Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/OwskQb4uWXAM3BST7CyJITEmG0A.roa
File: OwskQb4uWXAM3BST7CyJITEmG0A.roa (raw, json)
Hash identifier: kimIk4ViTfOZBO8RES3wd5ZfNkXzL5WJCpaQ5TXVjck=
Subject key identifier: 3B:0B:24:41:BE:2E:59:70:0C:DC:14:93:EC:2C:89:21:31:26:1B:40
Certificate issuer: /CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Certificate serial: 0199BB454168128D2D0ABD83E6538EBF2B2F
Authority key identifier: F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/OwskQb4uWXAM3BST7CyJITEmG0A.roa
Signing time: Mon 06 Oct 2025 20:45:02 +0000
ROA not before: Mon 06 Oct 2025 20:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 208677
IP address blocks: 31.40.248.0/23 maxlen: 23
37.18.8.0/23 maxlen: 23
37.18.10.0/24 maxlen: 24
37.18.22.0/24 maxlen: 24
37.18.72.0/23 maxlen: 23
37.18.100.0/23 maxlen: 23
37.18.102.0/24 maxlen: 24
37.18.107.0/24 maxlen: 24
37.18.108.0/22 maxlen: 22
37.18.112.0/23 maxlen: 23
37.18.114.0/24 maxlen: 24
37.18.115.0/24 maxlen: 24
37.18.116.0/22 maxlen: 22
37.18.120.0/23 maxlen: 23
37.18.122.0/24 maxlen: 24
37.44.196.0/23 maxlen: 23
37.44.198.0/24 maxlen: 24
37.230.139.0/24 maxlen: 24
37.230.179.0/24 maxlen: 24
37.230.180.0/23 maxlen: 23
37.230.180.0/24 maxlen: 24
37.230.184.0/23 maxlen: 23
37.230.186.0/24 maxlen: 24
37.230.192.0/21 maxlen: 21
37.230.224.0/24 maxlen: 24
37.230.233.0/24 maxlen: 24
45.9.24.0/22 maxlen: 22
45.89.224.0/22 maxlen: 22
45.132.176.0/22 maxlen: 22
45.136.146.0/23 maxlen: 23
45.151.30.0/23 maxlen: 23
45.155.204.0/23 maxlen: 23
46.16.36.0/24 maxlen: 24
46.243.141.0/24 maxlen: 24
46.243.142.0/23 maxlen: 23
46.243.172.0/24 maxlen: 24
46.243.201.0/24 maxlen: 24
46.243.205.0/24 maxlen: 24
46.243.206.0/24 maxlen: 24
46.243.226.0/23 maxlen: 23
46.243.244.0/23 maxlen: 23
46.253.132.0/24 maxlen: 24
62.233.43.0/24 maxlen: 24
82.202.136.0/21 maxlen: 21
82.202.156.0/22 maxlen: 22
84.54.56.0/22 maxlen: 22
85.208.85.0/24 maxlen: 24
85.208.86.0/23 maxlen: 23
85.208.209.0/24 maxlen: 24
85.208.210.0/23 maxlen: 23
85.209.149.0/24 maxlen: 24
85.209.150.0/23 maxlen: 23
85.235.82.0/23 maxlen: 24
85.235.83.0/24 maxlen: 24
87.242.84.0/22 maxlen: 22
87.242.88.0/21 maxlen: 21
87.242.100.0/22 maxlen: 22
87.242.116.0/22 maxlen: 22
87.242.120.0/21 maxlen: 21
88.218.65.0/24 maxlen: 24
88.218.66.0/23 maxlen: 23
89.232.160.0/21 maxlen: 21
89.232.168.0/22 maxlen: 22
89.232.176.0/22 maxlen: 22
91.224.86.0/23 maxlen: 23
94.139.252.0/22 maxlen: 22
94.158.22.0/23 maxlen: 23
95.174.88.0/21 maxlen: 21
141.101.151.0/24 maxlen: 24
141.101.152.0/24 maxlen: 24
141.101.201.0/24 maxlen: 24
152.89.196.0/24 maxlen: 24
176.108.240.0/20 maxlen: 20
176.109.96.0/20 maxlen: 24
176.123.160.0/21 maxlen: 21
178.170.191.0/24 maxlen: 24
178.170.192.0/22 maxlen: 22
178.170.196.0/23 maxlen: 23
178.170.242.0/24 maxlen: 24
185.50.200.0/22 maxlen: 22
185.234.11.0/24 maxlen: 24
185.241.57.0/24 maxlen: 24
188.72.96.0/24 maxlen: 24
188.72.106.0/23 maxlen: 23
188.72.108.0/23 maxlen: 23
188.72.117.0/24 maxlen: 24
188.72.118.0/24 maxlen: 24
192.144.12.0/22 maxlen: 22
192.144.28.0/24 maxlen: 24
193.42.116.0/23 maxlen: 23
193.105.4.0/24 maxlen: 24
193.163.94.0/24 maxlen: 24
193.201.8.0/24 maxlen: 24
194.5.92.0/23 maxlen: 23
194.26.228.0/24 maxlen: 24
194.50.72.0/24 maxlen: 24
194.113.34.0/23 maxlen: 23
195.128.152.0/24 maxlen: 24
213.171.24.0/21 maxlen: 21
213.178.153.0/24 maxlen: 24
213.178.154.0/24 maxlen: 24
2a0c:2b80::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 08:01:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bb:45:41:68:12:8d:2d:0a:bd:83:e6:53:8e:bf:2b:2f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f919e1f3fe69b4ebdff02a9a857e7c6c2b25301a
Validity
Not Before: Oct 6 20:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3b0b2441be2e59700cdc1493ec2c892131261b40
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e4:ff:03:f5:3f:21:2b:c8:61:42:83:ec:65:86:
0a:2a:b3:2d:00:2b:9e:04:35:0c:d4:96:1e:24:66:
45:4e:d0:fa:76:21:1c:39:12:39:84:6e:b1:bf:17:
69:f1:71:61:5b:dd:08:5d:c7:c8:22:b1:a8:c1:f0:
fb:08:d1:20:ec:0a:8d:0c:f0:df:e2:3c:c7:27:6f:
2f:75:fb:c3:ce:b7:be:ec:d3:09:2e:c3:ae:98:dc:
c0:e1:5e:42:f1:8e:30:c7:09:d7:3c:93:0e:2d:1e:
5a:14:64:49:52:fc:d4:bd:ca:bb:a9:34:09:49:5a:
23:a5:d8:f2:a7:6b:8d:ff:f7:c0:a0:d5:f5:76:e6:
c6:56:10:37:46:d8:f3:06:af:bf:59:03:a6:12:a2:
64:d6:5c:7e:6b:f4:c6:d8:32:84:cb:5b:6f:d7:75:
81:99:18:4d:47:28:59:75:37:83:9a:82:01:28:f9:
a2:30:84:b9:bf:67:cb:b0:83:65:cb:b3:96:6f:81:
39:6d:d5:bc:77:5e:26:95:2f:15:16:28:fd:32:75:
ff:8f:d5:3f:53:b0:5c:3a:0a:2b:f4:c9:c1:db:5c:
46:79:fe:b8:58:06:c9:94:32:99:ab:3c:9b:6f:c0:
3d:a1:07:2d:63:f6:15:7a:54:24:17:20:5f:42:a0:
e1:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3B:0B:24:41:BE:2E:59:70:0C:DC:14:93:EC:2C:89:21:31:26:1B:40
X509v3 Authority Key Identifier:
keyid:F9:19:E1:F3:FE:69:B4:EB:DF:F0:2A:9A:85:7E:7C:6C:2B:25:30:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-Rnh8_5ptOvf8CqahX58bCslMBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/OwskQb4uWXAM3BST7CyJITEmG0A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f6/1c9809-1f60-43c2-8103-dad0420b85d3/1/1-Rnh8_5ptOvf8CqahX58bCslMBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.40.248.0/23
37.18.8.0-37.18.10.255
37.18.22.0/24
37.18.72.0/23
37.18.100.0-37.18.102.255
37.18.107.0-37.18.122.255
37.44.196.0-37.44.198.255
37.230.139.0/24
37.230.179.0-37.230.181.255
37.230.184.0-37.230.186.255
37.230.192.0/21
37.230.224.0/24
37.230.233.0/24
45.9.24.0/22
45.89.224.0/22
45.132.176.0/22
45.136.146.0/23
45.151.30.0/23
45.155.204.0/23
46.16.36.0/24
46.243.141.0-46.243.143.255
46.243.172.0/24
46.243.201.0/24
46.243.205.0-46.243.206.255
46.243.226.0/23
46.243.244.0/23
46.253.132.0/24
62.233.43.0/24
82.202.136.0/21
82.202.156.0/22
84.54.56.0/22
85.208.85.0-85.208.87.255
85.208.209.0-85.208.211.255
85.209.149.0-85.209.151.255
85.235.82.0/23
87.242.84.0-87.242.95.255
87.242.100.0/22
87.242.116.0-87.242.127.255
88.218.65.0-88.218.67.255
89.232.160.0-89.232.171.255
89.232.176.0/22
91.224.86.0/23
94.139.252.0/22
94.158.22.0/23
95.174.88.0/21
141.101.151.0-141.101.152.255
141.101.201.0/24
152.89.196.0/24
176.108.240.0/20
176.109.96.0/20
176.123.160.0/21
178.170.191.0-178.170.197.255
178.170.242.0/24
185.50.200.0/22
185.234.11.0/24
185.241.57.0/24
188.72.96.0/24
188.72.106.0-188.72.109.255
188.72.117.0-188.72.118.255
192.144.12.0/22
192.144.28.0/24
193.42.116.0/23
193.105.4.0/24
193.163.94.0/24
193.201.8.0/24
194.5.92.0/23
194.26.228.0/24
194.50.72.0/24
194.113.34.0/23
195.128.152.0/24
213.171.24.0/21
213.178.153.0-213.178.154.255
IPv6:
2a0c:2b80::/29
Signature Algorithm: sha256WithRSAEncryption
91:02:ce:e4:1c:3a:4d:d9:1a:ad:e2:cd:a4:b7:1f:0a:1e:06:
3f:83:88:cc:f7:df:00:91:4d:87:6c:9e:60:f6:54:34:ea:a3:
6c:20:a6:7f:a7:56:f2:c2:60:4a:c7:b4:0e:e6:d1:ec:fd:30:
d4:84:9e:d4:37:89:da:87:17:98:16:fe:ec:49:c5:63:e1:c5:
74:49:19:96:fc:d8:0f:1e:59:b1:f0:0d:a3:6c:03:e8:b8:fe:
59:28:66:7e:a0:df:0f:5c:44:9f:33:8a:a4:a5:c4:1c:63:0a:
2a:be:05:ff:52:7c:24:a1:53:99:2d:b1:66:f2:dc:0a:6d:22:
db:5b:c9:10:4b:91:72:82:8e:cb:71:c9:0f:31:50:3d:d9:0e:
be:49:bf:0b:14:9c:18:1d:a0:06:9f:07:1b:1a:a6:de:4e:b5:
f4:aa:f6:52:09:b0:54:81:69:4c:0c:b4:cd:af:19:c2:5b:6e:
39:a8:2a:04:61:bc:cb:43:77:38:99:c8:dc:e9:65:a6:bf:70:
b8:79:b8:91:f3:7c:d6:eb:88:1d:8c:10:46:62:ff:19:69:5e:
c5:d9:af:ab:8c:e6:c1:8c:34:8c:92:79:89:84:96:ca:7f:d3:
72:e5:44:bb:27:18:34:d2:10:79:67:08:d7:cc:26:9d:b7:b2:
5b:d0:fc:89
-----BEGIN CERTIFICATE-----
MIIHYjCCBkqgAwIBAgISAZm7RUFoEo0tCr2D5lOOvysvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGY5MTllMWYzZmU2OWI0ZWJkZmYwMmE5YTg1N2U3YzZjMmIy
NTMwMWEwHhcNMjUxMDA2MjA0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzYjBiMjQ0MWJlMmU1OTcwMGNkYzE0OTNlYzJjODkyMTMxMjYxYjQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5P8D9T8hK8hhQoPsZYYKKrMtACue
BDUM1JYeJGZFTtD6diEcORI5hG6xvxdp8XFhW90IXcfIIrGowfD7CNEg7AqNDPDf
4jzHJ28vdfvDzre+7NMJLsOumNzA4V5C8Y4wxwnXPJMOLR5aFGRJUvzUvcq7qTQJ
SVojpdjyp2uN//fAoNX1dubGVhA3RtjzBq+/WQOmEqJk1lx+a/TG2DKEy1tv13WB
mRhNRyhZdTeDmoIBKPmiMIS5v2fLsINly7OWb4E5bdW8d14mlS8VFij9MnX/j9U/
U7BcOgor9MnB21xGef64WAbJlDKZqzybb8A9oQctY/YVelQkFyBfQqDhBQIDAQAB
o4IEbjCCBGowHQYDVR0OBBYEFDsLJEG+LllwDNwUk+wsiSExJhtAMB8GA1UdIwQY
MBaAFPkZ4fP+abTr3/AqmoV+fGwrJTAaMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1Sbmg4XzVwdE92ZjhDcWFoWDU4YkNzbE1Cby5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAz
LWRhZDA0MjBiODVkMy8xL093c2tRYjR1V1hBTTNCU1Q3Q3lKSVRFbUcwQS5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjYvMWM5ODA5LTFmNjAtNDNjMi04MTAzLWRhZDA0MjBiODVk
My8xLzEtUm5oOF81cHRPdmY4Q3FhaFg1OGJDc2xNQm8uY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwggKABggrBgEFBQcBBwEB/wSCAm8wggJrMIICWAQCAAEw
ggJQAwQBHyj4MAwDBAMlEggDBAAlEgoDBAAlEhYDBAElEkgwDAMEAiUSZAMEACUS
ZjAMAwQAJRJrAwQAJRJ6MAwDBAIlLMQDBAAlLMYDBAAl5oswDAMEACXmswMEASXm
tDAMAwQDJea4AwQAJea6AwQDJebAAwQAJebgAwQAJebpAwQCLQkYAwQCLVngAwQC
LYSwAwQBLYiSAwQBLZceAwQBLZvMAwQALhAkMAwDBAAu840DBAQu84ADBAAu86wD
BAAu88kwDAMEAC7zzQMEAC7zzgMEAS7z4gMEAS7z9AMEAC79hAMEAD7pKwMEA1LK
iAMEAlLKnAMEAlQ2ODAMAwQAVdBVAwQDVdBQMAwDBABV0NEDBAJV0NAwDAMEAFXR
lQMEA1XRkAMEAVXrUjAMAwQCV/JUAwQFV/JAAwQCV/JkMAwDBAJX8nQDBAdX8gAw
DAMEAFjaQQMEAljaQDAMAwQFWeigAwQCWeioAwQCWeiwAwQBW+BWAwQCXov8AwQB
Xp4WAwQDX65YMAwDBACNZZcDBACNZZgDBACNZckDBACYWcQDBASwbPADBASwbWAD
BAOwe6AwDAMEALKqvwMEAbKqxAMEALKq8gMEArkyyAMEALnqCwMEALnxOQMEALxI
YDAMAwQBvEhqAwQBvEhsMAwDBAC8SHUDBAC8SHYDBALAkAwDBADAkBwDBAHBKnQD
BADBaQQDBADBo14DBADByQgDBAHCBVwDBADCGuQDBADCMkgDBAHCcSIDBADDgJgD
BAPVqxgwDAMEANWymQMEANWymjANBAIAAjAHAwUDKgwrgDANBgkqhkiG9w0BAQsF
AAOCAQEAkQLO5Bw6TdkareLNpLcfCh4GP4OIzPffAJFNh2yeYPZUNOqjbCCmf6dW
8sJgSse0DubR7P0w1ISe1DeJ2ocXmBb+7EnFY+HFdEkZlvzYDx5ZsfANo2wD6Lj+
WShmfqDfD1xEnzOKpKXEHGMKKr4F/1J8JKFTmS2xZvLcCm0i21vJEEuRcoKOy3HJ
DzFQPdkOvkm/CxScGB2gBp8HGxqm3k619Kr2UgmwVIFpTAy0za8ZwltuOagqBGG8
y0N3OJnI3Ollpr9wuHm4kfN81uuIHYwQRmL/GWlexdmvq4zmwYw0jJJ5iYSWyn/T
cuVEuycYNNIQeWcI18wmnbeyW9D8iQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:48:51 2025 by rpki-client