Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/DBpPMSWHruIkQQe9lP3EP5iUYUA.roa
File: DBpPMSWHruIkQQe9lP3EP5iUYUA.roa (raw, json)
Hash identifier: UTfNUG+CJ/AHL4ntOF0qjez9Zn+iCpFCtQNImoUxz/c=
Subject key identifier: 0C:1A:4F:31:25:87:AE:E2:24:41:07:BD:94:FD:C4:3F:98:94:61:40
Certificate issuer: /CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Certificate serial: 01989845246E11EF02FCAAB2B79EC22C3CA6
Authority key identifier: E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/DBpPMSWHruIkQQe9lP3EP5iUYUA.roa
Signing time: Mon 11 Aug 2025 08:35:24 +0000
ROA not before: Mon 11 Aug 2025 08:35:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209372
IP address blocks: 5.104.72.0/24 maxlen: 24
5.104.74.0/24 maxlen: 24
31.40.194.0/24 maxlen: 24
45.130.184.0/24 maxlen: 24
45.130.185.0/24 maxlen: 24
45.130.186.0/24 maxlen: 24
45.130.187.0/24 maxlen: 24
45.140.4.0/24 maxlen: 24
45.140.6.0/24 maxlen: 24
45.140.7.0/24 maxlen: 24
77.83.20.0/22 maxlen: 24
77.83.48.0/24 maxlen: 24
77.83.49.0/24 maxlen: 24
84.252.64.0/22 maxlen: 24
86.62.53.0/24 maxlen: 24
86.62.54.0/24 maxlen: 24
88.218.80.0/24 maxlen: 24
88.218.239.0/24 maxlen: 24
91.132.126.0/24 maxlen: 24
91.132.127.0/24 maxlen: 24
91.245.239.0/24 maxlen: 24
95.214.83.0/24 maxlen: 24
95.214.92.0/24 maxlen: 24
95.214.93.0/24 maxlen: 24
95.214.95.0/24 maxlen: 24
95.214.244.0/22 maxlen: 24
176.118.188.0/24 maxlen: 24
176.118.189.0/24 maxlen: 24
176.118.191.0/24 maxlen: 24
185.177.76.0/24 maxlen: 24
185.177.77.0/24 maxlen: 24
193.160.68.0/24 maxlen: 24
193.160.72.0/24 maxlen: 24
193.160.74.0/24 maxlen: 24
193.160.75.0/24 maxlen: 24
194.28.157.0/24 maxlen: 24
194.53.188.0/22 maxlen: 24
194.124.41.0/24 maxlen: 24
212.69.135.0/24 maxlen: 24
213.109.188.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.mft
rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:98:45:24:6e:11:ef:02:fc:aa:b2:b7:9e:c2:2c:3c:a6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e2c2b834fbc91af0ec6b1d34fd64054d2269a1fd
Validity
Not Before: Aug 11 08:35:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0c1a4f312587aee2244107bd94fdc43f98946140
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:6a:5c:d6:bc:1c:fa:35:a6:51:32:c5:e2:86:
3b:f1:8c:65:ce:6a:6f:69:b1:76:22:b3:2b:67:b9:
dc:11:9b:e9:ef:7f:d6:67:d7:ea:6d:a1:20:fe:9e:
ee:b9:40:39:84:1a:0c:94:5e:16:85:1d:f0:f2:32:
96:59:d9:85:48:94:e6:87:5b:ae:1b:d7:a3:77:d6:
de:1a:63:e2:97:a5:44:3c:02:11:22:01:39:4f:5c:
7c:49:0e:fa:9e:b6:b3:7e:be:3a:13:37:fd:29:b5:
01:05:80:3d:8c:68:e2:35:dc:a4:c8:8b:93:2b:32:
3e:32:a3:e2:b6:ac:f6:89:80:4c:99:a9:bf:42:f9:
24:71:f4:21:c0:8e:ce:17:1f:19:e2:33:1e:7d:70:
1b:b1:f2:a1:ae:d6:64:ae:f6:f6:55:4f:9e:3b:95:
a6:27:23:3f:82:0f:1a:76:0d:b5:0d:73:2e:80:01:
97:cf:44:68:fc:ee:de:fa:3c:05:18:28:c4:8f:35:
77:fd:7a:0b:63:52:98:25:30:82:5e:7f:06:f9:af:
09:a6:32:2e:34:7f:07:2d:67:e9:e6:e1:27:73:1c:
5d:9d:b0:cf:40:73:e9:bd:b9:3a:1e:f1:1d:50:34:
3a:33:0e:22:c8:c5:38:b1:95:45:68:8b:0e:8e:a2:
62:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:1A:4F:31:25:87:AE:E2:24:41:07:BD:94:FD:C4:3F:98:94:61:40
X509v3 Authority Key Identifier:
keyid:E2:C2:B8:34:FB:C9:1A:F0:EC:6B:1D:34:FD:64:05:4D:22:69:A1:FD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/4sK4NPvJGvDsax00_WQFTSJpof0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/DBpPMSWHruIkQQe9lP3EP5iUYUA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/38/3f249b-e836-41b4-9a3a-994806f081f0/1/4sK4NPvJGvDsax00_WQFTSJpof0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.72.0/24
5.104.74.0/24
31.40.194.0/24
45.130.184.0/22
45.140.4.0/24
45.140.6.0/23
77.83.20.0/22
77.83.48.0/23
84.252.64.0/22
86.62.53.0-86.62.54.255
88.218.80.0/24
88.218.239.0/24
91.132.126.0/23
91.245.239.0/24
95.214.83.0/24
95.214.92.0/23
95.214.95.0/24
95.214.244.0/22
176.118.188.0/23
176.118.191.0/24
185.177.76.0/23
193.160.68.0/24
193.160.72.0/24
193.160.74.0/23
194.28.157.0/24
194.53.188.0/22
194.124.41.0/24
212.69.135.0/24
213.109.188.0/22
Signature Algorithm: sha256WithRSAEncryption
52:49:e9:3d:bd:88:ba:a7:da:f7:68:9f:02:df:ba:b4:40:e4:
e2:66:8b:fe:ce:08:c7:14:1b:c0:b3:b2:ed:83:8e:96:2a:14:
34:3f:7b:64:f1:75:c6:e6:b6:b3:3c:e0:0e:0b:b0:4c:c4:d8:
fb:3a:4d:b7:bc:8b:4d:e6:77:93:06:88:11:8f:6b:15:b8:e5:
7b:a4:37:a2:68:b3:e8:74:77:52:68:57:d0:36:27:47:0c:8d:
22:6f:08:cb:c0:0c:71:a1:93:fb:c4:60:ab:79:b2:ea:1e:8b:
8f:02:b1:89:ed:14:ce:71:d1:47:9f:52:d8:8f:92:c9:9a:60:
c3:b3:54:8e:e4:4a:92:0f:76:57:1c:61:2a:02:78:17:a4:08:
05:b6:18:33:7b:60:1e:3b:a3:14:57:88:f6:27:dd:96:9e:f2:
d9:db:3e:5e:d2:86:4c:39:ab:b4:01:f7:71:b2:f5:4b:0e:a4:
f6:d4:89:a1:8d:9e:d7:03:88:b7:8c:a6:58:7e:15:c8:d9:51:
f1:30:8c:9e:f9:4d:86:a1:8e:97:59:e5:b8:ef:c2:ff:b8:10:
22:29:b1:39:78:e1:b3:1a:12:aa:69:01:d8:ab:09:63:7c:99:
30:40:f1:d0:5b:73:23:7c:18:e7:f5:9a:62:3a:37:72:b1:98:
33:24:c3:6d
-----BEGIN CERTIFICATE-----
MIIFsjCCBJqgAwIBAgISAZiYRSRuEe8C/Kqyt57CLDymMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUyYzJiODM0ZmJjOTFhZjBlYzZiMWQzNGZkNjQwNTRkMjI2
OWExZmQwHhcNMjUwODExMDgzNTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYzFhNGYzMTI1ODdhZWUyMjQ0MTA3YmQ5NGZkYzQzZjk4OTQ2MTQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA32pc1rwc+jWmUTLF4oY78Yxlzmpv
abF2IrMrZ7ncEZvp73/WZ9fqbaEg/p7uuUA5hBoMlF4WhR3w8jKWWdmFSJTmh1uu
G9ejd9beGmPil6VEPAIRIgE5T1x8SQ76nrazfr46Ezf9KbUBBYA9jGjiNdykyIuT
KzI+MqPitqz2iYBMmam/QvkkcfQhwI7OFx8Z4jMefXAbsfKhrtZkrvb2VU+eO5Wm
JyM/gg8adg21DXMugAGXz0Ro/O7e+jwFGCjEjzV3/XoLY1KYJTCCXn8G+a8JpjIu
NH8HLWfp5uEncxxdnbDPQHPpvbk6HvEdUDQ6Mw4iyMU4sZVFaIsOjqJiTwIDAQAB
o4ICvjCCArowHQYDVR0OBBYEFAwaTzElh67iJEEHvZT9xD+YlGFAMB8GA1UdIwQY
MBaAFOLCuDT7yRrw7GsdNP1kBU0iaaH9MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2Et
OTk0ODA2ZjA4MWYwLzEvREJwUE1TV0hydUlrUVFlOWxQM0VQNWlVWVVBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOC8zZjI0OWItZTgzNi00MWI0LTlhM2EtOTk0ODA2ZjA4MWYw
LzEvNHNLNE5QdkpHdkRzYXgwMF9XUUZUU0pwb2YwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHTBggrBgEFBQcBBwEB/wSBwzCBwDCBvQQCAAEwgbYDBAAF
aEgDBAAFaEoDBAAfKMIDBAItgrgDBAAtjAQDBAEtjAYDBAJNUxQDBAFNUzADBAJU
/EAwDAMEAFY+NQMEAFY+NgMEAFjaUAMEAFja7wMEAVuEfgMEAFv17wMEAF/WUwME
AV/WXAMEAF/WXwMEAl/W9AMEAbB2vAMEALB2vwMEAbmxTAMEAMGgRAMEAMGgSAME
AcGgSgMEAMIcnQMEAsI1vAMEAMJ8KQMEANRFhwMEAtVtvDANBgkqhkiG9w0BAQsF
AAOCAQEAUknpPb2Iuqfa92ifAt+6tEDk4maL/s4IxxQbwLOy7YOOlioUND97ZPF1
xua2szzgDguwTMTY+zpNt7yLTeZ3kwaIEY9rFbjle6Q3omiz6HR3UmhX0DYnRwyN
Im8Iy8AMcaGT+8Rgq3my6h6LjwKxie0UznHRR59S2I+SyZpgw7NUjuRKkg92Vxxh
KgJ4F6QIBbYYM3tgHjujFFeI9ifdlp7y2ds+XtKGTDmrtAH3cbL1Sw6k9tSJoY2e
1wOIt4ymWH4VyNlR8TCMnvlNhqGOl1nluO/C/7gQIimxOXjhsxoSqmkB2KsJY3yZ
MEDx0FtzI3wY5/WaYjo3crGYMyTDbQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:00:21 2025 by rpki-client