.0/24 maxlen: 24
89.213.131.0/24 maxlen: 24
89.213.133.0/24 maxlen: 24
89.213.136.0/24 maxlen: 24
89.213.140.0/24 maxlen: 24
89.213.142.0/24 maxlen: 24
89.213.143.0/24 maxlen: 24
89.213.144.0/24 maxlen: 24
89.213.145.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
89.213.148.0/24 maxlen: 24
89.213.149.0/24 maxlen: 24
89.213.150.0/24 maxlen: 24
89.213.151.0/24 maxlen: 24
89.213.154.0/24 maxlen: 24
89.213.155.0/24 maxlen: 24
89.213.156.0/22 maxlen: 24
89.213.158.0/24 maxlen: 24
89.213.162.0/24 maxlen: 24
89.213.169.0/24 maxlen: 24
89.213.171.0/24 maxlen: 24
89.213.172.0/22 maxlen: 24
89.213.172.0/24 maxlen: 24
89.213.174.0/24 maxlen: 24
89.213.175.0/24 maxlen: 24
89.213.176.0/24 maxlen: 24
89.213.178.0/24 maxlen: 24
89.213.179.0/24 maxlen: 24
89.213.181.0/24 maxlen: 24
89.213.183.0/24 maxlen: 24
89.213.186.0/23 maxlen: 23
89.213.190.0/24 maxlen: 24
89.213.191.0/24 maxlen: 24
89.213.192.0/24 maxlen: 24
89.213.196.0/22 maxlen: 24
89.213.200.0/22 maxlen: 24
89.213.204.0/22 maxlen: 24
89.213.208.0/24 maxlen: 24
89.213.211.0/24 maxlen: 24
89.213.215.0/24 maxlen: 24
89.213.219.0/24 maxlen: 24
89.213.225.0/24 maxlen: 24
89.213.228.0/22 maxlen: 22
89.213.228.0/23 maxlen: 24
89.213.231.0/24 maxlen: 24
89.213.232.0/22 maxlen: 24
89.213.236.0/22 maxlen: 24
89.213.239.0/24 maxlen: 24
89.213.248.0/24 maxlen: 24
89.213.249.0/24 maxlen: 24
109.176.16.0/21 maxlen: 24
109.176.204.0/22 maxlen: 24
109.176.242.0/23 maxlen: 24
185.49.124.0/24 maxlen: 24
185.49.125.0/24 maxlen: 24
185.49.126.0/23 maxlen: 24
185.49.127.0/24 maxlen: 24
185.101.47.0/24 maxlen: 24
194.105.80.0/20 maxlen: 20
194.105.83.0/24 maxlen: 24
194.105.88.0/24 maxlen: 24
194.105.89.0/24 maxlen: 24
194.105.90.0/23 maxlen: 24
194.105.91.0/24 maxlen: 24
212.38.81.0/24 maxlen: 24
212.38.88.0/23 maxlen: 24
213.130.132.0/22 maxlen: 22
213.130.134.0/23 maxlen: 24
213.152.43.0/24 maxlen: 24
213.210.41.0/24 maxlen: 24
213.210.52.0/22 maxlen: 22
213.218.211.0/24 maxlen: 24
213.218.225.0/24 maxlen: 24
213.218.227.0/24 maxlen: 24
213.218.228.0/24 maxlen: 24
213.218.232.0/24 maxlen: 24
213.218.235.0/24 maxlen: 24
213.218.236.0/24 maxlen: 24
213.218.237.0/24 maxlen: 24
213.218.239.0/24 maxlen: 24
213.218.244.0/22 maxlen: 22
213.218.255.0/24 maxlen: 24
217.144.145.0/24 maxlen: 24
217.145.66.0/24 maxlen: 24
217.145.72.0/21 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:4e:30:f9:4f:8c:f8:3d:4b:45:ad:f8:ce:a0:78:4d:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Nov 4 09:27:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=f9d5de4722d0da1e6263ad70c9062c9d9a29f14d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:7a:26:88:72:a9:38:c8:21:78:1e:ae:a4:6e:
e2:2d:9a:ac:0d:f4:b7:d3:65:d3:a9:4d:9f:a0:ae:
97:a9:d8:dd:a6:fc:f4:5b:75:6e:9e:13:52:66:64:
41:14:f3:51:6d:d9:a7:bc:49:12:c4:9f:5f:4d:f2:
ae:b9:72:4b:ff:f9:33:43:4b:d9:fb:08:70:11:ba:
77:2a:03:a8:33:45:22:c3:dc:95:cf:4c:3c:11:f5:
5c:1f:a7:c5:27:ff:c5:26:70:3d:3d:86:cf:9c:44:
12:c2:7b:81:b0:a7:34:90:5e:61:3a:4e:dd:88:02:
af:48:84:ce:36:73:50:d1:87:af:01:7b:0b:c0:7b:
7f:7b:0a:ee:da:69:91:71:db:0d:ab:fa:d4:ba:40:
06:e2:20:1d:3f:06:cb:b3:4c:34:01:f8:73:2c:9d:
81:53:1f:28:d4:af:78:02:c9:8c:3c:a0:d8:87:14:
12:d2:a6:b1:9d:50:db:ba:97:33:57:83:ab:eb:ca:
9d:18:97:cc:5f:70:af:9f:c8:79:48:0f:1a:c6:e1:
c9:ff:8b:41:70:8e:4e:f0:38:3e:11:e0:51:c6:d9:
8f:5d:a7:5b:da:d6:18:27:50:30:43:68:43:b1:53:
23:4d:a4:24:99:23:37:6a:da:ee:cc:48:80:20:31:
89:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F9:D5:DE:47:22:D0:DA:1E:62:63:AD:70:C9:06:2C:9D:9A:29:F1:4D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/1-dXeRyLQ2h5iY61wyQYsnZop8U0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.240.88.0/21
81.168.109.0/24
82.152.8.0/24
82.152.176.0/23
82.152.250.0/23
82.152.254.0/24
82.153.64.0/24
82.153.91.0/24
82.153.136.0/22
82.153.217.0/24
82.163.18.0/24
82.163.24.0/21
89.213.0.0/22
89.213.5.0-89.213.7.255
89.213.42.0-89.213.45.255
89.213.49.0-89.213.51.255
89.213.55.0-89.213.59.255
89.213.97.0/24
89.213.99.0/24
89.213.104.0/23
89.213.120.0/24
89.213.123.0/24
89.213.128.0/24
89.213.130.0/23
89.213.133.0/24
89.213.136.0/24
89.213.140.0/24
89.213.142.0-89.213.145.255
89.213.147.0-89.213.151.255
89.213.154.0-89.213.159.255
89.213.162.0/24
89.213.169.0/24
89.213.171.0-89.213.176.255
89.213.178.0/23
89.213.181.0/24
89.213.183.0/24
89.213.186.0/23
89.213.190.0-89.213.192.255
89.213.196.0-89.213.208.255
89.213.211.0/24
89.213.215.0/24
89.213.219.0/24
89.213.225.0/24
89.213.228.0-89.213.239.255
89.213.248.0/23
109.176.16.0/21
109.176.204.0/22
109.176.242.0/23
185.49.124.0/22
185.101.47.0/24
194.105.80.0/20
212.38.81.0/24
212.38.88.0/23
213.130.132.0/22
213.152.43.0/24
213.210.41.0/24
213.210.52.0/22
213.218.211.0/24
213.218.225.0/24
213.218.227.0-213.218.228.255
213.218.232.0/24
213.218.235.0-213.218.237.255
213.218.239.0/24
213.218.244.0/22
213.218.255.0/24
217.144.145.0/24
217.145.66.0/24
217.145.72.0/21
Signature Algorithm: sha256WithRSAEncryption
69:2e:48:e5:6c:c5:b0:25:3d:8d:d0:68:fc:4a:7b:e3:13:0d:
fc:cd:18:9f:f7:54:f1:29:30:8e:db:a9:f4:47:09:2d:fc:7d:
2f:37:65:83:59:37:40:c6:c2:95:70:b5:ad:cc:3b:1d:67:6b:
b3:20:8c:36:ea:14:33:82:0e:a6:06:d1:d9:1c:5f:f5:4a:93:
b7:b7:04:a1:75:66:df:6b:1e:40:72:f4:8b:b5:53:92:3e:b3:
24:18:9b:84:20:cf:b6:a5:3f:27:51:9b:05:61:21:e8:af:9e:
d3:78:de:8e:2e:77:76:44:29:2c:0b:fa:26:eb:00:73:bd:fe:
de:d4:4b:36:91:54:e4:cb:77:57:26:65:67:cc:a6:0d:24:82:
92:82:b5:c4:cb:9c:6c:19:21:06:87:48:67:ee:69:bc:11:65:
2f:6b:18:5f:e9:e7:ee:5b:e8:ca:97:29:bc:2f:e7:73:00:ad:
a7:6d:73:06:b4:43:bf:f9:2f:ff:29:77:37:8b:5a:18:5f:02:
54:10:02:bc:a7:a7:64:c8:f2:43:f7:8e:02:6e:e8:ad:d4:5f:
9b:11:93:03:4f:9c:a4:5a:94:31:52:3d:86:f8:09:f7:2b:c2:
54:36:d8:9a:b6:16:37:7c:d2:e6:ff:fb:2c:24:a2:ea:ca:02:
d9:a7:e4:76
-----BEGIN CERTIFICATE-----
MIIHAjCCBeqgAwIBAgISAZpOMPlPjPg9S0Wt+M6geE3NMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUxMTA0MDkyNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmOWQ1ZGU0NzIyZDBkYTFlNjI2M2FkNzBjOTA2MmM5ZDlhMjlmMTRkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsXomiHKpOMgheB6upG7iLZqsDfS3
02XTqU2foK6Xqdjdpvz0W3VunhNSZmRBFPNRbdmnvEkSxJ9fTfKuuXJL//kzQ0vZ
+whwEbp3KgOoM0Uiw9yVz0w8EfVcH6fFJ//FJnA9PYbPnEQSwnuBsKc0kF5hOk7d
iAKvSITONnNQ0YevAXsLwHt/ewru2mmRcdsNq/rUukAG4iAdPwbLs0w0AfhzLJ2B
Ux8o1K94AsmMPKDYhxQS0qaxnVDbupczV4Or68qdGJfMX3Cvn8h5SA8axuHJ/4tB
cI5O8Dg+EeBRxtmPXadb2tYYJ1AwQ2hDsVMjTaQkmSM3atruzEiAIDGJSwIDAQAB
o4IEDjCCBAowHQYDVR0OBBYEFPnV3kci0NoeYmOtcMkGLJ2aKfFNMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvMS1kWGVSeUxRMmg1aVk2MXd5UVlzblpvcDhVMC5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOGEvNDlkYzAwLTk3ZTItNDYyOC1hZTM5LTQxMjI4ZTM5ZmY3
Yy8xL1A5TU5pbjRTX0h2Mkxnd1NIbnpDSnQ2bE81cy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjCCAiEGCCsGAQUFBwEHAQH/BIICEDCCAgwwggIIBAIAATCC
AgADBANQ8FgDBABRqG0DBABSmAgDBAFSmLADBAFSmPoDBABSmP4DBABSmUADBABS
mVsDBAJSmYgDBABSmdkDBABSoxIDBANSoxgDBAJZ1QAwDAMEAFnVBQMEA1nVADAM
AwQBWdUqAwQBWdUsMAwDBABZ1TEDBAJZ1TAwDAMEAFnVNwMEAlnVOAMEAFnVYQME
AFnVYwMEAVnVaAMEAFnVeAMEAFnVewMEAFnVgAMEAVnVggMEAFnVhQMEAFnViAME
AFnVjDAMAwQBWdWOAwQBWdWQMAwDBABZ1ZMDBANZ1ZAwDAMEAVnVmgMEBVnVgAME
AFnVogMEAFnVqTAMAwQAWdWrAwQAWdWwAwQBWdWyAwQAWdW1AwQAWdW3AwQBWdW6
MAwDBAFZ1b4DBABZ1cAwDAMEAlnVxAMEAFnV0AMEAFnV0wMEAFnV1wMEAFnV2wME
AFnV4TAMAwQCWdXkAwQEWdXgAwQBWdX4AwQDbbAQAwQCbbDMAwQBbbDyAwQCuTF8
AwQAuWUvAwQEwmlQAwQA1CZRAwQB1CZYAwQC1YKEAwQA1ZgrAwQA1dIpAwQC1dI0
AwQA1drTAwQA1drhMAwDBADV2uMDBADV2uQDBADV2ugwDAMEANXa6wMEAdXa7AME
ANXa7wMEAtXa9AMEANXa/wMEANmQkQMEANmRQgMEA9mRSDANBgkqhkiG9w0BAQsF
AAOCAQEAaS5I5WzFsCU9jdBo/Ep74xMN/M0Yn/dU8Skwjtup9EcJLfx9Lzdlg1k3
QMbClXC1rcw7HWdrsyCMNuoUM4IOpgbR2Rxf9UqTt7cEoXVm32seQHL0i7VTkj6z
JBibhCDPtqU/J1GbBWEh6K+e03jeji53dkQpLAv6JusAc73+3tRLNpFU5Mt3VyZl
Z8ymDSSCkoK1xMucbBkhBodIZ+5pvBFlL2sYX+nn7lvoypcpvC/ncwCtp21zBrRD
v/kv/yl3N4taGF8CVBACvKenZMjyQ/eOAm7ordRfmxGTA0+cpFqUMVI9hvgJ9yvC
VDbYmrYWN3zS5v/7LCSi6soC2afkdg==
-----END CERTIFICATE-----
Generated at Wed Nov 5 03:47:36 2025 by rpki-client