Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/cHNi-aQf8kRZ-IXLdR6NKJyGyd4.roa
File: cHNi-aQf8kRZ-IXLdR6NKJyGyd4.roa (raw, json)
Hash identifier: YdcOpjqVHXdNz8a6yYmUAFG6b4by/2D9QJ2g+af+cwY=
Subject key identifier: 70:73:62:F9:A4:1F:F2:44:59:F8:85:CB:75:1E:8D:28:9C:86:C9:DE
Certificate issuer: /CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Certificate serial: 0198BCBB8C581C0AEED03CB5A08BE2CB1F35
Authority key identifier: 1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/cHNi-aQf8kRZ-IXLdR6NKJyGyd4.roa
Signing time: Mon 18 Aug 2025 10:31:04 +0000
ROA not before: Mon 18 Aug 2025 10:31:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 2.59.8.0/23 maxlen: 32
2.59.14.0/24 maxlen: 32
5.42.198.0/24 maxlen: 32
31.42.112.0/22 maxlen: 32
31.210.18.0/24 maxlen: 32
37.77.144.0/24 maxlen: 32
45.78.80.0/22 maxlen: 32
45.94.244.0/22 maxlen: 32
45.95.48.0/22 maxlen: 32
45.116.168.0/22 maxlen: 32
45.138.232.0/22 maxlen: 32
45.142.92.0/22 maxlen: 32
45.142.96.0/22 maxlen: 32
45.149.148.0/22 maxlen: 32
58.97.128.0/21 maxlen: 32
58.97.232.0/21 maxlen: 32
58.97.240.0/20 maxlen: 32
62.3.29.0/24 maxlen: 32
62.68.91.0/24 maxlen: 32
62.106.92.0/24 maxlen: 32
69.94.10.0/23 maxlen: 32
69.94.12.0/23 maxlen: 32
77.81.104.0/21 maxlen: 32
78.24.206.0/24 maxlen: 32
78.138.1.0/24 maxlen: 32
78.138.2.0/24 maxlen: 32
78.138.25.0/24 maxlen: 32
78.138.40.0/24 maxlen: 32
78.138.47.0/24 maxlen: 32
78.138.48.0/24 maxlen: 32
78.138.50.0/24 maxlen: 32
82.97.199.0/24 maxlen: 32
83.229.76.0/22 maxlen: 24
83.229.104.0/22 maxlen: 32
84.39.224.0/21 maxlen: 32
85.89.192.0/21 maxlen: 32
85.89.200.0/21 maxlen: 32
85.89.208.0/21 maxlen: 32
85.89.216.0/21 maxlen: 32
86.104.19.0/24 maxlen: 32
89.19.40.0/22 maxlen: 32
89.19.42.0/23 maxlen: 24
89.34.78.0/23 maxlen: 32
89.38.132.0/23 maxlen: 32
89.44.213.0/24 maxlen: 32
89.46.152.0/21 maxlen: 32
89.249.51.0/24 maxlen: 32
89.249.56.0/22 maxlen: 32
91.197.252.0/22 maxlen: 32
91.201.107.0/24 maxlen: 32
91.245.235.0/24 maxlen: 32
92.43.84.0/22 maxlen: 32
92.118.108.0/24 maxlen: 32
93.113.124.0/23 maxlen: 32
93.114.0.0/20 maxlen: 32
93.114.10.0/24 maxlen: 24
93.114.11.0/24 maxlen: 24
93.115.12.0/23 maxlen: 32
93.180.192.0/20 maxlen: 32
93.180.224.0/20 maxlen: 32
94.176.112.0/20 maxlen: 32
94.177.56.0/23 maxlen: 32
95.215.36.0/22 maxlen: 32
103.63.224.0/22 maxlen: 32
103.113.225.0/24 maxlen: 32
103.113.226.0/24 maxlen: 32
103.113.227.0/24 maxlen: 32
103.218.253.0/24 maxlen: 32
103.218.254.0/24 maxlen: 32
104.167.22.0/23 maxlen: 32
119.13.192.0/19 maxlen: 32
119.13.208.0/20 maxlen: 32
121.91.80.0/21 maxlen: 32
138.124.144.0/22 maxlen: 32
150.129.92.0/22 maxlen: 32
176.117.84.0/22 maxlen: 32
176.118.195.0/24 maxlen: 32
176.119.8.0/21 maxlen: 32
178.251.236.0/24 maxlen: 32
178.251.237.0/24 maxlen: 32
185.38.102.0/24 maxlen: 32
185.90.243.0/24 maxlen: 32
185.125.192.0/22 maxlen: 32
185.131.220.0/24 maxlen: 32
185.131.221.0/24 maxlen: 32
185.223.56.0/24 maxlen: 32
185.240.252.0/24 maxlen: 32
185.240.254.0/24 maxlen: 32
185.240.255.0/24 maxlen: 32
188.95.152.0/21 maxlen: 32
188.119.116.0/22 maxlen: 32
193.163.101.0/24 maxlen: 32
193.169.175.0/24 maxlen: 32
193.203.36.0/24 maxlen: 32
193.203.39.0/24 maxlen: 32
193.203.127.0/24 maxlen: 32
194.145.118.0/24 maxlen: 32
194.145.220.0/23 maxlen: 32
194.187.50.0/23 maxlen: 32
194.242.23.0/24 maxlen: 32
195.14.98.0/24 maxlen: 32
202.81.208.0/22 maxlen: 32
202.81.212.0/22 maxlen: 32
202.81.216.0/22 maxlen: 32
202.81.220.0/23 maxlen: 32
202.81.222.0/23 maxlen: 32
202.181.20.0/22 maxlen: 32
203.109.52.0/22 maxlen: 32
203.166.156.0/23 maxlen: 32
209.20.160.0/19 maxlen: 32
212.21.102.0/24 maxlen: 32
212.46.128.0/24 maxlen: 32
212.46.133.0/24 maxlen: 32
212.46.138.0/24 maxlen: 32
212.46.142.0/23 maxlen: 32
212.46.145.0/24 maxlen: 32
212.46.149.0/24 maxlen: 32
212.46.159.0/24 maxlen: 32
217.197.103.0/24 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.mft
rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:bc:bb:8c:58:1c:0a:ee:d0:3c:b5:a0:8b:e2:cb:1f:35
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1ba51a0bc0f0afebbf6d5d927fe1f9816f52352d
Validity
Not Before: Aug 18 10:31:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=707362f9a41ff24459f885cb751e8d289c86c9de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:93:e4:82:23:f0:f2:ca:23:24:b7:d8:d0:be:81:
3c:33:16:5b:f8:af:f9:0d:58:45:1e:39:02:65:42:
7b:f4:e8:ff:c7:1a:e9:00:90:ab:d8:70:b5:7c:8b:
1d:43:e3:27:98:e4:71:4a:6e:6a:a1:cb:d7:6d:f0:
1e:9b:55:68:92:98:e6:c8:3f:39:f1:59:23:20:63:
37:96:29:7b:a5:9a:b5:c5:35:39:02:75:ba:0a:95:
75:5d:b1:55:93:7f:ae:bf:94:b6:50:7a:9f:06:8a:
f1:0f:6d:76:2a:ae:af:7a:a5:12:ac:b1:6b:ca:70:
b0:f9:ce:56:78:35:e2:80:ff:d6:2b:3e:c3:e8:37:
76:48:e2:5f:e6:2d:5b:5f:8b:eb:ed:f7:54:af:ed:
d7:c1:06:b7:42:5f:da:b8:da:96:0f:e3:17:38:31:
f4:fa:bb:f1:d8:61:41:c2:ca:dd:ba:1c:66:b5:be:
d2:c9:2f:20:d0:32:78:fa:2c:af:5f:1e:f0:08:87:
d6:1d:cb:31:00:40:30:f3:c6:c7:b3:14:1d:66:bc:
3e:1a:6e:38:22:fb:7f:ef:79:e6:e8:dc:5c:7f:37:
95:4d:76:e6:3f:95:2d:53:4b:8a:97:80:b5:23:d9:
0b:ab:fe:29:11:b4:10:aa:51:34:99:cd:1f:2a:c3:
18:93
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
70:73:62:F9:A4:1F:F2:44:59:F8:85:CB:75:1E:8D:28:9C:86:C9:DE
X509v3 Authority Key Identifier:
keyid:1B:A5:1A:0B:C0:F0:AF:EB:BF:6D:5D:92:7F:E1:F9:81:6F:52:35:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/cHNi-aQf8kRZ-IXLdR6NKJyGyd4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/4f211e-79d7-4504-9ead-871f9ed708e0/1/G6UaC8Dwr-u_bV2Sf-H5gW9SNS0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.8.0/23
2.59.14.0/24
5.42.198.0/24
31.42.112.0/22
31.210.18.0/24
37.77.144.0/24
45.78.80.0/22
45.94.244.0/22
45.95.48.0/22
45.116.168.0/22
45.138.232.0/22
45.142.92.0-45.142.99.255
45.149.148.0/22
58.97.128.0/21
58.97.232.0-58.97.255.255
62.3.29.0/24
62.68.91.0/24
62.106.92.0/24
69.94.10.0-69.94.13.255
77.81.104.0/21
78.24.206.0/24
78.138.1.0-78.138.2.255
78.138.25.0/24
78.138.40.0/24
78.138.47.0-78.138.48.255
78.138.50.0/24
82.97.199.0/24
83.229.76.0/22
83.229.104.0/22
84.39.224.0/21
85.89.192.0/19
86.104.19.0/24
89.19.40.0/22
89.34.78.0/23
89.38.132.0/23
89.44.213.0/24
89.46.152.0/21
89.249.51.0/24
89.249.56.0/22
91.197.252.0/22
91.201.107.0/24
91.245.235.0/24
92.43.84.0/22
92.118.108.0/24
93.113.124.0/23
93.114.0.0/20
93.115.12.0/23
93.180.192.0/20
93.180.224.0/20
94.176.112.0/20
94.177.56.0/23
95.215.36.0/22
103.63.224.0/22
103.113.225.0-103.113.227.255
103.218.253.0-103.218.254.255
104.167.22.0/23
119.13.192.0/19
121.91.80.0/21
138.124.144.0/22
150.129.92.0/22
176.117.84.0/22
176.118.195.0/24
176.119.8.0/21
178.251.236.0/23
185.38.102.0/24
185.90.243.0/24
185.125.192.0/22
185.131.220.0/23
185.223.56.0/24
185.240.252.0/24
185.240.254.0/23
188.95.152.0/21
188.119.116.0/22
193.163.101.0/24
193.169.175.0/24
193.203.36.0/24
193.203.39.0/24
193.203.127.0/24
194.145.118.0/24
194.145.220.0/23
194.187.50.0/23
194.242.23.0/24
195.14.98.0/24
202.81.208.0/20
202.181.20.0/22
203.109.52.0/22
203.166.156.0/23
209.20.160.0/19
212.21.102.0/24
212.46.128.0/24
212.46.133.0/24
212.46.138.0/24
212.46.142.0/23
212.46.145.0/24
212.46.149.0/24
212.46.159.0/24
217.197.103.0/24
Signature Algorithm: sha256WithRSAEncryption
56:08:05:af:cb:d2:56:39:fe:52:0d:ed:a7:2e:26:13:42:9d:
a3:d3:bf:43:e3:48:9e:65:94:19:76:cf:5a:5b:c8:f0:3b:d4:
b1:1a:d9:b2:fb:bd:89:a6:69:f4:56:80:23:da:d3:f8:43:42:
d6:21:94:2d:a9:f2:39:48:9b:66:4d:d8:4f:3e:a0:c4:4e:e6:
8e:5a:85:72:ef:ad:67:4b:89:bf:f5:be:c6:fb:53:d0:f9:54:
fa:46:53:a4:82:b3:11:2c:a8:66:77:ff:ed:db:19:3c:f1:a2:
19:d1:87:58:9e:3a:fb:96:6d:d4:bd:93:ed:98:df:ba:e6:e6:
2e:ad:90:c1:b3:cb:67:ec:b6:95:10:9d:58:40:a5:43:b7:17:
35:9b:47:b4:59:e6:fc:64:fd:08:06:ad:55:7e:3c:5a:71:ad:
16:08:d7:ed:d0:79:62:3b:34:e0:bc:6e:81:15:c8:84:32:7e:
e6:73:5a:50:26:59:c4:51:45:12:8f:7c:0d:71:f8:38:55:07:
81:3c:ae:2e:d9:98:ea:64:ac:7d:64:42:a0:87:65:53:bc:ea:
87:84:6f:3f:1a:3d:90:72:ba:c7:45:2f:ed:49:2f:51:96:e2:
c0:5f:d4:17:db:2d:29:2a:5d:25:61:13:70:4a:10:40:86:95:
ba:22:2d:92
-----BEGIN CERTIFICATE-----
MIIHfjCCBmagAwIBAgISAZi8u4xYHAru0Dy1oIviyx81MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiYTUxYTBiYzBmMGFmZWJiZjZkNWQ5MjdmZTFmOTgxNmY1
MjM1MmQwHhcNMjUwODE4MTAzMTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MDczNjJmOWE0MWZmMjQ0NTlmODg1Y2I3NTFlOGQyODljODZjOWRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAk+SCI/DyyiMkt9jQvoE8MxZb+K/5
DVhFHjkCZUJ79Oj/xxrpAJCr2HC1fIsdQ+MnmORxSm5qocvXbfAem1VokpjmyD85
8VkjIGM3lil7pZq1xTU5AnW6CpV1XbFVk3+uv5S2UHqfBorxD212Kq6veqUSrLFr
ynCw+c5WeDXigP/WKz7D6Dd2SOJf5i1bX4vr7fdUr+3XwQa3Ql/auNqWD+MXODH0
+rvx2GFBwsrduhxmtb7SyS8g0DJ4+iyvXx7wCIfWHcsxAEAw88bHsxQdZrw+Gm44
Ivt/73nm6NxcfzeVTXbmP5UtU0uKl4C1I9kLq/4pEbQQqlE0mc0fKsMYkwIDAQAB
o4IEijCCBIYwHQYDVR0OBBYEFHBzYvmkH/JEWfiFy3UejSichsneMB8GA1UdIwQY
MBaAFBulGgvA8K/rv21dkn/h+YFvUjUtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQt
ODcxZjllZDcwOGUwLzEvY0hOaS1hUWY4a1JaLUlYTGRSNk5LSnlHeWQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS80ZjIxMWUtNzlkNy00NTA0LTllYWQtODcxZjllZDcwOGUw
LzEvRzZVYUM4RHdyLXVfYlYyU2YtSDVnVzlTTlMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICngYIKwYBBQUHAQcBAf8EggKNMIICiTCCAoUEAgABMIIC
fQMEAQI7CAMEAAI7DgMEAAUqxgMEAh8qcAMEAB/SEgMEACVNkAMEAi1OUAMEAi1e
9AMEAi1fMAMEAi10qAMEAi2K6DAMAwQCLY5cAwQCLY5gAwQCLZWUAwQDOmGAMAsD
BAM6YegDAwE6YAMEAD4DHQMEAD5EWwMEAD5qXDAMAwQBRV4KAwQBRV4MAwQDTVFo
AwQAThjOMAwDBABOigEDBABOigIDBABOihkDBABOiigwDAMEAE6KLwMEAE6KMAME
AE6KMgMEAFJhxwMEAlPlTAMEAlPlaAMEA1Qn4AMEBVVZwAMEAFZoEwMEAlkTKAME
AVkiTgMEAVkmhAMEAFks1QMEA1kumAMEAFn5MwMEAln5OAMEAlvF/AMEAFvJawME
AFv16wMEAlwrVAMEAFx2bAMEAV1xfAMEBF1yAAMEAV1zDAMEBF20wAMEBF204AME
BF6wcAMEAV6xOAMEAl/XJAMEAmc/4DAMAwQAZ3HhAwQCZ3HgMAwDBABn2v0DBABn
2v4DBAFopxYDBAV3DcADBAN5W1ADBAKKfJADBAKWgVwDBAKwdVQDBACwdsMDBAOw
dwgDBAGy++wDBAC5JmYDBAC5WvMDBAK5fcADBAG5g9wDBAC53zgDBAC58PwDBAG5
8P4DBAO8X5gDBAK8d3QDBADBo2UDBADBqa8DBADByyQDBADByycDBADBy38DBADC
kXYDBAHCkdwDBAHCuzIDBADC8hcDBADDDmIDBATKUdADBALKtRQDBALLbTQDBAHL
ppwDBAXRFKADBADUFWYDBADULoADBADULoUDBADULooDBAHULo4DBADULpEDBADU
LpUDBADULp8DBADZxWcwDQYJKoZIhvcNAQELBQADggEBAFYIBa/L0lY5/lIN7acu
JhNCnaPTv0PjSJ5llBl2z1pbyPA71LEa2bL7vYmmafRWgCPa0/hDQtYhlC2p8jlI
m2ZN2E8+oMRO5o5ahXLvrWdLib/1vsb7U9D5VPpGU6SCsxEsqGZ3/+3bGTzxohnR
h1ieOvuWbdS9k+2Y37rm5i6tkMGzy2fstpUQnVhApUO3FzWbR7RZ5vxk/QgGrVV+
PFpxrRYI1+3QeWI7NOC8boEVyIQyfuZzWlAmWcRRRRKPfA1x+DhVB4E8ri7ZmOpk
rH1kQqCHZVO86oeEbz8aPZByusdFL+1JL1GW4sBf1BfbLSkqXSVhE3BKEECGlboi
LZI=
-----END CERTIFICATE-----
Generated at Sat Aug 23 15:50:04 2025 by rpki-client