
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/fokVVRta6Se4qMfm0QW8Wvhb8to.roa
File: fokVVRta6Se4qMfm0QW8Wvhb8to.roa (raw, json)
Hash identifier: GVDAbNxQsgJw7rFS4VJXxWwqpIOjbAD4y/lPqd19DXM=
Subject key identifier: 7E:89:15:55:1B:5A:E9:27:B8:A8:C7:E6:D1:05:BC:5A:F8:5B:F2:DA
Certificate issuer: /CN=6f5e0230be799e44829c8720ca38347045494e20
Certificate serial: 0199A9E8615C19566335EFA4DA90208D5B3B
Authority key identifier: 6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/fokVVRta6Se4qMfm0QW8Wvhb8to.roa
Signing time: Fri 03 Oct 2025 11:50:02 +0000
ROA not before: Fri 03 Oct 2025 11:50:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39651
IP address blocks: 77.218.32.0/19 maxlen: 20
80.216.0.0/15 maxlen: 15
83.177.160.0/19 maxlen: 19
83.177.192.0/19 maxlen: 19
83.177.200.0/21 maxlen: 21
83.177.224.0/19 maxlen: 19
83.177.232.0/21 maxlen: 21
83.180.224.0/19 maxlen: 19
83.181.0.0/19 maxlen: 19
83.182.32.0/19 maxlen: 19
83.188.0.0/18 maxlen: 18
83.188.224.0/19 maxlen: 19
83.190.64.0/18 maxlen: 18
83.191.160.0/19 maxlen: 19
83.248.0.0/13 maxlen: 13
85.194.0.0/18 maxlen: 18
87.227.0.0/17 maxlen: 17
90.129.224.0/19 maxlen: 19
90.133.128.0/19 maxlen: 19
90.133.160.0/19 maxlen: 19
90.141.0.0/19 maxlen: 19
90.141.40.0/21 maxlen: 21
90.141.48.0/20 maxlen: 20
90.142.32.0/19 maxlen: 19
90.142.48.0/20 maxlen: 20
90.143.0.0/19 maxlen: 19
90.143.128.0/17 maxlen: 17
90.144.64.0/19 maxlen: 19
91.128.128.0/19 maxlen: 19
91.128.160.0/19 maxlen: 19
91.128.192.0/19 maxlen: 19
91.130.0.0/18 maxlen: 18
151.177.0.0/16 maxlen: 16
178.218.152.0/22 maxlen: 22
188.148.0.0/14 maxlen: 14
193.13.160.0/20 maxlen: 20
193.14.192.0/20 maxlen: 20
193.150.192.0/18 maxlen: 18
213.89.0.0/16 maxlen: 16
213.100.192.0/19 maxlen: 19
213.102.64.0/19 maxlen: 19
213.102.80.0/20 maxlen: 20
213.103.128.0/19 maxlen: 19
213.200.128.0/18 maxlen: 18
2a04:ae00::/26 maxlen: 26
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.crl
rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.mft
rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:e8:61:5c:19:56:63:35:ef:a4:da:90:20:8d:5b:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f5e0230be799e44829c8720ca38347045494e20
Validity
Not Before: Oct 3 11:50:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7e8915551b5ae927b8a8c7e6d105bc5af85bf2da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:92:71:d2:0a:c8:ef:ce:6b:51:25:06:93:c8:c6:
40:60:89:c4:05:f2:a9:43:38:eb:60:ea:5f:e4:52:
7e:a3:f3:33:9d:49:af:33:34:46:68:87:db:cb:d2:
f2:6b:b5:90:d0:6c:af:ae:e0:a8:f9:c8:23:4e:13:
c9:64:e5:a3:ad:c3:6e:ad:3f:08:e5:e0:52:f9:d9:
d8:b7:51:71:64:1c:31:92:5e:7f:0c:59:b8:25:9a:
29:57:2b:21:de:d5:21:79:0f:bb:7e:4f:ab:e2:8e:
5d:da:c4:db:e2:f2:ef:8b:7b:cd:d2:2a:1e:4a:66:
e2:f3:6b:a1:ae:f7:33:ce:05:19:9b:29:1b:71:98:
4e:4f:01:00:75:89:c5:48:57:7a:46:f7:c3:f4:f4:
88:86:53:85:0d:e6:df:fb:cd:07:a2:e1:31:2b:a8:
14:44:71:21:22:2b:dd:23:45:1c:56:05:96:82:72:
d3:21:88:cc:fe:59:e9:12:ff:2f:0e:b7:21:c2:5c:
d4:45:e2:4a:75:b5:2d:1b:22:5c:4c:c5:aa:b5:10:
65:c7:64:48:a9:bc:fd:92:b3:46:b4:1f:ba:73:12:
8f:c1:6b:dc:a4:4c:0d:22:83:f8:87:2a:d8:db:c9:
15:ca:5a:64:ec:96:9c:b9:19:28:5e:6b:bb:59:e7:
2f:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7E:89:15:55:1B:5A:E9:27:B8:A8:C7:E6:D1:05:BC:5A:F8:5B:F2:DA
X509v3 Authority Key Identifier:
keyid:6F:5E:02:30:BE:79:9E:44:82:9C:87:20:CA:38:34:70:45:49:4E:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b14CML55nkSCnIcgyjg0cEVJTiA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/fokVVRta6Se4qMfm0QW8Wvhb8to.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/67/70ccef-17f3-4928-9c0b-ba7c7d8190ca/1/b14CML55nkSCnIcgyjg0cEVJTiA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.218.32.0/19
80.216.0.0/15
83.177.160.0-83.177.255.255
83.180.224.0-83.181.31.255
83.182.32.0/19
83.188.0.0/18
83.188.224.0/19
83.190.64.0/18
83.191.160.0/19
83.248.0.0/13
85.194.0.0/18
87.227.0.0/17
90.129.224.0/19
90.133.128.0/18
90.141.0.0/19
90.141.40.0-90.141.63.255
90.142.32.0/19
90.143.0.0/19
90.143.128.0/17
90.144.64.0/19
91.128.128.0-91.128.223.255
91.130.0.0/18
151.177.0.0/16
178.218.152.0/22
188.148.0.0/14
193.13.160.0/20
193.14.192.0/20
193.150.192.0/18
213.89.0.0/16
213.100.192.0/19
213.102.64.0/19
213.103.128.0/19
213.200.128.0/18
IPv6:
2a04:ae00::/26
Signature Algorithm: sha256WithRSAEncryption
18:6a:dc:56:05:a6:71:ef:f6:99:90:0b:35:ac:32:59:6e:ec:
0e:0b:b9:ca:d6:32:29:09:51:73:08:8c:d5:d4:73:4e:e7:69:
f9:1a:cc:3a:08:0e:b5:12:b2:39:b0:c2:61:43:26:0c:b2:a0:
2a:3f:8a:08:d9:d0:e4:c9:ac:da:dd:f1:6b:f1:cc:1d:ba:06:
8c:9c:b7:52:86:2b:d4:af:30:50:0f:4d:2e:44:d8:ae:53:67:
01:6b:11:cb:bb:38:59:04:c3:65:6f:7f:ac:b4:a7:b8:e3:4b:
a3:63:12:9b:da:5b:46:8c:10:ea:8d:6d:34:aa:b3:de:8b:c3:
18:0f:e5:91:70:18:ae:30:37:c1:d0:f5:cf:92:ad:91:29:32:
31:44:6e:49:e6:29:59:90:5a:90:81:85:ae:ac:f5:59:d9:1d:
f5:d5:87:6e:ba:3f:72:4b:f3:f3:b1:9c:d4:f7:ac:82:84:f6:
e0:7d:7c:f2:e8:3f:89:4e:d8:fd:05:e6:f6:66:7b:9a:5d:5d:
3f:be:14:33:bd:d6:18:5a:0d:06:33:80:37:2a:ec:d1:71:6e:
52:4a:da:f9:04:a7:39:ba:a3:7b:76:f9:61:a4:38:50:2b:91:
3e:35:47:49:4b:9e:92:fb:fc:b2:45:1f:d7:c4:ee:7c:27:44:
fd:b9:60:bc
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZmp6GFcGVZjNe+k2pAgjVs7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmNWUwMjMwYmU3OTllNDQ4MjljODcyMGNhMzgzNDcwNDU0
OTRlMjAwHhcNMjUxMDAzMTE1MDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3ZTg5MTU1NTFiNWFlOTI3YjhhOGM3ZTZkMTA1YmM1YWY4NWJmMmRhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAknHSCsjvzmtRJQaTyMZAYInEBfKp
QzjrYOpf5FJ+o/MznUmvMzRGaIfby9Lya7WQ0GyvruCo+cgjThPJZOWjrcNurT8I
5eBS+dnYt1FxZBwxkl5/DFm4JZopVysh3tUheQ+7fk+r4o5d2sTb4vLvi3vN0ioe
Smbi82uhrvczzgUZmykbcZhOTwEAdYnFSFd6RvfD9PSIhlOFDebf+80HouExK6gU
RHEhIivdI0UcVgWWgnLTIYjM/lnpEv8vDrchwlzUReJKdbUtGyJcTMWqtRBlx2RI
qbz9krNGtB+6cxKPwWvcpEwNIoP4hyrY28kVylpk7JacuRkoXmu7WecvDQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFH6JFVUbWuknuKjH5tEFvFr4W/LaMB8GA1UdIwQY
MBaAFG9eAjC+eZ5EgpyHIMo4NHBFSU4gMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGIt
YmE3YzdkODE5MGNhLzEvZm9rVlZSdGE2U2U0cU1mbTBRVzhXdmhiOHRvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ny83MGNjZWYtMTdmMy00OTI4LTljMGItYmE3YzdkODE5MGNh
LzEvYjE0Q01MNTVua1NDbkljZ3lqZzBjRVZKVGlBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgAwQF
TdogAwMBUNgwCwMEBVOxoAMDAVOwMAwDBAVTtOADBAVTtQADBAVTtiADBAZTvAAD
BAVTvOADBAZTvkADBAVTv6ADAwNT+AMEBlXCAAMEB1fjAAMEBVqB4AMEBlqFgAME
BVqNADAMAwQDWo0oAwQGWo0AAwQFWo4gAwQFWo8AAwQHWo+AAwQFWpBAMAwDBAdb
gIADBAVbgMADBAZbggADAwCXsQMEArLamAMDAryUAwQEwQ2gAwQEwQ7AAwQGwZbA
AwMA1VkDBAXVZMADBAXVZkADBAXVZ4ADBAbVyIAwDQQCAAIwBwMFBioErgAwDQYJ
KoZIhvcNAQELBQADggEBABhq3FYFpnHv9pmQCzWsMllu7A4LucrWMikJUXMIjNXU
c07nafkazDoIDrUSsjmwwmFDJgyyoCo/igjZ0OTJrNrd8WvxzB26Boyct1KGK9Sv
MFAPTS5E2K5TZwFrEcu7OFkEw2Vvf6y0p7jjS6NjEpvaW0aMEOqNbTSqs96LwxgP
5ZFwGK4wN8HQ9c+SrZEpMjFEbknmKVmQWpCBha6s9VnZHfXVh266P3JL8/OxnNT3
rIKE9uB9fPLoP4lO2P0F5vZme5pdXT++FDO91hhaDQYzgDcq7NFxblJK2vkEpzm6
o3t2+WGkOFArkT41R0lLnpL7/LJFH9fE7nwnRP25YLw=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:29 2025 by rpki-client