Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aAREyOFcWU0cNGACvEMl0ZOAFig.roa
File: aAREyOFcWU0cNGACvEMl0ZOAFig.roa (raw, json)
Hash identifier: Cs3Pgbh88px/pz65kbWergHe3PWaODePXFEqXd4wmEk=
Subject key identifier: 68:04:44:C8:E1:5C:59:4D:1C:34:60:02:BC:43:25:D1:93:80:16:28
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 0199D35AF7C0D20453523A5E33969CD25EE4
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aAREyOFcWU0cNGACvEMl0ZOAFig.roa
Signing time: Sat 11 Oct 2025 12:59:38 +0000
ROA not before: Sat 11 Oct 2025 12:59:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 2.56.117.0/24 maxlen: 24
2.56.118.0/24 maxlen: 24
2.56.119.0/24 maxlen: 24
2.56.120.0/21 maxlen: 24
2.56.122.0/24 maxlen: 24
2.56.172.0/22 maxlen: 24
2.56.176.0/24 maxlen: 24
2.56.177.0/24 maxlen: 24
2.56.179.0/24 maxlen: 24
5.180.24.0/24 maxlen: 24
5.180.30.0/24 maxlen: 24
5.180.45.0/24 maxlen: 24
5.180.55.0/24 maxlen: 24
5.253.40.0/24 maxlen: 24
5.253.41.0/24 maxlen: 24
5.253.43.0/24 maxlen: 24
45.9.17.0/24 maxlen: 24
45.9.18.0/24 maxlen: 24
45.9.19.0/24 maxlen: 24
45.12.108.0/22 maxlen: 24
45.12.129.0/24 maxlen: 24
45.12.130.0/24 maxlen: 24
45.12.131.0/24 maxlen: 24
45.12.132.0/22 maxlen: 24
45.12.136.0/22 maxlen: 24
45.12.140.0/22 maxlen: 24
45.12.144.0/22 maxlen: 24
45.12.149.0/24 maxlen: 24
45.12.150.0/23 maxlen: 24
45.15.126.0/23 maxlen: 24
45.15.140.0/22 maxlen: 24
45.15.144.0/24 maxlen: 24
45.15.145.0/24 maxlen: 24
45.15.146.0/24 maxlen: 24
45.15.154.0/24 maxlen: 24
45.15.155.0/24 maxlen: 24
45.15.160.0/22 maxlen: 24
45.15.164.0/22 maxlen: 24
45.15.168.0/22 maxlen: 24
45.15.176.0/24 maxlen: 24
45.15.178.0/23 maxlen: 24
45.15.178.0/24 maxlen: 24
45.15.179.0/24 maxlen: 24
45.15.184.0/22 maxlen: 24
45.15.184.0/24 maxlen: 24
45.82.245.0/24 maxlen: 24
45.82.246.0/24 maxlen: 24
45.82.247.0/24 maxlen: 24
45.82.248.0/21 maxlen: 24
45.83.20.0/22 maxlen: 24
45.83.24.0/24 maxlen: 24
45.83.25.0/24 maxlen: 24
45.83.26.0/24 maxlen: 24
45.83.128.0/22 maxlen: 24
45.83.140.0/22 maxlen: 24
45.83.148.0/24 maxlen: 24
45.83.149.0/24 maxlen: 24
45.86.60.0/22 maxlen: 24
45.86.64.0/24 maxlen: 24
45.86.65.0/24 maxlen: 24
45.86.67.0/24 maxlen: 24
45.86.68.0/24 maxlen: 24
45.86.69.0/24 maxlen: 24
45.86.70.0/24 maxlen: 24
45.86.72.0/24 maxlen: 24
45.86.74.0/24 maxlen: 24
45.86.75.0/24 maxlen: 24
45.88.160.0/22 maxlen: 24
45.88.176.0/24 maxlen: 24
45.88.177.0/24 maxlen: 24
45.88.182.0/23 maxlen: 24
45.89.105.0/24 maxlen: 24
45.89.106.0/24 maxlen: 24
45.89.107.0/24 maxlen: 24
45.89.108.0/22 maxlen: 24
45.89.196.0/24 maxlen: 24
45.92.140.0/22 maxlen: 24
45.92.160.0/22 maxlen: 24
45.92.164.0/22 maxlen: 24
45.92.192.0/24 maxlen: 24
45.92.193.0/24 maxlen: 24
45.92.194.0/24 maxlen: 24
45.128.48.0/22 maxlen: 24
45.128.52.0/24 maxlen: 24
45.128.54.0/24 maxlen: 24
45.128.57.0/24 maxlen: 24
45.128.58.0/24 maxlen: 24
45.128.72.0/24 maxlen: 24
85.208.108.0/24 maxlen: 24
85.208.109.0/24 maxlen: 24
85.208.110.0/24 maxlen: 24
85.209.153.0/24 maxlen: 24
85.209.154.0/24 maxlen: 24
85.209.195.0/24 maxlen: 24
88.218.93.0/24 maxlen: 24
92.118.229.0/24 maxlen: 24
92.118.230.0/24 maxlen: 24
92.118.231.0/24 maxlen: 24
92.118.232.0/24 maxlen: 24
92.118.233.0/24 maxlen: 24
92.118.234.0/24 maxlen: 24
92.118.236.0/22 maxlen: 24
95.214.248.0/22 maxlen: 24
139.28.233.0/24 maxlen: 24
139.28.234.0/24 maxlen: 24
141.98.161.0/24 maxlen: 24
141.98.162.0/24 maxlen: 24
141.98.163.0/24 maxlen: 24
141.98.164.0/22 maxlen: 24
171.22.109.0/24 maxlen: 24
171.22.110.0/24 maxlen: 24
171.22.111.0/24 maxlen: 24
171.22.112.0/22 maxlen: 24
171.22.116.0/23 maxlen: 24
171.22.118.0/24 maxlen: 24
171.22.120.0/24 maxlen: 24
171.22.122.0/24 maxlen: 24
171.22.123.0/24 maxlen: 24
171.22.124.0/22 maxlen: 24
171.22.129.0/24 maxlen: 24
171.22.130.0/24 maxlen: 24
171.22.131.0/24 maxlen: 24
171.22.132.0/24 maxlen: 24
185.106.98.0/23 maxlen: 24
185.153.180.0/22 maxlen: 24
185.156.108.0/22 maxlen: 24
185.161.69.0/24 maxlen: 24
185.161.70.0/24 maxlen: 24
185.166.152.0/22 maxlen: 24
185.203.4.0/22 maxlen: 24
194.76.136.0/22 maxlen: 24
213.59.112.0/24 maxlen: 24
213.59.119.0/24 maxlen: 24
213.59.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:d3:5a:f7:c0:d2:04:53:52:3a:5e:33:96:9c:d2:5e:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Oct 11 12:59:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=680444c8e15c594d1c346002bc4325d193801628
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:a1:c3:39:b9:db:14:a6:a4:86:1d:0b:79:13:
b3:48:ce:c8:ec:fc:05:45:88:9a:c4:d4:62:3d:0c:
7d:47:4a:e7:be:9d:c0:4d:6f:5b:5a:7f:88:11:fd:
c9:e2:5b:b9:86:84:7b:06:eb:33:aa:1b:f8:91:86:
fd:78:7b:cd:bf:87:d3:e1:5a:33:59:10:9f:20:a0:
41:76:bf:d0:6d:99:54:0b:be:fd:96:0b:64:71:eb:
0b:c8:0f:05:75:5e:55:34:fb:cb:24:3c:19:7c:ad:
6d:d5:0a:33:16:04:6a:0b:00:21:b6:74:b1:db:6e:
30:cd:fb:1d:69:d9:60:50:65:54:5f:fd:52:7f:28:
a8:3c:6a:6d:5e:29:19:39:c4:0d:fd:b5:00:85:2a:
3b:34:a0:3d:c8:ed:b1:b6:31:47:e4:d6:af:2a:f6:
03:8d:cb:d4:d6:1f:74:e9:4a:cc:0d:a1:5d:a7:2e:
47:af:78:e0:57:59:85:b2:be:46:49:74:26:42:fb:
d9:da:0e:53:ca:96:9d:79:dd:04:83:a9:f0:6f:5a:
a0:83:f3:ce:4f:6b:f2:d5:5b:e4:27:a4:a8:2e:b3:
26:22:5b:56:54:dc:75:ab:4e:56:8d:55:48:4a:90:
ad:ac:aa:f0:7a:5f:b8:1b:82:93:2d:2a:ef:60:5e:
11:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
68:04:44:C8:E1:5C:59:4D:1C:34:60:02:BC:43:25:D1:93:80:16:28
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/aAREyOFcWU0cNGACvEMl0ZOAFig.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.117.0-2.56.127.255
2.56.172.0-2.56.177.255
2.56.179.0/24
5.180.24.0/24
5.180.30.0/24
5.180.45.0/24
5.180.55.0/24
5.253.40.0/23
5.253.43.0/24
45.9.17.0-45.9.19.255
45.12.108.0/22
45.12.129.0-45.12.147.255
45.12.149.0-45.12.151.255
45.15.126.0/23
45.15.140.0-45.15.146.255
45.15.154.0/23
45.15.160.0-45.15.171.255
45.15.176.0/24
45.15.178.0/23
45.15.184.0/22
45.82.245.0-45.82.255.255
45.83.20.0-45.83.26.255
45.83.128.0/22
45.83.140.0/22
45.83.148.0/23
45.86.60.0-45.86.65.255
45.86.67.0-45.86.70.255
45.86.72.0/24
45.86.74.0/23
45.88.160.0/22
45.88.176.0/23
45.88.182.0/23
45.89.105.0-45.89.111.255
45.89.196.0/24
45.92.140.0/22
45.92.160.0/21
45.92.192.0-45.92.194.255
45.128.48.0-45.128.52.255
45.128.54.0/24
45.128.57.0-45.128.58.255
45.128.72.0/24
85.208.108.0-85.208.110.255
85.209.153.0-85.209.154.255
85.209.195.0/24
88.218.93.0/24
92.118.229.0-92.118.234.255
92.118.236.0/22
95.214.248.0/22
139.28.233.0-139.28.234.255
141.98.161.0-141.98.167.255
171.22.109.0-171.22.118.255
171.22.120.0/24
171.22.122.0-171.22.127.255
171.22.129.0-171.22.132.255
185.106.98.0/23
185.153.180.0/22
185.156.108.0/22
185.161.69.0-185.161.70.255
185.166.152.0/22
185.203.4.0/22
194.76.136.0/22
213.59.112.0/24
213.59.119.0-213.59.120.255
Signature Algorithm: sha256WithRSAEncryption
92:68:43:d3:6a:22:ee:ea:4e:ff:26:f9:bd:7c:2d:78:67:32:
e0:c2:85:07:61:60:0c:a3:36:72:00:13:e3:d3:3c:f3:dc:d1:
73:0a:1b:a5:85:f5:10:04:3d:bc:22:89:7d:3a:6e:51:45:70:
1c:91:07:9f:7c:64:cd:4a:da:91:66:70:70:e6:37:6c:ad:c8:
cf:b1:74:6f:01:1c:bd:be:38:87:79:08:bd:3a:35:c2:18:47:
92:3b:5f:67:0d:1b:3e:0d:59:56:46:6c:06:fa:88:79:85:54:
f6:49:06:59:b1:cf:4c:e7:58:e4:e6:95:04:ec:ad:4a:92:3c:
ce:9b:23:54:68:32:e6:bb:28:36:78:a6:bf:7d:d5:86:1d:11:
2f:87:0d:76:92:16:8c:35:89:5e:ca:d0:54:cd:f4:4d:ed:3b:
39:cc:4a:58:a5:a4:2f:00:10:39:18:77:7a:a5:3a:52:02:29:
bd:ed:25:ba:4c:8a:45:36:cc:94:2b:72:6f:d1:9a:c2:0a:33:
0e:b7:55:bb:1e:1d:87:49:ef:f6:31:38:d7:fb:97:ad:7a:bd:
30:b2:1e:59:bb:ef:a8:0a:bd:d3:77:f0:27:7c:33:f7:f2:bc:
ca:52:e1:e0:83:2c:f5:95:ef:35:c3:0c:4c:90:64:e9:8d:6c:
38:13:87:06
-----BEGIN CERTIFICATE-----
MIIHQjCCBiqgAwIBAgISAZnTWvfA0gRTUjpeM5ac0l7kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUxMDExMTI1OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ODA0NDRjOGUxNWM1OTRkMWMzNDYwMDJiYzQzMjVkMTkzODAxNjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr6HDObnbFKakhh0LeROzSM7I7PwF
RYiaxNRiPQx9R0rnvp3ATW9bWn+IEf3J4lu5hoR7Buszqhv4kYb9eHvNv4fT4Voz
WRCfIKBBdr/QbZlUC779lgtkcesLyA8FdV5VNPvLJDwZfK1t1QozFgRqCwAhtnSx
224wzfsdadlgUGVUX/1SfyioPGptXikZOcQN/bUAhSo7NKA9yO2xtjFH5NavKvYD
jcvU1h906UrMDaFdpy5Hr3jgV1mFsr5GSXQmQvvZ2g5Typaded0Eg6nwb1qgg/PO
T2vy1VvkJ6SoLrMmIltWVNx1q05WjVVISpCtrKrwel+4G4KTLSrvYF4RZwIDAQAB
o4IETjCCBEowHQYDVR0OBBYEFGgERMjhXFlNHDRgArxDJdGTgBYoMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvYUFSRXlPRmNXVTBjTkdBQ3ZFTWwwWk9BRmlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICYgYIKwYBBQUHAQcBAf8EggJRMIICTTCCAkkEAgABMIIC
QTAMAwQAAjh1AwQHAjgAMAwDBAICOKwDBAECOLADBAACOLMDBAAFtBgDBAAFtB4D
BAAFtC0DBAAFtDcDBAEF/SgDBAAF/SswDAMEAC0JEQMEAi0JEAMEAi0MbDAMAwQA
LQyBAwQCLQyQMAwDBAAtDJUDBAMtDJADBAEtD34wDAMEAi0PjAMEAC0PkgMEAS0P
mjAMAwQFLQ+gAwQCLQ+oAwQALQ+wAwQBLQ+yAwQCLQ+4MAsDBAAtUvUDAwAtUjAM
AwQCLVMUAwQALVMaAwQCLVOAAwQCLVOMAwQBLVOUMAwDBAItVjwDBAEtVkAwDAME
AC1WQwMEAC1WRgMEAC1WSAMEAS1WSgMEAi1YoAMEAS1YsAMEAS1YtjAMAwQALVlp
AwQELVlgAwQALVnEAwQCLVyMAwQDLVygMAwDBAYtXMADBAAtXMIwDAMEBC2AMAME
AC2ANAMEAC2ANjAMAwQALYA5AwQALYA6AwQALYBIMAwDBAJV0GwDBABV0G4wDAME
AFXRmQMEAFXRmgMEAFXRwwMEAFjaXTAMAwQAXHblAwQAXHbqAwQCXHbsAwQCX9b4
MAwDBACLHOkDBACLHOowDAMEAI1ioQMEA41ioDAMAwQAqxZtAwQAqxZ2AwQAqxZ4
MAwDBAGrFnoDBAerFgAwDAMEAKsWgQMEAKsWhAMEAblqYgMEArmZtAMEArmcbDAM
AwQAuaFFAwQAuaFGAwQCuaaYAwQCucsEAwQCwkyIAwQA1TtwMAwDBADVO3cDBADV
O3gwDQYJKoZIhvcNAQELBQADggEBAJJoQ9NqIu7qTv8m+b18LXhnMuDChQdhYAyj
NnIAE+PTPPPc0XMKG6WF9RAEPbwiiX06blFFcByRB598ZM1K2pFmcHDmN2ytyM+x
dG8BHL2+OId5CL06NcIYR5I7X2cNGz4NWVZGbAb6iHmFVPZJBlmxz0znWOTmlQTs
rUqSPM6bI1RoMua7KDZ4pr991YYdES+HDXaSFow1iV7K0FTN9E3tOznMSlilpC8A
EDkYd3qlOlICKb3tJbpMikU2zJQrcm/RmsIKMw63VbseHYdJ7/YxONf7l616vTCy
Hlm776gKvdN38Cd8M/fyvMpS4eCDLPWV7zXDDEyQZOmNbDgThwY=
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:00:11 2025 by rpki-client