Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/0TAxxPi4zjMfURtgArfTlTlJzoY.roa
File: 0TAxxPi4zjMfURtgArfTlTlJzoY.roa (raw, json)
Hash identifier: DkfnTLoQSnkxMFDufCf4Tzi91pyg3D/dKfjoKdkuvnc=
Subject key identifier: D1:30:31:C4:F8:B8:CE:33:1F:51:1B:60:02:B7:D3:95:39:49:CE:86
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 01986476E0DD57C55B5E8255BFFBDC2EC591
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/0TAxxPi4zjMfURtgArfTlTlJzoY.roa
Signing time: Fri 01 Aug 2025 07:09:29 +0000
ROA not before: Fri 01 Aug 2025 07:09:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41221
IP address blocks: 5.56.64.0/18 maxlen: 24
37.75.16.0/20 maxlen: 24
37.75.64.0/18 maxlen: 24
46.55.0.0/17 maxlen: 24
85.204.176.0/21 maxlen: 24
86.104.196.0/22 maxlen: 24
86.105.56.0/21 maxlen: 24
86.105.80.0/21 maxlen: 24
86.105.172.0/22 maxlen: 24
86.105.208.0/22 maxlen: 24
86.106.144.0/21 maxlen: 24
86.106.208.0/20 maxlen: 24
86.107.64.0/22 maxlen: 24
86.107.160.0/21 maxlen: 24
89.32.56.0/21 maxlen: 24
89.32.136.0/21 maxlen: 24
89.32.172.0/22 maxlen: 24
89.32.252.0/22 maxlen: 24
89.34.192.0/21 maxlen: 24
89.34.204.0/22 maxlen: 24
89.34.232.0/22 maxlen: 24
89.35.8.0/21 maxlen: 24
89.35.40.0/21 maxlen: 24
89.35.84.0/22 maxlen: 24
89.35.200.0/22 maxlen: 24
89.36.156.0/22 maxlen: 24
89.37.44.0/22 maxlen: 24
89.37.104.0/24 maxlen: 24
89.38.32.0/22 maxlen: 24
89.38.64.0/22 maxlen: 24
89.38.76.0/22 maxlen: 24
89.39.76.0/22 maxlen: 24
89.39.84.0/22 maxlen: 24
89.39.96.0/21 maxlen: 24
89.39.112.0/21 maxlen: 24
89.40.228.0/22 maxlen: 24
89.41.64.0/18 maxlen: 24
89.42.64.0/22 maxlen: 24
89.42.72.0/21 maxlen: 24
89.42.104.0/22 maxlen: 24
89.42.128.0/22 maxlen: 24
89.42.180.0/22 maxlen: 24
89.42.224.0/22 maxlen: 24
89.43.128.0/22 maxlen: 24
89.43.168.0/22 maxlen: 24
89.44.152.0/22 maxlen: 24
89.45.40.0/22 maxlen: 24
89.46.164.0/22 maxlen: 24
92.114.128.0/17 maxlen: 24
93.113.64.0/21 maxlen: 24
93.113.80.0/21 maxlen: 24
93.113.92.0/22 maxlen: 24
93.113.244.0/22 maxlen: 24
93.115.136.0/21 maxlen: 24
93.116.0.0/16 maxlen: 24
93.117.48.0/20 maxlen: 24
93.117.68.0/22 maxlen: 24
93.117.72.0/21 maxlen: 24
93.117.128.0/21 maxlen: 24
93.117.140.0/22 maxlen: 24
93.117.144.0/21 maxlen: 24
93.117.156.0/22 maxlen: 24
93.117.160.0/21 maxlen: 24
93.117.168.0/22 maxlen: 24
93.118.176.0/22 maxlen: 24
93.118.188.0/22 maxlen: 24
93.119.96.0/21 maxlen: 24
93.119.108.0/22 maxlen: 24
93.119.128.0/21 maxlen: 24
93.119.140.0/22 maxlen: 24
93.119.144.0/21 maxlen: 24
93.119.160.0/21 maxlen: 24
93.119.196.0/22 maxlen: 24
93.119.200.0/21 maxlen: 24
93.119.228.0/22 maxlen: 24
93.119.232.0/21 maxlen: 24
94.176.64.0/20 maxlen: 24
109.185.0.0/16 maxlen: 24
178.132.112.0/20 maxlen: 24
178.132.128.0/19 maxlen: 24
185.28.104.0/22 maxlen: 24
188.208.96.0/22 maxlen: 24
188.208.104.0/22 maxlen: 24
188.208.112.0/22 maxlen: 24
188.208.192.0/22 maxlen: 24
188.208.204.0/22 maxlen: 24
188.209.216.0/21 maxlen: 24
188.210.240.0/21 maxlen: 24
188.210.248.0/22 maxlen: 24
188.212.0.0/22 maxlen: 24
188.212.8.0/21 maxlen: 24
188.212.24.0/21 maxlen: 24
188.212.40.0/21 maxlen: 24
188.213.36.0/22 maxlen: 24
188.213.52.0/22 maxlen: 24
188.213.220.0/22 maxlen: 24
188.213.236.0/22 maxlen: 24
188.213.244.0/22 maxlen: 24
188.214.60.0/22 maxlen: 24
188.214.136.0/22 maxlen: 24
188.214.144.0/22 maxlen: 24
188.214.200.0/21 maxlen: 24
188.215.252.0/22 maxlen: 24
188.237.0.0/16 maxlen: 24
212.0.192.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 08 Aug 2025 16:03:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:64:76:e0:dd:57:c5:5b:5e:82:55:bf:fb:dc:2e:c5:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Aug 1 07:09:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d13031c4f8b8ce331f511b6002b7d3953949ce86
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:28:06:77:6e:58:b7:e9:f5:80:be:4d:79:54:
29:ec:5e:03:5f:06:d7:b0:d9:bb:f3:37:9f:71:f5:
26:d0:fc:79:6f:f2:3b:7f:a2:66:9d:d9:65:c6:eb:
d9:a8:6f:4b:d9:be:3e:71:b4:ca:c7:aa:cb:61:89:
72:40:5c:10:af:1a:70:42:16:57:ef:aa:10:dc:6d:
39:02:ac:24:4f:fc:17:c7:c6:14:74:9f:45:cd:da:
c0:b6:b0:de:7c:1e:fa:7c:86:ca:30:8d:d3:92:a0:
76:c8:f7:a0:94:b2:4c:7d:ca:53:d2:a8:40:d8:f6:
50:38:49:f0:8f:ba:45:3d:95:59:01:9f:51:31:b0:
6e:7c:59:4f:e1:7c:5b:29:66:27:3a:d7:3a:99:d8:
49:42:9b:44:2f:09:5d:ed:a6:0e:04:7c:1d:6b:e4:
73:f6:8c:93:86:06:ba:a0:ae:a5:a6:8c:26:3a:1f:
16:5b:92:f4:13:97:7e:ed:ca:a4:7b:5c:7b:17:aa:
c1:70:12:d8:80:cf:da:ed:dd:02:d2:87:b1:59:42:
7d:2a:9d:6b:d4:f8:ad:4c:58:1e:aa:7d:e3:cd:aa:
62:d2:74:88:a2:5c:f0:9b:95:bd:58:8c:7e:01:eb:
6f:71:b8:93:e1:47:9d:8c:6e:b0:48:9a:9f:de:93:
01:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:30:31:C4:F8:B8:CE:33:1F:51:1B:60:02:B7:D3:95:39:49:CE:86
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/0TAxxPi4zjMfURtgArfTlTlJzoY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.56.64.0/18
37.75.16.0/20
37.75.64.0/18
46.55.0.0/17
85.204.176.0/21
86.104.196.0/22
86.105.56.0/21
86.105.80.0/21
86.105.172.0/22
86.105.208.0/22
86.106.144.0/21
86.106.208.0/20
86.107.64.0/22
86.107.160.0/21
89.32.56.0/21
89.32.136.0/21
89.32.172.0/22
89.32.252.0/22
89.34.192.0/21
89.34.204.0/22
89.34.232.0/22
89.35.8.0/21
89.35.40.0/21
89.35.84.0/22
89.35.200.0/22
89.36.156.0/22
89.37.44.0/22
89.37.104.0/24
89.38.32.0/22
89.38.64.0/22
89.38.76.0/22
89.39.76.0/22
89.39.84.0/22
89.39.96.0/21
89.39.112.0/21
89.40.228.0/22
89.41.64.0/18
89.42.64.0/22
89.42.72.0/21
89.42.104.0/22
89.42.128.0/22
89.42.180.0/22
89.42.224.0/22
89.43.128.0/22
89.43.168.0/22
89.44.152.0/22
89.45.40.0/22
89.46.164.0/22
92.114.128.0/17
93.113.64.0/21
93.113.80.0/21
93.113.92.0/22
93.113.244.0/22
93.115.136.0/21
93.116.0.0/16
93.117.48.0/20
93.117.68.0-93.117.79.255
93.117.128.0/21
93.117.140.0-93.117.151.255
93.117.156.0-93.117.171.255
93.118.176.0/22
93.118.188.0/22
93.119.96.0/21
93.119.108.0/22
93.119.128.0/21
93.119.140.0-93.119.151.255
93.119.160.0/21
93.119.196.0-93.119.207.255
93.119.228.0-93.119.239.255
94.176.64.0/20
109.185.0.0/16
178.132.112.0-178.132.159.255
185.28.104.0/22
188.208.96.0/22
188.208.104.0/22
188.208.112.0/22
188.208.192.0/22
188.208.204.0/22
188.209.216.0/21
188.210.240.0-188.210.251.255
188.212.0.0/22
188.212.8.0/21
188.212.24.0/21
188.212.40.0/21
188.213.36.0/22
188.213.52.0/22
188.213.220.0/22
188.213.236.0/22
188.213.244.0/22
188.214.60.0/22
188.214.136.0/22
188.214.144.0/22
188.214.200.0/21
188.215.252.0/22
188.237.0.0/16
212.0.192.0/19
Signature Algorithm: sha256WithRSAEncryption
3b:1c:f3:ab:5e:d5:21:b7:06:22:54:79:d0:bf:10:8e:2e:c3:
fe:bb:02:a9:21:96:cc:04:08:2a:2c:41:f4:cb:66:f1:4b:49:
bf:19:ce:6b:57:33:c8:94:a3:f1:a7:db:f1:d5:69:7e:c9:92:
12:e1:af:5c:2a:21:01:6c:28:3c:17:85:84:e3:b0:44:f9:7e:
5f:62:19:01:7e:bd:f7:35:6a:71:94:a5:c4:33:a5:3c:1e:11:
3a:17:24:54:dd:a0:c4:f9:cd:9d:4c:03:fc:70:fc:6a:1b:60:
4e:05:79:2b:52:7f:82:96:26:57:ef:86:94:bf:09:aa:2a:38:
67:95:49:5d:c6:36:76:5f:33:1d:bb:3a:a0:c8:a0:cf:1e:97:
6d:65:49:a1:ff:ae:a5:f7:cd:ac:24:16:a1:06:b3:2c:e8:1a:
8a:32:ee:be:8b:2e:b2:2d:e6:56:fa:bc:a9:f7:25:3e:03:13:
cf:ad:ab:ca:da:36:ff:e9:2a:95:c3:46:91:ee:88:8d:7f:7b:
8a:47:b3:54:52:2a:cc:fa:97:9f:9f:ee:c0:a4:ac:85:e5:2c:
e0:24:a9:4d:e5:3d:35:f2:4f:d5:8f:20:8a:a5:18:8f:40:b0:
18:1e:ce:7a:d2:c5:77:67:c0:13:3d:92:3b:0d:9d:0b:04:d2:
ae:7d:7b:32
-----BEGIN CERTIFICATE-----
MIIHfjCCBmagAwIBAgISAZhkduDdV8VbXoJVv/vcLsWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwODAxMDcwOTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTMwMzFjNGY4YjhjZTMzMWY1MTFiNjAwMmI3ZDM5NTM5NDljZTg2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ygGd25Yt+n1gL5NeVQp7F4DXwbX
sNm78zefcfUm0Px5b/I7f6JmndllxuvZqG9L2b4+cbTKx6rLYYlyQFwQrxpwQhZX
76oQ3G05AqwkT/wXx8YUdJ9FzdrAtrDefB76fIbKMI3TkqB2yPeglLJMfcpT0qhA
2PZQOEnwj7pFPZVZAZ9RMbBufFlP4XxbKWYnOtc6mdhJQptELwld7aYOBHwda+Rz
9oyThga6oK6lpowmOh8WW5L0E5d+7cqke1x7F6rBcBLYgM/a7d0C0oexWUJ9Kp1r
1PitTFgeqn3jzapi0nSIolzwm5W9WIx+AetvcbiT4UedjG6wSJqf3pMBiwIDAQAB
o4IEijCCBIYwHQYDVR0OBBYEFNEwMcT4uM4zH1EbYAK305U5Sc6GMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvMFRBeHhQaTR6ak1mVVJ0Z0FyZlRsVGxKem9ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICngYIKwYBBQUHAQcBAf8EggKNMIICiTCCAoUEAgABMIIC
fQMEBgU4QAMEBCVLEAMEBiVLQAMEBy43AAMEA1XMsAMEAlZoxAMEA1ZpOAMEA1Zp
UAMEAlZprAMEAlZp0AMEA1ZqkAMEBFZq0AMEAlZrQAMEA1ZroAMEA1kgOAMEA1kg
iAMEAlkgrAMEAlkg/AMEA1kiwAMEAlkizAMEAlki6AMEA1kjCAMEA1kjKAMEAlkj
VAMEAlkjyAMEAlkknAMEAlklLAMEAFklaAMEAlkmIAMEAlkmQAMEAlkmTAMEAlkn
TAMEAlknVAMEA1knYAMEA1kncAMEAlko5AMEBlkpQAMEAlkqQAMEA1kqSAMEAlkq
aAMEAlkqgAMEAlkqtAMEAlkq4AMEAlkrgAMEAlkrqAMEAlksmAMEAlktKAMEAlku
pAMEB1xygAMEA11xQAMEA11xUAMEAl1xXAMEAl1x9AMEA11ziAMDAF10AwQEXXUw
MAwDBAJddUQDBARddUADBANddYAwDAMEAl11jAMEA111kDAMAwQCXXWcAwQCXXWo
AwQCXXawAwQCXXa8AwQDXXdgAwQCXXdsAwQDXXeAMAwDBAJdd4wDBANdd5ADBANd
d6AwDAMEAl13xAMEBF13wDAMAwQCXXfkAwQEXXfgAwQEXrBAAwMAbbkwDAMEBLKE
cAMEBbKEgAMEArkcaAMEArzQYAMEArzQaAMEArzQcAMEArzQwAMEArzQzAMEA7zR
2DAMAwQEvNLwAwQCvNL4AwQCvNQAAwQDvNQIAwQDvNQYAwQDvNQoAwQCvNUkAwQC
vNU0AwQCvNXcAwQCvNXsAwQCvNX0AwQCvNY8AwQCvNaIAwQCvNaQAwQDvNbIAwQC
vNf8AwMAvO0DBAXUAMAwDQYJKoZIhvcNAQELBQADggEBADsc86te1SG3BiJUedC/
EI4uw/67AqkhlswECCosQfTLZvFLSb8ZzmtXM8iUo/Gn2/HVaX7JkhLhr1wqIQFs
KDwXhYTjsET5fl9iGQF+vfc1anGUpcQzpTweEToXJFTdoMT5zZ1MA/xw/GobYE4F
eStSf4KWJlfvhpS/CaoqOGeVSV3GNnZfMx27OqDIoM8el21lSaH/rqX3zawkFqEG
syzoGooy7r6LLrIt5lb6vKn3JT4DE8+tq8raNv/pKpXDRpHuiI1/e4pHs1RSKsz6
l5+f7sCkrIXlLOAkqU3lPTXyT9WPIIqlGI9AsBgeznrSxXdnwBM9kjsNnQsE0q59
ezI=
-----END CERTIFICATE-----
Generated at Fri Aug 8 00:50:19 2025 by rpki-client