Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/aIMl2nH6T8k5Za7RRf3fbO4Z9H4.roa
File: aIMl2nH6T8k5Za7RRf3fbO4Z9H4.roa (raw, json)
Hash identifier: DxFTCtRP8/1hWRr6LwNW53ADiW5FOSC5/Tf05YObbU4=
Subject key identifier: 68:83:25:DA:71:FA:4F:C9:39:65:AE:D1:45:FD:DF:6C:EE:19:F4:7E
Certificate issuer: /CN=5503251db69693362a927e2b130467945c54f0fc
Certificate serial: 0197ABFA6690079287D88EA85FB368DD9F2D
Authority key identifier: 55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/aIMl2nH6T8k5Za7RRf3fbO4Z9H4.roa
Signing time: Thu 26 Jun 2025 11:23:23 +0000
ROA not before: Thu 26 Jun 2025 11:23:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48282
IP address blocks: 62.113.112.0/24 maxlen: 24
62.113.113.0/24 maxlen: 24
62.113.114.0/24 maxlen: 24
62.113.115.0/24 maxlen: 24
62.113.116.0/24 maxlen: 24
62.113.117.0/24 maxlen: 24
62.113.118.0/24 maxlen: 24
62.113.119.0/24 maxlen: 24
83.217.212.0/24 maxlen: 24
83.217.213.0/24 maxlen: 24
83.217.214.0/24 maxlen: 24
83.217.215.0/24 maxlen: 24
84.54.44.0/24 maxlen: 24
84.54.47.0/24 maxlen: 24
85.198.108.0/24 maxlen: 24
85.198.109.0/24 maxlen: 24
85.198.110.0/24 maxlen: 24
85.198.111.0/24 maxlen: 24
88.210.34.0/24 maxlen: 24
88.210.35.0/24 maxlen: 24
88.210.52.0/24 maxlen: 24
88.210.53.0/24 maxlen: 24
88.218.60.0/24 maxlen: 24
88.218.61.0/24 maxlen: 24
88.218.62.0/24 maxlen: 24
88.218.63.0/24 maxlen: 24
91.142.72.0/24 maxlen: 24
91.142.73.0/24 maxlen: 24
91.142.74.0/24 maxlen: 24
91.142.75.0/24 maxlen: 24
91.184.244.0/24 maxlen: 24
91.184.245.0/24 maxlen: 24
91.184.246.0/24 maxlen: 24
91.184.247.0/24 maxlen: 24
93.183.92.0/24 maxlen: 24
93.183.93.0/24 maxlen: 24
93.183.94.0/24 maxlen: 24
93.183.95.0/24 maxlen: 24
94.103.83.0/24 maxlen: 24
94.103.84.0/24 maxlen: 24
94.103.85.0/24 maxlen: 24
94.103.86.0/24 maxlen: 24
94.103.87.0/24 maxlen: 24
94.103.88.0/24 maxlen: 24
94.103.89.0/24 maxlen: 24
94.103.90.0/24 maxlen: 24
94.103.91.0/24 maxlen: 24
94.103.92.0/24 maxlen: 24
94.103.93.0/24 maxlen: 24
95.142.33.0/24 maxlen: 24
95.142.34.0/24 maxlen: 24
95.142.45.0/24 maxlen: 24
95.142.46.0/24 maxlen: 24
95.142.47.0/24 maxlen: 24
109.172.84.0/24 maxlen: 24
109.172.85.0/24 maxlen: 24
109.172.86.0/24 maxlen: 24
109.172.87.0/24 maxlen: 24
109.172.88.0/24 maxlen: 24
109.172.89.0/24 maxlen: 24
109.172.90.0/24 maxlen: 24
109.172.91.0/24 maxlen: 24
178.20.40.0/24 maxlen: 24
178.20.41.0/24 maxlen: 24
178.20.42.0/24 maxlen: 24
178.20.43.0/24 maxlen: 24
178.20.44.0/24 maxlen: 24
178.20.45.0/24 maxlen: 24
178.20.46.0/24 maxlen: 24
178.20.47.0/24 maxlen: 24
178.217.98.0/24 maxlen: 24
178.217.99.0/24 maxlen: 24
185.209.28.0/24 maxlen: 24
185.209.29.0/24 maxlen: 24
185.209.30.0/24 maxlen: 24
185.209.31.0/24 maxlen: 24
185.231.152.0/24 maxlen: 24
185.231.153.0/24 maxlen: 24
185.231.154.0/24 maxlen: 24
185.231.155.0/24 maxlen: 24
193.178.170.0/24 maxlen: 24
195.2.66.0/24 maxlen: 24
195.2.67.0/24 maxlen: 24
195.2.70.0/24 maxlen: 24
195.2.71.0/24 maxlen: 24
195.2.73.0/24 maxlen: 24
195.2.74.0/24 maxlen: 24
195.2.75.0/24 maxlen: 24
195.2.76.0/24 maxlen: 24
195.2.78.0/24 maxlen: 24
195.2.79.0/24 maxlen: 24
195.2.80.0/24 maxlen: 24
195.2.81.0/24 maxlen: 24
195.2.84.0/24 maxlen: 24
195.2.85.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.crl
rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.mft
rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 01 Jul 2025 05:01:01 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ab:fa:66:90:07:92:87:d8:8e:a8:5f:b3:68:dd:9f:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5503251db69693362a927e2b130467945c54f0fc
Validity
Not Before: Jun 26 11:23:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=688325da71fa4fc93965aed145fddf6cee19f47e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:55:ff:e2:55:fc:c9:80:59:a3:c4:7a:74:53:
0d:52:65:d4:a6:d8:96:32:93:46:0b:a3:2f:1b:d6:
26:d8:44:5f:39:de:a2:f8:53:73:8e:5f:65:a1:5f:
b6:04:83:0b:90:14:27:fe:47:88:b1:e8:ba:7d:c1:
b6:e5:4c:a1:9a:dc:5a:1c:11:b1:6e:d9:db:82:8e:
d1:16:e1:0e:38:9b:09:0b:88:88:12:0d:3c:ec:1f:
55:db:82:eb:91:bf:e3:1a:f6:99:cc:62:86:64:c9:
13:05:46:51:de:f9:41:a4:35:c6:1c:88:df:9d:c2:
28:23:ec:3b:b2:92:64:70:a5:17:31:6a:c3:2d:e8:
c9:5c:d8:ac:29:a1:26:46:87:87:66:d3:f1:32:07:
7e:63:d7:43:49:3e:67:33:90:65:89:3a:64:82:af:
f4:93:21:0b:1f:14:9b:0b:c4:01:7c:6e:13:ca:17:
62:eb:8b:4e:87:5f:d9:1b:fb:2d:20:cf:e1:c5:29:
18:3a:e7:6c:13:5d:4c:64:93:81:a7:f7:07:ca:ed:
43:53:04:f4:df:3b:21:11:0c:e8:43:a5:b3:90:9e:
4b:8f:23:7d:ac:e0:79:e5:36:48:a6:04:74:ed:95:
27:c2:3d:9a:03:cf:39:86:86:10:ef:ab:4a:f1:2c:
9d:03
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:83:25:DA:71:FA:4F:C9:39:65:AE:D1:45:FD:DF:6C:EE:19:F4:7E
X509v3 Authority Key Identifier:
keyid:55:03:25:1D:B6:96:93:36:2A:92:7E:2B:13:04:67:94:5C:54:F0:FC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/aIMl2nH6T8k5Za7RRf3fbO4Z9H4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/3a/c7b9dc-7ac6-4aca-a43b-3cbad5b904b5/1/VQMlHbaWkzYqkn4rEwRnlFxU8Pw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.112.0/21
83.217.212.0/22
84.54.44.0/24
84.54.47.0/24
85.198.108.0/22
88.210.34.0/23
88.210.52.0/23
88.218.60.0/22
91.142.72.0/22
91.184.244.0/22
93.183.92.0/22
94.103.83.0-94.103.93.255
95.142.33.0-95.142.34.255
95.142.45.0-95.142.47.255
109.172.84.0-109.172.91.255
178.20.40.0/21
178.217.98.0/23
185.209.28.0/22
185.231.152.0/22
193.178.170.0/24
195.2.66.0/23
195.2.70.0/23
195.2.73.0-195.2.76.255
195.2.78.0-195.2.81.255
195.2.84.0/23
Signature Algorithm: sha256WithRSAEncryption
1f:e5:9d:39:ae:48:e8:c1:d6:df:9b:57:5c:1a:4c:d8:2b:54:
0b:a7:f5:f4:1b:2b:18:23:1f:9f:7a:45:70:60:3f:c7:4c:91:
e2:0c:60:a8:40:57:60:14:db:fe:f3:27:c0:f0:b2:0e:f9:2d:
73:92:9c:24:5e:91:0c:eb:98:54:65:2a:1c:f7:d4:b7:1b:6e:
b1:9b:19:a7:db:6b:31:56:bd:5a:4c:f7:d6:26:52:49:9f:43:
5a:f8:e8:b1:66:8f:9d:ac:b0:2b:ea:21:e3:0d:c6:07:b4:7e:
9d:13:6a:ef:b8:a7:b4:e5:a7:bb:e5:47:c1:dd:41:f8:5b:40:
c5:04:09:c0:1d:af:28:03:fe:92:37:2f:69:2e:84:49:d1:b7:
f9:c4:cc:77:f5:18:f0:8e:dc:c6:af:94:24:34:6f:99:93:a9:
07:e3:14:da:83:f8:76:89:9a:da:dc:83:a5:b3:26:3f:8a:fb:
12:07:97:8d:6b:87:09:54:2c:b2:f0:0d:df:15:2f:26:f2:d1:
6d:c7:ad:be:7a:93:43:d4:6f:2e:8a:4d:80:53:5a:8b:ea:d8:
8f:b7:7c:98:8f:7c:99:3a:f0:2e:6e:f7:c2:4e:2d:8e:9e:41:
d5:b9:eb:74:6f:67:6a:bf:44:63:7b:e6:42:5f:bd:97:80:d6:
82:8b:eb:02
-----BEGIN CERTIFICATE-----
MIIFwjCCBKqgAwIBAgISAZer+maQB5KH2I6oX7No3Z8tMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU1MDMyNTFkYjY5NjkzMzYyYTkyN2UyYjEzMDQ2Nzk0NWM1
NGYwZmMwHhcNMjUwNjI2MTEyMzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODgzMjVkYTcxZmE0ZmM5Mzk2NWFlZDE0NWZkZGY2Y2VlMTlmNDdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAx1X/4lX8yYBZo8R6dFMNUmXUptiW
MpNGC6MvG9Ym2ERfOd6i+FNzjl9loV+2BIMLkBQn/keIsei6fcG25UyhmtxaHBGx
btnbgo7RFuEOOJsJC4iIEg087B9V24Lrkb/jGvaZzGKGZMkTBUZR3vlBpDXGHIjf
ncIoI+w7spJkcKUXMWrDLejJXNisKaEmRoeHZtPxMgd+Y9dDST5nM5BliTpkgq/0
kyELHxSbC8QBfG4Tyhdi64tOh1/ZG/stIM/hxSkYOudsE11MZJOBp/cHyu1DUwT0
3zshEQzoQ6WzkJ5LjyN9rOB55TZIpgR07ZUnwj2aA885hoYQ76tK8SydAwIDAQAB
o4ICzjCCAsowHQYDVR0OBBYEFGiDJdpx+k/JOWWu0UX932zuGfR+MB8GA1UdIwQY
MBaAFFUDJR22lpM2KpJ+KxMEZ5RcVPD8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2It
M2NiYWQ1YjkwNGI1LzEvYUlNbDJuSDZUOGs1WmE3UlJmM2ZiTzRaOUg0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zYS9jN2I5ZGMtN2FjNi00YWNhLWE0M2ItM2NiYWQ1YjkwNGI1
LzEvVlFNbEhiYVdrellxa240ckV3Um5sRnhVOFB3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHjBggrBgEFBQcBBwEB/wSB0zCB0DCBzQQCAAEwgcYDBAM+
cXADBAJT2dQDBABUNiwDBABUNi8DBAJVxmwDBAFY0iIDBAFY0jQDBAJY2jwDBAJb
jkgDBAJbuPQDBAJdt1wwDAMEAF5nUwMEAV5nXDAMAwQAX44hAwQAX44iMAwDBABf
ji0DBARfjiAwDAMEAm2sVAMEAm2sWAMEA7IUKAMEAbLZYgMEArnRHAMEArnnmAME
AMGyqgMEAcMCQgMEAcMCRjAMAwQAwwJJAwQAwwJMMAwDBAHDAk4DBAHDAlADBAHD
AlQwDQYJKoZIhvcNAQELBQADggEBAB/lnTmuSOjB1t+bV1waTNgrVAun9fQbKxgj
H596RXBgP8dMkeIMYKhAV2AU2/7zJ8Dwsg75LXOSnCRekQzrmFRlKhz31LcbbrGb
GafbazFWvVpM99YmUkmfQ1r46LFmj52ssCvqIeMNxge0fp0Tau+4p7Tlp7vlR8Hd
QfhbQMUECcAdrygD/pI3L2kuhEnRt/nEzHf1GPCO3MavlCQ0b5mTqQfjFNqD+HaJ
mtrcg6WzJj+K+xIHl41rhwlULLLwDd8VLyby0W3Hrb56k0PUby6KTYBTWovq2I+3
fJiPfJk68C5u98JOLY6eQdW563RvZ2q/RGN75kJfvZeA1oKL6wI=
-----END CERTIFICATE-----
Generated at Mon Jun 30 16:15:32 2025 by rpki-client