
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/iOBndMAtRYjdd4nI6OQWrWkGyaM.roa
File: iOBndMAtRYjdd4nI6OQWrWkGyaM.roa (raw, json)
Hash identifier: AELuuM2xWBmQmKZq9h3C0xBIjOiYeyVIInHWWjjNIic=
Subject key identifier: 88:E0:67:74:C0:2D:45:88:DD:77:89:C8:E8:E4:16:AD:69:06:C9:A3
Certificate issuer: /CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Certificate serial: 019880C919BAE8597FA466A8965ED3CDDE0A
Authority key identifier: 84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/iOBndMAtRYjdd4nI6OQWrWkGyaM.roa
Signing time: Wed 06 Aug 2025 19:08:39 +0000
ROA not before: Wed 06 Aug 2025 19:08:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207375
IP address blocks: 31.14.182.0/24 maxlen: 24
37.156.69.0/24 maxlen: 24
37.156.70.0/24 maxlen: 24
45.81.169.0/24 maxlen: 24
45.81.170.0/23 maxlen: 23
45.81.170.0/24 maxlen: 24
45.81.171.0/24 maxlen: 24
84.247.44.0/23 maxlen: 25
85.204.109.0/24 maxlen: 24
86.105.24.0/24 maxlen: 24
86.105.232.0/24 maxlen: 24
86.107.186.0/23 maxlen: 23
89.32.171.0/24 maxlen: 24
89.32.240.0/21 maxlen: 21
89.33.17.0/24 maxlen: 24
89.33.30.0/24 maxlen: 24
89.33.65.0/24 maxlen: 24
89.35.34.0/24 maxlen: 24
89.35.76.0/24 maxlen: 24
89.35.88.0/24 maxlen: 24
89.35.91.0/24 maxlen: 24
89.35.163.0/24 maxlen: 24
89.35.248.0/24 maxlen: 24
89.37.40.0/24 maxlen: 24
89.46.40.0/23 maxlen: 23
89.47.176.0/23 maxlen: 23
89.47.178.0/24 maxlen: 24
89.47.180.0/23 maxlen: 23
89.47.182.0/24 maxlen: 24
93.113.72.0/21 maxlen: 21
176.223.144.0/20 maxlen: 20
188.211.172.0/22 maxlen: 22
188.212.157.0/24 maxlen: 24
188.213.86.0/23 maxlen: 23
188.240.70.0/24 maxlen: 24
193.164.216.0/23 maxlen: 23
2a00:bba0::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.mft
rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 04:01:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:80:c9:19:ba:e8:59:7f:a4:66:a8:96:5e:d3:cd:de:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84bfc451fc4f2411addd00a9fbb17346ad6e8996
Validity
Not Before: Aug 6 19:08:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=88e06774c02d4588dd7789c8e8e416ad6906c9a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:d6:c1:48:0e:8d:51:99:02:52:d6:0f:4e:c0:
0e:5e:bd:94:34:e9:d9:f0:53:79:49:e1:ed:80:4e:
e9:5b:d5:11:9f:db:18:4e:03:c4:ee:01:f3:2a:91:
6e:af:9a:7b:fe:62:7e:f5:ea:54:73:35:8c:ba:2a:
c7:27:fe:57:51:d0:96:8f:33:6b:18:bb:d7:f3:cb:
43:46:8d:ab:e6:9a:d4:91:6d:42:6d:21:e9:63:5e:
12:93:0b:fc:98:ab:28:b0:8b:55:9a:1b:63:79:ea:
29:aa:fa:fc:72:55:05:4d:aa:1d:95:04:8e:97:83:
e1:90:c1:8e:0e:ff:9c:a0:b8:1d:30:15:d5:5a:f1:
2e:df:63:e4:93:c4:34:64:7e:74:0a:29:95:84:bc:
eb:8b:8f:49:31:be:10:ad:c4:53:36:f4:0c:51:dd:
ff:d1:e6:3b:87:03:26:69:81:0f:ad:63:a0:e3:c3:
83:4a:f3:90:f0:9d:47:b2:bd:c3:16:0f:31:df:74:
e1:b7:a8:ba:1e:ab:72:23:cc:40:1c:a2:b0:d8:f0:
a6:ab:7e:2e:4a:30:a8:d4:79:79:01:73:1d:f8:cc:
cc:ae:c0:e3:13:7f:a7:89:76:0d:0d:fe:2c:29:b8:
d8:3f:f1:90:97:2c:d3:b4:3a:84:49:45:b0:41:5b:
b0:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
88:E0:67:74:C0:2D:45:88:DD:77:89:C8:E8:E4:16:AD:69:06:C9:A3
X509v3 Authority Key Identifier:
keyid:84:BF:C4:51:FC:4F:24:11:AD:DD:00:A9:FB:B1:73:46:AD:6E:89:96
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hL_EUfxPJBGt3QCp-7FzRq1uiZY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/iOBndMAtRYjdd4nI6OQWrWkGyaM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/b7be64-86d4-443b-9686-f66317977968/1/hL_EUfxPJBGt3QCp-7FzRq1uiZY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.182.0/24
37.156.69.0-37.156.70.255
45.81.169.0-45.81.171.255
84.247.44.0/23
85.204.109.0/24
86.105.24.0/24
86.105.232.0/24
86.107.186.0/23
89.32.171.0/24
89.32.240.0/21
89.33.17.0/24
89.33.30.0/24
89.33.65.0/24
89.35.34.0/24
89.35.76.0/24
89.35.88.0/24
89.35.91.0/24
89.35.163.0/24
89.35.248.0/24
89.37.40.0/24
89.46.40.0/23
89.47.176.0-89.47.178.255
89.47.180.0-89.47.182.255
93.113.72.0/21
176.223.144.0/20
188.211.172.0/22
188.212.157.0/24
188.213.86.0/23
188.240.70.0/24
193.164.216.0/23
IPv6:
2a00:bba0::/32
Signature Algorithm: sha256WithRSAEncryption
5e:30:77:1c:d2:b5:01:0f:42:7d:f3:fd:ba:8c:05:1a:62:36:
04:52:9f:f1:b8:b0:e7:86:63:65:70:32:05:91:09:08:dd:4c:
39:a2:11:9c:5f:eb:c7:ee:8e:c2:fa:51:7b:b2:2b:9f:de:77:
8a:19:a9:f0:8d:52:54:f6:bd:9a:f0:1b:52:0d:64:55:be:11:
3b:cd:18:dc:c5:9d:17:00:d0:ef:51:0f:42:e3:cb:fb:17:1a:
89:cd:fb:04:11:29:6a:29:1b:13:a9:4b:dc:a7:78:e9:b7:5d:
e5:f7:14:1e:b9:ec:ec:d3:9b:a9:e5:6a:ac:f1:95:0d:30:20:
c9:17:3f:74:45:9b:5c:0d:f7:ab:21:a9:23:c1:80:ef:1e:7e:
a5:d2:31:a5:32:4d:0b:0a:ac:d3:14:29:b1:6f:85:3a:51:dd:
e4:6c:69:5e:23:f0:2c:e6:95:c7:37:40:63:4e:b5:dd:d9:f3:
7c:85:b4:6d:2d:9c:69:f4:32:6c:cd:ee:8c:98:10:63:0a:86:
23:58:e6:3a:38:d8:50:fd:fe:b7:b1:72:12:de:d0:79:b9:05:
91:d1:1d:db:15:67:38:dd:2a:54:b1:fe:51:22:84:f8:94:0d:
b3:a7:03:4b:ec:b8:a2:06:7d:21:bb:d7:3a:41:bb:fd:07:2e:
4c:a3:2d:3d
-----BEGIN CERTIFICATE-----
MIIF4DCCBMigAwIBAgISAZiAyRm66Fl/pGaoll7Tzd4KMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0YmZjNDUxZmM0ZjI0MTFhZGRkMDBhOWZiYjE3MzQ2YWQ2
ZTg5OTYwHhcNMjUwODA2MTkwODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OGUwNjc3NGMwMmQ0NTg4ZGQ3Nzg5YzhlOGU0MTZhZDY5MDZjOWEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtNbBSA6NUZkCUtYPTsAOXr2UNOnZ
8FN5SeHtgE7pW9URn9sYTgPE7gHzKpFur5p7/mJ+9epUczWMuirHJ/5XUdCWjzNr
GLvX88tDRo2r5prUkW1CbSHpY14Skwv8mKsosItVmhtjeeopqvr8clUFTaodlQSO
l4PhkMGODv+coLgdMBXVWvEu32Pkk8Q0ZH50CimVhLzri49JMb4QrcRTNvQMUd3/
0eY7hwMmaYEPrWOg48ODSvOQ8J1Hsr3DFg8x33Tht6i6HqtyI8xAHKKw2PCmq34u
SjCo1Hl5AXMd+MzMrsDjE3+niXYNDf4sKbjYP/GQlyzTtDqESUWwQVuwMwIDAQAB
o4IC7DCCAugwHQYDVR0OBBYEFIjgZ3TALUWI3XeJyOjkFq1pBsmjMB8GA1UdIwQY
MBaAFIS/xFH8TyQRrd0Aqfuxc0atbomWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYt
ZjY2MzE3OTc3OTY4LzEvaU9CbmRNQXRSWWpkZDRuSTZPUVdyV2tHeWFNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi9iN2JlNjQtODZkNC00NDNiLTk2ODYtZjY2MzE3OTc3OTY4
LzEvaExfRVVmeFBKQkd0M1FDcC03RnpScTF1aVpZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBAAYIKwYBBQUHAQcBAf8EgfAwge0wgdsEAgABMIHUAwQA
Hw62MAwDBAAlnEUDBAAlnEYwDAMEAC1RqQMEAi1RqAMEAVT3LAMEAFXMbQMEAFZp
GAMEAFZp6AMEAVZrugMEAFkgqwMEA1kg8AMEAFkhEQMEAFkhHgMEAFkhQQMEAFkj
IgMEAFkjTAMEAFkjWAMEAFkjWwMEAFkjowMEAFkj+AMEAFklKAMEAVkuKDAMAwQE
WS+wAwQAWS+yMAwDBAJZL7QDBABZL7YDBANdcUgDBASw35ADBAK806wDBAC81J0D
BAG81VYDBAC88EYDBAHBpNgwDQQCAAIwBwMFACoAu6AwDQYJKoZIhvcNAQELBQAD
ggEBAF4wdxzStQEPQn3z/bqMBRpiNgRSn/G4sOeGY2VwMgWRCQjdTDmiEZxf68fu
jsL6UXuyK5/ed4oZqfCNUlT2vZrwG1INZFW+ETvNGNzFnRcA0O9RD0Ljy/sXGonN
+wQRKWopGxOpS9yneOm3XeX3FB657OzTm6nlaqzxlQ0wIMkXP3RFm1wN96shqSPB
gO8efqXSMaUyTQsKrNMUKbFvhTpR3eRsaV4j8Czmlcc3QGNOtd3Z83yFtG0tnGn0
MmzN7oyYEGMKhiNY5jo42FD9/rexchLe0Hm5BZHRHdsVZzjdKlSx/lEihPiUDbOn
A0vsuKIGfSG71zpBu/0HLkyjLT0=
-----END CERTIFICATE-----
Generated at Sun Aug 10 13:48:41 2025 by rpki-client