Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/zhgXsJzHOSwZ2vW5K0nW1lO6VOU.roa
File: zhgXsJzHOSwZ2vW5K0nW1lO6VOU.roa (raw, json)
Hash identifier: Yt6DAu9pUe7VspoY5/vTE3HMguhU3RqgQubcaVH+tIw=
Subject key identifier: CE:18:17:B0:9C:C7:39:2C:19:DA:F5:B9:2B:49:D6:D6:53:BA:54:E5
Certificate issuer: /CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Certificate serial: 0197EA170D16E90708308A051530AD70B1D2
Authority key identifier: 11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/zhgXsJzHOSwZ2vW5K0nW1lO6VOU.roa
Signing time: Tue 08 Jul 2025 12:51:08 +0000
ROA not before: Tue 08 Jul 2025 12:51:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48467
IP address blocks: 94.228.160.0/24 maxlen: 24
94.228.167.0/24 maxlen: 24
94.228.171.0/24 maxlen: 24
94.228.172.0/22 maxlen: 22
94.228.172.0/24 maxlen: 24
178.236.240.0/23 maxlen: 23
178.236.241.0/24 maxlen: 24
178.236.242.0/24 maxlen: 24
178.236.248.0/22 maxlen: 22
178.236.255.0/24 maxlen: 24
185.46.44.0/22 maxlen: 22
185.46.44.0/23 maxlen: 23
185.46.44.0/24 maxlen: 24
185.46.45.0/24 maxlen: 24
185.46.46.0/23 maxlen: 23
185.46.46.0/24 maxlen: 24
185.46.47.0/24 maxlen: 24
2a02:2070::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.mft
rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 25 Jul 2025 14:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ea:17:0d:16:e9:07:08:30:8a:05:15:30:ad:70:b1:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=117f9d55826b42486dfc84d35c1a63a5ce87507c
Validity
Not Before: Jul 8 12:51:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce1817b09cc7392c19daf5b92b49d6d653ba54e5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:b7:2b:6c:4e:af:51:29:d8:1a:d9:25:81:00:
7c:ea:75:c5:64:57:b3:86:6f:18:e0:1f:82:af:81:
a2:b6:a1:da:5a:80:b5:fd:ad:a5:01:b9:c0:e9:53:
32:9f:18:74:a0:e9:79:44:3c:44:33:95:68:d6:21:
ee:ba:c4:be:c4:b9:a0:72:d2:1a:21:87:15:34:ad:
2f:72:bb:91:75:a1:3a:86:86:64:30:a0:bb:c3:c2:
d9:ab:72:6b:ae:10:41:63:d8:ca:66:7f:84:ee:15:
68:38:ab:44:30:ab:18:28:78:04:db:98:52:9e:a0:
d8:9e:37:5d:80:50:da:58:67:9a:66:be:a7:bc:02:
f9:40:d9:43:86:49:c9:5a:7e:12:ca:6a:4b:84:61:
bc:b9:8c:9f:47:44:2b:96:b6:a1:ff:e5:ae:c1:4d:
54:fb:52:11:d1:45:29:0a:49:e1:82:af:02:37:da:
9b:5a:45:7a:63:6a:25:31:c7:a4:48:88:3d:e6:eb:
9d:83:bc:a7:23:38:dd:0a:20:34:20:c5:ed:c0:bb:
53:55:6e:7b:0c:9a:cd:b2:40:5f:7b:4a:a6:1a:3c:
95:3b:44:bc:79:b3:9d:95:bb:4e:49:22:db:6d:f3:
21:37:4f:9c:b2:19:b7:dd:ad:69:ca:4c:e9:4b:d3:
17:45
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:18:17:B0:9C:C7:39:2C:19:DA:F5:B9:2B:49:D6:D6:53:BA:54:E5
X509v3 Authority Key Identifier:
keyid:11:7F:9D:55:82:6B:42:48:6D:FC:84:D3:5C:1A:63:A5:CE:87:50:7C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/EX-dVYJrQkht_ITTXBpjpc6HUHw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/zhgXsJzHOSwZ2vW5K0nW1lO6VOU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7f/eafc41-c358-4b51-9b1c-3fbbba9249cd/1/EX-dVYJrQkht_ITTXBpjpc6HUHw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.228.160.0/24
94.228.167.0/24
94.228.171.0-94.228.175.255
178.236.240.0-178.236.242.255
178.236.248.0/22
178.236.255.0/24
185.46.44.0/22
IPv6:
2a02:2070::/32
Signature Algorithm: sha256WithRSAEncryption
59:eb:9c:b7:d5:2a:11:23:ef:8e:3b:a8:a5:5c:6d:d2:39:35:
b8:d4:6b:da:43:4e:16:6f:f4:a4:65:cf:38:61:df:4c:90:e9:
97:c4:37:be:4c:35:26:d1:83:c0:8b:dd:f1:5e:00:2d:45:d0:
fc:dd:94:cc:a3:88:df:b1:18:52:e3:30:65:c1:e6:95:4f:4b:
41:bf:44:2f:82:2f:31:0d:b3:6b:24:f9:03:da:29:2a:eb:c7:
7e:bd:4d:b7:04:f3:6e:61:49:aa:16:21:f1:50:c9:1a:80:a0:
58:95:f0:9f:b1:21:b2:fc:c9:0b:13:e3:c0:11:44:21:37:cd:
bc:18:b4:cb:3e:b8:a8:74:ea:ef:3f:f0:98:07:42:14:f5:c6:
a6:ef:4f:57:11:fc:45:d5:f9:b6:4c:25:35:9f:5b:de:c8:a1:
0d:97:98:d2:53:6a:4f:c1:7b:37:7a:dc:ba:fe:f3:a2:30:13:
fc:99:46:2f:41:a4:0c:64:30:6b:8a:83:96:f6:82:8f:5a:1e:
89:ad:c7:a4:0d:36:a8:4a:f1:8a:71:ad:c3:ad:16:53:1a:15:
9a:a6:4c:4c:d5:08:7a:c7:4d:35:b7:c5:d2:a2:73:11:d1:ec:
b9:ae:48:2c:a1:69:e2:3b:34:ef:ec:d7:12:03:ce:10:2d:88:
c8:27:41:eb
-----BEGIN CERTIFICATE-----
MIIFQDCCBCigAwIBAgISAZfqFw0W6QcIMIoFFTCtcLHSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDExN2Y5ZDU1ODI2YjQyNDg2ZGZjODRkMzVjMWE2M2E1Y2U4
NzUwN2MwHhcNMjUwNzA4MTI1MTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTE4MTdiMDljYzczOTJjMTlkYWY1YjkyYjQ5ZDZkNjUzYmE1NGU1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtbcrbE6vUSnYGtklgQB86nXFZFez
hm8Y4B+Cr4GitqHaWoC1/a2lAbnA6VMynxh0oOl5RDxEM5Vo1iHuusS+xLmgctIa
IYcVNK0vcruRdaE6hoZkMKC7w8LZq3JrrhBBY9jKZn+E7hVoOKtEMKsYKHgE25hS
nqDYnjddgFDaWGeaZr6nvAL5QNlDhknJWn4SympLhGG8uYyfR0Qrlrah/+WuwU1U
+1IR0UUpCknhgq8CN9qbWkV6Y2olMcekSIg95uudg7ynIzjdCiA0IMXtwLtTVW57
DJrNskBfe0qmGjyVO0S8ebOdlbtOSSLbbfMhN0+cshm33a1pykzpS9MXRQIDAQAB
o4ICTDCCAkgwHQYDVR0OBBYEFM4YF7CcxzksGdr1uStJ1tZTulTlMB8GA1UdIwQY
MBaAFBF/nVWCa0JIbfyE01waY6XOh1B8MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMt
M2ZiYmJhOTI0OWNkLzEvemhnWHNKekhPU3daMnZXNUswblcxbE82Vk9VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Zi9lYWZjNDEtYzM1OC00YjUxLTliMWMtM2ZiYmJhOTI0OWNk
LzEvRVgtZFZZSnJRa2h0X0lUVFhCcGpwYzZIVUh3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGIGCCsGAQUFBwEHAQH/BFMwUTBABAIAATA6AwQAXuSgAwQA
XuSnMAwDBABe5KsDBARe5KAwDAMEBLLs8AMEALLs8gMEArLs+AMEALLs/wMEArku
LDANBAIAAjAHAwUAKgIgcDANBgkqhkiG9w0BAQsFAAOCAQEAWeuct9UqESPvjjuo
pVxt0jk1uNRr2kNOFm/0pGXPOGHfTJDpl8Q3vkw1JtGDwIvd8V4ALUXQ/N2UzKOI
37EYUuMwZcHmlU9LQb9EL4IvMQ2zayT5A9opKuvHfr1NtwTzbmFJqhYh8VDJGoCg
WJXwn7EhsvzJCxPjwBFEITfNvBi0yz64qHTq7z/wmAdCFPXGpu9PVxH8RdX5tkwl
NZ9b3sihDZeY0lNqT8F7N3rcuv7zojAT/JlGL0GkDGQwa4qDlvaCj1oeia3HpA02
qErxinGtw60WUxoVmqZMTNUIesdNNbfF0qJzEdHsua5ILKFp4js07+zXEgPOEC2I
yCdB6w==
-----END CERTIFICATE-----
Generated at Thu Jul 24 23:11:58 2025 by rpki-client