Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/ZvKmecHyWY9fmbHACZH9d7ryoWY.roa
File: ZvKmecHyWY9fmbHACZH9d7ryoWY.roa (raw, json)
Hash identifier: LoamgmMJn7wQlkqjzVk1ITZ5bT2BlQR3GG88246yd4M=
Subject key identifier: 66:F2:A6:79:C1:F2:59:8F:5F:99:B1:C0:09:91:FD:77:BA:F2:A1:66
Certificate issuer: /CN=2665c17fa028b31348f630f6b56df422ce062b3b
Certificate serial: 0198316C5C603F78C43919223CD444096DD4
Authority key identifier: 26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/ZvKmecHyWY9fmbHACZH9d7ryoWY.roa
Signing time: Tue 22 Jul 2025 09:17:21 +0000
ROA not before: Tue 22 Jul 2025 09:17:21 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197637
IP address blocks: 31.25.152.0/21 maxlen: 21
37.99.200.0/21 maxlen: 21
37.123.120.0/21 maxlen: 21
109.75.96.0/24 maxlen: 24
109.75.97.0/24 maxlen: 24
109.75.98.0/24 maxlen: 24
109.75.99.0/24 maxlen: 24
109.75.102.0/24 maxlen: 24
109.75.104.0/24 maxlen: 24
109.75.106.0/24 maxlen: 24
109.75.107.0/24 maxlen: 24
109.75.108.0/22 maxlen: 22
153.92.32.0/21 maxlen: 21
185.8.86.0/23 maxlen: 23
185.62.88.0/22 maxlen: 22
185.65.198.0/23 maxlen: 23
185.68.76.0/22 maxlen: 22
185.211.16.0/22 maxlen: 22
193.57.0.0/22 maxlen: 22
195.42.244.0/22 maxlen: 22
2a04:6ec0::/29 maxlen: 29
2a04:6ec0::/32 maxlen: 32
2a0b:6240::/29 maxlen: 29
2a0c:90c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.mft
rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 06:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:31:6c:5c:60:3f:78:c4:39:19:22:3c:d4:44:09:6d:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2665c17fa028b31348f630f6b56df422ce062b3b
Validity
Not Before: Jul 22 09:17:21 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66f2a679c1f2598f5f99b1c00991fd77baf2a166
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:97:5d:79:70:0e:23:1b:00:44:ee:52:2a:c2:
23:08:86:da:17:6d:67:90:58:64:86:a5:41:d8:71:
72:89:d3:dd:54:3a:4d:7c:5a:f8:f7:3f:0d:45:03:
c4:34:41:5e:0a:84:b7:49:77:36:e7:51:4a:fa:ca:
83:41:92:c9:06:3d:3d:a0:99:12:92:08:bc:dd:ed:
84:95:55:e9:8a:ea:3a:6d:fa:9d:08:c0:b6:a6:94:
74:87:31:24:d1:0a:89:67:23:4e:37:45:30:ef:0b:
5f:08:0b:a9:06:18:7b:19:8e:44:dc:86:b1:93:06:
34:ed:f7:9a:ac:ab:a3:56:33:0a:29:b9:d5:d6:7f:
1c:03:41:c7:e3:30:dc:47:ba:af:7f:71:ea:d4:39:
88:5e:81:70:0e:d5:f0:a1:ff:ec:f6:fb:76:23:02:
ce:57:b4:14:a2:6c:14:62:d6:ca:64:04:31:87:e6:
04:8b:f5:e4:50:42:ae:8d:67:17:35:b2:2d:91:67:
5f:42:ae:f6:dd:5e:a7:e1:97:18:32:0e:a8:f9:19:
29:3d:e2:ec:e5:14:fa:af:c6:73:b2:d0:7b:12:53:
f0:90:78:b4:58:27:64:84:e7:5e:35:42:51:c8:9b:
f8:e0:ae:d2:2b:53:ce:42:be:b6:d7:5c:9f:6c:d0:
a6:85
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:F2:A6:79:C1:F2:59:8F:5F:99:B1:C0:09:91:FD:77:BA:F2:A1:66
X509v3 Authority Key Identifier:
keyid:26:65:C1:7F:A0:28:B3:13:48:F6:30:F6:B5:6D:F4:22:CE:06:2B:3B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JmXBf6AosxNI9jD2tW30Is4GKzs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/ZvKmecHyWY9fmbHACZH9d7ryoWY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/12/fc90a0-804c-40fa-b27a-c383a9010005/1/JmXBf6AosxNI9jD2tW30Is4GKzs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.152.0/21
37.99.200.0/21
37.123.120.0/21
109.75.96.0/22
109.75.102.0/24
109.75.104.0/24
109.75.106.0-109.75.111.255
153.92.32.0/21
185.8.86.0/23
185.62.88.0/22
185.65.198.0/23
185.68.76.0/22
185.211.16.0/22
193.57.0.0/22
195.42.244.0/22
IPv6:
2a04:6ec0::/29
2a0b:6240::/29
2a0c:90c0::/29
Signature Algorithm: sha256WithRSAEncryption
b1:70:ad:bf:f1:33:13:cb:df:b6:dc:d1:2f:2f:85:90:1e:5d:
4e:b3:d4:98:17:32:29:80:66:fe:be:49:0f:a4:b3:08:a8:91:
26:72:f1:c9:dd:f8:5e:d7:56:2d:43:07:17:ea:22:d8:6d:87:
1c:59:b1:b8:39:64:a2:f1:cc:4b:33:b7:de:58:cd:a3:08:bc:
4f:35:72:20:cb:79:3a:ad:70:3e:e7:6d:c5:e3:26:54:71:5f:
44:60:2e:a3:03:1f:de:8e:25:3c:89:64:11:33:1b:3e:eb:a1:
1a:51:f2:59:cf:05:a5:8c:de:d2:6e:90:d8:79:61:08:75:f9:
04:39:9a:ff:0b:4d:0d:dc:ae:30:9e:af:a4:a6:11:cb:f0:07:
f3:8b:02:20:b7:62:bd:11:e5:31:81:1d:97:f3:d7:6b:9c:7b:
91:4b:cf:cb:66:20:71:d3:4c:23:5e:7e:52:f9:13:42:64:e7:
d5:b1:f1:59:8e:55:74:f1:6d:5f:86:2f:2a:e4:84:49:f1:1b:
89:27:cf:4b:4b:14:ef:9c:6b:c2:46:9a:0e:79:c6:76:c2:c6:
8c:3c:51:db:3a:c6:f1:9c:04:78:c6:78:ea:79:b7:11:b4:ff:
b4:0d:7b:b7:31:7f:de:73:65:00:6e:02:df:8f:c6:1b:cb:76:
68:53:db:3d
-----BEGIN CERTIFICATE-----
MIIFeTCCBGGgAwIBAgISAZgxbFxgP3jEORkiPNRECW3UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI2NjVjMTdmYTAyOGIzMTM0OGY2MzBmNmI1NmRmNDIyY2Uw
NjJiM2IwHhcNMjUwNzIyMDkxNzIxWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmYyYTY3OWMxZjI1OThmNWY5OWIxYzAwOTkxZmQ3N2JhZjJhMTY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArJddeXAOIxsARO5SKsIjCIbaF21n
kFhkhqVB2HFyidPdVDpNfFr49z8NRQPENEFeCoS3SXc251FK+sqDQZLJBj09oJkS
kgi83e2ElVXpiuo6bfqdCMC2ppR0hzEk0QqJZyNON0Uw7wtfCAupBhh7GY5E3Iax
kwY07fearKujVjMKKbnV1n8cA0HH4zDcR7qvf3Hq1DmIXoFwDtXwof/s9vt2IwLO
V7QUomwUYtbKZAQxh+YEi/XkUEKujWcXNbItkWdfQq723V6n4ZcYMg6o+RkpPeLs
5RT6r8ZzstB7ElPwkHi0WCdkhOdeNUJRyJv44K7SK1POQr6211yfbNCmhQIDAQAB
o4IChTCCAoEwHQYDVR0OBBYEFGbypnnB8lmPX5mxwAmR/Xe68qFmMB8GA1UdIwQY
MBaAFCZlwX+gKLMTSPYw9rVt9CLOBis7MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2Et
YzM4M2E5MDEwMDA1LzEvWnZLbWVjSHlXWTlmbWJIQUNaSDlkN3J5b1dZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMi9mYzkwYTAtODA0Yy00MGZhLWIyN2EtYzM4M2E5MDEwMDA1
LzEvSm1YQmY2QW9zeE5JOWpEMnRXMzBJczRHS3pzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGaBggrBgEFBQcBBwEB/wSBijCBhzBoBAIAATBiAwQDHxmY
AwQDJWPIAwQDJXt4AwQCbUtgAwQAbUtmAwQAbUtoMAwDBAFtS2oDBARtS2ADBAOZ
XCADBAG5CFYDBAK5PlgDBAG5QcYDBAK5REwDBAK50xADBALBOQADBALDKvQwGwQC
AAIwFQMFAyoEbsADBQMqC2JAAwUDKgyQwDANBgkqhkiG9w0BAQsFAAOCAQEAsXCt
v/EzE8vfttzRLy+FkB5dTrPUmBcyKYBm/r5JD6SzCKiRJnLxyd34XtdWLUMHF+oi
2G2HHFmxuDlkovHMSzO33ljNowi8TzVyIMt5Oq1wPudtxeMmVHFfRGAuowMf3o4l
PIlkETMbPuuhGlHyWc8FpYze0m6Q2HlhCHX5BDma/wtNDdyuMJ6vpKYRy/AH84sC
ILdivRHlMYEdl/PXa5x7kUvPy2YgcdNMI15+UvkTQmTn1bHxWY5VdPFtX4YvKuSE
SfEbiSfPS0sU75xrwkaaDnnGdsLGjDxR2zrG8ZwEeMZ46nm3EbT/tA17tzF/3nNl
AG4C34/GG8t2aFPbPQ==
-----END CERTIFICATE-----
Generated at Sun Jul 27 15:01:32 2025 by rpki-client