
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sA7wch0nct8RRso9DXSP98YUL-E.roa
File: sA7wch0nct8RRso9DXSP98YUL-E.roa (raw, json)
Hash identifier: dvnlxnbiJr4Msf06JMyg+yRUZP0NFaueGSdO5cAvxsI=
Subject key identifier: B0:0E:F0:72:1D:27:72:DF:11:46:CA:3D:0D:74:8F:F7:C6:14:2F:E1
Certificate issuer: /CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Certificate serial: 01999FCEEE21204D939031C3F2CAAE7820AB
Authority key identifier: 92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sA7wch0nct8RRso9DXSP98YUL-E.roa
Signing time: Wed 01 Oct 2025 12:46:02 +0000
ROA not before: Wed 01 Oct 2025 12:46:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31205
IP address blocks: 31.173.240.0/23 maxlen: 23
31.173.242.0/23 maxlen: 23
31.173.244.0/22 maxlen: 22
37.29.86.0/23 maxlen: 23
46.232.200.0/24 maxlen: 24
46.232.202.0/23 maxlen: 23
78.25.92.0/23 maxlen: 23
78.25.94.0/23 maxlen: 23
83.149.48.0/24 maxlen: 24
83.149.49.0/24 maxlen: 24
83.149.50.0/24 maxlen: 24
83.149.51.0/24 maxlen: 24
83.169.248.0/22 maxlen: 22
83.169.252.0/22 maxlen: 22
85.26.224.0/24 maxlen: 24
85.26.226.0/24 maxlen: 24
85.26.227.0/24 maxlen: 24
85.26.228.0/24 maxlen: 24
85.26.229.0/24 maxlen: 24
85.26.230.0/24 maxlen: 24
85.26.231.0/24 maxlen: 24
128.204.66.0/24 maxlen: 24
128.204.67.0/24 maxlen: 24
178.176.48.0/24 maxlen: 24
178.176.240.0/22 maxlen: 22
178.176.244.0/22 maxlen: 22
178.177.208.0/21 maxlen: 21
178.178.207.0/24 maxlen: 24
185.210.140.0/23 maxlen: 23
185.210.142.0/23 maxlen: 23
188.162.0.0/24 maxlen: 24
188.162.1.0/24 maxlen: 24
188.162.2.0/23 maxlen: 23
188.162.4.0/22 maxlen: 22
188.162.8.0/23 maxlen: 23
188.162.10.0/23 maxlen: 23
188.162.12.0/23 maxlen: 23
188.162.14.0/23 maxlen: 23
188.162.72.0/22 maxlen: 22
188.162.76.0/23 maxlen: 23
188.162.78.0/24 maxlen: 24
188.162.79.0/24 maxlen: 24
188.162.80.0/24 maxlen: 24
188.162.81.0/24 maxlen: 24
188.162.82.0/24 maxlen: 24
188.162.83.0/24 maxlen: 24
188.162.84.0/24 maxlen: 24
188.162.85.0/24 maxlen: 24
188.162.86.0/24 maxlen: 24
188.162.87.0/24 maxlen: 24
188.162.88.0/24 maxlen: 24
188.162.89.0/24 maxlen: 24
188.162.90.0/23 maxlen: 23
188.162.92.0/22 maxlen: 22
188.170.240.0/22 maxlen: 22
188.170.247.0/24 maxlen: 24
2a03:d000:6400::/40 maxlen: 40
2a03:d000:6500::/40 maxlen: 40
2a03:d000:67fe::/48 maxlen: 48
2a03:d000:67ff::/48 maxlen: 48
2a03:d000:6802::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9f:ce:ee:21:20:4d:93:90:31:c3:f2:ca:ae:78:20:ab
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=92d7c2a1072d73507adbf6507de68aaac01785c0
Validity
Not Before: Oct 1 12:46:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b00ef0721d2772df1146ca3d0d748ff7c6142fe1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:2a:a7:f0:d0:e1:ab:e5:f3:7e:f4:3a:95:37:
34:b3:e4:48:88:81:fa:56:c4:da:bf:80:c4:3a:64:
86:d8:df:f8:c9:d4:a5:5f:d5:43:9f:c0:45:e3:98:
29:2c:66:6d:32:54:37:12:64:87:86:d6:b5:de:4b:
79:48:c8:60:a5:dd:0b:72:4b:dc:b9:89:85:ed:48:
dc:c2:8c:8c:88:b7:f1:e4:01:01:b4:5b:c2:96:50:
67:59:fe:5d:5f:c0:72:54:6f:8e:2f:d3:59:46:6a:
55:f1:2c:d6:a5:6c:29:dd:fa:a2:3c:65:1c:aa:dd:
7a:4a:04:97:1f:a1:e3:50:74:55:de:d5:90:6c:b2:
8f:e1:05:48:36:d7:37:e8:40:25:51:4a:24:48:64:
3e:5f:15:de:a3:2c:82:3a:80:38:e6:3f:7a:0b:68:
56:85:7d:9e:ff:16:65:2d:ba:a9:22:8d:a4:cd:a7:
99:3b:bb:00:cc:74:fe:23:95:9d:d0:30:44:b5:15:
a7:44:4e:9e:3d:26:f5:9d:c8:07:89:c6:73:4d:64:
61:f5:9d:3b:b4:80:d8:a4:fc:bc:09:55:64:d9:75:
c4:e8:d2:db:17:d7:5c:8a:b0:d1:e4:5d:66:43:bd:
cd:dc:d5:d2:e0:56:1c:4e:44:d6:33:76:86:04:f7:
fb:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B0:0E:F0:72:1D:27:72:DF:11:46:CA:3D:0D:74:8F:F7:C6:14:2F:E1
X509v3 Authority Key Identifier:
keyid:92:D7:C2:A1:07:2D:73:50:7A:DB:F6:50:7D:E6:8A:AA:C0:17:85:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ktfCoQctc1B62_ZQfeaKqsAXhcA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/sA7wch0nct8RRso9DXSP98YUL-E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c7/9cff7c-f05a-4e02-bea7-89e56c80d1d0/1/ktfCoQctc1B62_ZQfeaKqsAXhcA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.173.240.0/21
37.29.86.0/23
46.232.200.0/24
46.232.202.0/23
78.25.92.0/22
83.149.48.0/22
83.169.248.0/21
85.26.224.0/24
85.26.226.0-85.26.231.255
128.204.66.0/23
178.176.48.0/24
178.176.240.0/21
178.177.208.0/21
178.178.207.0/24
185.210.140.0/22
188.162.0.0/20
188.162.72.0-188.162.95.255
188.170.240.0/22
188.170.247.0/24
IPv6:
2a03:d000:6400::/39
2a03:d000:67fe::/47
2a03:d000:6802::/48
Signature Algorithm: sha256WithRSAEncryption
a8:04:09:ee:e9:17:25:9e:a4:0a:73:43:d7:d6:49:5e:96:fc:
1e:22:c0:4c:5f:6a:ef:23:65:51:21:90:45:8e:b3:4d:a0:3f:
89:48:9a:ea:f0:a4:6a:72:81:32:53:48:df:84:c0:fa:56:78:
cd:9f:7b:82:6c:6e:56:1f:28:5c:eb:cd:e1:ba:83:05:c1:14:
9c:7c:5b:38:0e:8d:1d:06:12:cf:b8:df:d6:a7:f2:9b:8f:11:
a9:2a:0d:c1:9c:9a:84:e4:13:82:53:1c:2b:ce:66:e1:53:c3:
63:75:dd:87:98:d6:22:c0:ae:3e:db:2b:b4:dd:82:b9:43:82:
b9:bd:6b:7d:d3:26:77:d4:b4:b4:68:7c:ed:3f:1a:22:60:6e:
5d:22:13:06:04:98:c6:a8:67:50:3e:db:a6:ea:db:b0:96:e0:
a8:a5:33:1a:ee:c4:80:cb:ec:f4:06:a6:9d:b7:fb:b4:11:dd:
49:0d:45:aa:e8:95:64:f6:f3:86:cb:c9:ab:d0:40:bc:a9:0e:
b5:a8:31:a1:27:00:a7:6a:29:91:71:08:60:d9:19:6e:66:b5:
9b:ea:2e:30:8f:ac:4a:fe:0a:d4:24:7d:80:46:c9:df:aa:65:
e2:d2:2f:cc:9b:63:73:55:72:aa:f3:eb:4b:87:e8:21:7b:f7:
05:22:7c:03
-----BEGIN CERTIFICATE-----
MIIFoDCCBIigAwIBAgISAZmfzu4hIE2TkDHD8squeCCrMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyZDdjMmExMDcyZDczNTA3YWRiZjY1MDdkZTY4YWFhYzAx
Nzg1YzAwHhcNMjUxMDAxMTI0NjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiMDBlZjA3MjFkMjc3MmRmMTE0NmNhM2QwZDc0OGZmN2M2MTQyZmUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvSqn8NDhq+XzfvQ6lTc0s+RIiIH6
VsTav4DEOmSG2N/4ydSlX9VDn8BF45gpLGZtMlQ3EmSHhta13kt5SMhgpd0Lckvc
uYmF7UjcwoyMiLfx5AEBtFvCllBnWf5dX8ByVG+OL9NZRmpV8SzWpWwp3fqiPGUc
qt16SgSXH6HjUHRV3tWQbLKP4QVINtc36EAlUUokSGQ+XxXeoyyCOoA45j96C2hW
hX2e/xZlLbqpIo2kzaeZO7sAzHT+I5Wd0DBEtRWnRE6ePSb1ncgHicZzTWRh9Z07
tIDYpPy8CVVk2XXE6NLbF9dcirDR5F1mQ73N3NXS4FYcTkTWM3aGBPf7mwIDAQAB
o4ICrDCCAqgwHQYDVR0OBBYEFLAO8HIdJ3LfEUbKPQ10j/fGFC/hMB8GA1UdIwQY
MBaAFJLXwqEHLXNQetv2UH3miqrAF4XAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTct
ODllNTZjODBkMWQwLzEvc0E3d2NoMG5jdDhSUnNvOURYU1A5OFlVTC1FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jNy85Y2ZmN2MtZjA1YS00ZTAyLWJlYTctODllNTZjODBkMWQw
LzEva3RmQ29RY3RjMUI2Ml9aUWZlYUtxc0FYaGNBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHBBggrBgEFBQcBBwEB/wSBsTCBrjCBiQQCAAEwgYIDBAMf
rfADBAElHVYDBAAu6MgDBAEu6MoDBAJOGVwDBAJTlTADBANTqfgDBABVGuAwDAME
AVUa4gMEA1Ua4AMEAYDMQgMEALKwMAMEA7Kw8AMEA7Kx0AMEALKyzwMEArnSjAME
BLyiADAMAwQDvKJIAwQFvKJAAwQCvKrwAwQAvKr3MCAEAgACMBoDBgEqA9AAZAMH
ASoD0ABn/gMHACoD0ABoAjANBgkqhkiG9w0BAQsFAAOCAQEAqAQJ7ukXJZ6kCnND
19ZJXpb8HiLATF9q7yNlUSGQRY6zTaA/iUia6vCkanKBMlNI34TA+lZ4zZ97gmxu
Vh8oXOvN4bqDBcEUnHxbOA6NHQYSz7jf1qfym48RqSoNwZyahOQTglMcK85m4VPD
Y3Xdh5jWIsCuPtsrtN2CuUOCub1rfdMmd9S0tGh87T8aImBuXSITBgSYxqhnUD7b
purbsJbgqKUzGu7EgMvs9Aamnbf7tBHdSQ1FquiVZPbzhsvJq9BAvKkOtagxoScA
p2opkXEIYNkZbma1m+ouMI+sSv4K1CR9gEbJ36pl4tIvzJtjc1VyqvPrS4foIXv3
BSJ8Aw==
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:52:43 2025 by rpki-client