Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/_sERXHpnc-A3hJz8eFmmZaLj3u4.roa
File: _sERXHpnc-A3hJz8eFmmZaLj3u4.roa (raw, json)
Hash identifier: nXV22Nr/7zQ92VSPG4YL7wbr9h4NxSfxLu6ePbZNPFQ=
Subject key identifier: FE:C1:11:5C:7A:67:73:E0:37:84:9C:FC:78:59:A6:65:A2:E3:DE:EE
Certificate issuer: /CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Certificate serial: 0198A16FA24127935599DB15DEA4BFEAE80C
Authority key identifier: 67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/_sERXHpnc-A3hJz8eFmmZaLj3u4.roa
Signing time: Wed 13 Aug 2025 03:18:24 +0000
ROA not before: Wed 13 Aug 2025 03:18:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 54994
IP address blocks: 91.194.205.0/24 maxlen: 24
91.202.200.0/24 maxlen: 24
93.188.132.0/24 maxlen: 24
93.188.135.0/24 maxlen: 24
148.253.34.0/24 maxlen: 24
148.253.36.0/24 maxlen: 24
148.253.41.0/24 maxlen: 24
148.253.42.0/24 maxlen: 24
148.253.44.0/24 maxlen: 24
148.253.47.0/24 maxlen: 24
148.253.50.0/24 maxlen: 24
148.253.60.0/24 maxlen: 24
148.253.61.0/24 maxlen: 24
148.253.62.0/24 maxlen: 24
148.253.63.0/24 maxlen: 24
148.253.228.0/24 maxlen: 24
148.253.229.0/24 maxlen: 24
148.253.231.0/24 maxlen: 24
148.253.232.0/24 maxlen: 24
148.253.233.0/24 maxlen: 24
148.253.234.0/24 maxlen: 24
148.253.235.0/24 maxlen: 24
148.253.237.0/24 maxlen: 24
148.253.239.0/24 maxlen: 24
148.253.244.0/24 maxlen: 24
148.253.245.0/24 maxlen: 24
148.253.246.0/24 maxlen: 24
148.253.248.0/24 maxlen: 24
151.249.92.0/24 maxlen: 24
151.249.93.0/24 maxlen: 24
151.249.94.0/24 maxlen: 24
163.171.64.0/24 maxlen: 24
163.171.67.0/24 maxlen: 24
163.171.70.0/24 maxlen: 24
163.171.71.0/24 maxlen: 24
163.171.77.0/24 maxlen: 24
163.171.84.0/24 maxlen: 24
163.171.85.0/24 maxlen: 24
163.171.87.0/24 maxlen: 24
163.171.93.0/24 maxlen: 24
163.171.94.0/24 maxlen: 24
163.171.96.0/24 maxlen: 24
163.171.97.0/24 maxlen: 24
163.171.98.0/24 maxlen: 24
163.171.101.0/24 maxlen: 24
163.171.102.0/24 maxlen: 24
163.171.103.0/24 maxlen: 24
163.171.104.0/24 maxlen: 24
163.171.119.0/24 maxlen: 24
163.171.126.0/24 maxlen: 24
163.171.143.0/24 maxlen: 24
163.171.149.0/24 maxlen: 24
163.171.153.0/24 maxlen: 24
163.171.166.0/24 maxlen: 24
163.171.176.0/24 maxlen: 24
163.171.177.0/24 maxlen: 24
163.171.182.0/24 maxlen: 24
163.171.188.0/24 maxlen: 24
163.171.198.0/24 maxlen: 24
163.171.207.0/24 maxlen: 24
163.171.215.0/24 maxlen: 24
163.171.216.0/24 maxlen: 24
163.171.217.0/24 maxlen: 24
163.171.218.0/24 maxlen: 24
163.171.222.0/24 maxlen: 24
163.171.224.0/24 maxlen: 24
163.171.225.0/24 maxlen: 24
163.171.230.0/24 maxlen: 24
163.171.231.0/24 maxlen: 24
163.171.234.0/24 maxlen: 24
163.171.237.0/24 maxlen: 24
163.171.249.0/24 maxlen: 24
163.171.252.0/24 maxlen: 24
185.27.230.0/24 maxlen: 24
194.107.19.0/24 maxlen: 24
2a01:53c0:ffc6::/48 maxlen: 48
2a01:53c0:ffe7::/48 maxlen: 48
2a01:53c0:fff2::/48 maxlen: 48
2a01:53c0:fff4::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.mft
rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a1:6f:a2:41:27:93:55:99:db:15:de:a4:bf:ea:e8:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=67b5b02dc401666ee045ab90cc88817fe09d706a
Validity
Not Before: Aug 13 03:18:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fec1115c7a6773e037849cfc7859a665a2e3deee
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:47:12:ce:57:83:c1:76:c4:ce:26:6f:cb:cb:
ac:4d:10:f1:ef:24:f9:2d:84:eb:9b:d7:17:db:6f:
0d:7e:eb:3e:d6:d4:41:13:c7:54:cf:8b:23:74:7b:
2c:1f:95:cd:ee:fa:24:ba:00:b6:bf:a5:f3:60:83:
6b:d7:94:26:dd:79:77:6f:24:09:4b:62:d8:3b:1f:
b6:0e:49:b5:68:9b:b5:a5:0d:ff:53:bd:28:1b:63:
a8:91:44:6a:7d:99:8c:58:92:17:21:55:46:a1:b9:
1f:e7:19:ea:c2:bd:0a:55:3d:d2:2e:55:55:ce:00:
9a:2b:d3:fc:89:d3:f8:ad:48:ae:37:19:38:13:eb:
aa:c7:0a:b2:81:37:24:09:94:7b:82:7d:d3:4e:f5:
41:31:1b:ee:92:26:15:5f:2e:c8:14:bb:14:e6:0d:
b3:b3:71:fe:2e:65:45:aa:a9:f0:64:27:eb:cb:d0:
dd:ee:94:4c:dd:17:91:2f:ea:4b:e2:9f:67:55:5d:
a2:ec:49:3f:78:93:67:e5:00:73:27:2e:52:c2:ef:
1b:01:85:3e:8f:2a:bf:b1:0b:07:f0:10:70:84:92:
cd:d2:f9:e0:d4:56:dd:f7:a4:4d:fa:ea:3d:f3:cd:
6a:b4:48:f8:68:05:60:6a:6e:50:68:91:b9:4e:f8:
f9:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FE:C1:11:5C:7A:67:73:E0:37:84:9C:FC:78:59:A6:65:A2:E3:DE:EE
X509v3 Authority Key Identifier:
keyid:67:B5:B0:2D:C4:01:66:6E:E0:45:AB:90:CC:88:81:7F:E0:9D:70:6A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Z7WwLcQBZm7gRauQzIiBf-CdcGo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/_sERXHpnc-A3hJz8eFmmZaLj3u4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/64a3de-812a-4ace-814d-b5d888adfd37/1/Z7WwLcQBZm7gRauQzIiBf-CdcGo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.194.205.0/24
91.202.200.0/24
93.188.132.0/24
93.188.135.0/24
148.253.34.0/24
148.253.36.0/24
148.253.41.0-148.253.42.255
148.253.44.0/24
148.253.47.0/24
148.253.50.0/24
148.253.60.0/22
148.253.228.0/23
148.253.231.0-148.253.235.255
148.253.237.0/24
148.253.239.0/24
148.253.244.0-148.253.246.255
148.253.248.0/24
151.249.92.0-151.249.94.255
163.171.64.0/24
163.171.67.0/24
163.171.70.0/23
163.171.77.0/24
163.171.84.0/23
163.171.87.0/24
163.171.93.0-163.171.94.255
163.171.96.0-163.171.98.255
163.171.101.0-163.171.104.255
163.171.119.0/24
163.171.126.0/24
163.171.143.0/24
163.171.149.0/24
163.171.153.0/24
163.171.166.0/24
163.171.176.0/23
163.171.182.0/24
163.171.188.0/24
163.171.198.0/24
163.171.207.0/24
163.171.215.0-163.171.218.255
163.171.222.0/24
163.171.224.0/23
163.171.230.0/23
163.171.234.0/24
163.171.237.0/24
163.171.249.0/24
163.171.252.0/24
185.27.230.0/24
194.107.19.0/24
IPv6:
2a01:53c0:ffc6::/48
2a01:53c0:ffe7::/48
2a01:53c0:fff2::/48
2a01:53c0:fff4::/48
Signature Algorithm: sha256WithRSAEncryption
49:cf:de:f3:b7:f7:c4:57:c6:50:f2:39:71:c2:fc:3d:26:8a:
3d:e0:e7:77:fe:92:00:a7:55:5a:e1:44:55:ba:6a:c0:c2:d4:
3a:c9:4a:1f:cb:14:eb:22:d6:3f:98:b8:f3:11:4b:26:78:29:
de:15:52:e3:10:d3:60:57:ce:03:14:ce:d3:fa:a4:e0:26:c7:
4f:f4:c0:7c:22:ab:f8:47:70:11:a5:60:b1:dc:da:e4:66:d7:
53:4a:26:98:46:8a:b9:8b:47:90:4e:10:df:e2:bf:a2:4f:ad:
e9:c1:ca:84:ad:0c:65:48:1f:67:c1:8e:74:73:43:36:a7:fd:
6e:d5:1b:26:02:bd:43:ef:27:50:0a:3b:8e:db:6f:b7:ca:5e:
3f:15:e6:07:05:ff:4a:a0:e0:55:01:22:9e:49:72:89:95:d4:
7e:cc:c9:51:59:ed:92:89:05:6a:64:61:a0:4f:3b:1d:3f:ce:
b9:39:c2:62:79:bc:17:7d:9f:ef:d0:97:33:80:e3:d8:3a:0e:
7e:36:91:73:c0:ca:01:d3:0e:8e:c2:c0:d2:43:8f:46:63:ee:
01:a3:96:09:1f:42:a1:8b:6d:04:24:9e:4d:3f:3a:c6:0c:44:
59:ab:87:53:31:9e:16:1c:d3:86:86:cf:99:46:88:47:4b:92:
16:0c:08:b5
-----BEGIN CERTIFICATE-----
MIIGjTCCBXWgAwIBAgISAZihb6JBJ5NVmdsV3qS/6ugMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY3YjViMDJkYzQwMTY2NmVlMDQ1YWI5MGNjODg4MTdmZTA5
ZDcwNmEwHhcNMjUwODEzMDMxODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZWMxMTE1YzdhNjc3M2UwMzc4NDljZmM3ODU5YTY2NWEyZTNkZWVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskcSzleDwXbEziZvy8usTRDx7yT5
LYTrm9cX228Nfus+1tRBE8dUz4sjdHssH5XN7vokugC2v6XzYINr15Qm3Xl3byQJ
S2LYOx+2Dkm1aJu1pQ3/U70oG2OokURqfZmMWJIXIVVGobkf5xnqwr0KVT3SLlVV
zgCaK9P8idP4rUiuNxk4E+uqxwqygTckCZR7gn3TTvVBMRvukiYVXy7IFLsU5g2z
s3H+LmVFqqnwZCfry9Dd7pRM3ReRL+pL4p9nVV2i7Ek/eJNn5QBzJy5Swu8bAYU+
jyq/sQsH8BBwhJLN0vng1Fbd96RN+uo9881qtEj4aAVgam5QaJG5Tvj5gQIDAQAB
o4IDmTCCA5UwHQYDVR0OBBYEFP7BEVx6Z3PgN4Sc/HhZpmWi497uMB8GA1UdIwQY
MBaAFGe1sC3EAWZu4EWrkMyIgX/gnXBqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQt
YjVkODg4YWRmZDM3LzEvX3NFUlhIcG5jLUEzaEp6OGVGbW1aYUxqM3U0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82NGEzZGUtODEyYS00YWNlLTgxNGQtYjVkODg4YWRmZDM3
LzEvWjdXd0xjUUJabTdnUmF1UXpJaUJmLUNkY0dvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBrQYIKwYBBQUHAQcBAf8EggGcMIIBmDCCAWgEAgABMIIB
YAMEAFvCzQMEAFvKyAMEAF28hAMEAF28hwMEAJT9IgMEAJT9JDAMAwQAlP0pAwQA
lP0qAwQAlP0sAwQAlP0vAwQAlP0yAwQClP08AwQBlP3kMAwDBACU/ecDBAKU/egD
BACU/e0DBACU/e8wDAMEApT99AMEAJT99gMEAJT9+DAMAwQCl/lcAwQAl/leAwQA
o6tAAwQAo6tDAwQBo6tGAwQAo6tNAwQBo6tUAwQAo6tXMAwDBACjq10DBACjq14w
DAMEBaOrYAMEAKOrYjAMAwQAo6tlAwQAo6toAwQAo6t3AwQAo6t+AwQAo6uPAwQA
o6uVAwQAo6uZAwQAo6umAwQBo6uwAwQAo6u2AwQAo6u8AwQAo6vGAwQAo6vPMAwD
BACjq9cDBACjq9oDBACjq94DBAGjq+ADBAGjq+YDBACjq+oDBACjq+0DBACjq/kD
BACjq/wDBAC5G+YDBADCaxMwKgQCAAIwJAMHACoBU8D/xgMHACoBU8D/5wMHACoB
U8D/8gMHACoBU8D/9DANBgkqhkiG9w0BAQsFAAOCAQEASc/e87f3xFfGUPI5ccL8
PSaKPeDnd/6SAKdVWuFEVbpqwMLUOslKH8sU6yLWP5i48xFLJngp3hVS4xDTYFfO
AxTO0/qk4CbHT/TAfCKr+EdwEaVgsdza5GbXU0ommEaKuYtHkE4Q3+K/ok+t6cHK
hK0MZUgfZ8GOdHNDNqf9btUbJgK9Q+8nUAo7jttvt8pePxXmBwX/SqDgVQEinkly
iZXUfszJUVntkokFamRhoE87HT/OuTnCYnm8F32f79CXM4Dj2DoOfjaRc8DKAdMO
jsLA0kOPRmPuAaOWCR9CoYttBCSeTT86xgxEWauHUzGeFhzThobPmUaIR0uSFgwI
tQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:16:15 2025 by rpki-client