Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/YzB4UgH68eIEK1ghiZ0G9CSB7Wc.roa
File: YzB4UgH68eIEK1ghiZ0G9CSB7Wc.roa (raw, json)
Hash identifier: NfxsiLc5lAosTyXwDJUDsIDsTlUIydWUAVRNLDEtSmo=
Subject key identifier: 63:30:78:52:01:FA:F1:E2:04:2B:58:21:89:9D:06:F4:24:81:ED:67
Certificate issuer: /CN=07a6a589ee848a8052238191b98035e775122725
Certificate serial: 0197AD06061C87CAF000143EBD0F78AC6412
Authority key identifier: 07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/YzB4UgH68eIEK1ghiZ0G9CSB7Wc.roa
Signing time: Thu 26 Jun 2025 16:15:42 +0000
ROA not before: Thu 26 Jun 2025 16:15:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210218
IP address blocks: 2.58.93.0/24 maxlen: 24
2.58.94.0/24 maxlen: 24
2.58.136.0/23 maxlen: 23
2.58.138.0/23 maxlen: 23
2.59.248.0/22 maxlen: 22
31.13.194.0/24 maxlen: 24
31.13.249.0/24 maxlen: 24
31.13.250.0/23 maxlen: 23
31.13.252.0/22 maxlen: 22
37.139.129.0/24 maxlen: 24
37.221.120.0/22 maxlen: 22
45.8.74.0/23 maxlen: 23
45.12.248.0/22 maxlen: 22
45.66.229.0/24 maxlen: 24
45.81.241.0/24 maxlen: 24
45.81.242.0/24 maxlen: 24
45.139.100.0/22 maxlen: 22
45.143.100.0/22 maxlen: 22
45.144.152.0/23 maxlen: 23
45.149.232.0/24 maxlen: 24
45.149.233.0/24 maxlen: 24
45.151.88.0/24 maxlen: 24
77.75.56.0/23 maxlen: 23
77.75.58.0/23 maxlen: 23
78.40.160.0/22 maxlen: 22
78.40.164.0/22 maxlen: 22
80.249.124.0/22 maxlen: 22
82.115.208.0/24 maxlen: 24
87.120.32.0/24 maxlen: 24
87.120.34.0/23 maxlen: 23
87.120.46.0/23 maxlen: 23
87.120.63.0/24 maxlen: 24
87.120.64.0/23 maxlen: 23
87.120.64.0/24 maxlen: 24
87.120.65.0/24 maxlen: 24
87.120.66.0/24 maxlen: 24
87.120.85.0/24 maxlen: 24
87.120.86.0/24 maxlen: 24
87.120.96.0/23 maxlen: 23
87.120.111.0/24 maxlen: 24
87.120.177.0/24 maxlen: 24
87.120.218.0/24 maxlen: 24
87.120.220.0/23 maxlen: 23
87.120.224.0/24 maxlen: 24
87.120.226.0/24 maxlen: 24
87.120.232.0/22 maxlen: 22
87.121.19.0/24 maxlen: 24
87.121.36.0/23 maxlen: 23
87.121.56.0/23 maxlen: 23
87.121.59.0/24 maxlen: 24
87.121.66.0/23 maxlen: 23
87.121.68.0/24 maxlen: 24
87.121.100.0/23 maxlen: 23
87.121.116.0/24 maxlen: 24
87.121.148.0/23 maxlen: 23
91.92.3.0/24 maxlen: 24
91.92.24.0/23 maxlen: 23
91.92.24.0/24 maxlen: 24
91.92.25.0/24 maxlen: 24
91.197.196.0/22 maxlen: 22
91.243.184.0/22 maxlen: 22
92.249.51.0/24 maxlen: 24
93.123.68.0/22 maxlen: 22
93.123.86.0/23 maxlen: 23
93.123.108.0/24 maxlen: 24
94.33.0.0/24 maxlen: 24
94.33.1.0/24 maxlen: 24
94.33.2.0/24 maxlen: 24
94.33.3.0/24 maxlen: 24
94.33.4.0/24 maxlen: 24
94.33.5.0/24 maxlen: 24
94.33.6.0/24 maxlen: 24
94.33.7.0/24 maxlen: 24
94.33.8.0/24 maxlen: 24
94.33.9.0/24 maxlen: 24
94.33.10.0/24 maxlen: 24
94.33.11.0/24 maxlen: 24
94.33.12.0/24 maxlen: 24
94.33.13.0/24 maxlen: 24
94.33.14.0/24 maxlen: 24
94.33.15.0/24 maxlen: 24
94.33.16.0/24 maxlen: 24
94.33.17.0/24 maxlen: 24
94.33.18.0/24 maxlen: 24
94.33.19.0/24 maxlen: 24
94.33.20.0/24 maxlen: 24
94.33.21.0/24 maxlen: 24
94.33.23.0/24 maxlen: 24
94.103.126.0/24 maxlen: 24
94.154.174.0/23 maxlen: 23
94.156.16.0/22 maxlen: 22
94.156.32.0/24 maxlen: 24
94.156.48.0/21 maxlen: 21
94.156.95.0/24 maxlen: 24
94.156.108.0/22 maxlen: 22
94.156.124.0/22 maxlen: 22
94.156.168.0/23 maxlen: 23
94.156.182.0/23 maxlen: 23
94.156.184.0/24 maxlen: 24
94.156.187.0/24 maxlen: 24
94.156.192.0/23 maxlen: 23
94.156.234.0/23 maxlen: 23
94.156.240.0/22 maxlen: 22
94.156.246.0/23 maxlen: 23
94.240.56.0/22 maxlen: 22
95.214.124.0/23 maxlen: 23
95.214.126.0/23 maxlen: 23
109.206.238.0/24 maxlen: 24
141.98.0.0/24 maxlen: 24
164.40.184.0/24 maxlen: 24
164.40.186.0/23 maxlen: 23
171.22.17.0/24 maxlen: 24
171.22.29.0/24 maxlen: 24
176.125.252.0/24 maxlen: 24
176.125.253.0/24 maxlen: 24
178.175.184.0/21 maxlen: 21
178.175.184.0/22 maxlen: 22
178.215.225.0/24 maxlen: 24
178.215.226.0/24 maxlen: 24
185.171.148.0/22 maxlen: 22
185.219.125.0/24 maxlen: 24
185.219.126.0/24 maxlen: 24
185.221.66.0/24 maxlen: 24
185.225.72.0/24 maxlen: 24
185.225.73.0/24 maxlen: 24
185.252.178.0/24 maxlen: 24
185.254.38.0/23 maxlen: 23
193.19.200.0/22 maxlen: 22
193.36.232.0/22 maxlen: 22
193.37.43.0/24 maxlen: 24
193.37.46.0/24 maxlen: 24
193.46.172.0/22 maxlen: 22
193.56.16.0/22 maxlen: 22
193.56.248.0/22 maxlen: 22
193.58.184.0/22 maxlen: 22
193.149.2.0/23 maxlen: 23
193.207.0.0/24 maxlen: 24
193.207.1.0/24 maxlen: 24
193.207.2.0/24 maxlen: 24
193.207.3.0/24 maxlen: 24
193.207.4.0/24 maxlen: 24
193.207.5.0/24 maxlen: 24
193.207.6.0/24 maxlen: 24
193.207.7.0/24 maxlen: 24
193.207.8.0/24 maxlen: 24
193.207.9.0/24 maxlen: 24
193.207.10.0/24 maxlen: 24
193.207.11.0/24 maxlen: 24
193.207.12.0/24 maxlen: 24
193.207.13.0/24 maxlen: 24
193.207.14.0/24 maxlen: 24
193.207.15.0/24 maxlen: 24
193.207.16.0/21 maxlen: 21
194.48.249.0/24 maxlen: 24
194.76.204.0/22 maxlen: 22
194.147.8.0/22 maxlen: 22
194.169.174.0/24 maxlen: 24
194.180.50.0/24 maxlen: 24
195.178.120.0/24 maxlen: 24
195.225.120.0/22 maxlen: 22
212.22.128.0/19 maxlen: 19
212.24.0.0/19 maxlen: 19
212.73.135.0/24 maxlen: 24
2a09:e6c0::/29 maxlen: 29
2a09:e6c0::/48 maxlen: 48
2a09:e6c0:8::/48 maxlen: 48
2a09:e6c7:f800::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.mft
rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 08:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ad:06:06:1c:87:ca:f0:00:14:3e:bd:0f:78:ac:64:12
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07a6a589ee848a8052238191b98035e775122725
Validity
Not Before: Jun 26 16:15:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6330785201faf1e2042b5821899d06f42481ed67
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:98:71:20:91:29:b4:30:03:4d:ed:fb:57:01:d6:
c8:84:8d:9b:b2:8f:c9:ec:64:c8:38:2a:9a:12:ec:
fa:ac:30:ac:06:ad:2a:a7:e2:72:e2:4f:c9:cb:9c:
e3:13:72:c8:2b:6d:aa:29:57:5f:b2:d6:52:09:3c:
11:65:a2:17:ee:48:5d:f6:7c:60:b3:f5:67:ed:05:
60:85:1e:af:d5:2a:3d:b6:de:18:a5:ed:fc:5b:8a:
e9:5c:9e:32:1d:89:e1:ef:bf:22:c0:c9:2e:52:dc:
17:41:3a:a0:a8:ae:74:80:85:33:d3:d4:4d:a6:2b:
f3:03:a3:09:04:0b:4e:7c:cf:b1:aa:fe:b0:cb:24:
07:ec:4f:0a:f6:96:44:7d:de:91:68:8d:00:9d:c1:
77:c0:d5:23:0e:d4:5a:cc:55:93:ab:be:a2:66:b8:
5a:7e:23:52:e4:75:e7:bb:58:d5:fd:0a:8c:2f:f9:
d9:88:1f:9a:8e:52:5b:f5:b9:74:be:52:3e:09:6f:
18:57:ad:c4:94:0f:35:e0:a9:34:21:e2:47:ef:cd:
08:21:5a:ab:a8:5d:42:20:00:4a:e7:96:69:f6:e3:
2a:7f:5e:db:a9:c9:ee:11:13:a5:e3:ce:50:b6:49:
b5:41:fa:8b:ab:dd:90:2a:61:39:62:a9:b0:16:a8:
e7:39
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
63:30:78:52:01:FA:F1:E2:04:2B:58:21:89:9D:06:F4:24:81:ED:67
X509v3 Authority Key Identifier:
keyid:07:A6:A5:89:EE:84:8A:80:52:23:81:91:B9:80:35:E7:75:12:27:25
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B6alie6EioBSI4GRuYA153USJyU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/YzB4UgH68eIEK1ghiZ0G9CSB7Wc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e4/7faf5e-7435-49fe-acd7-20fbc906494b/1/B6alie6EioBSI4GRuYA153USJyU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.93.0-2.58.94.255
2.58.136.0/22
2.59.248.0/22
31.13.194.0/24
31.13.249.0-31.13.255.255
37.139.129.0/24
37.221.120.0/22
45.8.74.0/23
45.12.248.0/22
45.66.229.0/24
45.81.241.0-45.81.242.255
45.139.100.0/22
45.143.100.0/22
45.144.152.0/23
45.149.232.0/23
45.151.88.0/24
77.75.56.0/22
78.40.160.0/21
80.249.124.0/22
82.115.208.0/24
87.120.32.0/24
87.120.34.0/23
87.120.46.0/23
87.120.63.0-87.120.66.255
87.120.85.0-87.120.86.255
87.120.96.0/23
87.120.111.0/24
87.120.177.0/24
87.120.218.0/24
87.120.220.0/23
87.120.224.0/24
87.120.226.0/24
87.120.232.0/22
87.121.19.0/24
87.121.36.0/23
87.121.56.0/23
87.121.59.0/24
87.121.66.0-87.121.68.255
87.121.100.0/23
87.121.116.0/24
87.121.148.0/23
91.92.3.0/24
91.92.24.0/23
91.197.196.0/22
91.243.184.0/22
92.249.51.0/24
93.123.68.0/22
93.123.86.0/23
93.123.108.0/24
94.33.0.0-94.33.21.255
94.33.23.0/24
94.103.126.0/24
94.154.174.0/23
94.156.16.0/22
94.156.32.0/24
94.156.48.0/21
94.156.95.0/24
94.156.108.0/22
94.156.124.0/22
94.156.168.0/23
94.156.182.0-94.156.184.255
94.156.187.0/24
94.156.192.0/23
94.156.234.0/23
94.156.240.0/22
94.156.246.0/23
94.240.56.0/22
95.214.124.0/22
109.206.238.0/24
141.98.0.0/24
164.40.184.0/24
164.40.186.0/23
171.22.17.0/24
171.22.29.0/24
176.125.252.0/23
178.175.184.0/21
178.215.225.0-178.215.226.255
185.171.148.0/22
185.219.125.0-185.219.126.255
185.221.66.0/24
185.225.72.0/23
185.252.178.0/24
185.254.38.0/23
193.19.200.0/22
193.36.232.0/22
193.37.43.0/24
193.37.46.0/24
193.46.172.0/22
193.56.16.0/22
193.56.248.0/22
193.58.184.0/22
193.149.2.0/23
193.207.0.0-193.207.23.255
194.48.249.0/24
194.76.204.0/22
194.147.8.0/22
194.169.174.0/24
194.180.50.0/24
195.178.120.0/24
195.225.120.0/22
212.22.128.0/19
212.24.0.0/19
212.73.135.0/24
IPv6:
2a09:e6c0::/29
Signature Algorithm: sha256WithRSAEncryption
71:aa:6a:db:57:c7:75:06:f7:b8:5f:4b:65:84:6f:5e:52:9c:
f4:ea:6c:3f:8a:c3:a7:9e:4c:64:b1:c5:bb:5b:7d:57:ad:d0:
f2:ea:ea:8c:50:b8:5b:0a:39:96:18:c6:5b:3a:ca:5a:10:0a:
9d:ca:f5:67:4b:70:30:ad:23:c4:b2:d5:4f:bf:6a:a0:05:8e:
b2:19:ab:29:1e:c7:ac:2b:de:11:c5:31:24:66:1d:f0:40:d2:
c4:46:7b:5f:42:ba:f9:eb:54:86:28:21:43:14:c2:02:41:91:
74:8a:1a:6a:5f:b4:a8:75:fa:82:7d:b5:45:27:e3:05:d3:06:
3d:59:db:6a:c5:70:c1:51:ce:dc:af:be:d6:a0:95:ee:c2:ca:
0b:14:9f:8f:8c:60:b0:71:41:39:de:fa:02:44:54:33:8f:3b:
91:af:f2:c1:2f:7b:c1:75:fc:a5:5a:b2:f7:b1:61:d6:55:3a:
ce:ec:e1:6e:ce:07:19:e7:45:3e:89:5d:7f:83:f1:77:88:74:
5b:bd:ec:d9:0c:9e:64:51:ab:03:02:64:9b:d6:26:d2:8a:1a:
d6:69:d4:48:df:9e:65:bf:33:60:52:36:9e:d4:01:b3:dc:00:
4d:4a:20:04:23:80:09:31:7f:c7:63:0f:75:58:fd:f3:81:63:
24:4c:4b:2e
-----BEGIN CERTIFICATE-----
MIIHzzCCBregAwIBAgISAZetBgYch8rwABQ+vQ94rGQSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3YTZhNTg5ZWU4NDhhODA1MjIzODE5MWI5ODAzNWU3NzUx
MjI3MjUwHhcNMjUwNjI2MTYxNTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2MzMwNzg1MjAxZmFmMWUyMDQyYjU4MjE4OTlkMDZmNDI0ODFlZDY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmHEgkSm0MANN7ftXAdbIhI2bso/J
7GTIOCqaEuz6rDCsBq0qp+Jy4k/Jy5zjE3LIK22qKVdfstZSCTwRZaIX7khd9nxg
s/Vn7QVghR6v1So9tt4Ype38W4rpXJ4yHYnh778iwMkuUtwXQTqgqK50gIUz09RN
pivzA6MJBAtOfM+xqv6wyyQH7E8K9pZEfd6RaI0AncF3wNUjDtRazFWTq76iZrha
fiNS5HXnu1jV/QqML/nZiB+ajlJb9bl0vlI+CW8YV63ElA814Kk0IeJH780IIVqr
qF1CIABK55Zp9uMqf17bqcnuEROl485Qtkm1QfqLq92QKmE5YqmwFqjnOQIDAQAB
o4IE2zCCBNcwHQYDVR0OBBYEFGMweFIB+vHiBCtYIYmdBvQkge1nMB8GA1UdIwQY
MBaAFAempYnuhIqAUiOBkbmANed1EiclMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDct
MjBmYmM5MDY0OTRiLzEvWXpCNFVnSDY4ZUlFSzFnaGlaMEc5Q1NCN1djLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNC83ZmFmNWUtNzQzNS00OWZlLWFjZDctMjBmYmM5MDY0OTRi
LzEvQjZhbGllNkVpb0JTSTRHUnVZQTE1M1VTSnlVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIC7wYIKwYBBQUHAQcBAf8EggLeMIIC2jCCAscEAgABMIIC
vzAMAwQAAjpdAwQAAjpeAwQCAjqIAwQCAjv4AwQAHw3CMAsDBAAfDfkDAwEfDAME
ACWLgQMEAiXdeAMEAS0ISgMEAi0M+AMEAC1C5TAMAwQALVHxAwQALVHyAwQCLYtk
AwQCLY9kAwQBLZCYAwQBLZXoAwQALZdYAwQCTUs4AwQDTiigAwQCUPl8AwQAUnPQ
AwQAV3ggAwQBV3giAwQBV3guMAwDBABXeD8DBABXeEIwDAMEAFd4VQMEAFd4VgME
AVd4YAMEAFd4bwMEAFd4sQMEAFd42gMEAVd43AMEAFd44AMEAFd44gMEAld46AME
AFd5EwMEAVd5JAMEAVd5OAMEAFd5OzAMAwQBV3lCAwQAV3lEAwQBV3lkAwQAV3l0
AwQBV3mUAwQAW1wDAwQBW1wYAwQCW8XEAwQCW/O4AwQAXPkzAwQCXXtEAwQBXXtW
AwQAXXtsMAsDAwBeIQMEAV4hFAMEAF4hFwMEAF5nfgMEAV6argMEAl6cEAMEAF6c
IAMEA16cMAMEAF6cXwMEAl6cbAMEAl6cfAMEAV6cqDAMAwQBXpy2AwQAXpy4AwQA
Xpy7AwQBXpzAAwQBXpzqAwQCXpzwAwQBXpz2AwQCXvA4AwQCX9Z8AwQAbc7uAwQA
jWIAAwQApCi4AwQBpCi6AwQAqxYRAwQAqxYdAwQBsH38AwQDsq+4MAwDBACy1+ED
BACy1+IDBAK5q5QwDAMEALnbfQMEALnbfgMEALndQgMEAbnhSAMEALn8sgMEAbn+
JgMEAsETyAMEAsEk6AMEAMElKwMEAMElLgMEAsEurAMEAsE4EAMEAsE4+AMEAsE6
uAMEAcGVAjALAwMAwc8DBAPBzxADBADCMPkDBALCTMwDBALCkwgDBADCqa4DBADC
tDIDBADDsngDBALD4XgDBAXUFoADBAXUGAADBADUSYcwDQQCAAIwBwMFAyoJ5sAw
DQYJKoZIhvcNAQELBQADggEBAHGqattXx3UG97hfS2WEb15SnPTqbD+Kw6eeTGSx
xbtbfVet0PLq6oxQuFsKOZYYxls6yloQCp3K9WdLcDCtI8Sy1U+/aqAFjrIZqyke
x6wr3hHFMSRmHfBA0sRGe19CuvnrVIYoIUMUwgJBkXSKGmpftKh1+oJ9tUUn4wXT
Bj1Z22rFcMFRztyvvtagle7CygsUn4+MYLBxQTne+gJEVDOPO5Gv8sEve8F1/KVa
svexYdZVOs7s4W7OBxnnRT6JXX+D8XeIdFu97NkMnmRRqwMCZJvWJtKKGtZp1Ejf
nmW/M2BSNp7UAbPcAE1KIAQjgAkxf8djD3VY/fOBYyRMSy4=
-----END CERTIFICATE-----
Generated at Tue Jul 1 16:58:24 2025 by rpki-client