
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/s7l_bnMW4yM__kf16EKQOzQgrww.roa
File: s7l_bnMW4yM__kf16EKQOzQgrww.roa (raw, json)
Hash identifier: /3bgCp/Da/4SFXCfZPlSInxEPHoPc1PmEApRmcXOz4c=
Subject key identifier: B3:B9:7F:6E:73:16:E3:23:3F:FE:47:F5:E8:42:90:3B:34:20:AF:0C
Certificate issuer: /CN=f62eeb879085c94194297dd9e4cd249cd2516515
Certificate serial: 01987921B60653FC990AB1536E25AD39A2BA
Authority key identifier: F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/s7l_bnMW4yM__kf16EKQOzQgrww.roa
Signing time: Tue 05 Aug 2025 07:28:29 +0000
ROA not before: Tue 05 Aug 2025 07:28:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 2.56.96.0/22 maxlen: 22
5.45.96.0/20 maxlen: 32
5.181.48.0/22 maxlen: 22
5.252.224.0/22 maxlen: 22
37.120.160.0/19 maxlen: 32
37.120.160.0/20 maxlen: 22
37.120.176.0/22 maxlen: 22
37.120.182.0/23 maxlen: 24
37.120.184.0/21 maxlen: 22
37.221.192.0/21 maxlen: 32
45.9.60.0/22 maxlen: 22
45.83.104.0/22 maxlen: 22
45.90.4.0/22 maxlen: 22
45.129.180.0/22 maxlen: 22
45.132.244.0/22 maxlen: 22
45.136.28.0/22 maxlen: 22
45.142.176.0/22 maxlen: 22
45.157.176.0/22 maxlen: 22
46.38.224.0/20 maxlen: 32
46.38.240.0/21 maxlen: 32
46.38.248.0/22 maxlen: 32
46.38.252.0/22 maxlen: 32
46.232.248.0/22 maxlen: 22
81.16.16.0/22 maxlen: 22
85.209.48.0/22 maxlen: 22
85.235.64.0/22 maxlen: 22
89.58.0.0/22 maxlen: 22
89.58.4.0/22 maxlen: 22
89.58.8.0/22 maxlen: 22
89.58.12.0/22 maxlen: 22
89.58.16.0/21 maxlen: 21
89.58.20.0/24 maxlen: 24
89.58.24.0/22 maxlen: 22
89.58.28.0/22 maxlen: 22
89.58.32.0/22 maxlen: 22
89.58.36.0/22 maxlen: 22
89.58.40.0/22 maxlen: 22
89.58.44.0/22 maxlen: 22
89.58.48.0/22 maxlen: 22
89.58.52.0/22 maxlen: 22
89.58.56.0/22 maxlen: 22
89.58.60.0/22 maxlen: 22
91.132.144.0/22 maxlen: 22
91.204.44.0/22 maxlen: 24
92.60.36.0/22 maxlen: 22
93.177.64.0/22 maxlen: 22
152.89.104.0/22 maxlen: 22
185.16.60.0/22 maxlen: 32
185.162.248.0/22 maxlen: 32
185.163.116.0/22 maxlen: 22
185.170.112.0/22 maxlen: 32
185.183.156.0/22 maxlen: 32
185.194.140.0/22 maxlen: 22
185.207.104.0/22 maxlen: 32
185.228.136.0/22 maxlen: 32
185.233.104.0/22 maxlen: 32
185.243.8.0/22 maxlen: 32
185.244.192.0/22 maxlen: 32
188.68.32.0/19 maxlen: 32
192.145.44.0/22 maxlen: 22
193.30.120.0/22 maxlen: 22
193.31.24.0/22 maxlen: 22
194.13.80.0/22 maxlen: 22
194.55.12.0/22 maxlen: 22
194.59.204.0/22 maxlen: 22
195.128.100.0/22 maxlen: 22
213.109.160.0/22 maxlen: 22
2a03:4000::/32 maxlen: 48
2a03:4001::/32 maxlen: 48
2a0a:4cc0::/40 maxlen: 40
2a0a:4cc0::/43 maxlen: 43
2a0a:4cc0:40::/43 maxlen: 43
2a0a:4cc0:80::/43 maxlen: 43
2a0a:4cc0:c0::/43 maxlen: 43
2a0a:4cc0:fe::/48 maxlen: 48
2a0a:4cc0:100::/48 maxlen: 48
2a0a:4cc0:2000:4000::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.mft
rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:79:21:b6:06:53:fc:99:0a:b1:53:6e:25:ad:39:a2:ba
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f62eeb879085c94194297dd9e4cd249cd2516515
Validity
Not Before: Aug 5 07:28:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3b97f6e7316e3233ffe47f5e842903b3420af0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:8f:35:47:95:af:53:b6:08:c5:52:12:04:66:
bb:55:c3:24:47:cb:ee:46:12:e6:ab:30:56:85:a3:
48:d4:1f:6a:5a:06:76:63:42:2f:d4:69:db:64:b4:
1f:6f:5e:e7:7b:35:e0:7f:ba:a5:da:73:cf:07:b3:
cf:c4:c0:0f:00:8b:e9:4d:d5:05:9b:e2:62:04:b0:
0d:f2:0c:36:12:13:d4:9d:c8:6c:f4:57:69:79:5d:
cd:2a:16:fa:79:3b:28:f4:21:7d:59:21:4f:30:01:
03:df:b8:59:fb:51:e5:73:02:5a:d0:80:fb:40:93:
66:c4:8a:7e:7e:a6:1c:b6:22:a7:d4:fe:6b:f3:1d:
53:e7:a8:c2:c6:9a:bb:06:e1:3e:22:8d:c7:9b:55:
01:cc:37:16:7d:64:7a:ac:1c:17:56:b0:0c:6a:1e:
c4:29:e6:63:35:69:b7:58:f1:63:b7:5d:f1:96:57:
43:97:a9:1a:f6:0f:30:12:52:65:f8:33:22:62:bf:
af:02:84:2b:5e:0b:d0:66:64:7a:0f:f9:0b:2c:9a:
7e:85:ff:ce:be:f9:56:5d:f1:9a:46:bb:e8:3e:3e:
3e:1e:0e:bc:7f:33:c0:6e:6f:5c:73:4b:cf:3e:49:
e3:65:28:6d:6c:96:a1:37:24:59:68:4c:c6:db:cc:
8f:c7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:B9:7F:6E:73:16:E3:23:3F:FE:47:F5:E8:42:90:3B:34:20:AF:0C
X509v3 Authority Key Identifier:
keyid:F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/s7l_bnMW4yM__kf16EKQOzQgrww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.96.0/22
5.45.96.0/20
5.181.48.0/22
5.252.224.0/22
37.120.160.0/19
37.221.192.0/21
45.9.60.0/22
45.83.104.0/22
45.90.4.0/22
45.129.180.0/22
45.132.244.0/22
45.136.28.0/22
45.142.176.0/22
45.157.176.0/22
46.38.224.0/19
46.232.248.0/22
81.16.16.0/22
85.209.48.0/22
85.235.64.0/22
89.58.0.0/18
91.132.144.0/22
91.204.44.0/22
92.60.36.0/22
93.177.64.0/22
152.89.104.0/22
185.16.60.0/22
185.162.248.0/22
185.163.116.0/22
185.170.112.0/22
185.183.156.0/22
185.194.140.0/22
185.207.104.0/22
185.228.136.0/22
185.233.104.0/22
185.243.8.0/22
185.244.192.0/22
188.68.32.0/19
192.145.44.0/22
193.30.120.0/22
193.31.24.0/22
194.13.80.0/22
194.55.12.0/22
194.59.204.0/22
195.128.100.0/22
213.109.160.0/22
IPv6:
2a03:4000::/31
2a0a:4cc0::-2a0a:4cc0:100:ffff:ffff:ffff:ffff:ffff
2a0a:4cc0:2000:4000::/56
Signature Algorithm: sha256WithRSAEncryption
44:7e:73:99:7c:20:39:59:3e:5c:86:60:ea:78:ff:59:ec:6c:
af:38:f4:34:11:07:d3:fe:c4:7e:59:dc:fb:a9:43:74:0e:0a:
86:ad:e5:32:e0:53:4e:8d:9e:6a:ac:7a:4f:88:64:2c:ec:cc:
2d:ce:cc:e3:dc:de:ff:9c:a6:02:6b:2a:69:c2:43:0f:0d:10:
ac:90:b6:8c:7b:dc:83:ab:5d:f0:22:f4:78:c8:3c:ae:02:4a:
9b:29:17:18:46:85:4d:3d:04:93:3e:89:9a:4e:b9:b0:97:52:
43:33:42:74:3c:93:04:ee:08:03:90:bc:1b:8b:52:f9:ed:bd:
75:1f:b5:c8:9d:b2:c3:dd:b3:9c:06:cb:8f:79:89:ff:b9:76:
a7:6c:48:59:14:38:bb:e6:b1:2b:84:58:68:94:69:e8:51:c7:
6d:86:2d:10:32:89:ef:b2:1c:1a:5f:da:46:37:99:bb:80:3e:
b7:90:06:06:2d:07:9d:b9:a0:55:e3:e5:cb:d1:e3:92:d6:35:
ec:fa:dc:e6:89:a6:33:1d:27:1f:dc:07:d8:03:bc:82:8c:8c:
a4:8d:42:db:f0:30:38:1b:42:3e:c9:2c:99:99:c7:41:23:d2:
18:2c:a3:8d:3e:0d:c5:bc:8a:96:38:63:03:a7:52:b1:78:19:
97:3b:7b:ff
-----BEGIN CERTIFICATE-----
MIIGOjCCBSKgAwIBAgISAZh5IbYGU/yZCrFTbiWtOaK6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MmVlYjg3OTA4NWM5NDE5NDI5N2RkOWU0Y2QyNDljZDI1
MTY1MTUwHhcNMjUwODA1MDcyODI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2I5N2Y2ZTczMTZlMzIzM2ZmZTQ3ZjVlODQyOTAzYjM0MjBhZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3481R5WvU7YIxVISBGa7VcMkR8vu
RhLmqzBWhaNI1B9qWgZ2Y0Iv1GnbZLQfb17nezXgf7ql2nPPB7PPxMAPAIvpTdUF
m+JiBLAN8gw2EhPUnchs9FdpeV3NKhb6eTso9CF9WSFPMAED37hZ+1HlcwJa0ID7
QJNmxIp+fqYctiKn1P5r8x1T56jCxpq7BuE+Io3Hm1UBzDcWfWR6rBwXVrAMah7E
KeZjNWm3WPFjt13xlldDl6ka9g8wElJl+DMiYr+vAoQrXgvQZmR6D/kLLJp+hf/O
vvlWXfGaRrvoPj4+Hg68fzPAbm9cc0vPPknjZShtbJahNyRZaEzG28yPxwIDAQAB
o4IDRjCCA0IwHQYDVR0OBBYEFLO5f25zFuMjP/5H9ehCkDs0IK8MMB8GA1UdIwQY
MBaAFPYu64eQhclBlCl92eTNJJzSUWUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzIt
NWZiZjlhMjliNmUxLzEvczdsX2JuTVc0eU1fX2tmMTZFS1FPelFncnd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzItNWZiZjlhMjliNmUx
LzEvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBWgYIKwYBBQUHAQcBAf8EggFJMIIBRTCCARYEAgABMIIB
DgMEAgI4YAMEBAUtYAMEAgW1MAMEAgX84AMEBSV4oAMEAyXdwAMEAi0JPAMEAi1T
aAMEAi1aBAMEAi2BtAMEAi2E9AMEAi2IHAMEAi2OsAMEAi2dsAMEBS4m4AMEAi7o
+AMEAlEQEAMEAlXRMAMEAlXrQAMEBlk6AAMEAluEkAMEAlvMLAMEAlw8JAMEAl2x
QAMEAphZaAMEArkQPAMEArmi+AMEArmjdAMEArmqcAMEArm3nAMEArnCjAMEArnP
aAMEArnkiAMEArnpaAMEArnzCAMEArn0wAMEBbxEIAMEAsCRLAMEAsEeeAMEAsEf
GAMEAsINUAMEAsI3DAMEAsI7zAMEAsOAZAMEAtVtoDApBAIAAjAjAwUBKgNAADAQ
AwUGKgpMwAMHACoKTMABAAMIACoKTMAgAEAwDQYJKoZIhvcNAQELBQADggEBAER+
c5l8IDlZPlyGYOp4/1nsbK849DQRB9P+xH5Z3PupQ3QOCoat5TLgU06Nnmqsek+I
ZCzszC3OzOPc3v+cpgJrKmnCQw8NEKyQtox73IOrXfAi9HjIPK4CSpspFxhGhU09
BJM+iZpOubCXUkMzQnQ8kwTuCAOQvBuLUvntvXUftcidssPds5wGy495if+5dqds
SFkUOLvmsSuEWGiUaehRx22GLRAyie+yHBpf2kY3mbuAPreQBgYtB525oFXj5cvR
45LWNez63OaJpjMdJx/cB9gDvIKMjKSNQtvwMDgbQj7JLJmZx0Ej0hgso40+DcW8
ipY4YwOnUrF4GZc7e/8=
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:03 2025 by rpki-client