Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/Rwa55-aiWzleQi1HsBZSagHTLqo.roa
File: Rwa55-aiWzleQi1HsBZSagHTLqo.roa (raw, json)
Hash identifier: 0rSyRYL0K47FYUV+DhbsOlxazMDwyVqW5IEzSPcxljc=
Subject key identifier: 47:06:B9:E7:E6:A2:5B:39:5E:42:2D:47:B0:16:52:6A:01:D3:2E:AA
Certificate issuer: /CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Certificate serial: 0199C7EEC59A0C82D977615075B4537F96CE
Authority key identifier: 99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/Rwa55-aiWzleQi1HsBZSagHTLqo.roa
Signing time: Thu 09 Oct 2025 07:45:38 +0000
ROA not before: Thu 09 Oct 2025 07:45:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44407
IP address blocks: 37.140.224.0/21 maxlen: 21
37.157.56.0/22 maxlen: 24
45.81.80.0/22 maxlen: 22
45.87.56.0/22 maxlen: 22
45.132.248.0/22 maxlen: 24
45.148.108.0/22 maxlen: 22
45.156.228.0/22 maxlen: 22
46.247.224.0/19 maxlen: 19
62.244.78.0/23 maxlen: 24
62.244.94.0/23 maxlen: 23
62.244.108.0/22 maxlen: 24
62.244.116.0/24 maxlen: 24
62.244.118.0/24 maxlen: 24
62.244.124.0/22 maxlen: 24
79.132.144.0/20 maxlen: 20
80.240.160.0/20 maxlen: 20
85.112.192.0/19 maxlen: 19
86.105.88.0/21 maxlen: 21
86.107.248.0/21 maxlen: 21
89.35.208.0/21 maxlen: 21
89.43.156.0/22 maxlen: 24
93.190.208.0/21 maxlen: 24
93.190.212.0/22 maxlen: 22
185.16.48.0/22 maxlen: 22
185.102.176.0/22 maxlen: 24
185.176.176.0/22 maxlen: 22
185.181.152.0/22 maxlen: 22
185.183.60.0/22 maxlen: 22
185.183.64.0/22 maxlen: 22
185.183.252.0/22 maxlen: 22
185.184.4.0/22 maxlen: 22
185.198.224.0/22 maxlen: 22
185.204.252.0/22 maxlen: 22
185.209.140.0/22 maxlen: 22
185.223.148.0/22 maxlen: 22
185.243.120.0/22 maxlen: 22
194.36.192.0/22 maxlen: 22
195.123.7.0/24 maxlen: 24
195.177.108.0/22 maxlen: 22
217.26.192.0/20 maxlen: 20
2001:4000::/32 maxlen: 32
2a0a:1c80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c7:ee:c5:9a:0c:82:d9:77:61:50:75:b4:53:7f:96:ce
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=996721831afb8b38307b49f5b9ee6292ad1e5850
Validity
Not Before: Oct 9 07:45:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4706b9e7e6a25b395e422d47b016526a01d32eaa
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:b2:17:c2:59:e7:7a:8b:66:74:fd:4e:93:b5:
cc:6d:2b:23:50:16:d5:a1:a7:60:10:e1:14:9c:f1:
9b:1e:34:33:b4:2f:4c:d9:31:ca:ab:58:44:5e:6c:
5f:09:55:a1:fe:0d:e5:11:f2:67:e4:cf:3e:53:5e:
6f:65:aa:c3:df:56:81:08:56:69:43:fa:94:8b:41:
17:8e:b6:d4:0e:2c:c5:80:3f:72:eb:74:60:a3:61:
8a:77:2a:09:26:16:68:a1:3c:16:f4:ef:81:9d:43:
d5:66:14:ea:47:e4:3c:a0:e5:fe:d0:08:5f:fd:0a:
89:0a:8a:c8:03:89:77:25:cc:1e:b4:5a:9f:b7:d0:
db:38:01:6b:2c:be:b9:0b:63:bf:75:ab:77:58:2f:
80:2b:51:03:9f:2b:18:59:f4:67:41:8f:f9:3b:48:
66:b6:f8:41:26:a1:d1:23:34:38:aa:64:d9:48:4c:
b6:cf:88:7d:f8:d8:c9:49:47:e7:62:40:13:8c:c1:
d0:71:c1:d3:b7:5a:32:9c:5e:f3:d5:2d:06:6b:96:
63:32:53:8a:0d:72:22:75:6c:6a:ce:4f:f1:2d:c9:
f3:6f:fb:c2:15:cf:25:04:06:c1:48:0a:f1:b0:9a:
62:69:cf:77:ac:1f:5e:80:fd:a5:97:54:66:76:49:
78:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
47:06:B9:E7:E6:A2:5B:39:5E:42:2D:47:B0:16:52:6A:01:D3:2E:AA
X509v3 Authority Key Identifier:
keyid:99:67:21:83:1A:FB:8B:38:30:7B:49:F5:B9:EE:62:92:AD:1E:58:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mWchgxr7izgwe0n1ue5ikq0eWFA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/Rwa55-aiWzleQi1HsBZSagHTLqo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b5/1c1eb2-1f65-4f71-8b32-b4bfe456dde0/1/mWchgxr7izgwe0n1ue5ikq0eWFA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.140.224.0/21
37.157.56.0/22
45.81.80.0/22
45.87.56.0/22
45.132.248.0/22
45.148.108.0/22
45.156.228.0/22
46.247.224.0/19
62.244.78.0/23
62.244.94.0/23
62.244.108.0/22
62.244.116.0/24
62.244.118.0/24
62.244.124.0/22
79.132.144.0/20
80.240.160.0/20
85.112.192.0/19
86.105.88.0/21
86.107.248.0/21
89.35.208.0/21
89.43.156.0/22
93.190.208.0/21
185.16.48.0/22
185.102.176.0/22
185.176.176.0/22
185.181.152.0/22
185.183.60.0-185.183.67.255
185.183.252.0/22
185.184.4.0/22
185.198.224.0/22
185.204.252.0/22
185.209.140.0/22
185.223.148.0/22
185.243.120.0/22
194.36.192.0/22
195.123.7.0/24
195.177.108.0/22
217.26.192.0/20
IPv6:
2001:4000::/32
2a0a:1c80::/29
Signature Algorithm: sha256WithRSAEncryption
5a:7f:54:4d:b5:e9:82:3f:b1:7e:0e:c2:f8:44:a3:d3:fe:d1:
72:db:3f:ed:c3:6a:92:c9:27:8f:a9:73:81:2b:e6:de:e8:6d:
0c:62:66:e8:89:e8:84:2a:a4:df:b1:e1:86:9b:dc:e9:53:30:
16:b5:23:c2:4b:df:27:92:64:46:29:58:20:bc:71:59:9a:55:
2f:50:24:aa:f2:37:ce:36:85:65:8a:c1:fb:c1:1c:3b:63:07:
f4:3f:33:da:38:48:c4:ff:e4:7e:f9:b9:c2:89:8b:2d:0a:62:
39:81:61:65:a1:37:24:1c:e1:75:69:46:4b:10:cd:7d:61:b1:
61:ee:e0:99:70:74:fe:e5:1e:a9:98:f7:aa:80:e0:ea:dc:15:
7b:a1:8d:4b:26:d0:87:8c:45:0f:fc:55:47:0d:fc:2c:cd:57:
07:ec:c6:ef:ae:d5:cc:f3:d1:aa:2b:41:e7:a2:78:1e:53:6c:
62:83:4a:c7:f4:99:79:c2:5e:59:4e:6d:5e:8c:a4:84:a2:d0:
e7:39:3d:e5:d3:c8:c1:5b:9c:30:20:84:a0:ad:50:08:26:1e:
0f:28:f0:57:c1:6c:85:04:b7:1f:02:c4:89:b0:d3:09:b4:87:
59:a7:a6:e5:a6:f2:f4:e8:df:8c:06:a0:d4:24:19:56:78:8d:
0b:ab:cc:aa
-----BEGIN CERTIFICATE-----
MIIGATCCBOmgAwIBAgISAZnH7sWaDILZd2FQdbRTf5bOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5NjcyMTgzMWFmYjhiMzgzMDdiNDlmNWI5ZWU2MjkyYWQx
ZTU4NTAwHhcNMjUxMDA5MDc0NTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0NzA2YjllN2U2YTI1YjM5NWU0MjJkNDdiMDE2NTI2YTAxZDMyZWFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAr7IXwlnneotmdP1Ok7XMbSsjUBbV
oadgEOEUnPGbHjQztC9M2THKq1hEXmxfCVWh/g3lEfJn5M8+U15vZarD31aBCFZp
Q/qUi0EXjrbUDizFgD9y63Rgo2GKdyoJJhZooTwW9O+BnUPVZhTqR+Q8oOX+0Ahf
/QqJCorIA4l3JcwetFqft9DbOAFrLL65C2O/dat3WC+AK1EDnysYWfRnQY/5O0hm
tvhBJqHRIzQ4qmTZSEy2z4h9+NjJSUfnYkATjMHQccHTt1oynF7z1S0Ga5ZjMlOK
DXIidWxqzk/xLcnzb/vCFc8lBAbBSArxsJpiac93rB9egP2ll1Rmdkl4EwIDAQAB
o4IDDTCCAwkwHQYDVR0OBBYEFEcGuefmols5XkItR7AWUmoB0y6qMB8GA1UdIwQY
MBaAFJlnIYMa+4s4MHtJ9bnuYpKtHlhQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzIt
YjRiZmU0NTZkZGUwLzEvUndhNTUtYWlXemxlUWkxSHNCWlNhZ0hUTHFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNS8xYzFlYjItMWY2NS00ZjcxLThiMzItYjRiZmU0NTZkZGUw
LzEvbVdjaGd4cjdpemd3ZTBuMXVlNWlrcTBlV0ZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBIQYIKwYBBQUHAQcBAf8EggEQMIIBDDCB8wQCAAEwgewD
BAMljOADBAIlnTgDBAItUVADBAItVzgDBAIthPgDBAItlGwDBAItnOQDBAUu9+AD
BAE+9E4DBAE+9F4DBAI+9GwDBAA+9HQDBAA+9HYDBAI+9HwDBARPhJADBARQ8KAD
BAVVcMADBANWaVgDBANWa/gDBANZI9ADBAJZK5wDBANdvtADBAK5EDADBAK5ZrAD
BAK5sLADBAK5tZgwDAMEArm3PAMEArm3QAMEArm3/AMEArm4BAMEArnG4AMEArnM
/AMEArnRjAMEArnflAMEArnzeAMEAsIkwAMEAMN7BwMEAsOxbAMEBNkawDAUBAIA
AjAOAwUAIAFAAAMFAyoKHIAwDQYJKoZIhvcNAQELBQADggEBAFp/VE216YI/sX4O
wvhEo9P+0XLbP+3DapLJJ4+pc4Er5t7obQxiZuiJ6IQqpN+x4Yab3OlTMBa1I8JL
3yeSZEYpWCC8cVmaVS9QJKryN842hWWKwfvBHDtjB/Q/M9o4SMT/5H75ucKJiy0K
YjmBYWWhNyQc4XVpRksQzX1hsWHu4JlwdP7lHqmY96qA4OrcFXuhjUsm0IeMRQ/8
VUcN/CzNVwfsxu+u1czz0aorQeeieB5TbGKDSsf0mXnCXllObV6MpISi0Oc5PeXT
yMFbnDAghKCtUAgmHg8o8FfBbIUEtx8CxImw0wm0h1mnpuWm8vTo34wGoNQkGVZ4
jQurzKo=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:49:47 2025 by rpki-client