
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/i0RVCW0ED9qPHKxEYtGD8KRurak.roa
File: i0RVCW0ED9qPHKxEYtGD8KRurak.roa (raw, json)
Hash identifier: 4PPOssza6VkYbGgeYHgLrKhOUVwv3JokBgDUXIQKkis=
Subject key identifier: 8B:44:55:09:6D:04:0F:DA:8F:1C:AC:44:62:D1:83:F0:A4:6E:AD:A9
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 0199A4CDECA64F53FFBEA5E1CCDB0E33ABD6
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/i0RVCW0ED9qPHKxEYtGD8KRurak.roa
Signing time: Thu 02 Oct 2025 12:03:02 +0000
ROA not before: Thu 02 Oct 2025 12:03:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
77.83.39.0/24 maxlen: 24
91.223.110.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 32
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 32
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a4:cd:ec:a6:4f:53:ff:be:a5:e1:cc:db:0e:33:ab:d6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Oct 2 12:03:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b4455096d040fda8f1cac4462d183f0a46eada9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:dc:1b:7a:80:a3:e4:10:a1:0c:c2:0b:e6:83:
7d:27:7f:2c:8a:3a:af:a2:f6:ac:d7:f4:c7:74:c7:
80:15:a6:59:c7:80:7a:06:76:d3:e0:48:f9:b1:31:
e7:cb:79:15:80:fd:f8:34:83:b3:b1:df:16:f0:4d:
99:ec:9b:fc:d3:fa:16:f7:82:02:03:66:e0:4f:de:
36:26:8b:7c:9a:d4:d0:43:53:34:52:7d:a9:fe:26:
93:7e:77:25:9b:4d:e5:a1:ff:90:8e:7c:b8:c4:12:
7e:86:a1:cc:79:f7:71:e7:ba:8d:64:41:17:b6:65:
68:93:a4:52:10:a9:6d:7f:60:68:1d:41:5c:42:46:
ba:23:79:30:ee:d1:03:e3:69:eb:3c:7d:66:75:85:
c6:67:3a:95:d4:0f:48:5e:e4:ea:a6:d8:b7:ce:49:
fd:c6:bf:46:17:f5:47:8e:a8:d1:cf:9d:fe:ba:9e:
e2:c2:8f:e3:9a:29:ce:d1:31:a2:2e:0a:67:5f:79:
4a:d9:7c:c3:d9:58:6b:12:58:9a:10:c2:84:e1:83:
0c:86:75:b9:43:73:c9:8d:76:13:43:8e:cd:96:f3:
e5:8e:dd:e4:0e:6c:7b:14:c5:dc:cd:59:a1:3f:37:
65:20:ca:52:12:77:bc:bd:85:e2:e3:8d:41:84:bd:
ee:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:44:55:09:6D:04:0F:DA:8F:1C:AC:44:62:D1:83:F0:A4:6E:AD:A9
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/i0RVCW0ED9qPHKxEYtGD8KRurak.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
77.83.39.0/24
91.223.110.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
69:12:67:96:8e:bc:e9:93:9d:d4:f7:d9:b4:2a:fc:d7:4f:e7:
5a:a9:1d:75:c4:c0:35:22:40:5d:43:b5:33:eb:bf:b9:bd:0c:
e5:e2:48:a3:ff:af:a5:ee:8f:4d:b8:5e:21:5e:ef:b4:79:5f:
44:99:c0:00:2c:84:50:f1:0b:16:40:3d:9e:11:d9:39:34:32:
fd:5d:97:9d:f5:ac:30:b1:c4:ac:c4:e2:62:1a:13:94:ad:09:
17:4c:54:0a:94:c3:79:d7:49:04:b8:f7:e9:3f:66:74:c9:68:
50:8b:d1:f0:96:4f:dc:e1:fe:71:5d:fa:5a:66:0c:34:c3:45:
92:c7:bb:2d:f5:2e:06:7a:db:8f:33:12:7b:cd:9e:42:7d:25:
78:31:50:36:9f:3f:b4:53:40:18:03:ea:a0:47:04:39:27:ec:
03:6a:95:e6:e5:31:9b:fa:c1:81:5d:82:63:51:7e:44:de:88:
18:b9:9f:5e:90:93:c4:91:4a:8d:e6:31:69:35:c2:ab:08:64:
d3:a5:36:44:33:73:f8:f6:78:d9:c1:18:f3:97:75:ab:cc:fe:
42:fa:9c:2a:55:5e:14:f6:99:47:c7:ba:32:e4:50:fd:60:63:
bc:90:8c:3b:75:4d:1f:64:09:fe:f0:ba:dc:28:3c:62:2d:7b:
4e:f1:1e:a0
-----BEGIN CERTIFICATE-----
MIIF9zCCBN+gAwIBAgISAZmkzeymT1P/vqXhzNsOM6vWMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUxMDAyMTIwMzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjQ0NTUwOTZkMDQwZmRhOGYxY2FjNDQ2MmQxODNmMGE0NmVhZGE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5NwbeoCj5BChDMIL5oN9J38sijqv
ovas1/THdMeAFaZZx4B6BnbT4Ej5sTHny3kVgP34NIOzsd8W8E2Z7Jv80/oW94IC
A2bgT942Jot8mtTQQ1M0Un2p/iaTfnclm03lof+Qjny4xBJ+hqHMefdx57qNZEEX
tmVok6RSEKltf2BoHUFcQka6I3kw7tED42nrPH1mdYXGZzqV1A9IXuTqpti3zkn9
xr9GF/VHjqjRz53+up7iwo/jminO0TGiLgpnX3lK2XzD2VhrEliaEMKE4YMMhnW5
Q3PJjXYTQ47NlvPljt3kDmx7FMXczVmhPzdlIMpSEne8vYXi441BhL3uJwIDAQAB
o4IDAzCCAv8wHQYDVR0OBBYEFItEVQltBA/ajxysRGLRg/Ckbq2pMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvaTBSVkNXMEVEOXFQSEt4RVl0R0Q4S1J1cmFrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBFwYIKwYBBQUHAQcBAf8EggEGMIIBAjCBhwQCAAEwgYAD
BAAFtVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1eqwMEAC2EtAMEAS2E
tgMEAE1TJwMEAFvfbgMEAJITfQMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe
8gMEAME5KwMEAMLyYAMEAcLyYgMEAsOxXAMEAsPTvDB2BAIAAjBwAwUAKgFxIAMF
AyoHkgADBQAqCQNAAwUAKgkDQgMFACoJA0YDBQAqCcRAAwUAKgxdQAMFAyoMpYAD
BQMqEN/AAwUAKhD6wAMFAyoRBYADBQAqERYAAwUAKhEqgAMFACoROQADBQAqEdaA
AwUAKhKfADANBgkqhkiG9w0BAQsFAAOCAQEAaRJnlo686ZOd1PfZtCr810/nWqkd
dcTANSJAXUO1M+u/ub0M5eJIo/+vpe6PTbheIV7vtHlfRJnAACyEUPELFkA9nhHZ
OTQy/V2XnfWsMLHErMTiYhoTlK0JF0xUCpTDeddJBLj36T9mdMloUIvR8JZP3OH+
cV36WmYMNMNFkse7LfUuBnrbjzMSe82eQn0leDFQNp8/tFNAGAPqoEcEOSfsA2qV
5uUxm/rBgV2CY1F+RN6IGLmfXpCTxJFKjeYxaTXCqwhk06U2RDNz+PZ42cEY85d1
q8z+QvqcKlVeFPaZR8e6MuRQ/WBjvJCMO3VNH2QJ/vC63Cg8Yi17TvEeoA==
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:32:35 2025 by rpki-client