Route Origin Authorization

$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vR1O8tA1mGiTeMtfJzINcI7RCWk.roa
File:                     vR1O8tA1mGiTeMtfJzINcI7RCWk.roa (raw, json)
Hash identifier:          0xC4v/WeHAjP9QFPlKPBUq54B19dJ9KLIoE1Tq01Rt0=
Subject key identifier:   BD:1D:4E:F2:D0:35:98:68:93:78:CB:5F:27:32:0D:70:8E:D1:09:69
Certificate issuer:       /CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
Certificate serial:       019976BC6AEBDD249782AD8368BBCD670890
Authority key identifier: D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A
Authority info access:    rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
Subject info access:      rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vR1O8tA1mGiTeMtfJzINcI7RCWk.roa
Signing time:             Tue 23 Sep 2025 13:21:23 +0000
ROA not before:           Tue 23 Sep 2025 13:21:23 +0000
ROA not after:            Wed 01 Jul 2026 00:00:00 +0000
asID:                     57169
IP address blocks:        5.180.114.0/24 maxlen: 24
                          5.187.33.0/24 maxlen: 24
                          37.235.48.0/20 maxlen: 20
                          37.235.48.0/24 maxlen: 24
                          37.235.50.0/23 maxlen: 23
                          37.235.50.0/24 maxlen: 24
                          37.235.52.0/24 maxlen: 24
                          37.235.56.0/24 maxlen: 24
                          37.235.57.0/24 maxlen: 24
                          37.235.58.0/24 maxlen: 24
                          37.235.59.0/24 maxlen: 24
                          37.235.60.0/24 maxlen: 24
                          37.235.61.0/24 maxlen: 24
                          37.235.62.0/24 maxlen: 24
                          37.235.63.0/24 maxlen: 24
                          45.153.125.0/24 maxlen: 24
                          46.183.187.0/24 maxlen: 24
                          83.172.134.0/24 maxlen: 24
                          83.172.135.0/24 maxlen: 24
                          83.172.150.0/24 maxlen: 24
                          83.172.151.0/24 maxlen: 24
                          83.172.153.0/24 maxlen: 24
                          83.172.169.0/24 maxlen: 24
                          83.243.120.0/24 maxlen: 24
                          83.243.122.0/24 maxlen: 24
                          83.243.123.0/24 maxlen: 24
                          84.247.61.0/24 maxlen: 24
                          86.106.119.0/24 maxlen: 24
                          89.31.123.0/24 maxlen: 24
                          89.40.105.0/24 maxlen: 24
                          89.46.235.0/24 maxlen: 24
                          89.46.238.0/24 maxlen: 24
                          91.132.94.0/24 maxlen: 24
                          91.227.204.0/23 maxlen: 23
                          91.227.204.0/24 maxlen: 24
                          91.227.205.0/24 maxlen: 24
                          92.243.66.0/24 maxlen: 24
                          95.156.204.0/24 maxlen: 24
                          95.156.205.0/24 maxlen: 24
                          103.57.249.0/24 maxlen: 24
                          103.57.250.0/24 maxlen: 24
                          134.255.210.0/24 maxlen: 24
                          149.154.152.0/24 maxlen: 24
                          149.154.153.0/24 maxlen: 24
                          149.154.154.0/24 maxlen: 24
                          149.154.155.0/24 maxlen: 24
                          149.154.156.0/24 maxlen: 24
                          151.236.0.0/19 maxlen: 19
                          151.236.0.0/24 maxlen: 24
                          151.236.1.0/24 maxlen: 24
                          151.236.2.0/24 maxlen: 24
                          151.236.3.0/24 maxlen: 24
                          151.236.4.0/24 maxlen: 24
                          151.236.5.0/24 maxlen: 24
                          151.236.6.0/24 maxlen: 24
                          151.236.7.0/24 maxlen: 24
                          151.236.8.0/24 maxlen: 24
                          151.236.9.0/24 maxlen: 24
                          151.236.10.0/24 maxlen: 24
                          151.236.11.0/24 maxlen: 24
                          151.236.12.0/24 maxlen: 24
                          151.236.13.0/24 maxlen: 24
                          151.236.14.0/24 maxlen: 24
                          151.236.20.0/24 maxlen: 24
                          151.236.25.0/24 maxlen: 24
                          151.236.26.0/23 maxlen: 23
                          151.236.28.0/24 maxlen: 24
                          151.236.30.0/24 maxlen: 24
                          158.255.209.0/24 maxlen: 24
                          158.255.210.0/24 maxlen: 24
                          158.255.211.0/24 maxlen: 24
                          158.255.212.0/24 maxlen: 24
                          176.126.99.0/24 maxlen: 24
                          185.26.236.0/24 maxlen: 24
                          185.26.237.0/24 maxlen: 24
                          185.26.238.0/24 maxlen: 24
                          185.122.184.0/24 maxlen: 24
                          185.193.51.0/24 maxlen: 24
                          185.195.65.0/24 maxlen: 24
                          188.190.1.0/24 maxlen: 24
                          188.190.3.0/24 maxlen: 24
                          188.211.166.0/24 maxlen: 24
                          188.214.33.0/24 maxlen: 24
                          188.214.34.0/24 maxlen: 24
                          188.214.38.0/24 maxlen: 24
                          188.214.39.0/24 maxlen: 24
                          193.3.55.0/24 maxlen: 24
                          213.111.177.0/24 maxlen: 24
                          213.111.182.0/24 maxlen: 24
                          213.111.183.0/24 maxlen: 24
                          213.111.184.0/24 maxlen: 24
                          213.111.186.0/24 maxlen: 24
                          213.111.187.0/24 maxlen: 24
                          213.111.188.0/24 maxlen: 24
                          213.111.191.0/24 maxlen: 24
                          213.183.54.0/24 maxlen: 24
                          213.183.55.0/24 maxlen: 24
                          213.183.56.0/24 maxlen: 24
                          213.183.57.0/24 maxlen: 24
                          2a03:f80:7::/48 maxlen: 48
                          2a03:f80:31::/48 maxlen: 48
                          2a03:f80:32::/48 maxlen: 48
                          2a03:f80:48::/48 maxlen: 48
                          2a03:f80:56::/48 maxlen: 48
                          2a03:f80:57::/48 maxlen: 48
                          2a03:f80:61::/48 maxlen: 48
                          2a03:f80:70::/48 maxlen: 48
                          2a03:f80:354::/48 maxlen: 48
                          2a03:f80:357::/48 maxlen: 48
                          2a03:f80:358::/48 maxlen: 48
                          2a03:f80:359::/48 maxlen: 48
                          2a03:f80:370::/48 maxlen: 48
                          2a03:f80:371::/48 maxlen: 48
                          2a03:f80:3991::/48 maxlen: 48
                          2a03:f80:ad15::/48 maxlen: 48
                          2a03:f80:ed15::/48 maxlen: 48
                          2a03:f80:ed16::/48 maxlen: 48
                          2a03:f80:ed17::/48 maxlen: 48
                          2a03:f80:ed31::/48 maxlen: 48
                          2a03:f80:ed51::/48 maxlen: 48
                          2a03:f82:abcd::/48 maxlen: 48
                          2a03:f82:abcd:43::/64 maxlen: 64
                          2a03:f87:ffff::/48 maxlen: 48
Validation:               OK
Signature path:           rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.mft
                          rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
                          rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
                          rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
                          rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
                          rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
                          rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
                          rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires:   Mon 20 Oct 2025 10:01:28 +0000

Certificate:
    Data:
        Version: 3 (0x2)
        Serial Number:
            01:99:76:bc:6a:eb:dd:24:97:82:ad:83:68:bb:cd:67:08:90
    Signature Algorithm: sha256WithRSAEncryption
        Issuer: CN=d217b472c841c1d68550a24f1936d29cc6c28f6a
        Validity
            Not Before: Sep 23 13:21:23 2025 GMT
            Not After : Jul  1 00:00:00 2026 GMT
        Subject: CN=bd1d4ef2d03598689378cb5f27320d708ed10969
        Subject Public Key Info:
            Public Key Algorithm: rsaEncryption
                RSA Public-Key: (2048 bit)
                Modulus:
                    00:8a:b3:ec:0a:2e:37:98:c5:65:2d:3a:bd:2b:d8:
                    d4:92:5e:35:05:70:37:cf:cb:c3:c4:86:cd:da:3b:
                    4b:87:62:9b:69:36:4c:96:fd:13:9f:ea:a1:53:b6:
                    75:ed:7b:6c:b6:72:2f:4f:99:60:4c:fb:e9:fa:67:
                    11:2a:12:fd:26:ac:3d:27:e7:7b:18:7d:95:96:2d:
                    21:5d:eb:3c:6f:b2:c2:48:ea:bd:7f:1a:70:2c:77:
                    c7:eb:c3:e3:3c:7d:7c:19:2c:b4:93:1d:83:fd:b5:
                    82:91:dd:07:85:92:7c:65:1f:68:8c:40:9f:59:d4:
                    68:ce:9a:d4:ff:b1:19:97:07:af:1f:66:a2:4d:26:
                    1e:82:3e:1b:75:92:06:7b:4b:7c:01:a2:19:09:b6:
                    4e:4c:c2:6d:1d:64:b7:7b:2f:4b:49:1b:06:13:99:
                    57:76:ee:df:2a:b1:de:2f:4e:5c:aa:e3:1e:2f:ea:
                    83:9f:e9:1d:d2:27:3f:de:fc:1e:38:01:7f:d9:63:
                    41:d7:38:cb:ea:3e:a9:44:44:5a:98:84:8d:e5:a3:
                    82:09:2a:df:e6:8d:ac:64:bf:0f:d0:3a:96:c1:77:
                    14:cd:ab:45:36:ec:64:61:80:92:ab:b9:56:94:9a:
                    5e:2d:26:7d:bb:35:82:55:98:66:4f:2d:23:86:db:
                    6f:cf
                Exponent: 65537 (0x10001)
        X509v3 extensions:
            X509v3 Subject Key Identifier:
                BD:1D:4E:F2:D0:35:98:68:93:78:CB:5F:27:32:0D:70:8E:D1:09:69
            X509v3 Authority Key Identifier:
                keyid:D2:17:B4:72:C8:41:C1:D6:85:50:A2:4F:19:36:D2:9C:C6:C2:8F:6A

            X509v3 Key Usage: critical
                Digital Signature
            Authority Information Access:
                CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/0he0cshBwdaFUKJPGTbSnMbCj2o.cer

            Subject Information Access:
                Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/vR1O8tA1mGiTeMtfJzINcI7RCWk.roa

            X509v3 CRL Distribution Points:

                Full Name:
                  URI:rsync://rpki.ripe.net/repository/DEFAULT/10/290e44-b479-46cf-ab4b-b38e2677b3dc/1/0he0cshBwdaFUKJPGTbSnMbCj2o.crl

            X509v3 Certificate Policies: critical
                Policy: ipAddr-asNumber

            sbgp-ipAddrBlock: critical
                IPv4:
                  5.180.114.0/24
                  5.187.33.0/24
                  37.235.48.0/20
                  45.153.125.0/24
                  46.183.187.0/24
                  83.172.134.0/23
                  83.172.150.0/23
                  83.172.153.0/24
                  83.172.169.0/24
                  83.243.120.0/24
                  83.243.122.0/23
                  84.247.61.0/24
                  86.106.119.0/24
                  89.31.123.0/24
                  89.40.105.0/24
                  89.46.235.0/24
                  89.46.238.0/24
                  91.132.94.0/24
                  91.227.204.0/23
                  92.243.66.0/24
                  95.156.204.0/23
                  103.57.249.0-103.57.250.255
                  134.255.210.0/24
                  149.154.152.0-149.154.156.255
                  151.236.0.0/19
                  158.255.209.0-158.255.212.255
                  176.126.99.0/24
                  185.26.236.0-185.26.238.255
                  185.122.184.0/24
                  185.193.51.0/24
                  185.195.65.0/24
                  188.190.1.0/24
                  188.190.3.0/24
                  188.211.166.0/24
                  188.214.33.0-188.214.34.255
                  188.214.38.0/23
                  193.3.55.0/24
                  213.111.177.0/24
                  213.111.182.0-213.111.184.255
                  213.111.186.0-213.111.188.255
                  213.111.191.0/24
                  213.183.54.0-213.183.57.255
                IPv6:
                  2a03:f80:7::/48
                  2a03:f80:31::-2a03:f80:32:ffff:ffff:ffff:ffff:ffff
                  2a03:f80:48::/48
                  2a03:f80:56::/47
                  2a03:f80:61::/48
                  2a03:f80:70::/48
                  2a03:f80:354::/48
                  2a03:f80:357::-2a03:f80:359:ffff:ffff:ffff:ffff:ffff
                  2a03:f80:370::/47
                  2a03:f80:3991::/48
                  2a03:f80:ad15::/48
                  2a03:f80:ed15::-2a03:f80:ed17:ffff:ffff:ffff:ffff:ffff
                  2a03:f80:ed31::/48
                  2a03:f80:ed51::/48
                  2a03:f82:abcd::/48
                  2a03:f87:ffff::/48

    Signature Algorithm: sha256WithRSAEncryption
         72:93:86:23:8a:01:19:bd:f9:af:de:c0:4f:26:32:16:4e:44:
         8d:65:e4:f1:aa:e8:5a:63:35:76:78:97:54:21:94:c1:ea:48:
         ef:c9:09:3f:f6:ac:fb:99:e4:58:a4:c2:10:9c:3b:14:03:0e:
         80:eb:d6:92:29:93:3b:6b:f6:15:2a:a2:36:89:54:b0:14:35:
         c0:43:5c:f1:0a:d6:bb:60:b3:3c:9b:74:c8:99:55:6b:79:79:
         0e:8b:42:3d:1d:d9:c9:fb:45:c3:bf:aa:f4:b9:fc:84:cd:7c:
         c7:9d:13:f4:e2:ae:dd:ca:95:68:db:88:4e:48:4b:f8:df:7c:
         72:b5:de:07:b6:ef:39:de:d3:cd:49:d8:0a:fb:c9:f1:1b:bf:
         c3:03:ca:4a:c3:68:8a:1d:f9:b8:02:77:54:a5:bf:14:9a:f9:
         36:0f:b3:48:66:2f:54:7b:e1:96:91:1c:24:6b:c3:3a:7a:e2:
         8e:b4:45:9c:1d:d7:3a:49:5f:3a:8e:92:a1:d8:33:20:c2:c0:
         10:bf:de:33:5c:09:ba:f8:0b:cc:87:ff:00:50:3e:fa:f3:35:
         e4:3b:e4:2d:f1:fe:eb:ec:a4:2a:39:86:30:d4:bc:4d:aa:9c:
         9b:5c:4e:2c:ff:03:ab:0e:30:35:b0:5d:1d:f3:c0:fa:d7:8d:
         40:c9:23:8a
-----BEGIN CERTIFICATE-----
MIIG+DCCBeCgAwIBAgISAZl2vGrr3SSXgq2DaLvNZwiQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQyMTdiNDcyYzg0MWMxZDY4NTUwYTI0ZjE5MzZkMjljYzZj
MjhmNmEwHhcNMjUwOTIzMTMyMTIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZDFkNGVmMmQwMzU5ODY4OTM3OGNiNWYyNzMyMGQ3MDhlZDEwOTY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAirPsCi43mMVlLTq9K9jUkl41BXA3
z8vDxIbN2jtLh2KbaTZMlv0Tn+qhU7Z17XtstnIvT5lgTPvp+mcRKhL9Jqw9J+d7
GH2Vli0hXes8b7LCSOq9fxpwLHfH68PjPH18GSy0kx2D/bWCkd0HhZJ8ZR9ojECf
WdRozprU/7EZlwevH2aiTSYegj4bdZIGe0t8AaIZCbZOTMJtHWS3ey9LSRsGE5lX
du7fKrHeL05cquMeL+qDn+kd0ic/3vweOAF/2WNB1zjL6j6pRERamISN5aOCCSrf
5o2sZL8P0DqWwXcUzatFNuxkYYCSq7lWlJpeLSZ9uzWCVZhmTy0jhttvzwIDAQAB
o4IEBDCCBAAwHQYDVR0OBBYEFL0dTvLQNZhok3jLXycyDXCO0QlpMB8GA1UdIwQY
MBaAFNIXtHLIQcHWhVCiTxk20pzGwo9qMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGIt
YjM4ZTI2NzdiM2RjLzEvdlIxTzh0QTFtR2lUZU10Zkp6SU5jSTdSQ1drLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC8yOTBlNDQtYjQ3OS00NmNmLWFiNGItYjM4ZTI2NzdiM2Rj
LzEvMGhlMGNzaEJ3ZGFGVUtKUEdUYlNuTWJDajJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICGAYIKwYBBQUHAQcBAf8EggIHMIICAzCCAUQEAgABMIIB
PAMEAAW0cgMEAAW7IQMEBCXrMAMEAC2ZfQMEAC63uwMEAVOshgMEAVOslgMEAFOs
mQMEAFOsqQMEAFPzeAMEAVPzegMEAFT3PQMEAFZqdwMEAFkfewMEAFkoaQMEAFku
6wMEAFku7gMEAFuEXgMEAVvjzAMEAFzzQgMEAV+czDAMAwQAZzn5AwQAZzn6AwQA
hv/SMAwDBAOVmpgDBACVmpwDBAWX7AAwDAMEAJ7/0QMEAJ7/1AMEALB+YzAMAwQC
uRrsAwQAuRruAwQAuXq4AwQAucEzAwQAucNBAwQAvL4BAwQAvL4DAwQAvNOmMAwD
BAC81iEDBAC81iIDBAG81iYDBADBAzcDBADVb7EwDAMEAdVvtgMEANVvuDAMAwQB
1W+6AwQA1W+8AwQA1W+/MAwDBAHVtzYDBAHVtzgwgbgEAgACMIGxAwcAKgMPgAAH
MBIDBwAqAw+AADEDBwAqAw+AADIDBwAqAw+AAEgDBwEqAw+AAFYDBwAqAw+AAGED
BwAqAw+AAHADBwAqAw+AA1QwEgMHACoDD4ADVwMHASoDD4ADWAMHASoDD4ADcAMH
ACoDD4A5kQMHACoDD4CtFTASAwcAKgMPgO0VAwcDKgMPgO0QAwcAKgMPgO0xAwcA
KgMPgO1RAwcAKgMPgqvNAwcAKgMPh///MA0GCSqGSIb3DQEBCwUAA4IBAQByk4Yj
igEZvfmv3sBPJjIWTkSNZeTxquhaYzV2eJdUIZTB6kjvyQk/9qz7meRYpMIQnDsU
Aw6A69aSKZM7a/YVKqI2iVSwFDXAQ1zxCta7YLM8m3TImVVreXkOi0I9HdnJ+0XD
v6r0ufyEzXzHnRP04q7dypVo24hOSEv433xytd4Htu853tPNSdgK+8nxG7/DA8pK
w2iKHfm4AndUpb8Umvk2D7NIZi9Ue+GWkRwka8M6euKOtEWcHdc6SV86jpKh2DMg
wsAQv94zXAm6+AvMh/8AUD768zXkO+Qt8f7r7KQqOYYw1LxNqpybXE4s/wOrDjA1
sF0d88D6141AySOK
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:33 2025 by rpki-client