Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/wo81X6dNJnxHwqDCPslyPelPnyk.roa
File: wo81X6dNJnxHwqDCPslyPelPnyk.roa (raw, json)
Hash identifier: LNeGgskvgHmXiZQlDf/OPt0CW7kE7h3hGkIagvdPCcA=
Subject key identifier: C2:8F:35:5F:A7:4D:26:7C:47:C2:A0:C2:3E:C9:72:3D:E9:4F:9F:29
Certificate issuer: /CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Certificate serial: 019999A1D038946D9AC6A1C0CC1CFBD3A8D5
Authority key identifier: 99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/wo81X6dNJnxHwqDCPslyPelPnyk.roa
Signing time: Tue 30 Sep 2025 07:59:02 +0000
ROA not before: Tue 30 Sep 2025 07:59:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6848
IP address blocks: 5.23.128.0/17 maxlen: 17
46.253.160.0/20 maxlen: 20
62.205.64.0/18 maxlen: 18
78.20.0.0/14 maxlen: 14
78.29.192.0/18 maxlen: 18
81.82.0.0/15 maxlen: 15
81.164.0.0/15 maxlen: 15
82.143.64.0/18 maxlen: 18
82.210.64.0/19 maxlen: 19
83.217.128.0/19 maxlen: 19
84.192.0.0/13 maxlen: 13
85.28.64.0/18 maxlen: 18
85.255.192.0/24 maxlen: 24
85.255.193.0/24 maxlen: 24
85.255.194.0/24 maxlen: 24
85.255.195.0/24 maxlen: 24
85.255.197.0/24 maxlen: 24
85.255.198.0/24 maxlen: 24
85.255.199.0/24 maxlen: 24
85.255.200.0/24 maxlen: 24
85.255.201.0/24 maxlen: 24
85.255.202.0/24 maxlen: 24
85.255.203.0/24 maxlen: 24
85.255.204.0/24 maxlen: 24
85.255.205.0/24 maxlen: 24
85.255.206.0/24 maxlen: 24
85.255.207.0/24 maxlen: 24
94.72.64.0/19 maxlen: 19
94.224.0.0/14 maxlen: 14
141.134.0.0/15 maxlen: 15
157.173.128.0/18 maxlen: 18
178.116.0.0/14 maxlen: 14
185.23.244.0/22 maxlen: 22
185.30.52.0/22 maxlen: 22
185.35.52.0/24 maxlen: 24
185.35.53.0/24 maxlen: 24
185.35.54.0/24 maxlen: 24
185.35.55.0/24 maxlen: 24
185.152.56.0/24 maxlen: 24
185.152.57.0/24 maxlen: 24
185.152.58.0/24 maxlen: 24
185.152.59.0/24 maxlen: 24
185.248.40.0/22 maxlen: 22
188.44.64.0/19 maxlen: 19
188.95.146.0/23 maxlen: 23
188.137.192.0/19 maxlen: 19
188.188.0.0/15 maxlen: 15
195.16.0.0/19 maxlen: 19
195.130.128.0/19 maxlen: 19
195.162.192.0/19 maxlen: 19
212.76.224.0/19 maxlen: 19
212.88.224.0/19 maxlen: 19
212.123.0.0/19 maxlen: 19
213.118.0.0/15 maxlen: 15
213.132.128.0/19 maxlen: 19
213.214.32.0/19 maxlen: 19
213.224.0.0/16 maxlen: 16
213.251.64.0/18 maxlen: 18
217.72.224.0/20 maxlen: 20
217.168.120.0/21 maxlen: 21
2a00:1cf8::/32 maxlen: 32
2a01:498::/32 maxlen: 32
2a01:498:200::/40 maxlen: 40
2a01:498:500::/40 maxlen: 40
2a01:498:8500::/40 maxlen: 40
2a02:1800::/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.mft
rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:99:a1:d0:38:94:6d:9a:c6:a1:c0:cc:1c:fb:d3:a8:d5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=999df7dc0ed518f1ec69974cf98cecaada1a8680
Validity
Not Before: Sep 30 07:59:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c28f355fa74d267c47c2a0c23ec9723de94f9f29
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:7f:07:94:fc:8c:2a:88:28:ce:e5:d5:0f:96:
84:a1:e5:a3:6f:7d:2b:81:5c:78:33:a0:d6:10:2d:
67:96:81:6e:b3:ff:0a:b6:42:f3:74:e5:e9:ef:27:
c7:be:2d:57:78:dc:c1:b0:53:c4:68:e5:d8:53:69:
9a:4a:f6:ba:b0:af:d0:d5:99:b2:e1:ce:a0:13:f0:
a1:4b:cd:2b:d3:ed:00:c6:5b:18:51:3a:04:8a:df:
97:8c:47:c9:4f:de:8b:a7:15:e8:a3:6e:fc:8d:62:
07:da:b3:f7:83:5f:b7:c0:3a:91:88:73:51:4d:9e:
09:f2:ca:5a:1a:71:d5:76:d9:55:66:54:d9:5a:57:
1d:8a:0a:08:df:59:25:e6:a3:42:17:82:fd:56:8c:
c6:2e:50:7f:d9:98:c8:9c:f3:63:90:1b:a7:f5:be:
f9:81:32:1d:34:0e:b6:9a:7c:39:86:23:4e:3c:ae:
a1:29:78:26:c7:2e:c3:0a:29:77:b8:84:34:91:58:
13:95:4e:eb:0b:69:c6:14:7b:58:e9:59:d4:b6:2d:
9e:3a:4f:66:a9:d7:fd:4e:d1:c1:89:ff:d5:14:66:
ee:9c:9b:92:c0:a7:38:e6:63:9a:72:e6:d0:34:53:
e4:e7:9e:fa:85:5e:c6:e6:5b:08:b7:e9:0b:dc:7a:
4f:7f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C2:8F:35:5F:A7:4D:26:7C:47:C2:A0:C2:3E:C9:72:3D:E9:4F:9F:29
X509v3 Authority Key Identifier:
keyid:99:9D:F7:DC:0E:D5:18:F1:EC:69:97:4C:F9:8C:EC:AA:DA:1A:86:80
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mZ333A7VGPHsaZdM-YzsqtoahoA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/wo81X6dNJnxHwqDCPslyPelPnyk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f3/ba88f2-215f-4f89-a3af-138b787de3e3/1/mZ333A7VGPHsaZdM-YzsqtoahoA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.23.128.0/17
46.253.160.0/20
62.205.64.0/18
78.20.0.0/14
78.29.192.0/18
81.82.0.0/15
81.164.0.0/15
82.143.64.0/18
82.210.64.0/19
83.217.128.0/19
84.192.0.0/13
85.28.64.0/18
85.255.192.0/22
85.255.197.0-85.255.207.255
94.72.64.0/19
94.224.0.0/14
141.134.0.0/15
157.173.128.0/18
178.116.0.0/14
185.23.244.0/22
185.30.52.0/22
185.35.52.0/22
185.152.56.0/22
185.248.40.0/22
188.44.64.0/19
188.95.146.0/23
188.137.192.0/19
188.188.0.0/15
195.16.0.0/19
195.130.128.0/19
195.162.192.0/19
212.76.224.0/19
212.88.224.0/19
212.123.0.0/19
213.118.0.0/15
213.132.128.0/19
213.214.32.0/19
213.224.0.0/16
213.251.64.0/18
217.72.224.0/20
217.168.120.0/21
IPv6:
2a00:1cf8::/32
2a01:498::/32
2a02:1800::/24
Signature Algorithm: sha256WithRSAEncryption
1c:97:f6:d9:2a:03:ce:86:c1:08:67:47:31:10:3c:18:10:ca:
1b:48:4b:2e:a5:a8:3b:f3:b8:7d:e0:e4:6d:e4:ea:2e:7a:9d:
56:e8:d3:45:ce:2c:23:cb:45:57:10:c4:7c:6e:14:4f:02:5a:
6f:f0:3e:38:c2:cd:2f:5d:da:c1:f1:f5:44:cd:32:60:ac:ab:
e6:89:4f:4d:5c:98:5c:ce:98:70:74:39:41:cc:de:3a:38:19:
0a:2a:1e:5f:e0:0c:1d:ec:86:ec:10:c7:0c:d4:a3:e1:66:04:
f3:22:35:5a:a4:66:9a:89:40:b3:a9:66:06:79:31:60:a3:59:
b4:bd:d5:48:33:2c:b4:28:47:0e:e4:a7:aa:cc:89:14:28:af:
53:f1:f5:91:66:b6:f1:82:0c:d7:68:ef:f6:42:c9:e5:50:97:
cb:6e:25:59:b0:aa:d3:a5:a9:67:97:47:e2:dd:42:0a:c5:4e:
28:18:24:ac:23:c4:e1:84:65:26:f1:b2:b9:bc:c8:8b:d7:2a:
05:57:44:13:57:72:6b:68:14:6c:fb:05:84:d5:ee:b6:5c:72:
c5:a5:c5:c4:52:79:57:1e:c5:67:28:81:1e:42:37:de:d1:c9:
25:98:dc:80:42:2d:0c:03:4b:e0:7c:7e:26:b4:d4:94:b9:01:
25:29:1f:1b
-----BEGIN CERTIFICATE-----
MIIGDzCCBPegAwIBAgISAZmZodA4lG2axqHAzBz706jVMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk5OWRmN2RjMGVkNTE4ZjFlYzY5OTc0Y2Y5OGNlY2FhZGEx
YTg2ODAwHhcNMjUwOTMwMDc1OTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjMjhmMzU1ZmE3NGQyNjdjNDdjMmEwYzIzZWM5NzIzZGU5NGY5ZjI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt38HlPyMKogozuXVD5aEoeWjb30r
gVx4M6DWEC1nloFus/8KtkLzdOXp7yfHvi1XeNzBsFPEaOXYU2maSva6sK/Q1Zmy
4c6gE/ChS80r0+0AxlsYUToEit+XjEfJT96LpxXoo278jWIH2rP3g1+3wDqRiHNR
TZ4J8spaGnHVdtlVZlTZWlcdigoI31kl5qNCF4L9VozGLlB/2ZjInPNjkBun9b75
gTIdNA62mnw5hiNOPK6hKXgmxy7DCil3uIQ0kVgTlU7rC2nGFHtY6VnUti2eOk9m
qdf9TtHBif/VFGbunJuSwKc45mOacubQNFPk5576hV7G5lsIt+kL3HpPfwIDAQAB
o4IDGzCCAxcwHQYDVR0OBBYEFMKPNV+nTSZ8R8Kgwj7Jcj3pT58pMB8GA1UdIwQY
MBaAFJmd99wO1Rjx7GmXTPmM7KraGoaAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYt
MTM4Yjc4N2RlM2UzLzEvd284MVg2ZE5KbnhId3FEQ1BzbHlQZWxQbnlrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMy9iYTg4ZjItMjE1Zi00Zjg5LWEzYWYtMTM4Yjc4N2RlM2Uz
LzEvbVozMzNBN1ZHUEhzYVpkTS1ZenNxdG9haG9BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBLwYIKwYBBQUHAQcBAf8EggEeMIIBGjCB+wQCAAEwgfQD
BAcFF4ADBAQu/aADBAY+zUADAwJOFAMEBk4dwAMDAVFSAwMBUaQDBAZSj0ADBAVS
0kADBAVT2YADAwNUwAMEBlUcQAMEAlX/wDAMAwQAVf/FAwQEVf/AAwQFXkhAAwMC
XuADAwGNhgMEBp2tgAMDArJ0AwQCuRf0AwQCuR40AwQCuSM0AwQCuZg4AwQCufgo
AwQFvCxAAwQBvF+SAwQFvInAAwMBvLwDBAXDEAADBAXDgoADBAXDosADBAXUTOAD
BAXUWOADBAXUewADAwHVdgMEBdWEgAMEBdXWIAMDANXgAwQG1ftAAwQE2UjgAwQD
2ah4MBoEAgACMBQDBQAqABz4AwUAKgEEmAMEACoCGDANBgkqhkiG9w0BAQsFAAOC
AQEAHJf22SoDzobBCGdHMRA8GBDKG0hLLqWoO/O4feDkbeTqLnqdVujTRc4sI8tF
VxDEfG4UTwJab/A+OMLNL13awfH1RM0yYKyr5olPTVyYXM6YcHQ5QczeOjgZCioe
X+AMHeyG7BDHDNSj4WYE8yI1WqRmmolAs6lmBnkxYKNZtL3VSDMstChHDuSnqsyJ
FCivU/H1kWa28YIM12jv9kLJ5VCXy24lWbCq06WpZ5dH4t1CCsVOKBgkrCPE4YRl
JvGyubzIi9cqBVdEE1dya2gUbPsFhNXutlxyxaXFxFJ5Vx7FZyiBHkI33tHJJZjc
gEItDANL4Hx+JrTUlLkBJSkfGw==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:55 2025 by rpki-client