Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iwOiPBbtli-OCRwHWLmNSpu7mA0.roa
File: iwOiPBbtli-OCRwHWLmNSpu7mA0.roa (raw, json)
Hash identifier: 7v0u6lyS5817p6fvijUYcB9Ss1DNlrvkQV8TCvf4x8g=
Subject key identifier: 8B:03:A2:3C:16:ED:96:2F:8E:09:1C:07:58:B9:8D:4A:9B:BB:98:0D
Certificate issuer: /CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Certificate serial: 019888D78E982F7C02B973B2428F4D891AE1
Authority key identifier: 62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iwOiPBbtli-OCRwHWLmNSpu7mA0.roa
Signing time: Fri 08 Aug 2025 08:41:24 +0000
ROA not before: Fri 08 Aug 2025 08:41:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 209847
IP address blocks: 2.56.117.0/24 maxlen: 24
2.56.118.0/24 maxlen: 24
2.56.119.0/24 maxlen: 24
2.56.120.0/21 maxlen: 24
2.56.172.0/22 maxlen: 24
2.56.176.0/24 maxlen: 24
2.56.177.0/24 maxlen: 24
2.56.179.0/24 maxlen: 24
5.253.40.0/24 maxlen: 24
45.9.17.0/24 maxlen: 24
45.9.18.0/24 maxlen: 24
45.9.19.0/24 maxlen: 24
45.12.108.0/22 maxlen: 24
45.12.129.0/24 maxlen: 24
45.12.130.0/24 maxlen: 24
45.12.131.0/24 maxlen: 24
45.12.132.0/22 maxlen: 24
45.12.136.0/22 maxlen: 24
45.12.140.0/22 maxlen: 24
45.12.144.0/22 maxlen: 24
45.12.149.0/24 maxlen: 24
45.12.150.0/23 maxlen: 24
45.15.126.0/23 maxlen: 24
45.15.140.0/22 maxlen: 24
45.15.145.0/24 maxlen: 24
45.15.146.0/24 maxlen: 24
45.15.154.0/24 maxlen: 24
45.15.155.0/24 maxlen: 24
45.15.160.0/22 maxlen: 24
45.15.164.0/22 maxlen: 24
45.15.168.0/22 maxlen: 24
45.15.176.0/24 maxlen: 24
45.15.178.0/23 maxlen: 24
45.15.178.0/24 maxlen: 24
45.15.179.0/24 maxlen: 24
45.15.184.0/22 maxlen: 24
45.15.184.0/24 maxlen: 24
45.82.245.0/24 maxlen: 24
45.82.246.0/24 maxlen: 24
45.82.247.0/24 maxlen: 24
45.82.248.0/21 maxlen: 24
45.83.20.0/22 maxlen: 24
45.83.24.0/24 maxlen: 24
45.83.25.0/24 maxlen: 24
45.83.26.0/24 maxlen: 24
45.83.128.0/22 maxlen: 24
45.83.140.0/22 maxlen: 24
45.83.148.0/24 maxlen: 24
45.83.149.0/24 maxlen: 24
45.86.60.0/22 maxlen: 24
45.86.64.0/24 maxlen: 24
45.86.65.0/24 maxlen: 24
45.86.67.0/24 maxlen: 24
45.86.68.0/24 maxlen: 24
45.86.69.0/24 maxlen: 24
45.86.70.0/24 maxlen: 24
45.86.72.0/24 maxlen: 24
45.86.74.0/24 maxlen: 24
45.86.75.0/24 maxlen: 24
45.88.160.0/22 maxlen: 24
45.88.176.0/24 maxlen: 24
45.88.177.0/24 maxlen: 24
45.88.182.0/23 maxlen: 24
45.89.105.0/24 maxlen: 24
45.89.106.0/24 maxlen: 24
45.89.107.0/24 maxlen: 24
45.89.108.0/22 maxlen: 24
45.89.196.0/24 maxlen: 24
45.92.140.0/22 maxlen: 24
45.92.160.0/22 maxlen: 24
45.92.164.0/22 maxlen: 24
45.92.192.0/24 maxlen: 24
45.92.193.0/24 maxlen: 24
45.92.194.0/24 maxlen: 24
45.128.48.0/22 maxlen: 24
45.128.52.0/24 maxlen: 24
45.128.54.0/24 maxlen: 24
45.128.57.0/24 maxlen: 24
45.128.58.0/24 maxlen: 24
45.128.72.0/24 maxlen: 24
92.118.229.0/24 maxlen: 24
92.118.230.0/24 maxlen: 24
92.118.231.0/24 maxlen: 24
92.118.232.0/24 maxlen: 24
92.118.233.0/24 maxlen: 24
92.118.234.0/24 maxlen: 24
92.118.236.0/22 maxlen: 24
95.214.248.0/22 maxlen: 24
139.28.233.0/24 maxlen: 24
139.28.234.0/24 maxlen: 24
141.98.161.0/24 maxlen: 24
141.98.162.0/24 maxlen: 24
141.98.163.0/24 maxlen: 24
141.98.164.0/22 maxlen: 24
171.22.109.0/24 maxlen: 24
171.22.110.0/24 maxlen: 24
171.22.111.0/24 maxlen: 24
171.22.112.0/22 maxlen: 24
171.22.116.0/23 maxlen: 24
171.22.118.0/24 maxlen: 24
171.22.120.0/24 maxlen: 24
171.22.122.0/24 maxlen: 24
171.22.123.0/24 maxlen: 24
171.22.124.0/22 maxlen: 24
171.22.129.0/24 maxlen: 24
171.22.130.0/24 maxlen: 24
171.22.131.0/24 maxlen: 24
171.22.132.0/24 maxlen: 24
185.106.98.0/23 maxlen: 24
185.153.180.0/22 maxlen: 24
185.156.108.0/22 maxlen: 24
185.161.69.0/24 maxlen: 24
185.161.70.0/24 maxlen: 24
185.166.152.0/22 maxlen: 24
185.203.4.0/22 maxlen: 24
194.76.136.0/22 maxlen: 24
213.59.112.0/24 maxlen: 24
213.59.119.0/24 maxlen: 24
213.59.120.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 14:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:88:d7:8e:98:2f:7c:02:b9:73:b2:42:8f:4d:89:1a:e1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=62fdb67654df6184e7d60c4150ea9533c2cf9704
Validity
Not Before: Aug 8 08:41:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8b03a23c16ed962f8e091c0758b98d4a9bbb980d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a2:da:33:4d:0d:8f:f8:73:27:03:20:34:d4:1a:
b0:b3:cf:68:47:81:39:9e:c1:df:b1:29:ca:e8:8f:
de:f8:8f:3d:9b:4c:a2:ec:dc:37:b8:5b:db:05:19:
d6:97:64:27:62:2d:d6:1a:41:07:78:bd:8c:ba:44:
ea:6b:b1:0a:d4:45:fd:6d:f6:39:26:63:0c:20:4a:
9b:d9:d3:bd:62:1f:09:1c:ad:59:99:9c:8d:44:44:
d2:2c:90:6c:6f:17:8c:24:cf:96:fc:99:01:af:dd:
f2:97:43:09:79:47:2a:a5:88:b7:ca:bb:4b:bd:34:
16:6f:15:19:44:70:f2:7c:5e:af:69:21:1b:ac:3f:
ec:a3:e6:3d:94:80:31:a0:7c:71:9d:b3:b0:5f:02:
75:46:7b:b0:0d:2c:64:21:ba:42:c0:bc:8c:f1:af:
c6:64:8a:6b:46:d3:22:96:19:61:b3:a6:19:0c:e9:
55:81:30:86:ba:55:0a:ff:32:1b:da:5c:5f:24:e9:
20:ec:76:36:0e:bc:8b:b6:f7:17:52:d9:90:ac:5a:
28:10:a4:02:84:e4:bc:61:23:01:06:12:03:6e:cb:
1f:57:37:81:f2:c7:ad:85:ca:c0:29:40:52:c0:a5:
6f:b8:36:41:4f:55:f8:82:63:23:c6:f0:65:a3:a4:
d2:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8B:03:A2:3C:16:ED:96:2F:8E:09:1C:07:58:B9:8D:4A:9B:BB:98:0D
X509v3 Authority Key Identifier:
keyid:62:FD:B6:76:54:DF:61:84:E7:D6:0C:41:50:EA:95:33:C2:CF:97:04
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/iwOiPBbtli-OCRwHWLmNSpu7mA0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b2/704071-8dc0-4ed6-9457-e86121c594df/1/Yv22dlTfYYTn1gxBUOqVM8LPlwQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.56.117.0-2.56.127.255
2.56.172.0-2.56.177.255
2.56.179.0/24
5.253.40.0/24
45.9.17.0-45.9.19.255
45.12.108.0/22
45.12.129.0-45.12.147.255
45.12.149.0-45.12.151.255
45.15.126.0/23
45.15.140.0/22
45.15.145.0-45.15.146.255
45.15.154.0/23
45.15.160.0-45.15.171.255
45.15.176.0/24
45.15.178.0/23
45.15.184.0/22
45.82.245.0-45.82.255.255
45.83.20.0-45.83.26.255
45.83.128.0/22
45.83.140.0/22
45.83.148.0/23
45.86.60.0-45.86.65.255
45.86.67.0-45.86.70.255
45.86.72.0/24
45.86.74.0/23
45.88.160.0/22
45.88.176.0/23
45.88.182.0/23
45.89.105.0-45.89.111.255
45.89.196.0/24
45.92.140.0/22
45.92.160.0/21
45.92.192.0-45.92.194.255
45.128.48.0-45.128.52.255
45.128.54.0/24
45.128.57.0-45.128.58.255
45.128.72.0/24
92.118.229.0-92.118.234.255
92.118.236.0/22
95.214.248.0/22
139.28.233.0-139.28.234.255
141.98.161.0-141.98.167.255
171.22.109.0-171.22.118.255
171.22.120.0/24
171.22.122.0-171.22.127.255
171.22.129.0-171.22.132.255
185.106.98.0/23
185.153.180.0/22
185.156.108.0/22
185.161.69.0-185.161.70.255
185.166.152.0/22
185.203.4.0/22
194.76.136.0/22
213.59.112.0/24
213.59.119.0-213.59.120.255
Signature Algorithm: sha256WithRSAEncryption
6f:19:33:cb:74:ef:ee:60:cb:28:94:0d:f8:5f:4c:c2:cf:d2:
1f:7a:9b:3f:a6:a1:64:91:29:e2:b6:ca:be:65:2d:50:af:33:
5a:19:18:65:ba:c9:0a:99:ec:95:b1:b2:e1:13:92:20:fe:cc:
13:00:02:94:bf:09:57:d1:09:b1:0f:4f:c7:95:72:05:f4:45:
11:95:2f:8f:ca:14:e3:26:d1:16:f4:80:0e:f8:d3:c0:84:bb:
ab:90:8a:3f:b0:f7:ec:9e:bf:f9:83:bf:0c:f9:04:54:76:46:
75:10:2e:88:51:9b:c4:3c:c5:d3:b2:b1:59:e4:08:e4:90:eb:
23:45:e8:60:6a:a9:59:6b:f5:1f:47:32:b1:4a:cc:50:bc:41:
f6:c2:c7:ed:1e:47:e3:f4:52:4c:94:98:ed:f8:fb:d9:bb:9d:
19:c5:15:05:a4:5c:e8:76:c5:04:36:da:e9:03:5d:ac:d2:33:
35:2d:01:e8:2e:e8:81:92:7b:7e:c7:95:90:d7:cd:42:42:1d:
b9:6c:c2:05:f5:5b:80:da:43:fb:b8:ad:65:83:2b:07:04:62:
2e:0b:8b:96:95:18:66:76:a5:7a:79:89:94:bb:0b:f5:3e:3a:
46:a6:9a:9a:6b:91:6f:bb:90:a7:24:8e:8a:56:f7:00:27:69:
3b:8e:94:4e
-----BEGIN CERTIFICATE-----
MIIHAjCCBeqgAwIBAgISAZiI146YL3wCuXOyQo9NiRrhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYyZmRiNjc2NTRkZjYxODRlN2Q2MGM0MTUwZWE5NTMzYzJj
Zjk3MDQwHhcNMjUwODA4MDg0MTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YjAzYTIzYzE2ZWQ5NjJmOGUwOTFjMDc1OGI5OGQ0YTliYmI5ODBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAotozTQ2P+HMnAyA01Bqws89oR4E5
nsHfsSnK6I/e+I89m0yi7Nw3uFvbBRnWl2QnYi3WGkEHeL2MukTqa7EK1EX9bfY5
JmMMIEqb2dO9Yh8JHK1ZmZyNRETSLJBsbxeMJM+W/JkBr93yl0MJeUcqpYi3yrtL
vTQWbxUZRHDyfF6vaSEbrD/so+Y9lIAxoHxxnbOwXwJ1RnuwDSxkIbpCwLyM8a/G
ZIprRtMilhlhs6YZDOlVgTCGulUK/zIb2lxfJOkg7HY2DryLtvcXUtmQrFooEKQC
hOS8YSMBBhIDbssfVzeB8sethcrAKUBSwKVvuDZBT1X4gmMjxvBlo6TS0QIDAQAB
o4IEDjCCBAowHQYDVR0OBBYEFIsDojwW7ZYvjgkcB1i5jUqbu5gNMB8GA1UdIwQY
MBaAFGL9tnZU32GE59YMQVDqlTPCz5cEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTct
ZTg2MTIxYzU5NGRmLzEvaXdPaVBCYnRsaS1PQ1J3SFdMbU5TcHU3bUEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMi83MDQwNzEtOGRjMC00ZWQ2LTk0NTctZTg2MTIxYzU5NGRm
LzEvWXYyMmRsVGZZWVRuMWd4QlVPcVZNOExQbHdRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICIgYIKwYBBQUHAQcBAf8EggIRMIICDTCCAgkEAgABMIIC
ATAMAwQAAjh1AwQHAjgAMAwDBAICOKwDBAECOLADBAACOLMDBAAF/SgwDAMEAC0J
EQMEAi0JEAMEAi0MbDAMAwQALQyBAwQCLQyQMAwDBAAtDJUDBAMtDJADBAEtD34D
BAItD4wwDAMEAC0PkQMEAC0PkgMEAS0PmjAMAwQFLQ+gAwQCLQ+oAwQALQ+wAwQB
LQ+yAwQCLQ+4MAsDBAAtUvUDAwAtUjAMAwQCLVMUAwQALVMaAwQCLVOAAwQCLVOM
AwQBLVOUMAwDBAItVjwDBAEtVkAwDAMEAC1WQwMEAC1WRgMEAC1WSAMEAS1WSgME
Ai1YoAMEAS1YsAMEAS1YtjAMAwQALVlpAwQELVlgAwQALVnEAwQCLVyMAwQDLVyg
MAwDBAYtXMADBAAtXMIwDAMEBC2AMAMEAC2ANAMEAC2ANjAMAwQALYA5AwQALYA6
AwQALYBIMAwDBABcduUDBABcduoDBAJcduwDBAJf1vgwDAMEAIsc6QMEAIsc6jAM
AwQAjWKhAwQDjWKgMAwDBACrFm0DBACrFnYDBACrFngwDAMEAasWegMEB6sWADAM
AwQAqxaBAwQAqxaEAwQBuWpiAwQCuZm0AwQCuZxsMAwDBAC5oUUDBAC5oUYDBAK5
ppgDBAK5ywQDBALCTIgDBADVO3AwDAMEANU7dwMEANU7eDANBgkqhkiG9w0BAQsF
AAOCAQEAbxkzy3Tv7mDLKJQN+F9Mws/SH3qbP6ahZJEp4rbKvmUtUK8zWhkYZbrJ
CpnslbGy4ROSIP7MEwAClL8JV9EJsQ9Px5VyBfRFEZUvj8oU4ybRFvSADvjTwIS7
q5CKP7D37J6/+YO/DPkEVHZGdRAuiFGbxDzF07KxWeQI5JDrI0XoYGqpWWv1H0cy
sUrMULxB9sLH7R5H4/RSTJSY7fj72budGcUVBaRc6HbFBDba6QNdrNIzNS0B6C7o
gZJ7fseVkNfNQkIduWzCBfVbgNpD+7itZYMrBwRiLguLlpUYZnalenmJlLsL9T46
RqaammuRb7uQpySOilb3ACdpO46UTg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 19:02:56 2025 by rpki-client