Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/szL96_WVxLRqw601y-gESFvAWyg.roa
File: szL96_WVxLRqw601y-gESFvAWyg.roa (raw, json)
Hash identifier: 96lh/On1trsNxP2HFpWdRJ3tuwJnM9b31/SbUyqHs70=
Subject key identifier: B3:32:FD:EB:F5:95:C4:B4:6A:C3:AD:35:CB:E8:04:48:5B:C0:5B:28
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0198507E363BB017945A361C7C9F11DF3C2C
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/szL96_WVxLRqw601y-gESFvAWyg.roa
Signing time: Mon 28 Jul 2025 10:05:05 +0000
ROA not before: Mon 28 Jul 2025 10:05:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 37.202.223.0/24 maxlen: 24
151.240.4.0/24 maxlen: 24
151.240.5.0/24 maxlen: 24
151.240.6.0/24 maxlen: 24
151.240.7.0/24 maxlen: 24
151.240.11.0/24 maxlen: 24
151.240.12.0/24 maxlen: 24
151.240.13.0/24 maxlen: 24
151.240.14.0/24 maxlen: 24
151.240.15.0/24 maxlen: 24
151.240.16.0/24 maxlen: 24
151.240.17.0/24 maxlen: 24
151.240.18.0/24 maxlen: 24
151.240.19.0/24 maxlen: 24
151.240.20.0/24 maxlen: 24
151.240.21.0/24 maxlen: 24
151.240.22.0/24 maxlen: 24
151.240.23.0/24 maxlen: 24
151.240.24.0/24 maxlen: 24
151.240.25.0/24 maxlen: 24
151.240.26.0/24 maxlen: 24
151.240.27.0/24 maxlen: 24
151.240.30.0/24 maxlen: 24
151.240.31.0/24 maxlen: 24
151.240.32.0/24 maxlen: 24
151.240.33.0/24 maxlen: 24
151.240.34.0/24 maxlen: 24
151.240.35.0/24 maxlen: 24
151.240.36.0/24 maxlen: 24
151.240.37.0/24 maxlen: 24
151.240.38.0/24 maxlen: 24
151.240.39.0/24 maxlen: 24
151.240.40.0/24 maxlen: 24
151.240.41.0/24 maxlen: 24
151.240.42.0/24 maxlen: 24
151.240.60.0/24 maxlen: 24
151.240.61.0/24 maxlen: 24
151.240.68.0/24 maxlen: 24
151.240.69.0/24 maxlen: 24
151.240.70.0/24 maxlen: 24
151.240.71.0/24 maxlen: 24
151.240.72.0/24 maxlen: 24
151.240.73.0/24 maxlen: 24
151.240.74.0/24 maxlen: 24
151.240.76.0/24 maxlen: 24
151.240.78.0/24 maxlen: 24
151.240.79.0/24 maxlen: 24
151.240.80.0/24 maxlen: 24
151.240.81.0/24 maxlen: 24
151.240.82.0/24 maxlen: 24
151.240.83.0/24 maxlen: 24
151.240.84.0/24 maxlen: 24
151.240.85.0/24 maxlen: 24
151.240.86.0/24 maxlen: 24
151.240.87.0/24 maxlen: 24
151.240.88.0/24 maxlen: 24
151.240.89.0/24 maxlen: 24
151.240.90.0/24 maxlen: 24
151.240.126.0/24 maxlen: 24
151.240.127.0/24 maxlen: 24
151.240.128.0/24 maxlen: 24
151.240.129.0/24 maxlen: 24
151.240.130.0/24 maxlen: 24
151.240.131.0/24 maxlen: 24
151.240.132.0/24 maxlen: 24
151.240.133.0/24 maxlen: 24
151.240.134.0/24 maxlen: 24
151.240.135.0/24 maxlen: 24
151.240.136.0/24 maxlen: 24
151.240.137.0/24 maxlen: 24
151.240.138.0/24 maxlen: 24
151.240.139.0/24 maxlen: 24
151.240.140.0/24 maxlen: 24
151.240.141.0/24 maxlen: 24
151.240.142.0/24 maxlen: 24
151.240.143.0/24 maxlen: 24
151.240.144.0/24 maxlen: 24
151.240.145.0/24 maxlen: 24
151.240.146.0/24 maxlen: 24
151.240.147.0/24 maxlen: 24
151.240.148.0/24 maxlen: 24
151.240.149.0/24 maxlen: 24
151.240.150.0/24 maxlen: 24
151.240.151.0/24 maxlen: 24
151.240.152.0/24 maxlen: 24
151.240.153.0/24 maxlen: 24
151.240.154.0/24 maxlen: 24
151.240.156.0/24 maxlen: 24
151.240.157.0/24 maxlen: 24
151.240.158.0/24 maxlen: 24
151.240.159.0/24 maxlen: 24
151.240.160.0/24 maxlen: 24
151.240.161.0/24 maxlen: 24
151.240.162.0/24 maxlen: 24
151.240.163.0/24 maxlen: 24
151.240.164.0/24 maxlen: 24
151.240.165.0/24 maxlen: 24
151.240.166.0/24 maxlen: 24
151.240.167.0/24 maxlen: 24
151.240.168.0/24 maxlen: 24
151.240.169.0/24 maxlen: 24
151.240.170.0/24 maxlen: 24
151.240.171.0/24 maxlen: 24
151.240.172.0/24 maxlen: 24
151.240.173.0/24 maxlen: 24
151.240.174.0/24 maxlen: 24
151.240.175.0/24 maxlen: 24
151.240.176.0/24 maxlen: 24
151.240.177.0/24 maxlen: 24
151.240.178.0/24 maxlen: 24
151.240.179.0/24 maxlen: 24
151.240.180.0/24 maxlen: 24
151.240.181.0/24 maxlen: 24
151.240.182.0/24 maxlen: 24
151.240.183.0/24 maxlen: 24
151.240.184.0/24 maxlen: 24
151.240.185.0/24 maxlen: 24
151.240.186.0/24 maxlen: 24
151.240.187.0/24 maxlen: 24
151.240.188.0/24 maxlen: 24
151.240.189.0/24 maxlen: 24
151.240.190.0/24 maxlen: 24
151.240.191.0/24 maxlen: 24
151.240.192.0/24 maxlen: 24
151.240.193.0/24 maxlen: 24
151.240.194.0/24 maxlen: 24
151.240.195.0/24 maxlen: 24
151.240.196.0/24 maxlen: 24
151.240.197.0/24 maxlen: 24
151.240.198.0/24 maxlen: 24
151.240.199.0/24 maxlen: 24
151.240.200.0/24 maxlen: 24
151.240.201.0/24 maxlen: 24
151.240.202.0/24 maxlen: 24
151.240.203.0/24 maxlen: 24
151.240.204.0/24 maxlen: 24
151.240.206.0/24 maxlen: 24
151.240.207.0/24 maxlen: 24
151.240.208.0/24 maxlen: 24
151.240.209.0/24 maxlen: 24
151.240.210.0/24 maxlen: 24
151.240.211.0/24 maxlen: 24
151.240.212.0/24 maxlen: 24
151.240.213.0/24 maxlen: 24
151.240.214.0/24 maxlen: 24
151.240.215.0/24 maxlen: 24
151.240.216.0/24 maxlen: 24
151.240.217.0/24 maxlen: 24
151.240.218.0/24 maxlen: 24
151.240.219.0/24 maxlen: 24
151.240.220.0/24 maxlen: 24
151.240.221.0/24 maxlen: 24
151.240.222.0/24 maxlen: 24
151.240.223.0/24 maxlen: 24
151.240.224.0/24 maxlen: 24
151.240.225.0/24 maxlen: 24
151.240.229.0/24 maxlen: 24
151.240.233.0/24 maxlen: 24
151.240.234.0/24 maxlen: 24
151.240.235.0/24 maxlen: 24
151.240.236.0/24 maxlen: 24
151.240.237.0/24 maxlen: 24
151.240.238.0/24 maxlen: 24
151.240.240.0/24 maxlen: 24
151.240.248.0/24 maxlen: 24
151.240.254.0/24 maxlen: 24
151.242.119.0/24 maxlen: 24
151.242.145.0/24 maxlen: 24
151.243.45.0/24 maxlen: 24
151.243.88.0/24 maxlen: 24
151.243.89.0/24 maxlen: 24
151.243.146.0/24 maxlen: 24
151.244.2.0/24 maxlen: 24
151.244.4.0/24 maxlen: 24
151.244.134.0/24 maxlen: 24
151.244.187.0/24 maxlen: 24
151.244.216.0/22 maxlen: 24
151.244.250.0/23 maxlen: 24
151.244.252.0/22 maxlen: 24
151.245.60.0/22 maxlen: 24
151.245.88.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 05 Aug 2025 02:01:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:7e:36:3b:b0:17:94:5a:36:1c:7c:9f:11:df:3c:2c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 28 10:05:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b332fdebf595c4b46ac3ad35cbe804485bc05b28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:99:4c:c1:f9:79:44:00:ba:60:68:39:8b:fa:
9f:4a:e5:03:82:3f:c9:fa:9c:4a:b3:a0:a8:54:23:
6f:a4:4e:a7:e8:93:c8:db:f7:2d:a9:de:51:a6:02:
4e:41:da:ac:2a:11:f7:c5:32:7b:cf:58:d1:1e:21:
ac:71:3e:84:f8:28:89:35:bd:12:25:26:cc:29:4b:
d4:76:50:74:51:60:80:61:79:ff:f7:25:16:c6:f9:
2e:47:7e:53:20:5b:8a:6b:85:fe:af:a8:bb:dc:bf:
e1:29:0c:fe:b5:a1:f1:67:70:34:af:6e:e1:d3:2f:
f6:18:7b:11:c8:d3:35:ca:b7:9c:c3:20:f7:f7:cc:
89:d8:eb:c5:63:67:61:ae:10:69:07:95:17:4d:ec:
ee:5e:61:25:4f:e2:2a:e1:86:3a:8a:49:7c:4c:17:
be:8e:63:80:3e:9b:e1:ae:97:ee:d1:98:b5:f4:42:
63:94:08:2a:0c:bd:ca:f8:a1:53:ac:df:02:f9:54:
67:3c:65:60:1d:b2:a7:d1:ea:8a:8b:a3:1e:f5:c2:
50:bb:0b:11:16:9c:ae:19:0d:6c:7f:d4:6a:d4:fb:
36:db:1b:c1:58:2e:12:8e:30:35:6d:b7:c2:a9:74:
2a:b9:8b:28:ce:ca:1b:74:9f:97:7e:b2:fa:02:fa:
63:5f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:32:FD:EB:F5:95:C4:B4:6A:C3:AD:35:CB:E8:04:48:5B:C0:5B:28
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/szL96_WVxLRqw601y-gESFvAWyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.202.223.0/24
151.240.4.0/22
151.240.11.0-151.240.27.255
151.240.30.0-151.240.42.255
151.240.60.0/23
151.240.68.0-151.240.74.255
151.240.76.0/24
151.240.78.0-151.240.90.255
151.240.126.0-151.240.154.255
151.240.156.0-151.240.204.255
151.240.206.0-151.240.225.255
151.240.229.0/24
151.240.233.0-151.240.238.255
151.240.240.0/24
151.240.248.0/24
151.240.254.0/24
151.242.119.0/24
151.242.145.0/24
151.243.45.0/24
151.243.88.0/23
151.243.146.0/24
151.244.2.0/24
151.244.4.0/24
151.244.134.0/24
151.244.187.0/24
151.244.216.0/22
151.244.250.0-151.244.255.255
151.245.60.0/22
151.245.88.0/22
Signature Algorithm: sha256WithRSAEncryption
17:3c:a4:26:8f:12:ca:d0:df:3c:6d:c4:e0:13:67:fc:3b:cb:
b4:5c:fa:40:ec:53:c5:30:a4:a0:90:7e:e0:c1:4e:ed:64:9e:
ff:3d:3f:18:73:41:13:0e:fd:d8:fa:87:5b:76:d5:97:d4:aa:
34:05:0b:25:71:f8:68:04:af:c1:6a:19:f7:71:fc:fc:e2:b4:
34:2c:a2:f9:76:b1:6c:9c:1f:5b:89:54:c8:25:f6:9f:2a:d2:
de:02:03:81:52:60:88:7c:0b:e9:27:52:df:4f:d1:b1:e6:7b:
9e:c7:b8:65:c0:37:c1:fd:db:e1:21:6a:b2:12:cb:77:24:7c:
fc:bb:51:5c:b0:ba:84:3f:e0:67:41:91:23:47:f6:8e:c3:99:
15:38:41:d3:8e:b6:a2:9e:d6:1a:c2:86:88:8d:85:fe:eb:3f:
58:47:8a:13:70:25:29:c5:81:18:ad:87:45:10:5c:0f:4a:f3:
cc:a6:4e:75:ef:70:46:d2:b2:94:bc:ad:44:b6:5f:e7:70:23:
8d:55:51:20:42:9c:20:14:2d:28:d8:13:f8:07:05:8c:be:1f:
73:bf:81:b5:ad:5c:75:97:73:fe:f6:cb:5a:f7:c0:eb:14:76:
24:55:d3:d2:01:65:d7:ab:a3:e1:7b:cc:aa:d1:7f:32:78:f9:
e2:1d:da:f6
-----BEGIN CERTIFICATE-----
MIIF8zCCBNugAwIBAgISAZhQfjY7sBeUWjYcfJ8R3zwsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzI4MTAwNTA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMzMyZmRlYmY1OTVjNGI0NmFjM2FkMzVjYmU4MDQ0ODViYzA1YjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6plMwfl5RAC6YGg5i/qfSuUDgj/J
+pxKs6CoVCNvpE6n6JPI2/ctqd5RpgJOQdqsKhH3xTJ7z1jRHiGscT6E+CiJNb0S
JSbMKUvUdlB0UWCAYXn/9yUWxvkuR35TIFuKa4X+r6i73L/hKQz+taHxZ3A0r27h
0y/2GHsRyNM1yrecwyD398yJ2OvFY2dhrhBpB5UXTezuXmElT+Iq4YY6ikl8TBe+
jmOAPpvhrpfu0Zi19EJjlAgqDL3K+KFTrN8C+VRnPGVgHbKn0eqKi6Me9cJQuwsR
FpyuGQ1sf9Rq1Ps22xvBWC4SjjA1bbfCqXQquYsozsobdJ+XfrL6AvpjXwIDAQAB
o4IC/zCCAvswHQYDVR0OBBYEFLMy/ev1lcS0asOtNcvoBEhbwFsoMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvc3pMOTZfV1Z4TFJxdzYwMXktZ0VTRnZBV3lnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBEwYIKwYBBQUHAQcBAf8EggECMIH/MIH8BAIAATCB9QME
ACXK3wMEApfwBDAMAwQAl/ALAwQCl/AYMAwDBAGX8B4DBACX8CoDBAGX8DwwDAME
ApfwRAMEAJfwSgMEAJfwTDAMAwQBl/BOAwQAl/BaMAwDBAGX8H4DBACX8JowDAME
ApfwnAMEAJfwzDAMAwQBl/DOAwQBl/DgAwQAl/DlMAwDBACX8OkDBACX8O4DBACX
8PADBACX8PgDBACX8P4DBACX8ncDBACX8pEDBACX8y0DBAGX81gDBACX85IDBACX
9AIDBACX9AQDBACX9IYDBACX9LsDBAKX9NgwCwMEAZf0+gMDAJf0AwQCl/U8AwQC
l/VYMA0GCSqGSIb3DQEBCwUAA4IBAQAXPKQmjxLK0N88bcTgE2f8O8u0XPpA7FPF
MKSgkH7gwU7tZJ7/PT8Yc0ETDv3Y+odbdtWX1Ko0BQslcfhoBK/Bahn3cfz84rQ0
LKL5drFsnB9biVTIJfafKtLeAgOBUmCIfAvpJ1LfT9Gx5nuex7hlwDfB/dvhIWqy
Est3JHz8u1FcsLqEP+BnQZEjR/aOw5kVOEHTjraintYawoaIjYX+6z9YR4oTcCUp
xYEYrYdFEFwPSvPMpk5173BG0rKUvK1Etl/ncCONVVEgQpwgFC0o2BP4BwWMvh9z
v4G1rVx1l3P+9sta98DrFHYkVdPSAWXXq6Phe8yq0X8yePniHdr2
-----END CERTIFICATE-----
Generated at Mon Aug 4 08:27:12 2025 by rpki-client