Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/rs3QsPsHlsBpGFryEniS5F-rFKM.roa
File: rs3QsPsHlsBpGFryEniS5F-rFKM.roa (raw, json)
Hash identifier: uza7cbZYkw9jxsYyz9IG80EDDRIvaXUPD6ooUwx/5Rc=
Subject key identifier: AE:CD:D0:B0:FB:07:96:C0:69:18:5A:F2:12:78:92:E4:5F:AB:14:A3
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 019874B533AAA42F5BC9D4F00B70FAAD2B21
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/rs3QsPsHlsBpGFryEniS5F-rFKM.roa
Signing time: Mon 04 Aug 2025 10:51:29 +0000
ROA not before: Mon 04 Aug 2025 10:51:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 5089
IP address blocks: 62.30.0.0/15 maxlen: 15
62.30.0.0/16 maxlen: 16
62.31.0.0/16 maxlen: 16
62.252.0.0/14 maxlen: 18
62.252.0.0/17 maxlen: 17
62.252.0.0/18 maxlen: 18
62.252.64.0/18 maxlen: 18
62.252.128.0/17 maxlen: 17
62.252.128.0/18 maxlen: 18
62.252.192.0/18 maxlen: 18
62.253.0.0/17 maxlen: 17
62.253.128.0/17 maxlen: 17
62.254.0.0/17 maxlen: 17
62.254.0.0/18 maxlen: 18
62.254.64.0/18 maxlen: 18
62.254.128.0/17 maxlen: 17
62.254.128.0/18 maxlen: 18
62.254.192.0/18 maxlen: 18
62.255.0.0/17 maxlen: 17
62.255.0.0/18 maxlen: 18
62.255.64.0/18 maxlen: 18
62.255.128.0/17 maxlen: 17
62.255.128.0/18 maxlen: 18
62.255.192.0/18 maxlen: 18
77.96.0.0/13 maxlen: 13
77.96.0.0/16 maxlen: 16
77.96.0.0/17 maxlen: 17
77.96.128.0/17 maxlen: 17
77.97.0.0/16 maxlen: 16
77.98.0.0/15 maxlen: 15
77.98.0.0/16 maxlen: 16
77.99.0.0/16 maxlen: 16
77.100.0.0/15 maxlen: 15
77.100.0.0/16 maxlen: 16
77.101.0.0/16 maxlen: 16
77.102.0.0/15 maxlen: 15
77.102.0.0/16 maxlen: 16
77.103.0.0/16 maxlen: 16
80.0.0.0/13 maxlen: 17
80.192.0.0/14 maxlen: 14
80.192.0.0/15 maxlen: 15
80.194.0.0/15 maxlen: 15
80.235.128.0/17 maxlen: 17
80.235.128.0/18 maxlen: 18
80.235.192.0/18 maxlen: 18
81.96.0.0/12 maxlen: 12
81.96.0.0/14 maxlen: 14
81.96.0.0/15 maxlen: 15
81.98.0.0/15 maxlen: 15
81.100.0.0/14 maxlen: 14
81.100.0.0/15 maxlen: 15
81.102.0.0/15 maxlen: 15
81.104.0.0/14 maxlen: 14
81.104.0.0/15 maxlen: 15
81.106.0.0/15 maxlen: 15
81.108.0.0/14 maxlen: 14
81.108.0.0/15 maxlen: 15
81.110.0.0/15 maxlen: 15
82.0.0.0/12 maxlen: 12
82.0.0.0/13 maxlen: 13
82.0.0.0/14 maxlen: 14
82.4.0.0/14 maxlen: 14
82.8.0.0/13 maxlen: 13
82.8.0.0/14 maxlen: 14
82.12.0.0/14 maxlen: 14
82.16.0.0/14 maxlen: 14
82.16.0.0/15 maxlen: 15
82.18.0.0/15 maxlen: 15
82.20.0.0/16 maxlen: 16
82.20.0.0/17 maxlen: 17
82.20.128.0/17 maxlen: 17
82.28.0.0/16 maxlen: 16
82.28.0.0/17 maxlen: 17
82.28.128.0/17 maxlen: 17
82.30.0.0/15 maxlen: 15
82.30.0.0/16 maxlen: 16
82.31.0.0/16 maxlen: 16
82.32.0.0/12 maxlen: 12
82.32.0.0/15 maxlen: 15
82.32.0.0/16 maxlen: 16
82.33.0.0/16 maxlen: 16
82.34.0.0/15 maxlen: 15
82.34.0.0/16 maxlen: 16
82.35.0.0/16 maxlen: 16
82.36.0.0/15 maxlen: 15
82.36.0.0/16 maxlen: 16
82.37.0.0/16 maxlen: 16
82.40.0.0/15 maxlen: 15
82.40.0.0/16 maxlen: 16
82.42.0.0/15 maxlen: 15
82.42.0.0/16 maxlen: 16
82.43.0.0/16 maxlen: 16
82.44.0.0/15 maxlen: 15
82.44.0.0/16 maxlen: 16
82.45.0.0/16 maxlen: 16
86.0.0.0/11 maxlen: 11
86.0.0.0/13 maxlen: 13
86.0.0.0/14 maxlen: 14
86.0.0.0/15 maxlen: 15
86.0.0.0/16 maxlen: 16
86.1.0.0/16 maxlen: 16
86.2.0.0/15 maxlen: 15
86.4.0.0/16 maxlen: 16
86.5.0.0/16 maxlen: 16
86.5.0.0/17 maxlen: 17
86.5.128.0/17 maxlen: 17
86.6.0.0/16 maxlen: 16
86.6.0.0/17 maxlen: 17
86.6.128.0/17 maxlen: 17
86.7.0.0/16 maxlen: 16
86.8.0.0/13 maxlen: 13
86.8.0.0/16 maxlen: 16
86.8.0.0/17 maxlen: 17
86.8.128.0/17 maxlen: 17
86.9.0.0/16 maxlen: 16
86.10.0.0/16 maxlen: 16
86.10.0.0/17 maxlen: 17
86.10.128.0/17 maxlen: 17
86.11.0.0/16 maxlen: 16
86.12.0.0/16 maxlen: 16
86.12.0.0/17 maxlen: 17
86.12.128.0/17 maxlen: 17
86.13.0.0/16 maxlen: 16
86.14.0.0/15 maxlen: 15
86.16.0.0/13 maxlen: 13
86.16.0.0/14 maxlen: 14
86.20.0.0/16 maxlen: 16
86.21.0.0/16 maxlen: 16
86.21.0.0/17 maxlen: 17
86.21.128.0/17 maxlen: 17
86.22.0.0/15 maxlen: 15
86.24.0.0/13 maxlen: 13
92.232.0.0/15 maxlen: 15
92.232.0.0/16 maxlen: 16
92.233.0.0/16 maxlen: 16
92.234.0.0/16 maxlen: 16
92.234.0.0/17 maxlen: 17
92.234.128.0/17 maxlen: 17
92.236.0.0/14 maxlen: 14
92.236.0.0/15 maxlen: 15
92.238.0.0/15 maxlen: 15
94.173.0.0/16 maxlen: 16
94.173.0.0/17 maxlen: 17
94.173.128.0/17 maxlen: 17
94.174.0.0/15 maxlen: 15
94.174.0.0/16 maxlen: 16
94.175.0.0/16 maxlen: 16
193.38.64.0/18 maxlen: 18
193.38.64.0/19 maxlen: 19
193.38.96.0/19 maxlen: 19
193.39.32.0/19 maxlen: 19
193.39.48.0/20 maxlen: 20
193.39.64.0/24 maxlen: 24
193.193.96.0/19 maxlen: 19
193.193.112.0/20 maxlen: 20
194.117.128.0/19 maxlen: 19
194.117.128.0/20 maxlen: 20
194.117.144.0/20 maxlen: 20
194.117.146.0/24 maxlen: 24
194.168.0.0/16 maxlen: 16
194.168.0.0/17 maxlen: 17
194.168.128.0/17 maxlen: 17
195.188.0.0/16 maxlen: 16
195.188.0.0/17 maxlen: 17
195.188.128.0/17 maxlen: 17
212.24.64.0/19 maxlen: 19
212.24.64.0/20 maxlen: 20
212.24.80.0/20 maxlen: 20
212.250.0.0/16 maxlen: 16
212.250.0.0/17 maxlen: 17
212.250.128.0/17 maxlen: 17
213.48.0.0/16 maxlen: 16
213.48.0.0/17 maxlen: 17
213.48.0.0/18 maxlen: 18
213.48.64.0/18 maxlen: 18
213.48.128.0/17 maxlen: 17
213.48.128.0/18 maxlen: 18
213.48.192.0/18 maxlen: 18
213.81.0.0/17 maxlen: 17
213.81.0.0/18 maxlen: 18
213.81.64.0/18 maxlen: 18
213.104.0.0/14 maxlen: 14
213.104.0.0/16 maxlen: 16
213.104.0.0/17 maxlen: 17
213.104.128.0/17 maxlen: 17
213.105.0.0/16 maxlen: 16
213.105.0.0/17 maxlen: 17
213.105.128.0/17 maxlen: 17
213.106.0.0/16 maxlen: 16
213.106.0.0/17 maxlen: 17
213.106.128.0/17 maxlen: 17
213.107.0.0/16 maxlen: 16
213.107.0.0/17 maxlen: 17
213.107.128.0/17 maxlen: 17
213.148.32.0/19 maxlen: 19
213.148.32.0/20 maxlen: 20
213.148.48.0/20 maxlen: 20
217.137.0.0/16 maxlen: 16
217.137.0.0/17 maxlen: 17
217.137.128.0/17 maxlen: 17
2a02:8801::/32 maxlen: 32
2a02:8880::/25 maxlen: 25
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:b5:33:aa:a4:2f:5b:c9:d4:f0:0b:70:fa:ad:2b:21
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Aug 4 10:51:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aecdd0b0fb0796c069185af2127892e45fab14a3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:a1:ae:2c:dc:5b:32:34:84:12:d3:bd:bf:94:
11:f9:19:70:aa:8a:dd:25:94:d7:84:15:bb:6c:d1:
ed:13:9f:72:97:5c:95:53:2c:39:63:ba:4d:d9:7e:
bd:e1:11:3b:0e:80:64:39:fd:b2:4b:4a:85:d4:0f:
ca:ce:0a:6c:fc:d9:45:21:20:05:9f:14:66:5f:4a:
11:ac:0c:90:68:19:82:56:2f:0b:88:9c:45:72:9f:
d2:6f:6a:61:d4:e3:30:31:f0:80:65:e9:85:9b:01:
c1:9d:e2:11:17:d7:b5:ad:da:f4:b6:a7:38:65:2a:
1a:43:ae:97:e7:17:07:db:ab:84:f7:06:c5:b6:4b:
ec:7d:30:86:10:23:9e:ed:19:22:1d:5d:1c:85:eb:
f0:f2:00:91:e1:d5:4a:1e:ba:3d:03:9c:15:8a:80:
be:7f:59:76:6b:22:fa:15:e7:05:e3:3c:7c:99:53:
22:d1:3d:c7:dc:e4:70:88:28:85:36:25:19:47:20:
11:b1:40:3c:88:db:08:d3:1f:b4:5e:0f:cb:df:3f:
91:b4:4b:b8:a7:d0:8d:35:41:e7:c7:3d:d6:80:dc:
c7:ca:b5:d7:3b:7d:48:db:35:27:2c:bb:22:d4:1e:
e9:d9:9c:e3:c3:4c:01:5d:e7:f2:d1:d8:91:b7:a1:
b3:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:CD:D0:B0:FB:07:96:C0:69:18:5A:F2:12:78:92:E4:5F:AB:14:A3
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/rs3QsPsHlsBpGFryEniS5F-rFKM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.30.0.0/15
62.252.0.0/14
77.96.0.0/13
80.0.0.0/13
80.192.0.0/14
80.235.128.0/17
81.96.0.0/12
82.0.0.0-82.20.255.255
82.28.0.0/16
82.30.0.0-82.47.255.255
86.0.0.0/11
92.232.0.0-92.234.255.255
92.236.0.0/14
94.173.0.0-94.175.255.255
193.38.64.0/18
193.39.32.0-193.39.64.255
193.193.96.0/19
194.117.128.0/19
194.168.0.0/16
195.188.0.0/16
212.24.64.0/19
212.250.0.0/16
213.48.0.0/16
213.81.0.0/17
213.104.0.0/14
213.148.32.0/19
217.137.0.0/16
IPv6:
2a02:8801::/32
2a02:8880::/25
Signature Algorithm: sha256WithRSAEncryption
43:3a:60:12:88:84:1a:b7:ec:18:d9:63:87:cc:0d:b6:dc:f6:
9d:fc:1b:68:ee:89:6e:f1:fa:79:ed:e8:b6:7a:6c:d0:26:89:
80:00:50:80:90:95:50:0c:ca:39:01:59:cc:28:52:67:c6:e9:
b6:70:98:e1:ae:93:02:22:43:fd:d4:ac:f3:73:aa:af:04:df:
9d:5c:56:77:46:51:39:43:35:b2:5d:46:49:95:17:f6:7e:52:
60:81:40:ec:7d:9e:04:95:47:7b:1a:d6:8c:fa:a1:57:d2:d3:
c4:af:1f:71:18:9d:96:50:f6:29:16:ae:f1:2d:a5:16:b4:ec:
30:e6:a8:0b:37:5e:4e:35:28:85:c0:e4:74:9f:f5:64:47:fd:
ec:d1:25:26:ea:a3:16:82:84:a1:0f:e6:f5:26:66:2f:ed:91:
9b:39:4e:1d:ea:ef:81:7f:4f:d5:8f:b4:c2:25:3d:8e:ae:5f:
83:89:52:5c:b3:60:9a:e5:4d:48:de:24:ba:12:5a:9f:64:67:
cc:1e:0f:0a:50:95:08:d0:9b:a6:07:63:80:2d:02:4e:93:11:
9b:54:d5:49:39:f9:07:a4:13:56:37:ab:7d:c1:16:3f:10:c3:
c4:5e:08:3b:ae:90:9b:a2:79:3f:b2:b9:82:af:d5:a2:de:39:
20:76:05:76
-----BEGIN CERTIFICATE-----
MIIFxDCCBKygAwIBAgISAZh0tTOqpC9bydTwC3D6rSshMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjUwODA0MTA1MTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWNkZDBiMGZiMDc5NmMwNjkxODVhZjIxMjc4OTJlNDVmYWIxNGEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoKGuLNxbMjSEEtO9v5QR+Rlwqord
JZTXhBW7bNHtE59yl1yVUyw5Y7pN2X694RE7DoBkOf2yS0qF1A/Kzgps/NlFISAF
nxRmX0oRrAyQaBmCVi8LiJxFcp/Sb2ph1OMwMfCAZemFmwHBneIRF9e1rdr0tqc4
ZSoaQ66X5xcH26uE9wbFtkvsfTCGECOe7RkiHV0chevw8gCR4dVKHro9A5wVioC+
f1l2ayL6FecF4zx8mVMi0T3H3ORwiCiFNiUZRyARsUA8iNsI0x+0Xg/L3z+RtEu4
p9CNNUHnxz3WgNzHyrXXO31I2zUnLLsi1B7p2Zzjw0wBXefy0diRt6GzdwIDAQAB
o4IC0DCCAswwHQYDVR0OBBYEFK7N0LD7B5bAaRha8hJ4kuRfqxSjMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvcnMzUXNQc0hsc0JwR0ZyeUVuaVM1Ri1yRktNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHlBggrBgEFBQcBBwEB/wSB1TCB0jCBuQQCAAEwgbIDAwE+
HgMDAj78AwMDTWADAwNQAAMDAlDAAwQHUOuAAwMEUWAwCQMCAVIDAwBSFAMDAFIc
MAoDAwFSHgMDBFIgAwMFVgAwCgMDA1zoAwMAXOoDAwJc7DAKAwMAXq0DAwReoAME
BsEmQDAMAwQFwScgAwQAwSdAAwQFwcFgAwQFwnWAAwMAwqgDAwDDvAMEBdQYQAMD
ANT6AwMA1TADBAfVUQADAwLVaAMEBdWUIAMDANmJMBQEAgACMA4DBQAqAogBAwUH
KgKIgDANBgkqhkiG9w0BAQsFAAOCAQEAQzpgEoiEGrfsGNljh8wNttz2nfwbaO6J
bvH6ee3otnps0CaJgABQgJCVUAzKOQFZzChSZ8bptnCY4a6TAiJD/dSs83OqrwTf
nVxWd0ZROUM1sl1GSZUX9n5SYIFA7H2eBJVHexrWjPqhV9LTxK8fcRidllD2KRau
8S2lFrTsMOaoCzdeTjUohcDkdJ/1ZEf97NElJuqjFoKEoQ/m9SZmL+2RmzlOHerv
gX9P1Y+0wiU9jq5fg4lSXLNgmuVNSN4kuhJan2RnzB4PClCVCNCbpgdjgC0CTpMR
m1TVSTn5B6QTVjerfcEWPxDDxF4IO66Qm6J5P7K5gq/Vot45IHYFdg==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:54:28 2025 by rpki-client