Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/z5xNovtMTz6dxng7PkQVb4YAxJk.roa
File: z5xNovtMTz6dxng7PkQVb4YAxJk.roa (raw, json)
Hash identifier: L8S5rhMAekzGuCekAJ+Qogb73KMfDTmNFeJmFkKsF6o=
Subject key identifier: CF:9C:4D:A2:FB:4C:4F:3E:9D:C6:78:3B:3E:44:15:6F:86:00:C4:99
Certificate issuer: /CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Certificate serial: 0197D02480CC364C51102687257D73AF5229
Authority key identifier: A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/z5xNovtMTz6dxng7PkQVb4YAxJk.roa
Signing time: Thu 03 Jul 2025 11:55:42 +0000
ROA not before: Thu 03 Jul 2025 11:55:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 85.204.181.0/24 maxlen: 24
86.105.58.0/24 maxlen: 24
86.105.211.0/24 maxlen: 24
86.107.164.0/24 maxlen: 24
89.39.97.0/24 maxlen: 24
93.113.70.0/24 maxlen: 24
93.119.201.0/24 maxlen: 24
93.119.232.0/24 maxlen: 24
188.208.124.0/24 maxlen: 24
188.214.136.0/24 maxlen: 24
188.214.137.0/24 maxlen: 24
188.214.138.0/24 maxlen: 24
188.214.139.0/24 maxlen: 24
188.214.228.0/22 maxlen: 24
188.215.236.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.mft
rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 22:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d0:24:80:cc:36:4c:51:10:26:87:25:7d:73:af:52:29
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a2088e06d553cff293d277f4d76c3a710bd8b2f7
Validity
Not Before: Jul 3 11:55:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf9c4da2fb4c4f3e9dc6783b3e44156f8600c499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e3:33:88:6a:01:0e:34:7b:d7:b1:d1:b9:a4:d8:
b9:ec:91:6c:c2:08:39:05:6f:5a:99:0d:50:da:54:
e6:7c:e9:44:f3:3b:d7:70:d0:da:bc:2e:21:09:b5:
4e:7c:a8:dc:18:f3:43:0f:45:86:8b:c1:d8:1c:97:
74:dc:23:53:6b:12:f5:58:6a:d2:4d:8e:09:39:6c:
d1:16:8f:87:bb:fd:e4:11:a8:a2:f4:47:fd:1e:4a:
83:5d:af:55:13:df:1e:4b:59:6e:53:3a:51:04:36:
61:2f:72:5e:71:df:87:68:b5:cc:9d:ef:f7:7a:ec:
36:3f:be:bb:0b:e8:af:58:13:67:90:92:2e:8d:a1:
6d:ee:bb:b1:ad:9c:de:e3:8c:8b:6c:83:d8:f4:9a:
92:0d:96:dc:05:51:c0:6f:05:53:83:3d:1c:82:d5:
95:2c:d4:5a:1a:52:5e:1c:bc:03:d1:bc:da:3c:bd:
a2:cf:e1:9b:71:d8:66:b9:cd:ac:0c:ef:27:55:67:
13:81:e8:e7:18:a4:ed:33:5d:72:1d:21:dd:6c:90:
5e:06:45:d2:85:6e:ad:0e:09:f3:3c:7a:dd:3d:56:
48:90:00:00:3a:02:27:48:d0:e6:fd:96:d0:ee:76:
49:2b:d6:4b:d9:9b:41:1c:48:e3:8c:0e:ee:38:4a:
d7:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:9C:4D:A2:FB:4C:4F:3E:9D:C6:78:3B:3E:44:15:6F:86:00:C4:99
X509v3 Authority Key Identifier:
keyid:A2:08:8E:06:D5:53:CF:F2:93:D2:77:F4:D7:6C:3A:71:0B:D8:B2:F7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ogiOBtVTz_KT0nf012w6cQvYsvc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/z5xNovtMTz6dxng7PkQVb4YAxJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/91/b45d79-a4d7-4460-bfe7-bbea2918e102/1/ogiOBtVTz_KT0nf012w6cQvYsvc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.204.181.0/24
86.105.58.0/24
86.105.211.0/24
86.107.164.0/24
89.39.97.0/24
93.113.70.0/24
93.119.201.0/24
93.119.232.0/24
188.208.124.0/24
188.214.136.0/22
188.214.228.0/22
188.215.236.0/22
Signature Algorithm: sha256WithRSAEncryption
c5:a1:f5:a9:e8:c7:63:db:46:b9:cd:c5:56:ae:91:50:8f:4b:
f2:1d:5f:30:74:95:6b:21:f9:e8:77:f4:7d:f6:e5:bb:0d:a1:
0b:64:28:c5:92:cb:e5:f7:c7:22:48:1d:69:63:73:6a:ce:3e:
c9:6f:ca:b1:76:90:e3:8b:52:95:b2:d9:c3:b7:3f:e4:dd:89:
33:bd:d2:e7:be:4e:9c:e4:ba:da:88:c8:44:7f:b2:05:d8:58:
6a:e5:30:28:d3:a3:81:27:bb:4d:f0:de:f4:6d:ea:4b:03:d3:
f7:08:19:97:52:49:a1:b3:4f:f6:6d:16:80:b2:84:cf:c8:9e:
c1:90:5a:a7:32:2e:96:6a:1a:07:34:e3:7c:90:8e:e3:08:bf:
b8:cd:f3:2a:6a:4c:52:af:ba:8c:ea:45:4a:11:4c:fa:29:4f:
ad:f2:c0:09:7c:59:4f:8e:23:f1:61:a4:0a:67:ad:0f:79:dc:
0b:84:9d:b4:cf:83:aa:90:c0:45:52:1a:78:03:52:67:fb:2e:
02:b2:f6:82:0a:81:c8:2c:7b:1f:64:b6:21:fc:21:f1:3c:aa:
d9:b6:c4:63:90:ef:75:f8:9b:05:57:1a:84:a3:86:09:f2:85:
4b:ac:0e:a3:1a:03:ae:71:f6:e7:01:d3:91:1d:30:2b:c0:62:
52:ad:97:f6
-----BEGIN CERTIFICATE-----
MIIFPzCCBCegAwIBAgISAZfQJIDMNkxRECaHJX1zr1IpMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEyMDg4ZTA2ZDU1M2NmZjI5M2QyNzdmNGQ3NmMzYTcxMGJk
OGIyZjcwHhcNMjUwNzAzMTE1NTQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjljNGRhMmZiNGM0ZjNlOWRjNjc4M2IzZTQ0MTU2Zjg2MDBjNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4zOIagEONHvXsdG5pNi57JFswgg5
BW9amQ1Q2lTmfOlE8zvXcNDavC4hCbVOfKjcGPNDD0WGi8HYHJd03CNTaxL1WGrS
TY4JOWzRFo+Hu/3kEaii9Ef9HkqDXa9VE98eS1luUzpRBDZhL3Jecd+HaLXMne/3
euw2P767C+ivWBNnkJIujaFt7ruxrZze44yLbIPY9JqSDZbcBVHAbwVTgz0cgtWV
LNRaGlJeHLwD0bzaPL2iz+Gbcdhmuc2sDO8nVWcTgejnGKTtM11yHSHdbJBeBkXS
hW6tDgnzPHrdPVZIkAAAOgInSNDm/ZbQ7nZJK9ZL2ZtBHEjjjA7uOErXHQIDAQAB
o4ICSzCCAkcwHQYDVR0OBBYEFM+cTaL7TE8+ncZ4Oz5EFW+GAMSZMB8GA1UdIwQY
MBaAFKIIjgbVU8/yk9J39NdsOnEL2LL3MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTct
YmJlYTI5MThlMTAyLzEvejV4Tm92dE1UejZkeG5nN1BrUVZiNFlBeEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MS9iNDVkNzktYTRkNy00NDYwLWJmZTctYmJlYTI5MThlMTAy
LzEvb2dpT0J0VlR6X0tUMG5mMDEydzZjUXZZc3ZjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGEGCCsGAQUFBwEHAQH/BFIwUDBOBAIAATBIAwQAVcy1AwQA
Vmk6AwQAVmnTAwQAVmukAwQAWSdhAwQAXXFGAwQAXXfJAwQAXXfoAwQAvNB8AwQC
vNaIAwQCvNbkAwQCvNfsMA0GCSqGSIb3DQEBCwUAA4IBAQDFofWp6Mdj20a5zcVW
rpFQj0vyHV8wdJVrIfnod/R99uW7DaELZCjFksvl98ciSB1pY3Nqzj7Jb8qxdpDj
i1KVstnDtz/k3YkzvdLnvk6c5LraiMhEf7IF2Fhq5TAo06OBJ7tN8N70bepLA9P3
CBmXUkmhs0/2bRaAsoTPyJ7BkFqnMi6WahoHNON8kI7jCL+4zfMqakxSr7qM6kVK
EUz6KU+t8sAJfFlPjiPxYaQKZ60PedwLhJ20z4OqkMBFUhp4A1Jn+y4CsvaCCoHI
LHsfZLYh/CHxPKrZtsRjkO91+JsFVxqEo4YJ8oVLrA6jGgOucfbnAdORHTArwGJS
rZf2
-----END CERTIFICATE-----
Generated at Mon Jul 21 07:18:38 2025 by rpki-client