Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/qKN97IS00Dw-fIUwd184Vx9Y1MM.roa
File: qKN97IS00Dw-fIUwd184Vx9Y1MM.roa (raw, json)
Hash identifier: InDA9nhPg1Xj964zVuEzcl5j+yZyNDumD+IkyAj4yPs=
Subject key identifier: A8:A3:7D:EC:84:B4:D0:3C:3E:7C:85:30:77:5F:38:57:1F:58:D4:C3
Certificate issuer: /CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Certificate serial: 01995607CBF6916485CB954711BA9762155E
Authority key identifier: 0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/qKN97IS00Dw-fIUwd184Vx9Y1MM.roa
Signing time: Wed 17 Sep 2025 04:56:15 +0000
ROA not before: Wed 17 Sep 2025 04:56:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29182
IP address blocks: 37.46.128.0/23 maxlen: 23
37.46.130.0/23 maxlen: 23
37.46.132.0/23 maxlen: 23
37.46.134.0/23 maxlen: 23
45.141.208.0/22 maxlen: 22
45.150.8.0/22 maxlen: 22
62.109.0.0/20 maxlen: 20
62.109.0.0/21 maxlen: 21
62.109.8.0/21 maxlen: 21
62.109.16.0/21 maxlen: 21
62.109.24.0/22 maxlen: 22
62.109.28.0/22 maxlen: 22
77.246.156.0/22 maxlen: 22
77.246.156.0/23 maxlen: 23
77.246.158.0/23 maxlen: 23
80.87.192.0/23 maxlen: 23
80.87.194.0/23 maxlen: 23
80.87.196.0/23 maxlen: 23
80.87.198.0/23 maxlen: 23
80.87.200.0/23 maxlen: 23
80.87.202.0/24 maxlen: 24
80.87.203.0/24 maxlen: 24
82.146.32.0/21 maxlen: 21
82.146.32.0/23 maxlen: 23
82.146.34.0/23 maxlen: 23
82.146.36.0/23 maxlen: 23
82.146.38.0/23 maxlen: 23
82.146.40.0/21 maxlen: 21
82.146.48.0/23 maxlen: 23
82.146.50.0/23 maxlen: 23
82.146.52.0/23 maxlen: 23
82.146.54.0/23 maxlen: 23
82.146.56.0/21 maxlen: 21
82.202.160.0/23 maxlen: 23
82.202.162.0/23 maxlen: 23
82.202.165.0/24 maxlen: 24
82.202.166.0/23 maxlen: 23
82.202.168.0/23 maxlen: 23
82.202.170.0/23 maxlen: 23
82.202.172.0/23 maxlen: 23
82.202.174.0/23 maxlen: 23
83.220.168.0/23 maxlen: 23
83.220.170.0/23 maxlen: 23
83.220.172.0/23 maxlen: 23
83.220.174.0/23 maxlen: 23
85.198.72.0/23 maxlen: 23
85.198.74.0/23 maxlen: 23
85.198.116.0/23 maxlen: 23
85.198.118.0/23 maxlen: 23
89.169.40.0/23 maxlen: 23
89.169.42.0/23 maxlen: 23
91.240.84.0/23 maxlen: 23
91.240.86.0/23 maxlen: 23
92.63.96.0/21 maxlen: 21
92.63.104.0/22 maxlen: 22
92.63.108.0/22 maxlen: 22
92.63.108.0/24 maxlen: 24
92.63.109.0/24 maxlen: 24
92.63.110.0/23 maxlen: 23
185.43.4.0/23 maxlen: 23
185.43.6.0/23 maxlen: 23
185.63.188.0/22 maxlen: 22
185.146.156.0/23 maxlen: 23
185.146.158.0/23 maxlen: 23
185.246.64.0/23 maxlen: 23
185.246.66.0/23 maxlen: 23
185.253.32.0/23 maxlen: 23
185.253.34.0/23 maxlen: 23
195.140.144.0/23 maxlen: 23
195.140.146.0/23 maxlen: 23
212.109.192.0/22 maxlen: 22
212.109.196.0/23 maxlen: 23
212.109.198.0/23 maxlen: 23
212.109.216.0/23 maxlen: 23
212.109.218.0/23 maxlen: 23
212.109.220.0/23 maxlen: 23
212.109.222.0/24 maxlen: 24
212.109.223.0/24 maxlen: 24
213.159.208.0/23 maxlen: 23
213.159.210.0/23 maxlen: 23
213.159.212.0/23 maxlen: 23
213.159.214.0/23 maxlen: 23
2a09:f900::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.mft
rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:01:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:56:07:cb:f6:91:64:85:cb:95:47:11:ba:97:62:15:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0a41a5a2a18339629cc1303e6dec8bb605ddca65
Validity
Not Before: Sep 17 04:56:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a8a37dec84b4d03c3e7c8530775f38571f58d4c3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:30:ac:e1:35:44:4d:cb:af:60:5c:9a:70:ce:
36:ee:19:9a:cd:ab:d7:fa:6f:6c:b2:6e:c1:cd:4c:
4c:ee:e4:f8:a5:f6:45:bc:33:af:7c:c8:55:3b:3d:
37:b9:d0:04:81:fc:23:a7:69:19:9e:ab:ff:1a:dc:
0e:e9:33:4a:61:25:6d:53:7d:24:1c:78:26:40:03:
af:e1:51:89:af:ba:89:fe:b9:f4:80:ef:45:3e:2a:
97:33:bf:95:f4:9f:54:e5:a0:08:f0:b7:1b:db:ab:
9a:79:e8:a9:db:27:20:5b:db:66:12:da:17:b8:58:
80:5d:8f:7d:02:e9:33:3c:2e:58:ca:c4:53:b8:d3:
e4:04:2f:94:eb:d7:36:b2:c7:e0:42:aa:03:e8:8d:
cd:73:f6:9f:02:fa:68:34:63:49:11:38:14:f7:83:
a5:59:0c:c9:e8:c4:f4:c6:e7:29:16:39:7d:85:0e:
6b:e5:6f:46:2f:24:4c:ec:16:84:dc:98:7f:b8:42:
07:78:af:2b:ac:5f:8a:af:6c:09:06:bd:82:8b:02:
41:43:f8:69:1d:9a:30:c7:e9:40:03:20:d6:d9:86:
8b:bb:cc:23:73:df:5d:f9:f3:6f:7a:82:65:2c:64:
1f:8f:bb:20:b5:36:f7:de:e0:b5:1f:4d:3d:d0:bc:
5d:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A8:A3:7D:EC:84:B4:D0:3C:3E:7C:85:30:77:5F:38:57:1F:58:D4:C3
X509v3 Authority Key Identifier:
keyid:0A:41:A5:A2:A1:83:39:62:9C:C1:30:3E:6D:EC:8B:B6:05:DD:CA:65
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CkGloqGDOWKcwTA-beyLtgXdymU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/qKN97IS00Dw-fIUwd184Vx9Y1MM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a1/d43c2c-74e9-47d4-bf62-80f7fd6ea9c9/1/CkGloqGDOWKcwTA-beyLtgXdymU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.46.128.0/21
45.141.208.0/22
45.150.8.0/22
62.109.0.0/19
77.246.156.0/22
80.87.192.0-80.87.203.255
82.146.32.0/19
82.202.160.0/22
82.202.165.0-82.202.175.255
83.220.168.0/21
85.198.72.0/22
85.198.116.0/22
89.169.40.0/22
91.240.84.0/22
92.63.96.0/20
185.43.4.0/22
185.63.188.0/22
185.146.156.0/22
185.246.64.0/22
185.253.32.0/22
195.140.144.0/22
212.109.192.0/21
212.109.216.0/21
213.159.208.0/21
IPv6:
2a09:f900::/48
Signature Algorithm: sha256WithRSAEncryption
1c:d6:88:28:29:c3:fe:db:4e:5f:c5:80:d1:1e:2c:27:bb:bb:
fa:a0:00:05:c5:85:be:0c:ae:e6:bc:1d:36:25:0d:b4:d1:d4:
39:5d:93:df:64:1f:ef:33:a5:2a:5f:a1:4b:64:3a:4f:d6:71:
b3:a3:ff:af:eb:72:3b:1d:89:1b:34:5b:65:fd:6f:82:6e:d0:
f8:f1:c9:04:8c:60:fb:c3:31:02:35:96:56:52:0c:ef:86:f9:
f0:c9:e6:a1:f3:2d:51:fc:a4:90:b2:00:e5:6e:35:87:a2:3d:
60:66:f4:55:86:3b:74:90:f7:05:1e:be:0e:84:8f:3a:d2:54:
cc:72:be:73:97:04:a9:20:1b:85:cb:95:48:13:57:94:2f:9c:
6b:b9:15:0d:18:00:f2:c6:bb:3f:00:39:d1:94:35:bf:83:48:
f7:ac:eb:7b:cc:fb:4f:36:52:89:49:8c:3e:76:3f:20:73:4a:
8f:2d:38:f8:3d:ff:2b:aa:53:d6:72:63:2f:a4:db:c2:8c:aa:
0e:60:a1:b5:cb:c5:0a:b8:c3:df:a6:8b:3e:b6:52:9b:17:be:
05:a9:18:6d:15:dc:ca:1b:d3:a4:a5:7c:92:8e:d4:81:5e:da:
45:b1:e2:d6:a4:cd:bd:e9:50:df:62:84:33:8f:03:03:e1:5e:
74:a0:1f:f3
-----BEGIN CERTIFICATE-----
MIIFrTCCBJWgAwIBAgISAZlWB8v2kWSFy5VHEbqXYhVeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBhNDFhNWEyYTE4MzM5NjI5Y2MxMzAzZTZkZWM4YmI2MDVk
ZGNhNjUwHhcNMjUwOTE3MDQ1NjE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhOGEzN2RlYzg0YjRkMDNjM2U3Yzg1MzA3NzVmMzg1NzFmNThkNGMzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuTCs4TVETcuvYFyacM427hmazavX
+m9ssm7BzUxM7uT4pfZFvDOvfMhVOz03udAEgfwjp2kZnqv/GtwO6TNKYSVtU30k
HHgmQAOv4VGJr7qJ/rn0gO9FPiqXM7+V9J9U5aAI8Lcb26uaeeip2ycgW9tmEtoX
uFiAXY99AukzPC5YysRTuNPkBC+U69c2ssfgQqoD6I3Nc/afAvpoNGNJETgU94Ol
WQzJ6MT0xucpFjl9hQ5r5W9GLyRM7BaE3Jh/uEIHeK8rrF+Kr2wJBr2CiwJBQ/hp
HZowx+lAAyDW2YaLu8wjc99d+fNveoJlLGQfj7sgtTb33uC1H0090LxdmQIDAQAB
o4ICuTCCArUwHQYDVR0OBBYEFKijfeyEtNA8PnyFMHdfOFcfWNTDMB8GA1UdIwQY
MBaAFApBpaKhgzlinMEwPm3si7YF3cplMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjIt
ODBmN2ZkNmVhOWM5LzEvcUtOOTdJUzAwRHctZklVd2QxODRWeDlZMU1NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMS9kNDNjMmMtNzRlOS00N2Q0LWJmNjItODBmN2ZkNmVhOWM5
LzEvQ2tHbG9xR0RPV0tjd1RBLWJleUx0Z1hkeW1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHOBggrBgEFBQcBBwEB/wSBvjCBuzCBpwQCAAEwgaADBAMl
LoADBAItjdADBAItlggDBAU+bQADBAJN9pwwDAMEBlBXwAMEAlBXyAMEBVKSIAME
AlLKoDAMAwQAUsqlAwQEUsqgAwQDU9yoAwQCVcZIAwQCVcZ0AwQCWakoAwQCW/BU
AwQEXD9gAwQCuSsEAwQCuT+8AwQCuZKcAwQCufZAAwQCuf0gAwQCw4yQAwQD1G3A
AwQD1G3YAwQD1Z/QMA8EAgACMAkDBwAqCfkAAAAwDQYJKoZIhvcNAQELBQADggEB
ABzWiCgpw/7bTl/FgNEeLCe7u/qgAAXFhb4Mrua8HTYlDbTR1Dldk99kH+8zpSpf
oUtkOk/WcbOj/6/rcjsdiRs0W2X9b4Ju0PjxyQSMYPvDMQI1llZSDO+G+fDJ5qHz
LVH8pJCyAOVuNYeiPWBm9FWGO3SQ9wUevg6EjzrSVMxyvnOXBKkgG4XLlUgTV5Qv
nGu5FQ0YAPLGuz8AOdGUNb+DSPes63vM+082UolJjD52PyBzSo8tOPg9/yuqU9Zy
Yy+k28KMqg5gobXLxQq4w9+miz62UpsXvgWpGG0V3Mob06SlfJKO1IFe2kWx4tak
zb3pUN9ihDOPAwPhXnSgH/M=
-----END CERTIFICATE-----
Generated at Mon Oct 20 05:17:36 2025 by rpki-client