Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/zfG__RmVeSA2ObwHFOYCz_tJRFI.roa
File: zfG__RmVeSA2ObwHFOYCz_tJRFI.roa (raw, json)
Hash identifier: I088cLdIgpQF9sRsQooYYttYOYu/XCnaEhjJXH5BnHE=
Subject key identifier: CD:F1:BF:FD:19:95:79:20:36:39:BC:07:14:E6:02:CF:FB:49:44:52
Certificate issuer: /CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Certificate serial: 0197E94B0444A3A077C58A13C5F3E3E638EF
Authority key identifier: B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/zfG__RmVeSA2ObwHFOYCz_tJRFI.roa
Signing time: Tue 08 Jul 2025 09:08:17 +0000
ROA not before: Tue 08 Jul 2025 09:08:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47952
IP address blocks: 45.136.106.0/24 maxlen: 24
45.139.220.0/24 maxlen: 24
45.139.221.0/24 maxlen: 24
45.139.223.0/24 maxlen: 24
45.145.21.0/24 maxlen: 24
45.145.22.0/24 maxlen: 24
45.145.23.0/24 maxlen: 24
81.200.140.0/24 maxlen: 24
81.200.141.0/24 maxlen: 24
81.200.142.0/24 maxlen: 24
91.194.52.0/24 maxlen: 24
91.194.54.0/24 maxlen: 24
185.82.220.0/24 maxlen: 24
185.82.221.0/24 maxlen: 24
185.82.222.0/24 maxlen: 24
185.82.223.0/24 maxlen: 24
185.126.177.0/24 maxlen: 24
185.126.178.0/24 maxlen: 24
185.126.179.0/24 maxlen: 24
185.201.212.0/24 maxlen: 24
185.201.213.0/24 maxlen: 24
185.201.214.0/24 maxlen: 24
185.201.215.0/24 maxlen: 24
2a0a:c4c0::/48 maxlen: 48
2a0a:c4c0:1::/48 maxlen: 48
2a0a:c4c0:2::/48 maxlen: 48
2a0a:c4c0:3::/48 maxlen: 48
2a0a:c4c0:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.mft
rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 26 Jul 2025 06:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e9:4b:04:44:a3:a0:77:c5:8a:13:c5:f3:e3:e6:38:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b630b73b51cbc5380dd4adb3d5aaff4d7a334c5e
Validity
Not Before: Jul 8 09:08:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdf1bffd199579203639bc0714e602cffb494452
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:f0:ba:f3:7d:44:57:af:59:ea:43:d4:ad:4f:
20:7c:31:40:4a:d8:e5:ca:15:a2:ae:1f:fe:d4:f3:
56:e0:f5:15:cc:2d:2b:0b:56:eb:aa:3e:a1:f3:f2:
c9:c9:36:55:3f:7e:ae:23:58:33:92:84:14:72:2b:
db:d5:63:b2:e4:58:f1:ee:9e:29:9d:70:ec:fd:36:
6a:ce:a5:7b:ae:83:59:1f:13:70:d7:ac:e1:93:1e:
82:be:be:08:c2:05:49:2c:75:8c:96:b7:38:9c:1e:
97:49:f5:61:d8:73:33:ef:df:5a:e9:34:78:51:b7:
19:8e:e3:47:91:ff:38:48:57:41:77:c0:e5:30:ac:
1c:74:6f:ab:a5:08:c1:3b:f6:0a:16:55:af:6b:84:
b2:bd:ed:85:76:b9:d8:b8:25:d9:76:ca:21:05:2d:
f2:9f:cb:b2:61:9c:7d:8d:5d:83:e7:e8:7b:63:04:
4d:84:fb:70:8c:9a:eb:46:9d:59:3f:af:d0:c9:bb:
72:3e:ff:2d:62:42:6c:c3:91:4f:ca:50:5f:52:33:
1e:b2:32:c3:3d:c8:01:ab:c6:96:c7:81:65:4a:94:
29:14:f4:06:d4:85:08:4f:2d:24:0d:a7:4c:7b:ec:
3b:93:b9:02:ff:27:10:ee:6a:ab:9b:1d:4c:dd:d5:
b6:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:F1:BF:FD:19:95:79:20:36:39:BC:07:14:E6:02:CF:FB:49:44:52
X509v3 Authority Key Identifier:
keyid:B6:30:B7:3B:51:CB:C5:38:0D:D4:AD:B3:D5:AA:FF:4D:7A:33:4C:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tjC3O1HLxTgN1K2z1ar_TXozTF4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/zfG__RmVeSA2ObwHFOYCz_tJRFI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7d/4748c7-cd9e-401e-a8a4-0d48e6895f12/1/tjC3O1HLxTgN1K2z1ar_TXozTF4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.136.106.0/24
45.139.220.0/23
45.139.223.0/24
45.145.21.0-45.145.23.255
81.200.140.0-81.200.142.255
91.194.52.0/24
91.194.54.0/24
185.82.220.0/22
185.126.177.0-185.126.179.255
185.201.212.0/22
IPv6:
2a0a:c4c0::/46
2a0a:c4c0:100::/48
Signature Algorithm: sha256WithRSAEncryption
42:66:97:70:84:32:b6:5e:e2:9c:0a:1a:24:eb:2c:27:51:ba:
9e:14:f1:8f:37:fe:74:f9:eb:86:78:dd:6a:74:1d:d3:0f:56:
29:61:cb:fa:7f:2d:0d:12:d9:32:ad:4b:0a:f0:a4:c1:e2:07:
28:16:49:32:91:05:c0:32:08:55:6f:63:0a:b2:bb:9c:3e:97:
67:d6:b4:70:56:3e:1f:a5:fa:54:61:46:8c:b3:69:cf:a5:71:
fc:c2:b3:a1:09:e8:04:a0:06:02:2d:a1:6f:c0:1f:78:ea:ba:
7c:c0:a0:34:24:3b:1c:11:1e:61:b6:8d:f8:4f:aa:f3:0a:94:
c9:df:5a:e2:a5:c8:54:6d:32:f9:14:76:aa:6d:97:51:fb:58:
74:8f:92:c1:b4:8e:f2:38:4e:8e:f4:9c:fd:40:98:91:7d:34:
2e:03:ee:b5:84:74:5e:e2:7d:47:40:7d:0b:6b:fe:2f:90:fc:
f5:89:5b:5d:a4:11:3d:7a:10:41:09:df:f9:6e:ce:23:a3:c1:
11:dc:b6:40:6f:57:d7:95:6a:b6:c8:38:78:e1:d0:34:58:86:
5b:e6:04:af:5b:62:a2:fa:5f:e1:73:5f:4e:f8:c1:66:8f:c1:
d2:e3:8c:f9:13:6b:19:7a:c3:2f:0c:c4:32:c9:0b:27:ff:71:
f5:22:f4:7d
-----BEGIN CERTIFICATE-----
MIIFZjCCBE6gAwIBAgISAZfpSwREo6B3xYoTxfPj5jjvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI2MzBiNzNiNTFjYmM1MzgwZGQ0YWRiM2Q1YWFmZjRkN2Ez
MzRjNWUwHhcNMjUwNzA4MDkwODE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGYxYmZmZDE5OTU3OTIwMzYzOWJjMDcxNGU2MDJjZmZiNDk0NDUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwPC6831EV69Z6kPUrU8gfDFAStjl
yhWirh/+1PNW4PUVzC0rC1brqj6h8/LJyTZVP36uI1gzkoQUcivb1WOy5Fjx7p4p
nXDs/TZqzqV7roNZHxNw16zhkx6Cvr4IwgVJLHWMlrc4nB6XSfVh2HMz799a6TR4
UbcZjuNHkf84SFdBd8DlMKwcdG+rpQjBO/YKFlWva4Syve2FdrnYuCXZdsohBS3y
n8uyYZx9jV2D5+h7YwRNhPtwjJrrRp1ZP6/QybtyPv8tYkJsw5FPylBfUjMesjLD
PcgBq8aWx4FlSpQpFPQG1IUITy0kDadMe+w7k7kC/ycQ7mqrmx1M3dW2+wIDAQAB
o4ICcjCCAm4wHQYDVR0OBBYEFM3xv/0ZlXkgNjm8BxTmAs/7SURSMB8GA1UdIwQY
MBaAFLYwtztRy8U4DdSts9Wq/016M0xeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQt
MGQ0OGU2ODk1ZjEyLzEvemZHX19SbVZlU0EyT2J3SEZPWUN6X3RKUkZJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83ZC80NzQ4YzctY2Q5ZS00MDFlLWE4YTQtMGQ0OGU2ODk1ZjEy
LzEvdGpDM08xSEx4VGdOMUsyejFhcl9UWG96VEY0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGHBggrBgEFBQcBBwEB/wR4MHYwWgQCAAEwVAMEAC2IagME
AS2L3AMEAC2L3zAMAwQALZEVAwQDLZEQMAwDBAJRyIwDBABRyI4DBABbwjQDBABb
wjYDBAK5UtwwDAMEALl+sQMEArl+sAMEArnJ1DAYBAIAAjASAwcCKgrEwAAAAwcA
KgrEwAEAMA0GCSqGSIb3DQEBCwUAA4IBAQBCZpdwhDK2XuKcChok6ywnUbqeFPGP
N/50+euGeN1qdB3TD1YpYcv6fy0NEtkyrUsK8KTB4gcoFkkykQXAMghVb2MKsruc
Ppdn1rRwVj4fpfpUYUaMs2nPpXH8wrOhCegEoAYCLaFvwB946rp8wKA0JDscER5h
to34T6rzCpTJ31ripchUbTL5FHaqbZdR+1h0j5LBtI7yOE6O9Jz9QJiRfTQuA+61
hHRe4n1HQH0La/4vkPz1iVtdpBE9ehBBCd/5bs4jo8ER3LZAb1fXlWq2yDh44dA0
WIZb5gSvW2Ki+l/hc19O+MFmj8HS44z5E2sZesMvDMQyyQsn/3H1IvR9
-----END CERTIFICATE-----
Generated at Fri Jul 25 10:51:34 2025 by rpki-client