
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vR1O8tA1mGiTeMtfJzINcI7RCWk.roa
File: vR1O8tA1mGiTeMtfJzINcI7RCWk.roa (raw, json)
Hash identifier: 0xC4v/WeHAjP9QFPlKPBUq54B19dJ9KLIoE1Tq01Rt0=
Subject key identifier: BD:1D:4E:F2:D0:35:98:68:93:78:CB:5F:27:32:0D:70:8E:D1:09:69
Certificate issuer: /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial: 019976BC6AEBDD249782AD8368BBCD670890
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vR1O8tA1mGiTeMtfJzINcI7RCWk.roa
Signing time: Tue 23 Sep 2025 13:21:23 +0000
ROA not before: Tue 23 Sep 2025 13:21:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 57169
IP address blocks: 5.180.114.0/24 maxlen: 24
5.187.33.0/24 maxlen: 24
37.235.48.0/20 maxlen: 20
37.235.48.0/24 maxlen: 24
37.235.50.0/23 maxlen: 23
37.235.50.0/24 maxlen: 24
37.235.52.0/24 maxlen: 24
37.235.56.0/24 maxlen: 24
37.235.57.0/24 maxlen: 24
37.235.58.0/24 maxlen: 24
37.235.59.0/24 maxlen: 24
37.235.60.0/24 maxlen: 24
37.235.61.0/24 maxlen: 24
37.235.62.0/24 maxlen: 24
37.235.63.0/24 maxlen: 24
45.153.125.0/24 maxlen: 24
46.183.187.0/24 maxlen: 24
83.172.134.0/24 maxlen: 24
83.172.135.0/24 maxlen: 24
83.172.150.0/24 maxlen: 24
83.172.151.0/24 maxlen: 24
83.172.153.0/24 maxlen: 24
83.172.169.0/24 maxlen: 24
83.243.120.0/24 maxlen: 24
83.243.122.0/24 maxlen: 24
83.243.123.0/24 maxlen: 24
84.247.61.0/24 maxlen: 24
86.106.119.0/24 maxlen: 24
89.31.123.0/24 maxlen: 24
89.40.105.0/24 maxlen: 24
89.46.235.0/24 maxlen: 24
89.46.238.0/24 maxlen: 24
91.132.94.0/24 maxlen: 24
91.227.204.0/23 maxlen: 23
91.227.204.0/24 maxlen: 24
91.227.205.0/24 maxlen: 24
92.243.66.0/24 maxlen: 24
95.156.204.0/24 maxlen: 24
95.156.205.0/24 maxlen: 24
103.57.249.0/24 maxlen: 24
103.57.250.0/24 maxlen: 24
134.255.210.0/24 maxlen: 24
149.154.152.0/24 maxlen: 24
149.154.153.0/24 maxlen: 24
149.154.154.0/24 maxlen: 24
149.154.155.0/24 maxlen: 24
149.154.156.0/24 maxlen: 24
151.236.0.0/19 maxlen: 19
151.236.0.0/24 maxlen: 24
151.236.1.0/24 maxlen: 24
151.236.2.0/24 maxlen: 24
151.236.3.0/24 maxlen: 24
151.236.4.0/24 maxlen: 24
151.236.5.0/24 maxlen: 24
151.236.6.0/24 maxlen: 24
151.236.7.0/24 maxlen: 24
151.236.8.0/24 maxlen: 24
151.236.9.0/24 maxlen: 24
151.236.10.0/24 maxlen: 24
151.236.11.0/24 maxlen: 24
151.236.12.0/24 maxlen: 24
151.236.13.0/24 maxlen: 24
151.236.14.0/24 maxlen: 24
151.236.20.0/24 maxlen: 24
151.236.25.0/24 maxlen: 24
151.236.26.0/23 maxlen: 23
151.236.28.0/24 maxlen: 24
151.236.30.0/24 maxlen: 24
158.255.209.0/24 maxlen: 24
158.255.210.0/24 maxlen: 24
158.255.211.0/24 maxlen: 24
158.255.212.0/24 maxlen: 24
176.126.99.0/24 maxlen: 24
185.26.236.0/24 maxlen: 24
185.26.237.0/24 maxlen: 24
185.26.238.0/24 maxlen: 24
185.122.184.0/24 maxlen: 24
185.193.51.0/24 maxlen: 24
185.195.65.0/24 maxlen: 24
188.190.1.0/24 maxlen: 24
188.190.3.0/24 maxlen: 24
188.211.166.0/24 maxlen: 24
188.214.33.0/24 maxlen: 24
188.214.34.0/24 maxlen: 24
188.214.38.0/24 maxlen: 24
188.214.39.0/24 maxlen: 24
193.3.55.0/24 maxlen: 24
213.111.177.0/24 maxlen: 24
213.111.182.0/24 maxlen: 24
213.111.183.0/24 maxlen: 24
213.111.184.0/24 maxlen: 24
213.111.186.0/24 maxlen: 24
213.111.187.0/24 maxlen: 24
213.111.188.0/24 maxlen: 24
213.111.191.0/24 maxlen: 24
213.183.54.0/24 maxlen: 24
213.183.55.0/24 maxlen: 24
213.183.56.0/24 maxlen: 24
213.183.57.0/24 maxlen: 24
2a03:f80:7::/48 maxlen: 48
2a03:f80:31::/48 maxlen: 48
2a03:f80:32::/48 maxlen: 48
2a03:f80:48::/48 maxlen: 48
2a03:f80:56::/48 maxlen: 48
2a03:f80:57::/48 maxlen: 48
2a03:f80:61::/48 maxlen: 48
2a03:f80:70::/48 maxlen: 48
2a03:f80:354::/48 maxlen: 48
2a03:f80:357::/48 maxlen: 48
2a03:f80:358::/48 maxlen: 48
2a03:f80:359::/48 maxlen: 48
2a03:f80:370::/48 maxlen: 48
2a03:f80:371::/48 maxlen: 48
2a03:f80:3991::/48 maxlen: 48
2a03:f80:ad15::/48 maxlen: 48
2a03:f80:ed15::/48 maxlen: 48
2a03:f80:ed16::/48 maxlen: 48
2a03:f80:ed17::/48 maxlen: 48
2a03:f80:ed31::/48 maxlen: 48
2a03:f80:ed51::/48 maxlen: 48
2a03:f82:abcd::/48 maxlen: 48
2a03:f82:abcd:43::/64 maxlen: 64
2a03:f87:ffff::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:01:28 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:bc:6a:eb:dd:24:97:82:ad:83:68:bb:cd:67:08:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Validity
Not Before: Sep 23 13:21:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bd1d4ef2d03598689378cb5f27320d708ed10969
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8a:b3:ec:0a:2e:37:98:c5:65:2d:3a:bd:2b:d8:
d4:92:5e:35:05:70:37:cf:cb:c3:c4:86:cd:da:3b:
4b:87:62:9b:69:36:4c:96:fd:13:9f:ea:a1:53:b6:
75:ed:7b:6c:b6:72:2f:4f:99:60:4c:fb:e9:fa:67:
11:2a:12:fd:26:ac:3d:27:e7:7b:18:7d:95:96:2d:
21:5d:eb:3c:6f:b2:c2:48:ea:bd:7f:1a:70:2c:77:
c7:eb:c3:e3:3c:7d:7c:19:2c:b4:93:1d:83:fd:b5:
82:91:dd:07:85:92:7c:65:1f:68:8c:40:9f:59:d4:
68:ce:9a:d4:ff:b1:19:97:07:af:1f:66:a2:4d:26:
1e:82:3e:1b:75:92:06:7b:4b:7c:01:a2:19:09:b6:
4e:4c:c2:6d:1d:64:b7:7b:2f:4b:49:1b:06:13:99:
57:76:ee:df:2a:b1:de:2f:4e:5c:aa:e3:1e:2f:ea:
83:9f:e9:1d:d2:27:3f:de:fc:1e:38:01:7f:d9:63:
41:d7:38:cb:ea:3e:a9:44:44:5a:98:84:8d:e5:a3:
82:09:2a:df:e6:8d:ac:64:bf:0f:d0:3a:96:c1:77:
14:cd:ab:45:36:ec:64:61:80:92:ab:b9:56:94:9a:
5e:2d:26:7d:bb:35:82:55:98:66:4f:2d:23:86:db:
6f:cf
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BD:1D:4E:F2:D0:35:98:68:93:78:CB:5F:27:32:0D:70:8E:D1:09:69
X509v3 Authority Key Identifier:
keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vR1O8tA1mGiTeMtfJzINcI7RCWk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.114.0/24
5.187.33.0/24
37.235.48.0/20
45.153.125.0/24
46.183.187.0/24
83.172.134.0/23
83.172.150.0/23
83.172.153.0/24
83.172.169.0/24
83.243.120.0/24
83.243.122.0/23
84.247.61.0/24
86.106.119.0/24
89.31.123.0/24
89.40.105.0/24
89.46.235.0/24
89.46.238.0/24
91.132.94.0/24
91.227.204.0/23
92.243.66.0/24
95.156.204.0/23
103.57.249.0-103.57.250.255
134.255.210.0/24
149.154.152.0-149.154.156.255
151.236.0.0/19
158.255.209.0-158.255.212.255
176.126.99.0/24
185.26.236.0-185.26.238.255
185.122.184.0/24
185.193.51.0/24
185.195.65.0/24
188.190.1.0/24
188.190.3.0/24
188.211.166.0/24
188.214.33.0-188.214.34.255
188.214.38.0/23
193.3.55.0/24
213.111.177.0/24
213.111.182.0-213.111.184.255
213.111.186.0-213.111.188.255
213.111.191.0/24
213.183.54.0-213.183.57.255
IPv6:
2a03:f80:7::/48
2a03:f80:31::-2a03:f80:32:ffff:ffff:ffff:ffff:ffff
2a03:f80:48::/48
2a03:f80:56::/47
2a03:f80:61::/48
2a03:f80:70::/48
2a03:f80:354::/48
2a03:f80:357::-2a03:f80:359:ffff:ffff:ffff:ffff:ffff
2a03:f80:370::/47
2a03:f80:3991::/48
2a03:f80:ad15::/48
2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
2a03:f80:ed31::/48
2a03:f80:ed51::/48
2a03:f82:abcd::/48
2a03:f87:ffff::/48
Signature Algorithm: sha256WithRSAEncryption
72:93:86:23:8a:01:19:bd:f9:af:de:c0:4f:26:32:16:4e:44:
8d:65:e4:f1:aa:e8:5a:63:35:76:78:97:54:21:94:c1:ea:48:
ef:c9:09:3f:f6:ac:fb:99:e4:58:a4:c2:10:9c:3b:14:03:0e:
80:eb:d6:92:29:93:3b:6b:f6:15:2a:a2:36:89:54:b0:14:35:
c0:43:5c:f1:0a:d6:bb:60:b3:3c:9b:74:c8:99:55:6b:79:79:
0e:8b:42:3d:1d:d9:c9:fb:45:c3:bf:aa:f4:b9:fc:84:cd:7c:
c7:9d:13:f4:e2:ae:dd:ca:95:68:db:88:4e:48:4b:f8:df:7c:
72:b5:de:07:b6:ef:39:de:d3:cd:49:d8:0a:fb:c9:f1:1b:bf:
c3:03:ca:4a:c3:68:8a:1d:f9:b8:02:77:54:a5:bf:14:9a:f9:
36:0f:b3:48:66:2f:54:7b:e1:96:91:1c:24:6b:c3:3a:7a:e2:
8e:b4:45:9c:1d:d7:3a:49:5f:3a:8e:92:a1:d8:33:20:c2:c0:
10:bf:de:33:5c:09:ba:f8:0b:cc:87:ff:00:50:3e:fa:f3:35:
e4:3b:e4:2d:f1:fe:eb:ec:a4:2a:39:86:30:d4:bc:4d:aa:9c:
9b:5c:4e:2c:ff:03:ab:0e:30:35:b0:5d:1d:f3:c0:fa:d7:8d:
40:c9:23:8a
-----BEGIN CERTIFICATE-----
MIIG+DCCBeCgAwIBAgISAZl2vGrr3SSXgq2DaLvNZwiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwOTIzMTMyMTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDFkNGVmMmQwMzU5ODY4OTM3OGNiNWYyNzMyMGQ3MDhlZDEwOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirPsCi43mMVlLTq9K9jUkl41BXA3
z8vDxIbN2jtLh2KbaTZMlv0Tn+qhU7Z17XtstnIvT5lgTPvp+mcRKhL9Jqw9J+d7
GH2Vli0hXes8b7LCSOq9fxpwLHfH68PjPH18GSy0kx2D/bWCkd0HhZJ8ZR9ojECf
WdRozprU/7EZlwevH2aiTSYegj4bdZIGe0t8AaIZCbZOTMJtHWS3ey9LSRsGE5lX
du7fKrHeL05cquMeL+qDn+kd0ic/3vweOAF/2WNB1zjL6j6pRERamISN5aOCCSrf
5o2sZL8P0DqWwXcUzatFNuxkYYCSq7lWlJpeLSZ9uzWCVZhmTy0jhttvzwIDAQAB
o4IEBDCCBAAwHQYDVR0OBBYEFL0dTvLQNZhok3jLXycyDXCO0QlpMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvdlIxTzh0QTFtR2lUZU10Zkp6SU5jSTdSQ1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICGAYIKwYBBQUHAQcBAf8EggIHMIICAzCCAUQEAgABMIIB
PAMEAAW0cgMEAAW7IQMEBCXrMAMEAC2ZfQMEAC63uwMEAVOshgMEAVOslgMEAFOs
mQMEAFOsqQMEAFPzeAMEAVPzegMEAFT3PQMEAFZqdwMEAFkfewMEAFkoaQMEAFku
6wMEAFku7gMEAFuEXgMEAVvjzAMEAFzzQgMEAV+czDAMAwQAZzn5AwQAZzn6AwQA
hv/SMAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/0QMEAJ7/1AMEALB+YzAMAwQC
uRrsAwQAuRruAwQAuXq4AwQAucEzAwQAucNBAwQAvL4BAwQAvL4DAwQAvNOmMAwD
BAC81iEDBAC81iIDBAG81iYDBADBAzcDBADVb7EwDAMEAdVvtgMEANVvuDAMAwQB
1W+6AwQA1W+8AwQA1W+/MAwDBAHVtzYDBAHVtzgwgbgEAgACMIGxAwcAKgMPgAAH
MBIDBwAqAw+AADEDBwAqAw+AADIDBwAqAw+AAEgDBwEqAw+AAFYDBwAqAw+AAGED
BwAqAw+AAHADBwAqAw+AA1QwEgMHACoDD4ADVwMHASoDD4ADWAMHASoDD4ADcAMH
ACoDD4A5kQMHACoDD4CtFTASAwcAKgMPgO0VAwcDKgMPgO0QAwcAKgMPgO0xAwcA
KgMPgO1RAwcAKgMPgqvNAwcAKgMPh///MA0GCSqGSIb3DQEBCwUAA4IBAQByk4Yj
igEZvfmv3sBPJjIWTkSNZeTxquhaYzV2eJdUIZTB6kjvyQk/9qz7meRYpMIQnDsU
Aw6A69aSKZM7a/YVKqI2iVSwFDXAQ1zxCta7YLM8m3TImVVreXkOi0I9HdnJ+0XD
v6r0ufyEzXzHnRP04q7dypVo24hOSEv433xytd4Htu853tPNSdgK+8nxG7/DA8pK
w2iKHfm4AndUpb8Umvk2D7NIZi9Ue+GWkRwka8M6euKOtEWcHdc6SV86jpKh2DMg
wsAQv94zXAm6+AvMh/8AUD768zXkO+Qt8f7r7KQqOYYw1LxNqpybXE4s/wOrDjA1
sF0d88D6141AySOK
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:33 2025 by rpki-client