Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/pGRf_UUtjRt-_g2C1JVet-aTzvE.roa
File: pGRf_UUtjRt-_g2C1JVet-aTzvE.roa (raw, json)
Hash identifier: FTLP858yB7qWwsssBb1qn2lRhr6UD4obl8X6eHrvZsI=
Subject key identifier: A4:64:5F:FD:45:2D:8D:1B:7E:FE:0D:82:D4:95:5E:B7:E6:93:CE:F1
Certificate issuer: /CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Certificate serial: 0199142AA934AA64E435D143EBD128D4C1FC
Authority key identifier: 01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/pGRf_UUtjRt-_g2C1JVet-aTzvE.roa
Signing time: Thu 04 Sep 2025 09:59:24 +0000
ROA not before: Thu 04 Sep 2025 09:59:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8881
IP address blocks: 24.40.128.0/18 maxlen: 18
46.142.0.0/16 maxlen: 16
46.142.0.0/18 maxlen: 20
46.142.64.0/19 maxlen: 20
46.142.96.0/19 maxlen: 19
46.142.96.0/20 maxlen: 20
46.142.128.0/19 maxlen: 19
46.142.160.0/19 maxlen: 19
46.142.214.0/24 maxlen: 24
46.142.224.0/19 maxlen: 19
46.189.0.0/17 maxlen: 17
61.8.128.0/19 maxlen: 21
62.72.64.0/19 maxlen: 19
62.72.70.0/24 maxlen: 24
62.214.0.0/16 maxlen: 16
62.214.224.0/19 maxlen: 19
62.217.32.0/19 maxlen: 19
62.220.0.0/19 maxlen: 19
80.241.192.0/20 maxlen: 20
80.242.160.0/19 maxlen: 19
82.119.160.0/19 maxlen: 19
82.140.0.0/18 maxlen: 18
82.140.48.0/20 maxlen: 20
82.144.32.0/19 maxlen: 19
82.145.0.0/19 maxlen: 19
82.194.96.0/19 maxlen: 19
82.207.128.0/17 maxlen: 17
82.207.192.0/19 maxlen: 19
82.207.224.0/19 maxlen: 19
83.135.0.0/16 maxlen: 16
83.135.0.0/20 maxlen: 20
83.135.64.0/19 maxlen: 19
83.135.96.0/20 maxlen: 20
83.135.128.0/19 maxlen: 20
83.135.160.0/21 maxlen: 21
83.135.168.0/21 maxlen: 21
83.135.176.0/22 maxlen: 22
83.135.184.0/21 maxlen: 21
83.135.208.0/20 maxlen: 20
83.135.224.0/22 maxlen: 22
83.135.232.0/21 maxlen: 21
83.135.240.0/22 maxlen: 22
84.19.192.0/19 maxlen: 19
87.122.0.0/15 maxlen: 15
87.122.0.0/20 maxlen: 20
87.122.16.0/20 maxlen: 20
87.122.32.0/19 maxlen: 19
87.122.64.0/19 maxlen: 20
87.122.96.0/19 maxlen: 19
87.122.144.0/20 maxlen: 20
87.122.160.0/20 maxlen: 20
87.122.192.0/19 maxlen: 19
87.122.224.0/19 maxlen: 20
87.123.0.0/19 maxlen: 20
87.123.32.0/19 maxlen: 19
87.123.64.0/20 maxlen: 20
87.123.80.0/20 maxlen: 20
87.123.96.0/19 maxlen: 19
87.123.128.0/19 maxlen: 19
87.123.160.0/20 maxlen: 20
87.123.194.0/24 maxlen: 24
87.123.196.0/24 maxlen: 24
87.123.203.0/24 maxlen: 24
87.123.224.0/20 maxlen: 20
87.123.240.0/21 maxlen: 21
88.130.0.0/16 maxlen: 16
88.130.32.0/20 maxlen: 20
88.130.48.0/20 maxlen: 24
88.130.64.0/19 maxlen: 19
88.130.96.0/19 maxlen: 19
88.130.144.0/20 maxlen: 20
88.130.172.0/22 maxlen: 22
88.130.176.0/21 maxlen: 21
88.130.194.0/23 maxlen: 23
88.130.216.0/21 maxlen: 21
89.27.128.0/17 maxlen: 17
89.207.200.0/21 maxlen: 21
89.244.0.0/14 maxlen: 14
89.244.76.0/22 maxlen: 22
89.244.80.0/20 maxlen: 20
89.244.96.0/22 maxlen: 22
89.244.120.0/21 maxlen: 21
89.244.176.0/20 maxlen: 20
89.244.192.0/19 maxlen: 20
89.244.224.0/19 maxlen: 19
89.245.0.0/20 maxlen: 20
89.245.16.0/20 maxlen: 20
89.245.32.0/19 maxlen: 19
89.245.64.0/19 maxlen: 19
89.245.96.0/20 maxlen: 20
89.245.158.0/24 maxlen: 24
89.245.159.0/24 maxlen: 24
89.245.160.0/20 maxlen: 20
89.245.176.0/21 maxlen: 21
89.245.192.0/19 maxlen: 19
89.245.224.0/19 maxlen: 20
89.246.0.0/19 maxlen: 20
89.246.32.0/19 maxlen: 19
89.246.96.0/21 maxlen: 21
89.246.122.0/24 maxlen: 24
89.246.124.0/22 maxlen: 22
89.246.160.0/21 maxlen: 21
89.246.184.0/21 maxlen: 21
89.246.192.0/19 maxlen: 19
89.247.0.0/19 maxlen: 19
89.247.32.0/19 maxlen: 19
89.247.32.0/20 maxlen: 20
89.247.112.0/21 maxlen: 21
89.247.112.0/22 maxlen: 22
89.247.120.0/22 maxlen: 22
89.247.144.0/20 maxlen: 20
89.247.160.0/20 maxlen: 20
89.247.179.0/24 maxlen: 24
89.247.192.0/20 maxlen: 20
89.247.216.0/22 maxlen: 22
89.247.228.0/22 maxlen: 22
89.247.232.0/21 maxlen: 21
89.247.240.0/21 maxlen: 21
89.247.252.0/22 maxlen: 22
94.134.0.0/15 maxlen: 15
94.134.0.0/18 maxlen: 18
94.134.64.0/18 maxlen: 23
94.134.89.0/24 maxlen: 24
94.134.128.0/17 maxlen: 22
104.151.0.0/17 maxlen: 17
143.58.64.0/18 maxlen: 18
185.108.228.0/23 maxlen: 23
185.128.68.0/22 maxlen: 22
193.219.15.0/24 maxlen: 24
195.167.208.0/20 maxlen: 20
195.202.32.0/19 maxlen: 19
195.226.96.0/19 maxlen: 19
195.226.160.0/19 maxlen: 19
202.71.128.0/20 maxlen: 24
202.89.144.0/20 maxlen: 20
212.7.128.0/19 maxlen: 19
212.80.224.0/19 maxlen: 19
212.93.0.0/19 maxlen: 19
212.204.0.0/19 maxlen: 19
213.30.192.0/18 maxlen: 18
213.138.32.0/19 maxlen: 19
213.138.35.0/24 maxlen: 24
213.139.128.0/19 maxlen: 19
213.182.128.0/19 maxlen: 19
217.9.32.0/19 maxlen: 19
217.9.96.0/19 maxlen: 19
217.27.192.0/20 maxlen: 20
217.65.16.0/20 maxlen: 20
217.78.128.0/20 maxlen: 20
217.199.64.0/20 maxlen: 20
2001:7b0::/32 maxlen: 32
2001:9e8::/32 maxlen: 32
2001:9e8::/35 maxlen: 35
2001:9e8:2000::/35 maxlen: 35
2001:9e8:4000::/35 maxlen: 35
2001:9e8:6000::/35 maxlen: 35
2001:9e8:8000::/35 maxlen: 35
2001:9e8:a000::/35 maxlen: 35
2001:9e8:c000::/35 maxlen: 35
2001:9e8:e000::/35 maxlen: 36
2001:1438::/32 maxlen: 36
2001:1438:1::/48 maxlen: 56
2001:1438:300::/56 maxlen: 56
2001:16b8::/32 maxlen: 40
2a00:fb8::/29 maxlen: 29
2a00:fb8::/35 maxlen: 35
2a00:fb8:2000::/35 maxlen: 35
2a00:fb8:4000::/35 maxlen: 35
2a00:fb8:6000::/35 maxlen: 35
2a00:fbc::/32 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.mft
rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:14:2a:a9:34:aa:64:e4:35:d1:43:eb:d1:28:d4:c1:fc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01d1a1353f7f8b505fc98750e86787f4e046432e
Validity
Not Before: Sep 4 09:59:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a4645ffd452d8d1b7efe0d82d4955eb7e693cef1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:22:10:3a:67:13:d3:b9:78:77:17:6d:fd:26:
94:63:29:af:a2:db:a1:cb:88:44:26:13:6e:7f:33:
a2:5d:2a:eb:f3:73:cc:f8:6c:01:d2:09:ca:a3:73:
02:9a:8f:09:27:f9:a1:fe:8c:a0:8a:b9:1d:86:6b:
9d:80:74:54:18:27:5b:c8:bf:b5:24:63:47:5f:ed:
7a:47:42:cb:13:06:38:cc:45:2f:8d:4d:5c:62:02:
d8:1e:be:4d:03:82:d9:d5:81:d3:a6:4c:2a:15:9d:
92:c0:29:50:cf:fd:a8:ba:71:7f:b6:af:a0:6a:cb:
52:01:74:c9:43:5a:f2:00:a1:f6:ae:38:15:9d:3a:
28:f9:94:3c:43:2c:54:5b:16:2e:4d:e8:86:0d:41:
8a:f9:05:7f:3e:3e:02:37:13:5c:b5:35:a2:a8:b0:
19:36:fc:61:23:d1:5b:73:8d:dd:6c:6b:fe:08:68:
d7:c6:7f:b9:d3:39:67:17:fe:2f:0f:a6:ce:ae:48:
b1:56:00:31:0a:db:03:4d:d0:07:c9:94:a4:08:6c:
26:b0:8c:15:b5:32:da:bb:80:48:ab:bf:7b:18:db:
86:9f:ef:2d:50:4e:68:45:1e:05:4d:8c:b4:90:f9:
4e:7e:00:1a:0e:e9:36:4b:0d:28:30:bb:62:a5:65:
43:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A4:64:5F:FD:45:2D:8D:1B:7E:FE:0D:82:D4:95:5E:B7:E6:93:CE:F1
X509v3 Authority Key Identifier:
keyid:01:D1:A1:35:3F:7F:8B:50:5F:C9:87:50:E8:67:87:F4:E0:46:43:2E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/pGRf_UUtjRt-_g2C1JVet-aTzvE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1b/b1393d-cca8-4a97-81aa-643a4159ab46/1/AdGhNT9_i1BfyYdQ6GeH9OBGQy4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
24.40.128.0/18
46.142.0.0/16
46.189.0.0/17
61.8.128.0/19
62.72.64.0/19
62.214.0.0/16
62.217.32.0/19
62.220.0.0/19
80.241.192.0/20
80.242.160.0/19
82.119.160.0/19
82.140.0.0/18
82.144.32.0/19
82.145.0.0/19
82.194.96.0/19
82.207.128.0/17
83.135.0.0/16
84.19.192.0/19
87.122.0.0/15
88.130.0.0/16
89.27.128.0/17
89.207.200.0/21
89.244.0.0/14
94.134.0.0/15
104.151.0.0/17
143.58.64.0/18
185.108.228.0/23
185.128.68.0/22
193.219.15.0/24
195.167.208.0/20
195.202.32.0/19
195.226.96.0/19
195.226.160.0/19
202.71.128.0/20
202.89.144.0/20
212.7.128.0/19
212.80.224.0/19
212.93.0.0/19
212.204.0.0/19
213.30.192.0/18
213.138.32.0/19
213.139.128.0/19
213.182.128.0/19
217.9.32.0/19
217.9.96.0/19
217.27.192.0/20
217.65.16.0/20
217.78.128.0/20
217.199.64.0/20
IPv6:
2001:7b0::/32
2001:9e8::/32
2001:1438::/32
2001:16b8::/32
2a00:fb8::/29
Signature Algorithm: sha256WithRSAEncryption
2b:69:61:14:34:a0:57:aa:b3:98:71:17:26:56:92:ef:1c:87:
0b:26:e3:6a:b5:48:73:34:5b:1d:a7:3b:9a:6f:53:d5:fb:de:
be:ea:28:0c:d5:ea:34:5c:7f:c7:57:01:84:c1:2d:46:c0:d7:
d2:58:a9:ef:37:a3:7a:59:6a:6c:53:5b:4f:c2:2a:cf:94:9b:
dc:aa:20:ce:0e:0d:ca:5d:6c:c9:46:0c:c8:6c:0b:41:1e:3c:
e1:15:c0:f1:af:56:78:6f:8d:19:b9:11:7b:cd:e5:f5:f1:bf:
15:f5:bd:e9:0d:ba:6d:23:62:07:36:83:a9:6f:0b:23:5d:77:
f8:67:ba:4b:e8:a7:fb:b8:d0:31:3e:85:e4:0e:15:4c:e2:5c:
b6:4e:a0:76:a6:04:48:e4:9b:69:7a:19:22:aa:10:7c:27:19:
82:ef:b2:db:b6:8c:6f:d5:9a:08:15:bc:41:2f:b9:f5:63:7a:
06:7b:39:a3:ce:c1:5c:44:f2:94:32:2f:f3:21:cc:be:5e:ba:
a0:71:c1:2f:5d:1c:f6:f2:64:0c:9d:77:51:ee:d3:ec:ee:e9:
36:24:bd:2c:17:8c:84:0b:00:5c:b1:18:ae:70:4b:27:cb:93:
7c:e2:20:c6:11:8e:ac:8f:40:44:96:db:de:0d:3c:a6:88:71:
d2:f9:ce:a2
-----BEGIN CERTIFICATE-----
MIIGSzCCBTOgAwIBAgISAZkUKqk0qmTkNdFD69Eo1MH8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZDFhMTM1M2Y3ZjhiNTA1ZmM5ODc1MGU4Njc4N2Y0ZTA0
NjQzMmUwHhcNMjUwOTA0MDk1OTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNDY0NWZmZDQ1MmQ4ZDFiN2VmZTBkODJkNDk1NWViN2U2OTNjZWYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnCIQOmcT07l4dxdt/SaUYymvotuh
y4hEJhNufzOiXSrr83PM+GwB0gnKo3MCmo8JJ/mh/oygirkdhmudgHRUGCdbyL+1
JGNHX+16R0LLEwY4zEUvjU1cYgLYHr5NA4LZ1YHTpkwqFZ2SwClQz/2ounF/tq+g
astSAXTJQ1ryAKH2rjgVnToo+ZQ8QyxUWxYuTeiGDUGK+QV/Pj4CNxNctTWiqLAZ
NvxhI9Fbc43dbGv+CGjXxn+50zlnF/4vD6bOrkixVgAxCtsDTdAHyZSkCGwmsIwV
tTLau4BIq797GNuGn+8tUE5oRR4FTYy0kPlOfgAaDuk2Sw0oMLtipWVDIQIDAQAB
o4IDVzCCA1MwHQYDVR0OBBYEFKRkX/1FLY0bfv4NgtSVXrfmk87xMB8GA1UdIwQY
MBaAFAHRoTU/f4tQX8mHUOhnh/TgRkMuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEt
NjQzYTQxNTlhYjQ2LzEvcEdSZl9VVXRqUnQtX2cyQzFKVmV0LWFUenZFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYi9iMTM5M2QtY2NhOC00YTk3LTgxYWEtNjQzYTQxNTlhYjQ2
LzEvQWRHaE5UOV9pMUJmeVlkUTZHZUg5T0JHUXk0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBawYIKwYBBQUHAQcBAf8EggFaMIIBVjCCAScEAgABMIIB
HwMEBhgogAMDAC6OAwQHLr0AAwQFPQiAAwQFPkhAAwMAPtYDBAU+2SADBAU+3AAD
BARQ8cADBAVQ8qADBAVSd6ADBAZSjAADBAVSkCADBAVSkQADBAVSwmADBAdSz4AD
AwBThwMEBVQTwAMDAVd6AwMAWIIDBAdZG4ADBANZz8gDAwJZ9AMDAV6GAwQHaJcA
AwQGjzpAAwQBuWzkAwQCuYBEAwQAwdsPAwQEw6fQAwQFw8ogAwQFw+JgAwQFw+Kg
AwQEykeAAwQEylmQAwQF1AeAAwQF1FDgAwQF1F0AAwQF1MwAAwQG1R7AAwQF1Yog
AwQF1YuAAwQF1baAAwQF2QkgAwQF2QlgAwQE2RvAAwQE2UEQAwQE2U6AAwQE2cdA
MCkEAgACMCMDBQAgAQewAwUAIAEJ6AMFACABFDgDBQAgARa4AwUDKgAPuDANBgkq
hkiG9w0BAQsFAAOCAQEAK2lhFDSgV6qzmHEXJlaS7xyHCybjarVIczRbHac7mm9T
1fvevuooDNXqNFx/x1cBhMEtRsDX0lip7zejellqbFNbT8Iqz5Sb3Kogzg4Nyl1s
yUYMyGwLQR484RXA8a9WeG+NGbkRe83l9fG/FfW96Q26bSNiBzaDqW8LI113+Ge6
S+in+7jQMT6F5A4VTOJctk6gdqYESOSbaXoZIqoQfCcZgu+y27aMb9WaCBW8QS+5
9WN6Bns5o87BXETylDIv8yHMvl66oHHBL10c9vJkDJ13Ue7T7O7pNiS9LBeMhAsA
XLEYrnBLJ8uTfOIgxhGOrI9ARJbb3g08pohx0vnOog==
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:05:13 2025 by rpki-client