Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/tTbiV1p1IxN2njOeOlGPUdrcEO8.roa
File: tTbiV1p1IxN2njOeOlGPUdrcEO8.roa (raw, json)
Hash identifier: QCqFLLh9eDcI0sf1Fk/d5nbIK61Y2OX/OMR+8N2W95Y=
Subject key identifier: B5:36:E2:57:5A:75:23:13:76:9E:33:9E:3A:51:8F:51:DA:DC:10:EF
Certificate issuer: /CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Certificate serial: 01978299A91E20357C9A2CEFD055AA0264BF
Authority key identifier: E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/tTbiV1p1IxN2njOeOlGPUdrcEO8.roa
Signing time: Wed 18 Jun 2025 10:33:17 +0000
ROA not before: Wed 18 Jun 2025 10:33:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 719
IP address blocks: 31.7.16.0/20 maxlen: 20
46.182.112.0/21 maxlen: 21
62.142.0.0/16 maxlen: 16
62.148.192.0/19 maxlen: 19
62.216.96.0/19 maxlen: 19
62.240.64.0/19 maxlen: 19
62.248.128.0/17 maxlen: 17
77.109.192.0/18 maxlen: 18
80.81.160.0/19 maxlen: 19
80.88.176.0/20 maxlen: 20
80.186.0.0/16 maxlen: 16
80.248.96.0/19 maxlen: 19
81.197.0.0/16 maxlen: 16
81.209.0.0/17 maxlen: 17
82.103.192.0/18 maxlen: 18
82.118.192.0/19 maxlen: 19
82.141.64.0/18 maxlen: 18
82.215.192.0/18 maxlen: 18
83.245.128.0/17 maxlen: 17
84.230.0.0/15 maxlen: 15
85.76.0.0/14 maxlen: 14
85.156.0.0/16 maxlen: 16
85.157.0.0/16 maxlen: 16
85.217.0.0/17 maxlen: 17
88.112.0.0/14 maxlen: 14
91.152.0.0/13 maxlen: 13
94.22.0.0/16 maxlen: 16
109.163.248.0/21 maxlen: 21
109.232.80.0/21 maxlen: 21
139.97.0.0/16 maxlen: 16
178.251.56.0/21 maxlen: 21
192.77.120.0/22 maxlen: 22
192.102.36.0/24 maxlen: 24
192.102.37.0/24 maxlen: 24
192.102.38.0/24 maxlen: 24
192.102.39.0/24 maxlen: 24
192.102.40.0/24 maxlen: 24
192.102.41.0/24 maxlen: 24
192.102.42.0/24 maxlen: 24
192.102.49.0/24 maxlen: 24
192.102.50.0/24 maxlen: 24
192.126.1.0/24 maxlen: 24
192.126.23.0/24 maxlen: 24
192.126.24.0/24 maxlen: 24
192.126.35.0/24 maxlen: 24
192.126.44.0/24 maxlen: 24
192.126.46.0/24 maxlen: 24
192.163.32.0/19 maxlen: 19
192.163.64.0/18 maxlen: 18
192.163.128.0/19 maxlen: 19
192.175.45.0/24 maxlen: 24
193.64.0.0/15 maxlen: 15
193.65.129.0/24 maxlen: 24
193.66.0.0/16 maxlen: 16
193.94.0.0/16 maxlen: 16
193.184.0.0/15 maxlen: 15
193.199.0.0/16 maxlen: 16
193.229.0.0/16 maxlen: 16
194.86.0.0/16 maxlen: 16
194.86.35.0/24 maxlen: 24
194.136.0.0/16 maxlen: 16
194.157.0.0/16 maxlen: 16
194.188.0.0/16 maxlen: 16
194.211.0.0/16 maxlen: 16
194.240.0.0/15 maxlen: 15
195.16.192.0/19 maxlen: 19
195.74.0.0/19 maxlen: 19
195.170.128.0/19 maxlen: 19
195.197.0.0/16 maxlen: 16
195.218.64.0/19 maxlen: 19
195.236.0.0/15 maxlen: 15
195.238.192.0/19 maxlen: 19
195.255.0.0/16 maxlen: 16
212.38.224.0/19 maxlen: 19
212.50.192.0/19 maxlen: 19
212.54.0.0/19 maxlen: 19
212.63.0.0/19 maxlen: 19
212.226.0.0/16 maxlen: 16
212.246.0.0/16 maxlen: 16
213.130.224.0/19 maxlen: 19
213.161.32.0/19 maxlen: 19
213.169.0.0/19 maxlen: 19
213.192.128.0/18 maxlen: 18
213.250.64.0/18 maxlen: 18
217.24.96.0/20 maxlen: 20
217.25.96.0/20 maxlen: 20
217.77.192.0/20 maxlen: 20
217.152.0.0/16 maxlen: 16
2001:671::/47 maxlen: 48
2001:998::/29 maxlen: 32
2001:9f0::/29 maxlen: 29
2001:1658::/29 maxlen: 29
2a00:1dd0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.mft
rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 07:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:82:99:a9:1e:20:35:7c:9a:2c:ef:d0:55:aa:02:64:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e0dee1b06ba24a676213f976a4b50c129dcb2b73
Validity
Not Before: Jun 18 10:33:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b536e2575a752313769e339e3a518f51dadc10ef
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:99:75:46:e0:91:c9:77:f4:f1:4f:82:7b:fa:ca:
d0:1e:3b:d9:61:be:74:f4:a0:c1:ff:ee:6f:6f:aa:
20:04:2b:e1:39:02:78:28:a9:7d:2b:a4:df:34:40:
97:59:92:ee:77:1e:0d:d5:5e:0b:90:75:8c:c9:ba:
b0:8b:90:0d:94:ee:9f:47:57:e0:d0:ee:ff:0b:b8:
22:df:99:03:81:5c:93:e9:72:6c:0a:80:fe:88:87:
da:74:e0:a8:9a:2f:6e:09:89:6d:97:1b:27:7c:b7:
f9:08:db:39:73:15:84:81:57:e8:7e:35:08:87:c9:
28:a2:0b:f7:b6:45:cf:61:9d:08:e6:07:df:74:9d:
b3:d0:08:55:f6:26:7c:b4:d8:41:13:c2:10:e1:41:
47:1a:59:27:fb:b8:78:7f:9c:53:53:c0:c2:1f:fd:
00:db:dd:da:73:64:63:b5:d3:d8:3b:72:86:25:71:
e7:0f:d7:1c:59:7d:48:fe:7f:3b:96:d6:87:ec:fc:
02:de:88:b5:56:6f:57:e0:dd:f2:59:6d:78:1e:6d:
a0:3b:43:27:69:95:6a:bf:b8:24:38:cc:d3:bf:89:
eb:79:b5:ef:a2:8b:f5:6c:ef:14:82:e1:03:9c:e5:
ad:1c:65:24:a9:cb:2f:2b:26:59:c5:f0:17:c0:4f:
2f:f7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B5:36:E2:57:5A:75:23:13:76:9E:33:9E:3A:51:8F:51:DA:DC:10:EF
X509v3 Authority Key Identifier:
keyid:E0:DE:E1:B0:6B:A2:4A:67:62:13:F9:76:A4:B5:0C:12:9D:CB:2B:73
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4N7hsGuiSmdiE_l2pLUMEp3LK3M.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/tTbiV1p1IxN2njOeOlGPUdrcEO8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/30/c22dc9-c7ba-4156-a79c-15e90bf87fab/1/4N7hsGuiSmdiE_l2pLUMEp3LK3M.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.7.16.0/20
46.182.112.0/21
62.142.0.0/16
62.148.192.0/19
62.216.96.0/19
62.240.64.0/19
62.248.128.0/17
77.109.192.0/18
80.81.160.0/19
80.88.176.0/20
80.186.0.0/16
80.248.96.0/19
81.197.0.0/16
81.209.0.0/17
82.103.192.0/18
82.118.192.0/19
82.141.64.0/18
82.215.192.0/18
83.245.128.0/17
84.230.0.0/15
85.76.0.0/14
85.156.0.0/15
85.217.0.0/17
88.112.0.0/14
91.152.0.0/13
94.22.0.0/16
109.163.248.0/21
109.232.80.0/21
139.97.0.0/16
178.251.56.0/21
192.77.120.0/22
192.102.36.0-192.102.42.255
192.102.49.0-192.102.50.255
192.126.1.0/24
192.126.23.0-192.126.24.255
192.126.35.0/24
192.126.44.0/24
192.126.46.0/24
192.163.32.0-192.163.159.255
192.175.45.0/24
193.64.0.0-193.66.255.255
193.94.0.0/16
193.184.0.0/15
193.199.0.0/16
193.229.0.0/16
194.86.0.0/16
194.136.0.0/16
194.157.0.0/16
194.188.0.0/16
194.211.0.0/16
194.240.0.0/15
195.16.192.0/19
195.74.0.0/19
195.170.128.0/19
195.197.0.0/16
195.218.64.0/19
195.236.0.0/15
195.238.192.0/19
195.255.0.0/16
212.38.224.0/19
212.50.192.0/19
212.54.0.0/19
212.63.0.0/19
212.226.0.0/16
212.246.0.0/16
213.130.224.0/19
213.161.32.0/19
213.169.0.0/19
213.192.128.0/18
213.250.64.0/18
217.24.96.0/20
217.25.96.0/20
217.77.192.0/20
217.152.0.0/16
IPv6:
2001:671::/47
2001:998::/29
2001:9f0::/29
2001:1658::/29
2a00:1dd0::/29
Signature Algorithm: sha256WithRSAEncryption
8f:f1:30:43:fb:55:73:8e:72:2c:31:06:07:50:fa:02:26:e0:
00:cb:61:7d:6c:e2:2a:61:b2:52:60:4a:6e:0b:15:03:c6:28:
4e:92:08:4f:52:d9:c8:79:a2:e6:aa:fc:7a:eb:84:d1:13:95:
46:56:6f:ca:a2:12:e2:50:99:ef:dd:6a:5e:3f:c1:55:42:08:
8e:ca:12:b0:12:2a:dc:70:91:98:2f:f9:37:8a:e0:44:d1:3b:
17:60:c4:da:4e:d7:22:8a:03:13:39:77:9f:d4:de:34:61:4d:
28:d3:33:f6:d1:0a:c5:74:3d:a3:a1:2c:b2:4e:30:ce:34:b3:
2b:df:4d:30:0e:62:2e:51:aa:ad:16:48:28:5f:9b:7a:5c:d4:
7f:90:84:1a:37:11:0a:bf:a7:f9:79:c4:82:e9:db:9e:8d:81:
34:22:64:a4:98:b3:ed:09:d8:f7:6a:97:5a:77:5a:d4:66:56:
2c:97:b1:80:b4:68:fd:92:57:dd:4a:0f:02:de:b6:10:12:81:
7d:14:48:7e:88:26:49:51:40:35:09:86:96:82:03:d2:d7:85:
1e:0f:e0:c1:08:5f:0c:87:4a:01:1f:d5:87:a2:3f:60:16:32:
fb:9f:41:d6:fc:35:8a:77:7f:9b:89:7e:c9:60:38:89:61:82:
14:94:f4:e1
-----BEGIN CERTIFICATE-----
MIIG9jCCBd6gAwIBAgISAZeCmakeIDV8mizv0FWqAmS/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUwZGVlMWIwNmJhMjRhNjc2MjEzZjk3NmE0YjUwYzEyOWRj
YjJiNzMwHhcNMjUwNjE4MTAzMzE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiNTM2ZTI1NzVhNzUyMzEzNzY5ZTMzOWUzYTUxOGY1MWRhZGMxMGVmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmXVG4JHJd/TxT4J7+srQHjvZYb50
9KDB/+5vb6ogBCvhOQJ4KKl9K6TfNECXWZLudx4N1V4LkHWMybqwi5ANlO6fR1fg
0O7/C7gi35kDgVyT6XJsCoD+iIfadOComi9uCYltlxsnfLf5CNs5cxWEgVfofjUI
h8koogv3tkXPYZ0I5gffdJ2z0AhV9iZ8tNhBE8IQ4UFHGlkn+7h4f5xTU8DCH/0A
293ac2RjtdPYO3KGJXHnD9ccWX1I/n87ltaH7PwC3oi1Vm9X4N3yWW14Hm2gO0Mn
aZVqv7gkOMzTv4nrebXvoov1bO8UguEDnOWtHGUkqcsvKyZZxfAXwE8v9wIDAQAB
o4IEAjCCA/4wHQYDVR0OBBYEFLU24ldadSMTdp4znjpRj1Ha3BDvMB8GA1UdIwQY
MBaAFODe4bBrokpnYhP5dqS1DBKdyytzMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMt
MTVlOTBiZjg3ZmFiLzEvdFRiaVYxcDFJeE4ybmpPZU9sR1BVZHJjRU84LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMC9jMjJkYzktYzdiYS00MTU2LWE3OWMtMTVlOTBiZjg3ZmFi
LzEvNE43aHNHdWlTbWRpRV9sMnBMVU1FcDNMSzNNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICFgYIKwYBBQUHAQcBAf8EggIFMIICATCCAdAEAgABMIIB
yAMEBB8HEAMEAy62cAMDAD6OAwQFPpTAAwQFPthgAwQFPvBAAwQHPviAAwQGTW3A
AwQFUFGgAwQEUFiwAwMAULoDBAVQ+GADAwBRxQMEB1HRAAMEBlJnwAMEBVJ2wAME
BlKNQAMEBlLXwAMEB1P1gAMDAVTmAwMCVUwDAwFVnAMEB1XZAAMDAlhwAwMDW5gD
AwBeFgMEA22j+AMEA23oUAMDAIthAwQDsvs4AwQCwE14MAwDBALAZiQDBADAZiow
DAMEAMBmMQMEAMBmMgMEAMB+ATAMAwQAwH4XAwQAwH4YAwQAwH4jAwQAwH4sAwQA
wH4uMAwDBAXAoyADBAXAo4ADBADAry0wCgMDBsFAAwMAwUIDAwDBXgMDAcG4AwMA
wccDAwDB5QMDAMJWAwMAwogDAwDCnQMDAMK8AwMAwtMDAwHC8AMEBcMQwAMEBcNK
AAMEBcOqgAMDAMPFAwQFw9pAAwMBw+wDBAXD7sADAwDD/wMEBdQm4AMEBdQywAME
BdQ2AAMEBdQ/AAMDANTiAwMA1PYDBAXVguADBAXVoSADBAXVqQADBAbVwIADBAbV
+kADBATZGGADBATZGWADBATZTcADAwDZmDArBAIAAjAlAwcBIAEGcQAAAwUDIAEJ
mAMFAyABCfADBQMgARZYAwUDKgAd0DANBgkqhkiG9w0BAQsFAAOCAQEAj/EwQ/tV
c45yLDEGB1D6AibgAMthfWziKmGyUmBKbgsVA8YoTpIIT1LZyHmi5qr8euuE0ROV
RlZvyqIS4lCZ791qXj/BVUIIjsoSsBIq3HCRmC/5N4rgRNE7F2DE2k7XIooDEzl3
n9TeNGFNKNMz9tEKxXQ9o6Essk4wzjSzK99NMA5iLlGqrRZIKF+belzUf5CEGjcR
Cr+n+XnEgunbno2BNCJkpJiz7QnY92qXWnda1GZWLJexgLRo/ZJX3UoPAt62EBKB
fRRIfogmSVFANQmGloID0teFHg/gwQhfDIdKAR/Vh6I/YBYy+59B1vw1ind/m4l+
yWA4iWGCFJT04Q==
-----END CERTIFICATE-----
Generated at Mon Jun 30 14:53:38 2025 by rpki-client