Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/H2RF39UMeGnrnH4hABvhDfDQDsY.roa
File: H2RF39UMeGnrnH4hABvhDfDQDsY.roa (raw, json)
Hash identifier: Vk4ntYI2atEB2b8/hcEiIs2GfEy58IxLj9FRg/PgQG0=
Subject key identifier: 1F:64:45:DF:D5:0C:78:69:EB:9C:7E:21:00:1B:E1:0D:F0:D0:0E:C6
Certificate issuer: /CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Certificate serial: 019A39B328D6AD8137DF5D58C1A7325E1652
Authority key identifier: A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/H2RF39UMeGnrnH4hABvhDfDQDsY.roa
Signing time: Fri 31 Oct 2025 09:57:13 +0000
ROA not before: Fri 31 Oct 2025 09:57:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 30823
IP address blocks: 5.249.160.0/24 maxlen: 24
5.249.161.0/24 maxlen: 24
5.249.162.0/24 maxlen: 24
5.249.163.0/24 maxlen: 24
5.249.164.0/24 maxlen: 24
5.249.165.0/24 maxlen: 24
45.141.36.0/24 maxlen: 24
45.141.37.0/24 maxlen: 24
45.146.252.0/24 maxlen: 24
45.146.253.0/24 maxlen: 24
45.146.254.0/24 maxlen: 24
45.146.255.0/24 maxlen: 24
88.214.56.0/24 maxlen: 24
88.214.57.0/24 maxlen: 24
88.214.58.0/24 maxlen: 24
88.214.59.0/24 maxlen: 24
92.42.44.0/22 maxlen: 22
92.42.44.0/24 maxlen: 24
92.42.45.0/24 maxlen: 24
92.42.46.0/24 maxlen: 24
92.42.47.0/24 maxlen: 24
134.255.216.0/24 maxlen: 24
134.255.217.0/24 maxlen: 24
134.255.218.0/24 maxlen: 24
134.255.219.0/24 maxlen: 24
134.255.231.0/24 maxlen: 24
134.255.232.0/24 maxlen: 24
134.255.233.0/24 maxlen: 24
134.255.234.0/24 maxlen: 24
147.189.168.0/24 maxlen: 24
147.189.169.0/24 maxlen: 24
147.189.170.0/24 maxlen: 24
147.189.171.0/24 maxlen: 24
147.189.172.0/24 maxlen: 24
147.189.173.0/24 maxlen: 24
147.189.174.0/24 maxlen: 24
147.189.175.0/24 maxlen: 24
185.223.28.0/24 maxlen: 24
185.223.29.0/24 maxlen: 24
185.223.30.0/24 maxlen: 24
185.223.31.0/24 maxlen: 24
185.239.236.0/24 maxlen: 24
185.239.237.0/24 maxlen: 24
185.239.238.0/24 maxlen: 24
185.239.239.0/24 maxlen: 24
185.249.197.0/24 maxlen: 24
185.249.198.0/24 maxlen: 24
185.249.199.0/24 maxlen: 24
193.23.126.0/24 maxlen: 24
193.23.127.0/24 maxlen: 24
193.23.160.0/24 maxlen: 24
193.23.161.0/24 maxlen: 24
193.34.69.0/24 maxlen: 24
193.203.238.0/24 maxlen: 24
194.156.88.0/24 maxlen: 24
194.156.90.0/24 maxlen: 24
194.156.91.0/24 maxlen: 24
2a0c:3580::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.mft
rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 18:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:39:b3:28:d6:ad:81:37:df:5d:58:c1:a7:32:5e:16:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3513d288dabde7dee069bdb636573ce9c3ecb60
Validity
Not Before: Oct 31 09:57:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1f6445dfd50c7869eb9c7e21001be10df0d00ec6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:62:87:ad:58:ac:85:1a:4f:da:17:f8:df:6c:
61:21:16:28:d8:60:4a:7f:73:a6:49:84:6c:53:22:
66:4f:e7:96:de:21:f5:ac:69:e6:3a:82:58:0a:c9:
ff:cb:e4:b6:61:c3:9e:34:b8:d7:0a:b4:30:79:6a:
8d:cb:11:7b:52:87:0d:7b:ea:38:7c:89:74:09:96:
c9:3e:16:ed:32:e6:09:5c:be:75:d0:68:0d:b9:2c:
6c:64:e9:4d:ac:3b:cc:f3:f8:99:22:62:77:e2:f3:
51:4b:85:c4:5b:fc:a7:65:1b:9c:9f:c3:50:e9:1d:
57:0d:ef:78:22:37:11:89:41:53:ca:57:90:62:e7:
f5:37:cf:76:95:ee:fa:d0:6f:33:bd:1f:ae:b9:d3:
42:64:2e:81:1b:51:e7:ac:f1:8e:03:07:7e:82:0c:
c2:e6:67:6d:09:66:80:0f:4e:f3:45:f6:d7:d5:0d:
00:07:87:d7:ce:bf:cb:ad:c3:b6:a6:fe:48:3a:1d:
22:51:c5:0b:79:0d:a6:aa:05:9e:0a:e3:da:d3:f6:
52:9f:54:de:1f:21:cd:52:91:c5:c1:5b:7f:cb:b1:
59:d2:16:f1:5c:18:11:d7:58:62:ad:12:5c:59:ee:
15:b8:bd:29:3c:17:7c:d5:eb:f2:95:26:1b:3d:77:
9f:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
1F:64:45:DF:D5:0C:78:69:EB:9C:7E:21:00:1B:E1:0D:F0:D0:0E:C6
X509v3 Authority Key Identifier:
keyid:A3:51:3D:28:8D:AB:DE:7D:EE:06:9B:DB:63:65:73:CE:9C:3E:CB:60
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/H2RF39UMeGnrnH4hABvhDfDQDsY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/792113-e13c-43ee-84d7-e0d7dd5e2e6f/1/o1E9KI2r3n3uBpvbY2Vzzpw-y2A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.249.160.0-5.249.165.255
45.141.36.0/23
45.146.252.0/22
88.214.56.0/22
92.42.44.0/22
134.255.216.0/22
134.255.231.0-134.255.234.255
147.189.168.0/21
185.223.28.0/22
185.239.236.0/22
185.249.197.0-185.249.199.255
193.23.126.0/23
193.23.160.0/23
193.34.69.0/24
193.203.238.0/24
194.156.88.0/24
194.156.90.0/23
IPv6:
2a0c:3580::/29
Signature Algorithm: sha256WithRSAEncryption
36:32:99:12:da:67:92:78:69:c7:28:0f:e2:bc:5f:77:c0:9a:
95:c0:3e:28:14:cc:ee:d0:d2:d5:e6:0e:d7:b8:c8:2e:d5:03:
5d:09:7a:8f:06:1d:71:40:48:a3:90:58:5a:00:59:58:75:2f:
b4:a7:a3:d2:9a:a1:0d:cc:9d:a2:58:90:a2:00:00:2d:01:7e:
a9:36:a7:e6:4a:ba:00:ae:29:ef:f1:0a:a2:b6:32:d7:76:83:
2d:8c:b6:bd:27:0e:13:69:c1:48:62:d3:26:06:82:4a:60:99:
d9:62:15:f5:4b:8d:3d:c8:06:08:83:e8:3a:11:88:9d:ad:87:
91:1f:69:ed:42:f7:bb:f3:35:ce:fe:2c:fc:7f:59:5d:e3:cc:
65:fe:9d:ff:cc:4b:d8:5e:3a:0d:4a:bf:a8:eb:d2:66:c2:2e:
c0:54:e1:f2:68:e7:07:59:95:bd:bb:4a:78:53:7f:8c:71:11:
4f:fc:20:e6:c7:6e:0c:46:0b:a1:69:fd:f4:01:a0:37:55:d1:
0f:ef:55:a0:9d:b1:a2:f3:41:49:25:ad:26:63:94:dd:ac:dc:
0f:7f:d5:e3:85:c7:c2:ae:52:b3:3b:f7:a3:48:26:63:9d:9a:
89:20:42:93:a5:f5:4c:6d:bc:33:b3:c3:04:37:74:8a:32:01:
76:d1:d6:e4
-----BEGIN CERTIFICATE-----
MIIFiDCCBHCgAwIBAgISAZo5syjWrYE3311YwacyXhZSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzNTEzZDI4OGRhYmRlN2RlZTA2OWJkYjYzNjU3M2NlOWMz
ZWNiNjAwHhcNMjUxMDMxMDk1NzEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxZjY0NDVkZmQ1MGM3ODY5ZWI5YzdlMjEwMDFiZTEwZGYwZDAwZWM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn2KHrVishRpP2hf432xhIRYo2GBK
f3OmSYRsUyJmT+eW3iH1rGnmOoJYCsn/y+S2YcOeNLjXCrQweWqNyxF7UocNe+o4
fIl0CZbJPhbtMuYJXL510GgNuSxsZOlNrDvM8/iZImJ34vNRS4XEW/ynZRucn8NQ
6R1XDe94IjcRiUFTyleQYuf1N892le760G8zvR+uudNCZC6BG1HnrPGOAwd+ggzC
5mdtCWaAD07zRfbX1Q0AB4fXzr/LrcO2pv5IOh0iUcULeQ2mqgWeCuPa0/ZSn1Te
HyHNUpHFwVt/y7FZ0hbxXBgR11hirRJcWe4VuL0pPBd81evylSYbPXefcwIDAQAB
o4IClDCCApAwHQYDVR0OBBYEFB9kRd/VDHhp65x+IQAb4Q3w0A7GMB8GA1UdIwQY
MBaAFKNRPSiNq9597gab22Nlc86cPstgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDct
ZTBkN2RkNWUyZTZmLzEvSDJSRjM5VU1lR25ybkg0aEFCdmhEZkRRRHNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS83OTIxMTMtZTEzYy00M2VlLTg0ZDctZTBkN2RkNWUyZTZm
LzEvbzFFOUtJMnIzbjN1QnB2YlkyVnp6cHcteTJBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGpBggrBgEFBQcBBwEB/wSBmTCBljCBhAQCAAEwfjAMAwQF
BfmgAwQBBfmkAwQBLY0kAwQCLZL8AwQCWNY4AwQCXCosAwQChv/YMAwDBACG/+cD
BACG/+oDBAOTvagDBAK53xwDBAK57+wwDAMEALn5xQMEA7n5wAMEAcEXfgMEAcEX
oAMEAMEiRQMEAMHL7gMEAMKcWAMEAcKcWjANBAIAAjAHAwUDKgw1gDANBgkqhkiG
9w0BAQsFAAOCAQEANjKZEtpnknhpxygP4rxfd8CalcA+KBTM7tDS1eYO17jILtUD
XQl6jwYdcUBIo5BYWgBZWHUvtKej0pqhDcydoliQogAALQF+qTan5kq6AK4p7/EK
orYy13aDLYy2vScOE2nBSGLTJgaCSmCZ2WIV9UuNPcgGCIPoOhGIna2HkR9p7UL3
u/M1zv4s/H9ZXePMZf6d/8xL2F46DUq/qOvSZsIuwFTh8mjnB1mVvbtKeFN/jHER
T/wg5sduDEYLoWn99AGgN1XRD+9VoJ2xovNBSSWtJmOU3azcD3/V44XHwq5Sszv3
o0gmY52aiSBCk6X1TG28M7PDBDd0ijIBdtHW5A==
-----END CERTIFICATE-----
Generated at Wed Nov 5 01:45:47 2025 by rpki-client