Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/k2rrEQBry0rtTfX8u1RJYzSORT0.roa
File: k2rrEQBry0rtTfX8u1RJYzSORT0.roa (raw, json)
Hash identifier: f6XIQFE4xrg7hJwwFHG/XNFOgXvxvA/hrkGgmGYtAoM=
Subject key identifier: 93:6A:EB:11:00:6B:CB:4A:ED:4D:F5:FC:BB:54:49:63:34:8E:45:3D
Certificate issuer: /CN=f62eeb879085c94194297dd9e4cd249cd2516515
Certificate serial: 0199EBC596725BE0142F7811BA6CFBA62124
Authority key identifier: F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/k2rrEQBry0rtTfX8u1RJYzSORT0.roa
Signing time: Thu 16 Oct 2025 06:46:58 +0000
ROA not before: Thu 16 Oct 2025 06:46:58 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197540
IP address blocks: 2.56.96.0/22 maxlen: 22
5.45.96.0/20 maxlen: 32
5.181.48.0/22 maxlen: 22
5.252.224.0/22 maxlen: 22
37.120.160.0/19 maxlen: 32
37.120.160.0/20 maxlen: 22
37.120.176.0/22 maxlen: 22
37.120.182.0/23 maxlen: 24
37.120.184.0/21 maxlen: 22
37.221.192.0/21 maxlen: 32
45.9.60.0/22 maxlen: 22
45.83.104.0/22 maxlen: 22
45.90.4.0/22 maxlen: 22
45.129.180.0/22 maxlen: 22
45.132.244.0/22 maxlen: 22
45.136.28.0/22 maxlen: 22
45.142.176.0/22 maxlen: 22
45.157.176.0/22 maxlen: 22
46.38.224.0/20 maxlen: 32
46.38.240.0/21 maxlen: 32
46.38.248.0/22 maxlen: 32
46.38.252.0/22 maxlen: 32
46.232.248.0/22 maxlen: 22
81.16.16.0/22 maxlen: 22
85.209.48.0/22 maxlen: 22
85.235.64.0/22 maxlen: 22
89.58.0.0/22 maxlen: 22
89.58.4.0/22 maxlen: 22
89.58.8.0/22 maxlen: 22
89.58.12.0/22 maxlen: 22
89.58.16.0/21 maxlen: 21
89.58.20.0/24 maxlen: 24
89.58.24.0/22 maxlen: 22
89.58.28.0/22 maxlen: 22
89.58.32.0/22 maxlen: 22
89.58.36.0/22 maxlen: 22
89.58.40.0/22 maxlen: 22
89.58.44.0/22 maxlen: 22
89.58.48.0/22 maxlen: 22
89.58.52.0/22 maxlen: 22
89.58.56.0/22 maxlen: 22
89.58.60.0/22 maxlen: 22
91.132.144.0/22 maxlen: 22
91.204.44.0/22 maxlen: 24
92.60.36.0/22 maxlen: 22
93.177.64.0/22 maxlen: 22
152.89.104.0/22 maxlen: 22
159.195.4.0/22 maxlen: 22
159.195.8.0/22 maxlen: 22
159.195.20.0/22 maxlen: 22
159.195.24.0/22 maxlen: 22
185.16.60.0/22 maxlen: 32
185.162.248.0/22 maxlen: 32
185.163.116.0/22 maxlen: 22
185.170.112.0/22 maxlen: 32
185.183.156.0/22 maxlen: 32
185.194.140.0/22 maxlen: 22
185.207.104.0/22 maxlen: 32
185.228.136.0/22 maxlen: 32
185.233.104.0/22 maxlen: 32
185.243.8.0/22 maxlen: 32
185.244.192.0/22 maxlen: 32
188.68.32.0/19 maxlen: 32
192.145.44.0/22 maxlen: 22
193.30.120.0/22 maxlen: 22
193.31.24.0/22 maxlen: 22
194.13.80.0/22 maxlen: 22
194.55.12.0/22 maxlen: 22
194.59.204.0/22 maxlen: 22
195.128.100.0/22 maxlen: 22
213.109.160.0/22 maxlen: 22
2a03:4000::/32 maxlen: 48
2a03:4001::/32 maxlen: 48
2a0a:4cc0::/40 maxlen: 40
2a0a:4cc0::/43 maxlen: 43
2a0a:4cc0:40::/43 maxlen: 43
2a0a:4cc0:40:2000::/56 maxlen: 56
2a0a:4cc0:80::/43 maxlen: 43
2a0a:4cc0:c0::/43 maxlen: 43
2a0a:4cc0:fe::/48 maxlen: 48
2a0a:4cc0:ff::/48 maxlen: 48
2a0a:4cc0:ff:1000::/52 maxlen: 52
2a0a:4cc0:100::/48 maxlen: 48
2a0a:4cc0:104::/48 maxlen: 48
2a0a:4cc0:104::/52 maxlen: 52
2a0a:4cc0:104:1000::/52 maxlen: 52
2a0a:4cc0:2000:4000::/56 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.mft
rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:eb:c5:96:72:5b:e0:14:2f:78:11:ba:6c:fb:a6:21:24
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f62eeb879085c94194297dd9e4cd249cd2516515
Validity
Not Before: Oct 16 06:46:58 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=936aeb11006bcb4aed4df5fcbb544963348e453d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:00:dc:34:16:24:9b:cb:37:07:37:b0:0e:17:
9e:0c:9f:73:cf:5b:52:e2:69:f2:aa:a8:eb:fa:59:
9f:41:70:85:cf:a7:8d:5c:6b:89:d7:81:8e:b8:27:
5b:c9:48:b4:8d:ad:39:e3:1a:8a:ff:e7:9f:47:3b:
6f:56:24:04:cf:4d:22:53:a8:97:39:78:04:b4:71:
1d:8c:4e:92:ca:36:44:2a:75:a6:5f:ba:93:94:67:
ea:55:03:2b:aa:4b:a4:4a:62:60:81:16:74:ac:f2:
ef:18:7e:2c:31:64:de:fc:c7:04:4e:fd:cb:4b:9f:
ea:78:af:8b:af:9e:5a:98:70:a1:03:cf:cd:5b:5e:
58:01:a4:37:48:2d:4e:d9:0d:6f:9a:89:76:c5:f0:
5b:a1:d0:29:c7:00:a5:ad:c2:3e:00:19:63:32:6a:
e6:08:9c:f1:57:2e:21:56:44:40:05:53:c1:8b:f4:
eb:c2:6c:3d:19:86:87:14:9f:4e:5a:da:56:09:53:
f7:2d:4e:f8:b6:1a:76:30:18:e9:be:6f:18:2d:d0:
e2:5e:0a:72:96:d7:f5:fc:95:71:76:80:36:16:4c:
97:4c:65:02:05:5a:ad:53:9b:f8:39:4d:8c:dc:80:
6b:3d:02:b3:6d:07:f4:36:67:74:87:36:af:c8:96:
75:b9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
93:6A:EB:11:00:6B:CB:4A:ED:4D:F5:FC:BB:54:49:63:34:8E:45:3D
X509v3 Authority Key Identifier:
keyid:F6:2E:EB:87:90:85:C9:41:94:29:7D:D9:E4:CD:24:9C:D2:51:65:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/9i7rh5CFyUGUKX3Z5M0knNJRZRU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/k2rrEQBry0rtTfX8u1RJYzSORT0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/99/91da8b-0502-48df-8532-5fbf9a29b6e1/1/9i7rh5CFyUGUKX3Z5M0knNJRZRU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.96.0/22
5.45.96.0/20
5.181.48.0/22
5.252.224.0/22
37.120.160.0/19
37.221.192.0/21
45.9.60.0/22
45.83.104.0/22
45.90.4.0/22
45.129.180.0/22
45.132.244.0/22
45.136.28.0/22
45.142.176.0/22
45.157.176.0/22
46.38.224.0/19
46.232.248.0/22
81.16.16.0/22
85.209.48.0/22
85.235.64.0/22
89.58.0.0/18
91.132.144.0/22
91.204.44.0/22
92.60.36.0/22
93.177.64.0/22
152.89.104.0/22
159.195.4.0-159.195.11.255
159.195.20.0-159.195.27.255
185.16.60.0/22
185.162.248.0/22
185.163.116.0/22
185.170.112.0/22
185.183.156.0/22
185.194.140.0/22
185.207.104.0/22
185.228.136.0/22
185.233.104.0/22
185.243.8.0/22
185.244.192.0/22
188.68.32.0/19
192.145.44.0/22
193.30.120.0/22
193.31.24.0/22
194.13.80.0/22
194.55.12.0/22
194.59.204.0/22
195.128.100.0/22
213.109.160.0/22
IPv6:
2a03:4000::/31
2a0a:4cc0::-2a0a:4cc0:100:ffff:ffff:ffff:ffff:ffff
2a0a:4cc0:104::/48
2a0a:4cc0:2000:4000::/56
Signature Algorithm: sha256WithRSAEncryption
44:bb:e3:e6:82:ff:fd:a2:9c:fa:05:47:09:aa:28:a6:3b:91:
fb:86:36:be:bd:31:03:e8:ff:53:23:ef:4b:a9:fa:09:39:97:
f4:59:1b:b8:c6:c3:7d:55:f1:c8:a4:c8:c1:e0:97:26:d0:85:
d6:5e:02:88:13:86:dd:f4:c9:d3:84:b8:95:72:d9:e5:d5:c9:
92:5d:90:e7:31:60:13:85:a1:25:04:c6:e3:1f:3f:4b:a1:49:
2a:a8:31:f6:be:2a:21:e8:56:72:f6:41:fa:40:0f:3d:28:96:
a7:6c:fa:4a:7b:04:dd:b5:c5:30:e0:8b:14:11:d7:21:97:9e:
fa:6f:3c:85:bb:e0:a1:11:a7:47:2c:55:1a:1e:f9:a8:99:be:
80:c8:ec:73:67:00:f9:40:21:17:ae:0f:86:0d:2d:a6:db:8e:
dc:56:1b:65:8a:8e:7f:9c:05:39:ea:ec:86:b7:e7:84:5e:c2:
bd:33:f6:22:fe:76:28:e9:4b:6d:a6:8d:99:a6:53:bb:0f:44:
b9:43:ad:2c:86:7e:8b:2e:f9:fe:72:ea:d8:cf:75:3f:ab:6f:
3f:7b:04:41:5d:5f:a5:30:36:1b:c8:bb:d8:e5:f1:53:ea:0b:
f2:65:d1:0f:de:a5:40:2b:3e:9a:85:19:52:13:7d:db:2d:f7:
30:bd:d9:76
-----BEGIN CERTIFICATE-----
MIIGXzCCBUegAwIBAgISAZnrxZZyW+AUL3gRumz7piEkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY2MmVlYjg3OTA4NWM5NDE5NDI5N2RkOWU0Y2QyNDljZDI1
MTY1MTUwHhcNMjUxMDE2MDY0NjU4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MzZhZWIxMTAwNmJjYjRhZWQ0ZGY1ZmNiYjU0NDk2MzM0OGU0NTNkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuwDcNBYkm8s3BzewDheeDJ9zz1tS
4mnyqqjr+lmfQXCFz6eNXGuJ14GOuCdbyUi0ja054xqK/+efRztvViQEz00iU6iX
OXgEtHEdjE6SyjZEKnWmX7qTlGfqVQMrqkukSmJggRZ0rPLvGH4sMWTe/McETv3L
S5/qeK+Lr55amHChA8/NW15YAaQ3SC1O2Q1vmol2xfBbodApxwClrcI+ABljMmrm
CJzxVy4hVkRABVPBi/Trwmw9GYaHFJ9OWtpWCVP3LU74thp2MBjpvm8YLdDiXgpy
ltf1/JVxdoA2FkyXTGUCBVqtU5v4OU2M3IBrPQKzbQf0Nmd0hzavyJZ1uQIDAQAB
o4IDazCCA2cwHQYDVR0OBBYEFJNq6xEAa8tK7U31/LtUSWM0jkU9MB8GA1UdIwQY
MBaAFPYu64eQhclBlCl92eTNJJzSUWUVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzIt
NWZiZjlhMjliNmUxLzEvazJyckVRQnJ5MHJ0VGZYOHUxUkpZelNPUlQwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85OS85MWRhOGItMDUwMi00OGRmLTg1MzItNWZiZjlhMjliNmUx
LzEvOWk3cmg1Q0Z5VUdVS1gzWjVNMGtuTkpSWlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBfwYIKwYBBQUHAQcBAf8EggFuMIIBajCCATIEAgABMIIB
KgMEAgI4YAMEBAUtYAMEAgW1MAMEAgX84AMEBSV4oAMEAyXdwAMEAi0JPAMEAi1T
aAMEAi1aBAMEAi2BtAMEAi2E9AMEAi2IHAMEAi2OsAMEAi2dsAMEBS4m4AMEAi7o
+AMEAlEQEAMEAlXRMAMEAlXrQAMEBlk6AAMEAluEkAMEAlvMLAMEAlw8JAMEAl2x
QAMEAphZaDAMAwQCn8MEAwQCn8MIMAwDBAKfwxQDBAKfwxgDBAK5EDwDBAK5ovgD
BAK5o3QDBAK5qnADBAK5t5wDBAK5wowDBAK5z2gDBAK55IgDBAK56WgDBAK58wgD
BAK59MADBAW8RCADBALAkSwDBALBHngDBALBHxgDBALCDVADBALCNwwDBALCO8wD
BALDgGQDBALVbaAwMgQCAAIwLAMFASoDQAAwEAMFBioKTMADBwAqCkzAAQADBwAq
CkzAAQQDCAAqCkzAIABAMA0GCSqGSIb3DQEBCwUAA4IBAQBEu+Pmgv/9opz6BUcJ
qiimO5H7hja+vTED6P9TI+9LqfoJOZf0WRu4xsN9VfHIpMjB4Jcm0IXWXgKIE4bd
9MnThLiVctnl1cmSXZDnMWAThaElBMbjHz9LoUkqqDH2vioh6FZy9kH6QA89KJan
bPpKewTdtcUw4IsUEdchl576bzyFu+ChEadHLFUaHvmomb6AyOxzZwD5QCEXrg+G
DS2m247cVhtlio5/nAU56uyGt+eEXsK9M/Yi/nYo6Uttpo2ZplO7D0S5Q60shn6L
Lvn+curYz3U/q28/ewRBXV+lMDYbyLvY5fFT6gvyZdEP3qVAKz6ahRlSE33bLfcw
vdl2
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:40:13 2025 by rpki-client