Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/jSGR9tfy_3ygU3uUFLplZcK8Vag.roa
File: jSGR9tfy_3ygU3uUFLplZcK8Vag.roa (raw, json)
Hash identifier: DRvu3x516N0p3/1eSLunfludmCKjydqZbLU+Em2yXlI=
Subject key identifier: 8D:21:91:F6:D7:F2:FF:7C:A0:53:7B:94:14:BA:65:65:C2:BC:55:A8
Certificate issuer: /CN=84f824d32df1a5113d82101345d785a38addbde5
Certificate serial: 01984D7FE8E55DA401C5BDB11AC562C30B72
Authority key identifier: 84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/jSGR9tfy_3ygU3uUFLplZcK8Vag.roa
Signing time: Sun 27 Jul 2025 20:08:04 +0000
ROA not before: Sun 27 Jul 2025 20:08:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 136787
IP address blocks: 37.156.173.0/24 maxlen: 24
86.105.184.0/24 maxlen: 24
86.105.243.0/24 maxlen: 24
86.106.105.0/24 maxlen: 24
86.106.109.0/24 maxlen: 24
86.106.114.0/24 maxlen: 24
86.106.115.0/24 maxlen: 24
86.106.118.0/24 maxlen: 24
86.106.138.0/24 maxlen: 24
86.106.139.0/24 maxlen: 24
89.33.116.0/24 maxlen: 24
89.33.198.0/24 maxlen: 24
89.33.199.0/24 maxlen: 24
89.33.200.0/24 maxlen: 24
89.33.201.0/24 maxlen: 24
89.35.54.0/24 maxlen: 24
89.36.38.0/24 maxlen: 24
89.36.139.0/24 maxlen: 24
89.37.129.0/24 maxlen: 24
89.37.130.0/24 maxlen: 24
89.37.131.0/24 maxlen: 24
89.37.132.0/24 maxlen: 24
89.37.133.0/24 maxlen: 24
89.37.134.0/24 maxlen: 24
89.39.212.0/24 maxlen: 24
89.39.241.0/24 maxlen: 24
89.40.140.0/24 maxlen: 24
89.41.28.0/24 maxlen: 24
89.41.29.0/24 maxlen: 24
89.41.49.0/24 maxlen: 24
89.41.189.0/24 maxlen: 24
89.41.190.0/24 maxlen: 24
89.41.191.0/24 maxlen: 24
89.42.10.0/24 maxlen: 24
89.42.152.0/24 maxlen: 24
89.42.153.0/24 maxlen: 24
185.80.112.0/24 maxlen: 24
185.80.113.0/24 maxlen: 24
185.80.114.0/24 maxlen: 24
185.80.115.0/24 maxlen: 24
188.172.176.0/24 maxlen: 24
188.172.177.0/24 maxlen: 24
188.172.178.0/24 maxlen: 24
188.172.179.0/24 maxlen: 24
188.172.180.0/24 maxlen: 24
188.172.181.0/24 maxlen: 24
188.172.182.0/24 maxlen: 24
188.172.183.0/24 maxlen: 24
188.172.184.0/24 maxlen: 24
188.172.185.0/24 maxlen: 24
188.172.186.0/24 maxlen: 24
188.172.187.0/24 maxlen: 24
188.172.188.0/24 maxlen: 24
188.172.189.0/24 maxlen: 24
188.172.190.0/24 maxlen: 24
188.172.191.0/24 maxlen: 24
188.211.167.0/24 maxlen: 24
188.212.254.0/24 maxlen: 24
188.214.95.0/24 maxlen: 24
188.241.211.0/24 maxlen: 24
193.254.52.0/24 maxlen: 24
193.254.53.0/24 maxlen: 24
193.254.58.0/24 maxlen: 24
193.254.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.mft
rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 11:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4d:7f:e8:e5:5d:a4:01:c5:bd:b1:1a:c5:62:c3:0b:72
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=84f824d32df1a5113d82101345d785a38addbde5
Validity
Not Before: Jul 27 20:08:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8d2191f6d7f2ff7ca0537b9414ba6565c2bc55a8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cb:f9:ff:15:29:49:ad:d0:f9:9e:0e:98:d0:73:
d1:0e:28:b5:99:e1:85:fc:b7:3f:ac:93:16:f0:02:
58:63:60:c9:85:82:88:b2:62:c7:74:28:fa:ca:b4:
6d:28:a4:79:1f:29:9a:ca:4a:aa:a6:89:27:72:3c:
fa:20:b2:11:b7:1c:b1:02:51:98:c7:93:5a:9b:32:
13:36:41:0a:dc:44:62:40:d1:bf:9b:3b:96:af:19:
3f:ad:91:16:45:7d:13:2f:a2:04:f6:b0:ca:02:e0:
34:a8:a4:71:10:bb:25:be:58:4c:9c:11:f9:36:88:
72:41:b9:8b:03:77:29:93:66:d6:34:a1:a6:ef:27:
4a:30:15:e7:25:0c:1d:e0:f4:4e:c6:57:89:f9:4a:
9e:36:c2:37:80:32:c3:d4:6a:d1:2e:25:6c:8b:fd:
6b:f0:c2:81:3b:a9:47:fb:90:d4:75:2a:3a:6f:71:
a5:b7:f2:f2:ad:e7:ee:cc:ed:62:ee:bf:22:48:a6:
d1:62:80:9e:27:5f:c8:df:a1:68:16:69:30:a3:f1:
1e:f7:d4:9c:df:cc:f7:f3:a8:bc:a6:ad:88:34:85:
c6:2e:db:e2:38:07:70:19:c7:55:bf:43:c7:fc:6f:
f8:3e:90:2e:ee:1f:e7:b8:92:98:c0:bb:53:85:0a:
75:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8D:21:91:F6:D7:F2:FF:7C:A0:53:7B:94:14:BA:65:65:C2:BC:55:A8
X509v3 Authority Key Identifier:
keyid:84:F8:24:D3:2D:F1:A5:11:3D:82:10:13:45:D7:85:A3:8A:DD:BD:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hPgk0y3xpRE9ghATRdeFo4rdveU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/jSGR9tfy_3ygU3uUFLplZcK8Vag.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/9d65bb-ab4f-43aa-bba8-437394938c52/1/hPgk0y3xpRE9ghATRdeFo4rdveU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.156.173.0/24
86.105.184.0/24
86.105.243.0/24
86.106.105.0/24
86.106.109.0/24
86.106.114.0/23
86.106.118.0/24
86.106.138.0/23
89.33.116.0/24
89.33.198.0-89.33.201.255
89.35.54.0/24
89.36.38.0/24
89.36.139.0/24
89.37.129.0-89.37.134.255
89.39.212.0/24
89.39.241.0/24
89.40.140.0/24
89.41.28.0/23
89.41.49.0/24
89.41.189.0-89.41.191.255
89.42.10.0/24
89.42.152.0/23
185.80.112.0/22
188.172.176.0/20
188.211.167.0/24
188.212.254.0/24
188.214.95.0/24
188.241.211.0/24
193.254.52.0/23
193.254.58.0/23
Signature Algorithm: sha256WithRSAEncryption
28:78:3e:4e:95:c6:91:1a:dc:64:89:8a:ee:54:0e:30:e5:e1:
b7:aa:49:8c:8f:83:ae:30:4c:33:f8:21:c4:9a:0d:61:89:a7:
25:3b:14:92:74:0f:af:53:79:9f:2e:b6:16:ac:b6:49:47:dc:
ca:b8:f6:79:00:b8:56:9c:d6:b6:f4:1f:cc:f6:f9:b2:74:db:
9e:ea:24:e8:ce:ed:92:ca:28:f6:b2:f3:82:7d:9c:79:9f:9f:
ed:59:52:28:10:e2:4d:97:4f:37:e0:7b:9c:10:6c:41:0e:ba:
6e:1c:1d:cb:c4:61:cb:2b:7d:ee:43:fd:a8:fc:f7:1f:62:40:
45:7f:67:0f:31:89:75:21:3d:d1:9a:56:52:0f:da:39:81:c0:
b8:53:87:aa:60:33:5a:60:91:9b:69:da:4e:f1:f9:89:23:0c:
5f:88:dc:28:f3:5a:2b:f8:2c:e1:f9:dc:64:9c:8d:4a:f3:98:
8c:c2:16:76:00:65:0d:84:3a:02:e6:53:36:cb:c3:49:7e:fe:
44:bc:e5:a7:f3:8f:eb:c8:68:60:41:91:4a:ad:e4:48:b7:99:
f1:62:5a:35:51:8c:fe:2a:13:48:3f:40:39:ed:35:3e:90:ef:
91:17:2c:db:36:cf:9d:64:ef:6a:dd:28:f1:24:a6:91:98:4b:
7d:2e:4d:33
-----BEGIN CERTIFICATE-----
MIIFyDCCBLCgAwIBAgISAZhNf+jlXaQBxb2xGsViwwtyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg0ZjgyNGQzMmRmMWE1MTEzZDgyMTAxMzQ1ZDc4NWEzOGFk
ZGJkZTUwHhcNMjUwNzI3MjAwODA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZDIxOTFmNmQ3ZjJmZjdjYTA1MzdiOTQxNGJhNjU2NWMyYmM1NWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAy/n/FSlJrdD5ng6Y0HPRDii1meGF
/Lc/rJMW8AJYY2DJhYKIsmLHdCj6yrRtKKR5Hymaykqqpokncjz6ILIRtxyxAlGY
x5NamzITNkEK3ERiQNG/mzuWrxk/rZEWRX0TL6IE9rDKAuA0qKRxELslvlhMnBH5
NohyQbmLA3cpk2bWNKGm7ydKMBXnJQwd4PROxleJ+UqeNsI3gDLD1GrRLiVsi/1r
8MKBO6lH+5DUdSo6b3Glt/LyrefuzO1i7r8iSKbRYoCeJ1/I36FoFmkwo/Ee99Sc
38z386i8pq2INIXGLtviOAdwGcdVv0PH/G/4PpAu7h/nuJKYwLtThQp16QIDAQAB
o4IC1DCCAtAwHQYDVR0OBBYEFI0hkfbX8v98oFN7lBS6ZWXCvFWoMB8GA1UdIwQY
MBaAFIT4JNMt8aURPYIQE0XXhaOK3b3lMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgt
NDM3Mzk0OTM4YzUyLzEvalNHUjl0ZnlfM3lnVTN1VUZMcGxaY0s4VmFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS85ZDY1YmItYWI0Zi00M2FhLWJiYTgtNDM3Mzk0OTM4YzUy
LzEvaFBnazB5M3hwUkU5Z2hBVFJkZUZvNHJkdmVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHpBggrBgEFBQcBBwEB/wSB2TCB1jCB0wQCAAEwgcwDBAAl
nK0DBABWabgDBABWafMDBABWamkDBABWam0DBAFWanIDBABWanYDBAFWaooDBABZ
IXQwDAMEAVkhxgMEAVkhyAMEAFkjNgMEAFkkJgMEAFkkizAMAwQAWSWBAwQAWSWG
AwQAWSfUAwQAWSfxAwQAWSiMAwQBWSkcAwQAWSkxMAwDBABZKb0DBAZZKYADBABZ
KgoDBAFZKpgDBAK5UHADBAS8rLADBAC806cDBAC81P4DBAC81l8DBAC88dMDBAHB
/jQDBAHB/jowDQYJKoZIhvcNAQELBQADggEBACh4Pk6VxpEa3GSJiu5UDjDl4beq
SYyPg64wTDP4IcSaDWGJpyU7FJJ0D69TeZ8uthastklH3Mq49nkAuFac1rb0H8z2
+bJ0257qJOjO7ZLKKPay84J9nHmfn+1ZUigQ4k2XTzfge5wQbEEOum4cHcvEYcsr
fe5D/aj89x9iQEV/Zw8xiXUhPdGaVlIP2jmBwLhTh6pgM1pgkZtp2k7x+YkjDF+I
3CjzWiv4LOH53GScjUrzmIzCFnYAZQ2EOgLmUzbLw0l+/kS85afzj+vIaGBBkUqt
5Ei3mfFiWjVRjP4qE0g/QDntNT6Q75EXLNs2z51k72rdKPEkppGYS30uTTM=
-----END CERTIFICATE-----
Generated at Fri Aug 8 13:04:04 2025 by rpki-client