Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/REcGuo92b1DY8T4ANyCVgkFrnZo.roa
File: REcGuo92b1DY8T4ANyCVgkFrnZo.roa (raw, json)
Hash identifier: T3jB7dTvEm92KYKX7S2GWrFjgYef5PEnqJNsMjzWJ/Y=
Subject key identifier: 44:47:06:BA:8F:76:6F:50:D8:F1:3E:00:37:20:95:82:41:6B:9D:9A
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0197B664B65B1E5B1761CBE45AF167B0662D
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/REcGuo92b1DY8T4ANyCVgkFrnZo.roa
Signing time: Sat 28 Jun 2025 11:55:42 +0000
ROA not before: Sat 28 Jun 2025 11:55:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205647
IP address blocks: 37.148.0.0/19 maxlen: 24
37.148.32.0/20 maxlen: 24
37.148.48.0/23 maxlen: 24
37.148.50.0/23 maxlen: 24
37.148.52.0/22 maxlen: 24
37.148.56.0/21 maxlen: 24
37.148.64.0/21 maxlen: 24
37.148.72.0/21 maxlen: 24
37.148.80.0/22 maxlen: 24
37.148.84.0/22 maxlen: 24
37.148.84.0/23 maxlen: 24
37.148.86.0/23 maxlen: 24
37.148.88.0/22 maxlen: 24
37.148.88.0/24 maxlen: 24
37.148.89.0/24 maxlen: 24
37.148.90.0/24 maxlen: 24
37.148.91.0/24 maxlen: 24
37.148.92.0/23 maxlen: 24
37.148.92.0/24 maxlen: 24
37.148.120.0/21 maxlen: 24
37.202.128.0/21 maxlen: 21
37.202.136.0/21 maxlen: 21
37.202.144.0/21 maxlen: 21
37.202.144.0/22 maxlen: 22
37.202.148.0/23 maxlen: 23
37.202.150.0/23 maxlen: 23
37.202.152.0/21 maxlen: 21
37.202.160.0/21 maxlen: 21
37.202.168.0/21 maxlen: 21
37.202.176.0/22 maxlen: 22
37.202.180.0/22 maxlen: 22
37.202.184.0/21 maxlen: 24
37.202.184.0/22 maxlen: 24
37.202.188.0/22 maxlen: 24
85.15.48.0/24 maxlen: 24
85.15.49.0/24 maxlen: 24
94.182.0.0/18 maxlen: 18
94.182.8.0/23 maxlen: 23
94.182.12.0/23 maxlen: 23
94.182.14.0/24 maxlen: 24
94.182.17.0/24 maxlen: 24
94.182.30.0/23 maxlen: 23
94.182.41.0/24 maxlen: 24
94.182.48.0/24 maxlen: 24
94.182.56.0/22 maxlen: 24
94.182.60.0/22 maxlen: 24
94.182.64.0/18 maxlen: 18
94.182.64.0/20 maxlen: 20
94.182.72.0/21 maxlen: 21
94.182.80.0/20 maxlen: 20
94.182.82.0/24 maxlen: 24
94.182.96.0/20 maxlen: 20
94.182.97.192/28 maxlen: 28
94.182.112.0/20 maxlen: 20
94.182.114.0/23 maxlen: 23
94.182.116.0/22 maxlen: 22
94.182.120.0/21 maxlen: 21
94.182.128.0/18 maxlen: 18
94.182.128.0/20 maxlen: 20
94.182.144.0/20 maxlen: 20
94.182.160.0/20 maxlen: 20
94.182.176.0/20 maxlen: 20
94.182.192.0/18 maxlen: 18
94.182.196.0/24 maxlen: 24
94.182.199.0/24 maxlen: 24
94.182.204.0/22 maxlen: 22
94.182.204.0/24 maxlen: 24
94.182.205.0/24 maxlen: 24
94.182.206.0/24 maxlen: 24
94.182.207.0/24 maxlen: 24
94.182.208.0/24 maxlen: 24
94.182.212.0/23 maxlen: 23
94.182.217.0/24 maxlen: 24
94.182.222.0/23 maxlen: 23
94.182.226.0/24 maxlen: 24
94.182.228.0/22 maxlen: 22
94.182.232.0/23 maxlen: 24
94.182.234.0/23 maxlen: 23
94.182.238.0/24 maxlen: 24
94.182.240.0/23 maxlen: 24
94.182.244.0/22 maxlen: 24
94.182.244.0/23 maxlen: 23
94.182.248.0/22 maxlen: 24
94.182.248.0/23 maxlen: 23
94.182.252.0/24 maxlen: 24
94.182.254.0/24 maxlen: 24
94.183.0.0/18 maxlen: 18
94.183.64.0/18 maxlen: 18
94.183.128.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b6:64:b6:5b:1e:5b:17:61:cb:e4:5a:f1:67:b0:66:2d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Jun 28 11:55:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=444706ba8f766f50d8f13e0037209582416b9d9a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:b8:f1:4a:fb:89:26:03:5e:4c:35:ef:29:8f:
7c:ac:7a:9b:70:cf:04:fc:f2:71:a6:2d:f2:22:59:
94:b6:d7:fb:cc:96:b6:c7:d9:8d:61:f0:4e:e2:6a:
5a:43:25:5d:bb:a2:ee:a1:82:94:30:6b:fe:db:8a:
31:81:00:2e:e3:20:e1:b3:96:33:13:5d:6e:43:c2:
1d:a2:60:3f:a5:37:0d:be:5d:fc:82:fd:4e:e5:8a:
39:b9:65:85:ca:be:e4:0e:57:02:4b:2c:f3:a8:3d:
31:57:8b:aa:e2:7e:74:ff:e6:44:fc:86:98:9b:5d:
45:28:27:4b:03:0b:69:af:63:cf:5d:64:39:e0:27:
7c:0b:9a:d7:27:c1:d5:b7:d2:7d:63:bf:c3:0e:65:
0d:39:1f:2e:62:51:99:85:0b:2b:c3:e4:2c:17:69:
d4:da:83:bb:45:fb:d0:f3:19:08:4f:92:5e:f4:43:
cd:52:9e:c2:71:12:f3:70:7b:d4:17:e1:6f:32:3b:
1f:80:08:04:90:9f:b5:fe:5f:6f:c3:09:d9:8a:b5:
e6:77:b7:eb:ea:1c:da:8e:7f:25:aa:aa:5b:a1:1b:
bf:2a:d8:df:3b:43:5f:01:f2:f0:9e:cd:0e:e4:bd:
a8:f9:b6:8a:8b:4d:bf:de:0e:c3:95:af:91:3b:70:
7c:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
44:47:06:BA:8F:76:6F:50:D8:F1:3E:00:37:20:95:82:41:6B:9D:9A
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/REcGuo92b1DY8T4ANyCVgkFrnZo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.148.0.0-37.148.93.255
37.148.120.0/21
37.202.128.0/18
85.15.48.0/23
94.182.0.0-94.183.191.255
Signature Algorithm: sha256WithRSAEncryption
32:36:d2:9c:ca:c2:3c:c8:b7:27:36:91:7c:63:a6:ea:55:67:
72:43:97:fc:7d:be:b7:85:b5:f1:b1:1c:a4:c5:2c:36:e3:8b:
90:7f:6a:67:63:4d:8a:ad:e7:89:3b:fb:c6:2c:8d:ef:e1:ee:
af:b8:be:e3:f4:85:c8:27:b6:d8:57:ad:60:87:70:f2:b2:8a:
7a:bd:21:a9:cd:29:b6:fa:71:49:8e:49:6f:70:7d:8a:c3:7d:
49:bd:aa:77:19:fe:39:5a:41:ca:ad:81:a9:7c:f4:02:4e:9d:
87:e0:35:5e:64:a5:03:be:7e:6b:64:55:fd:f3:e7:94:a5:a2:
a5:fa:74:75:5d:59:1d:bb:c8:d5:df:c1:cd:0c:c5:3a:ea:a0:
c1:f8:e8:27:08:0f:16:02:3e:38:c2:d8:53:e8:9d:f2:28:55:
b4:1a:89:cf:b8:51:bb:20:bf:35:a6:45:2f:9c:96:73:6b:bf:
11:45:e4:b8:ed:5c:7d:a0:ae:54:de:be:25:1f:42:50:ce:3b:
90:96:ea:00:08:88:6b:2b:9a:4f:71:5f:f1:a5:fd:94:70:53:
02:d3:8b:99:bd:95:0e:91:19:31:fd:55:81:70:65:52:ea:3d:
34:a0:30:05:17:ee:8e:d5:88:cf:38:63:5f:4e:1e:c9:b5:b7:
7e:a9:9f:e5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZe2ZLZbHlsXYcvkWvFnsGYtMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwNjI4MTE1NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NDQ3MDZiYThmNzY2ZjUwZDhmMTNlMDAzNzIwOTU4MjQxNmI5ZDlhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4bjxSvuJJgNeTDXvKY98rHqbcM8E
/PJxpi3yIlmUttf7zJa2x9mNYfBO4mpaQyVdu6LuoYKUMGv+24oxgQAu4yDhs5Yz
E11uQ8IdomA/pTcNvl38gv1O5Yo5uWWFyr7kDlcCSyzzqD0xV4uq4n50/+ZE/IaY
m11FKCdLAwtpr2PPXWQ54Cd8C5rXJ8HVt9J9Y7/DDmUNOR8uYlGZhQsrw+QsF2nU
2oO7RfvQ8xkIT5Je9EPNUp7CcRLzcHvUF+FvMjsfgAgEkJ+1/l9vwwnZirXmd7fr
6hzajn8lqqpboRu/KtjfO0NfAfLwns0O5L2o+baKi02/3g7Dla+RO3B8OwIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFERHBrqPdm9Q2PE+ADcglYJBa52aMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvUkVjR3VvOTJiMURZOFQ0QU55Q1Zna0ZyblpvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAsDAwIllAME
ASWUXAMEAyWUeAMEBiXKgAMEAVUPMDALAwMBXrYDBAZet4AwDQYJKoZIhvcNAQEL
BQADggEBADI20pzKwjzItyc2kXxjpupVZ3JDl/x9vreFtfGxHKTFLDbji5B/amdj
TYqt54k7+8Ysje/h7q+4vuP0hcgntthXrWCHcPKyinq9IanNKbb6cUmOSW9wfYrD
fUm9qncZ/jlaQcqtgal89AJOnYfgNV5kpQO+fmtkVf3z55SloqX6dHVdWR27yNXf
wc0MxTrqoMH46CcIDxYCPjjC2FPonfIoVbQaic+4UbsgvzWmRS+clnNrvxFF5Ljt
XH2grlTeviUfQlDOO5CW6gAIiGsrmk9xX/Gl/ZRwUwLTi5m9lQ6RGTH9VYFwZVLq
PTSgMAUX7o7ViM84Y19OHsm1t36pn+U=
-----END CERTIFICATE-----
Generated at Thu Jul 3 10:30:28 2025 by rpki-client