Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZYJYAUZp_j_itV_LMDtubipZeiY.roa
File: ZYJYAUZp_j_itV_LMDtubipZeiY.roa (raw, json)
Hash identifier: q9JTHNrd4ky3nao+8K8Fep/n3EM0IokF1M/TQKCLjEA=
Subject key identifier: 65:82:58:01:46:69:FE:3F:E2:B5:5F:CB:30:3B:6E:6E:2A:59:7A:26
Certificate issuer: /CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Certificate serial: 0197ECE2FE8FC8CF5CC47423BB3686F454E2
Authority key identifier: 08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZYJYAUZp_j_itV_LMDtubipZeiY.roa
Signing time: Wed 09 Jul 2025 01:53:08 +0000
ROA not before: Wed 09 Jul 2025 01:53:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31363
IP address blocks: 80.90.240.0/20 maxlen: 20
80.90.240.0/24 maxlen: 24
80.90.250.0/24 maxlen: 24
80.90.252.0/24 maxlen: 24
80.90.254.0/24 maxlen: 24
86.62.64.0/18 maxlen: 18
86.62.64.0/24 maxlen: 24
86.62.75.0/24 maxlen: 24
86.62.79.0/24 maxlen: 24
86.62.84.0/24 maxlen: 24
86.62.92.0/24 maxlen: 24
86.62.94.0/24 maxlen: 24
86.62.96.0/24 maxlen: 24
86.62.98.0/24 maxlen: 24
86.62.99.0/24 maxlen: 24
86.62.102.0/24 maxlen: 24
86.62.103.0/24 maxlen: 24
86.62.105.0/24 maxlen: 24
86.62.110.0/24 maxlen: 24
86.62.112.0/24 maxlen: 24
86.62.113.0/24 maxlen: 24
86.62.114.0/24 maxlen: 24
86.62.115.0/24 maxlen: 24
86.62.116.0/24 maxlen: 24
86.62.117.0/24 maxlen: 24
86.62.118.0/24 maxlen: 24
86.62.119.0/24 maxlen: 24
86.62.125.0/24 maxlen: 24
195.54.192.0/19 maxlen: 19
195.54.195.0/24 maxlen: 24
195.54.196.0/24 maxlen: 24
195.54.198.0/24 maxlen: 24
195.54.201.0/24 maxlen: 24
195.54.202.0/23 maxlen: 23
195.54.202.0/24 maxlen: 24
195.54.203.0/24 maxlen: 24
195.54.207.0/24 maxlen: 24
195.54.209.0/24 maxlen: 24
195.54.210.0/24 maxlen: 24
195.54.211.0/24 maxlen: 24
195.91.128.0/17 maxlen: 17
195.91.133.0/24 maxlen: 24
195.91.138.0/24 maxlen: 24
195.91.144.0/24 maxlen: 24
195.91.145.0/24 maxlen: 24
195.91.146.0/24 maxlen: 24
195.91.147.0/24 maxlen: 24
195.91.148.0/24 maxlen: 24
195.91.149.0/24 maxlen: 24
195.91.150.0/24 maxlen: 24
195.91.151.0/24 maxlen: 24
195.91.153.0/24 maxlen: 24
195.91.156.0/24 maxlen: 24
195.91.160.0/24 maxlen: 24
195.91.165.0/24 maxlen: 24
195.91.166.0/24 maxlen: 24
195.91.168.0/24 maxlen: 24
195.91.169.0/24 maxlen: 24
195.91.170.0/24 maxlen: 24
195.91.171.0/24 maxlen: 24
195.91.172.0/24 maxlen: 24
195.91.173.0/24 maxlen: 24
195.91.174.0/24 maxlen: 24
195.91.175.0/24 maxlen: 24
195.91.178.0/24 maxlen: 24
195.91.179.0/24 maxlen: 24
195.91.180.0/24 maxlen: 24
195.91.181.0/24 maxlen: 24
195.91.182.0/24 maxlen: 24
195.91.184.0/24 maxlen: 24
195.91.187.0/24 maxlen: 24
195.91.188.0/24 maxlen: 24
195.91.191.0/24 maxlen: 24
195.91.192.0/24 maxlen: 24
195.91.195.0/24 maxlen: 24
195.91.196.0/24 maxlen: 24
195.91.197.0/24 maxlen: 24
195.91.204.0/24 maxlen: 24
195.91.207.0/24 maxlen: 24
195.91.208.0/24 maxlen: 24
195.91.209.0/24 maxlen: 24
195.91.210.0/24 maxlen: 24
195.91.211.0/24 maxlen: 24
195.91.213.0/24 maxlen: 24
195.91.215.0/24 maxlen: 24
195.91.217.0/24 maxlen: 24
195.91.218.0/24 maxlen: 24
195.91.219.0/24 maxlen: 24
195.91.220.0/24 maxlen: 24
195.91.221.0/24 maxlen: 24
195.91.222.0/24 maxlen: 24
195.91.223.0/24 maxlen: 24
195.91.224.0/24 maxlen: 24
195.91.225.0/24 maxlen: 24
195.91.226.0/24 maxlen: 24
195.91.227.0/24 maxlen: 24
195.91.228.0/24 maxlen: 24
195.91.229.0/24 maxlen: 24
195.91.230.0/24 maxlen: 24
195.91.231.0/24 maxlen: 24
195.91.232.0/24 maxlen: 24
195.91.233.0/24 maxlen: 24
195.91.234.0/24 maxlen: 24
195.91.235.0/24 maxlen: 24
195.91.236.0/24 maxlen: 24
195.91.237.0/24 maxlen: 24
195.91.238.0/24 maxlen: 24
195.91.239.0/24 maxlen: 24
195.91.240.0/24 maxlen: 24
195.91.241.0/24 maxlen: 24
195.91.242.0/24 maxlen: 24
195.91.243.0/24 maxlen: 24
195.91.244.0/24 maxlen: 24
195.91.245.0/24 maxlen: 24
195.91.246.0/24 maxlen: 24
195.91.247.0/24 maxlen: 24
195.91.252.0/24 maxlen: 24
195.91.254.0/24 maxlen: 24
195.91.255.0/24 maxlen: 24
2a00:14d0::/32 maxlen: 32
2a02:2698:9800::/38 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.mft
rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ec:e2:fe:8f:c8:cf:5c:c4:74:23:bb:36:86:f4:54:e2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0802b95ce6239d526c35ae7a8e2ceb48aeb82b5f
Validity
Not Before: Jul 9 01:53:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=658258014669fe3fe2b55fcb303b6e6e2a597a26
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f6:88:5a:0d:25:06:4e:70:5c:9a:3e:2e:1f:
44:11:0c:15:4f:28:6c:b4:34:1b:a5:79:83:65:22:
36:45:2e:33:90:b3:c8:94:bb:0a:3d:22:f2:09:3f:
8f:22:3e:13:61:04:93:54:74:92:d3:8d:01:a3:02:
93:5b:05:a7:3c:f0:e7:29:98:d2:f7:af:c1:b5:4f:
78:79:f4:61:1d:06:f4:f3:5e:76:86:17:c8:fd:02:
15:e6:49:08:9b:01:cc:64:a9:26:b2:6d:75:8c:8f:
2a:46:e3:97:70:bd:bd:3c:04:50:7c:5f:d9:a3:29:
fc:fd:e5:dc:46:59:18:f5:e9:39:45:04:e5:04:fc:
3b:68:f6:99:cc:fb:64:ca:93:d4:b4:c9:d3:82:bc:
74:b8:60:c5:46:a5:5d:a2:50:c8:e0:e0:ab:a7:00:
21:f6:a2:a5:16:22:bb:ac:e3:f1:82:08:5b:f0:da:
78:9f:de:b6:a6:fa:b8:e7:9c:dd:4d:30:c4:17:09:
40:71:d4:c0:d6:22:04:b2:c4:bf:c2:9b:1c:59:95:
76:29:2c:69:ef:80:13:3b:85:d0:3f:a4:ce:59:3e:
9d:70:75:ab:88:12:59:8a:84:80:8a:a9:60:08:af:
ef:5c:81:d7:55:7b:65:42:f2:11:d6:0f:35:22:1f:
35:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:82:58:01:46:69:FE:3F:E2:B5:5F:CB:30:3B:6E:6E:2A:59:7A:26
X509v3 Authority Key Identifier:
keyid:08:02:B9:5C:E6:23:9D:52:6C:35:AE:7A:8E:2C:EB:48:AE:B8:2B:5F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CAK5XOYjnVJsNa56jizrSK64K18.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/ZYJYAUZp_j_itV_LMDtubipZeiY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/10e965-7409-44d8-9502-cf0aa3ecad28/1/CAK5XOYjnVJsNa56jizrSK64K18.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.90.240.0/20
86.62.64.0/18
195.54.192.0/19
195.91.128.0/17
IPv6:
2a00:14d0::/32
2a02:2698:9800::/38
Signature Algorithm: sha256WithRSAEncryption
86:f5:f4:d2:07:15:90:27:b1:5d:96:fd:03:c0:b0:4c:d4:b2:
44:3d:44:b3:8e:69:a6:93:b2:a1:72:55:ef:18:40:26:98:cb:
19:16:60:36:8c:60:98:40:d5:aa:75:9b:be:fd:0e:d8:d3:2a:
8e:66:2c:41:c4:0c:28:a3:ae:7e:ca:11:7b:6c:3c:31:c4:28:
eb:39:32:8a:c4:59:bb:79:14:8a:a3:56:14:1e:de:e4:be:bb:
9d:30:2a:96:32:c5:04:2b:40:d0:17:e2:37:cd:3e:f8:96:41:
e2:0d:08:88:ce:2c:44:e2:41:5e:75:57:44:32:1e:8f:ff:77:
d1:ec:60:f5:69:49:2a:5b:25:ee:03:7b:d8:28:08:06:10:e9:
78:d9:53:a4:4a:8b:07:48:bb:df:d9:bc:bd:f7:23:81:21:3a:
71:5e:c6:33:fc:a4:b6:74:4b:db:4a:f1:4a:1d:7a:6b:6a:90:
b0:5e:96:ee:34:74:08:16:60:6f:3c:47:e8:b4:fe:76:47:42:
b9:34:95:b7:1a:e0:b2:15:01:12:45:5b:be:ef:54:78:8c:7f:
ea:c4:55:06:dc:8e:01:2b:b6:f0:eb:e4:54:42:f0:0d:4b:01:
58:41:3b:7f:7e:6c:d1:42:c0:51:28:f3:d4:c5:a6:b3:56:99:
4b:30:e2:dd
-----BEGIN CERTIFICATE-----
MIIFJjCCBA6gAwIBAgISAZfs4v6PyM9cxHQjuzaG9FTiMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA4MDJiOTVjZTYyMzlkNTI2YzM1YWU3YThlMmNlYjQ4YWVi
ODJiNWYwHhcNMjUwNzA5MDE1MzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTgyNTgwMTQ2NjlmZTNmZTJiNTVmY2IzMDNiNmU2ZTJhNTk3YTI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/aIWg0lBk5wXJo+Lh9EEQwVTyhs
tDQbpXmDZSI2RS4zkLPIlLsKPSLyCT+PIj4TYQSTVHSS040BowKTWwWnPPDnKZjS
96/BtU94efRhHQb08152hhfI/QIV5kkImwHMZKkmsm11jI8qRuOXcL29PARQfF/Z
oyn8/eXcRlkY9ek5RQTlBPw7aPaZzPtkypPUtMnTgrx0uGDFRqVdolDI4OCrpwAh
9qKlFiK7rOPxgghb8Np4n962pvq455zdTTDEFwlAcdTA1iIEssS/wpscWZV2KSxp
74ATO4XQP6TOWT6dcHWriBJZioSAiqlgCK/vXIHXVXtlQvIR1g81Ih81/wIDAQAB
o4ICMjCCAi4wHQYDVR0OBBYEFGWCWAFGaf4/4rVfyzA7bm4qWXomMB8GA1UdIwQY
MBaAFAgCuVzmI51SbDWueo4s60iuuCtfMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDIt
Y2YwYWEzZWNhZDI4LzEvWllKWUFVWnBfal9pdFZfTE1EdHViaXBaZWlZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8xMGU5NjUtNzQwOS00NGQ4LTk1MDItY2YwYWEzZWNhZDI4
LzEvQ0FLNVhPWWpuVkpzTmE1NmppenJTSzY0SzE4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEgGCCsGAQUFBwEHAQH/BDkwNzAeBAIAATAYAwQEUFrwAwQG
Vj5AAwQFwzbAAwQHw1uAMBUEAgACMA8DBQAqABTQAwYCKgImmJgwDQYJKoZIhvcN
AQELBQADggEBAIb19NIHFZAnsV2W/QPAsEzUskQ9RLOOaaaTsqFyVe8YQCaYyxkW
YDaMYJhA1ap1m779DtjTKo5mLEHEDCijrn7KEXtsPDHEKOs5MorEWbt5FIqjVhQe
3uS+u50wKpYyxQQrQNAX4jfNPviWQeINCIjOLETiQV51V0QyHo//d9HsYPVpSSpb
Je4De9goCAYQ6XjZU6RKiwdIu9/ZvL33I4EhOnFexjP8pLZ0S9tK8UodemtqkLBe
lu40dAgWYG88R+i0/nZHQrk0lbca4LIVARJFW77vVHiMf+rEVQbcjgErtvDr5FRC
8A1LAVhBO39+bNFCwFEo89TFprNWmUsw4t0=
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:34:40 2025 by rpki-client