Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/Z1zxmHSdOgpvXqohRjou3ltjdJQ.roa
File: Z1zxmHSdOgpvXqohRjou3ltjdJQ.roa (raw, json)
Hash identifier: DyTfJKe/2IKIK10j+P9axWxzbn57KYALN9SbPImbC8M=
Subject key identifier: 67:5C:F1:98:74:9D:3A:0A:6F:5E:AA:21:46:3A:2E:DE:5B:63:74:94
Certificate issuer: /CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Certificate serial: 0197D44F176A30194CEF1AAFE67F7151723F
Authority key identifier: 5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/Z1zxmHSdOgpvXqohRjou3ltjdJQ.roa
Signing time: Fri 04 Jul 2025 07:20:42 +0000
ROA not before: Fri 04 Jul 2025 07:20:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12360
IP address blocks: 5.57.192.0/21 maxlen: 24
77.236.104.0/21 maxlen: 24
77.236.112.0/21 maxlen: 24
79.171.176.0/21 maxlen: 24
82.115.96.0/19 maxlen: 24
93.119.240.0/20 maxlen: 24
178.248.216.0/21 maxlen: 24
185.5.168.0/22 maxlen: 24
185.39.108.0/23 maxlen: 24
192.54.67.0/24 maxlen: 24
192.54.68.0/22 maxlen: 24
212.7.160.0/19 maxlen: 24
217.17.16.0/20 maxlen: 24
2a01:5580::/32 maxlen: 48
2a02:1628::/32 maxlen: 56
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.mft
rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 19:00:10 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:4f:17:6a:30:19:4c:ef:1a:af:e6:7f:71:51:72:3f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5a756994bb292e49ecc6337b7f95d69ee2af61e1
Validity
Not Before: Jul 4 07:20:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=675cf198749d3a0a6f5eaa21463a2ede5b637494
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:de:a9:5d:0c:0e:16:24:67:73:ba:9c:ae:e4:
31:cc:f3:ec:2b:76:e6:b6:2c:a6:c6:43:4f:af:2c:
9f:ef:c4:24:4d:3a:86:92:6e:20:16:71:30:e4:6d:
d7:5c:d5:64:01:b3:c8:9e:3c:1f:6f:fe:1a:e7:f3:
f8:86:f4:2c:01:78:86:5a:c7:39:ba:e8:db:f7:92:
67:ae:44:83:f4:1e:3b:fc:07:f2:f6:8f:96:5a:c5:
a3:25:ff:86:a6:9c:a6:dc:25:d6:3f:0b:35:7c:80:
f5:21:f4:84:b3:70:75:e6:16:9f:6b:d3:7d:90:17:
f1:30:c8:68:3f:bf:58:85:6b:c4:56:02:0d:a3:f9:
33:61:cb:48:ee:2a:93:3a:45:8a:cc:1e:7e:51:af:
8a:75:0f:6a:3d:51:ac:66:48:08:2c:93:c9:52:93:
8f:b5:27:ec:2b:d7:0c:d8:ac:3e:a3:10:23:8e:f1:
53:19:da:f9:a7:60:5e:62:fe:ff:b0:c7:a0:85:12:
3b:fd:bc:d5:60:18:1a:dc:00:35:12:2c:1b:3d:2b:
ff:13:36:95:23:eb:81:66:f5:84:10:3c:a1:d2:13:
03:fa:7a:da:f4:f6:6b:0c:4c:05:6a:62:34:12:0a:
61:77:d5:66:5f:30:19:22:00:e8:09:fe:4c:c7:6b:
4d:43
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:5C:F1:98:74:9D:3A:0A:6F:5E:AA:21:46:3A:2E:DE:5B:63:74:94
X509v3 Authority Key Identifier:
keyid:5A:75:69:94:BB:29:2E:49:EC:C6:33:7B:7F:95:D6:9E:E2:AF:61:E1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WnVplLspLknsxjN7f5XWnuKvYeE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/Z1zxmHSdOgpvXqohRjou3ltjdJQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8b/83b07f-1d22-4ae0-a2de-4e0aa42a15a8/1/WnVplLspLknsxjN7f5XWnuKvYeE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.57.192.0/21
77.236.104.0-77.236.119.255
79.171.176.0/21
82.115.96.0/19
93.119.240.0/20
178.248.216.0/21
185.5.168.0/22
185.39.108.0/23
192.54.67.0-192.54.71.255
212.7.160.0/19
217.17.16.0/20
IPv6:
2a01:5580::/32
2a02:1628::/32
Signature Algorithm: sha256WithRSAEncryption
9d:ae:04:1e:b5:73:35:33:ae:cf:41:f1:5a:d3:b8:ba:d4:e9:
63:6e:72:31:48:0c:5b:6d:c3:45:d0:e2:db:53:28:79:d3:4a:
bb:55:8e:d1:b8:61:75:60:b5:2f:66:a0:20:3d:2a:4f:32:12:
ec:5a:79:22:66:c5:eb:29:69:5f:a9:74:ea:0b:37:9e:58:83:
3b:3a:4a:ca:a6:87:1f:0f:5b:f6:53:b7:ab:1c:39:0d:a8:86:
71:a5:ad:ae:89:b6:00:b7:0f:e1:58:dc:32:3f:18:74:3a:06:
ff:7a:70:27:8f:e1:89:87:0a:cc:0a:c0:3c:8b:d1:7c:c7:80:
73:55:e3:59:0e:06:f5:2d:f7:53:31:98:97:99:ea:26:b2:dd:
9c:ae:8d:a2:b3:b1:c1:fd:fb:51:a3:44:4a:30:52:6d:df:08:
50:b8:ea:79:30:09:0d:bd:d7:18:31:e8:cf:88:d4:51:67:0c:
a6:2f:04:a9:63:79:68:cb:ab:7f:e1:f2:da:63:b6:ac:c2:51:
9e:94:e8:a2:59:e2:37:ca:c4:09:6d:34:e0:7b:82:1a:19:ec:
77:eb:6c:56:d5:31:b2:04:b9:93:27:32:c7:8a:a3:88:3f:ee:
f0:ef:de:d6:2c:49:21:c3:a9:7c:c3:ef:db:ec:cb:d2:c2:3b:
03:b0:0d:54
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgISAZfUTxdqMBlM7xqv5n9xUXI/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVhNzU2OTk0YmIyOTJlNDllY2M2MzM3YjdmOTVkNjllZTJh
ZjYxZTEwHhcNMjUwNzA0MDcyMDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzVjZjE5ODc0OWQzYTBhNmY1ZWFhMjE0NjNhMmVkZTViNjM3NDk0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApd6pXQwOFiRnc7qcruQxzPPsK3bm
tiymxkNPryyf78QkTTqGkm4gFnEw5G3XXNVkAbPInjwfb/4a5/P4hvQsAXiGWsc5
uujb95JnrkSD9B47/Afy9o+WWsWjJf+Gppym3CXWPws1fID1IfSEs3B15hafa9N9
kBfxMMhoP79YhWvEVgINo/kzYctI7iqTOkWKzB5+Ua+KdQ9qPVGsZkgILJPJUpOP
tSfsK9cM2Kw+oxAjjvFTGdr5p2BeYv7/sMeghRI7/bzVYBga3AA1EiwbPSv/EzaV
I+uBZvWEEDyh0hMD+nra9PZrDEwFamI0Egphd9VmXzAZIgDoCf5Mx2tNQwIDAQAB
o4ICbDCCAmgwHQYDVR0OBBYEFGdc8Zh0nToKb16qIUY6Lt5bY3SUMB8GA1UdIwQY
MBaAFFp1aZS7KS5J7MYze3+V1p7ir2HhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUt
NGUwYWE0MmExNWE4LzEvWjF6eG1IU2RPZ3B2WHFvaFJqb3UzbHRqZEpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Yi84M2IwN2YtMWQyMi00YWUwLWEyZGUtNGUwYWE0MmExNWE4
LzEvV25WcGxMc3BMa25zeGpON2Y1WFdudUt2WWVFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGBBggrBgEFBQcBBwEB/wRyMHAwWAQCAAEwUgMEAwU5wDAM
AwQDTexoAwQDTexwAwQDT6uwAwQFUnNgAwQEXXfwAwQDsvjYAwQCuQWoAwQBuSds
MAwDBADANkMDBAPANkADBAXUB6ADBATZERAwFAQCAAIwDgMFACoBVYADBQAqAhYo
MA0GCSqGSIb3DQEBCwUAA4IBAQCdrgQetXM1M67PQfFa07i61OljbnIxSAxbbcNF
0OLbUyh500q7VY7RuGF1YLUvZqAgPSpPMhLsWnkiZsXrKWlfqXTqCzeeWIM7OkrK
pocfD1v2U7erHDkNqIZxpa2uibYAtw/hWNwyPxh0Ogb/enAnj+GJhwrMCsA8i9F8
x4BzVeNZDgb1LfdTMZiXmeomst2cro2is7HB/ftRo0RKMFJt3whQuOp5MAkNvdcY
MejPiNRRZwymLwSpY3loy6t/4fLaY7aswlGelOiiWeI3ysQJbTTge4IaGex362xW
1TGyBLmTJzLHiqOIP+7w797WLEkhw6l8w+/b7MvSwjsDsA1U
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:00:54 2025 by rpki-client