Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/zYeF4EOXDH9wga2Hl1a9xt43c_E.roa
File: zYeF4EOXDH9wga2Hl1a9xt43c_E.roa (raw, json)
Hash identifier: qprf7Kh7V9oLipnyoiqapOwT3fD2c8ij+cCs23g5KeE=
Subject key identifier: CD:87:85:E0:43:97:0C:7F:70:81:AD:87:97:56:BD:C6:DE:37:73:F1
Certificate issuer: /CN=85d0e763f935c171694f172056eb44209db2e2cd
Certificate serial: 0197F30E931A739B61636343D6A14AD9DBB8
Authority key identifier: 85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/zYeF4EOXDH9wga2Hl1a9xt43c_E.roa
Signing time: Thu 10 Jul 2025 06:38:28 +0000
ROA not before: Thu 10 Jul 2025 06:38:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15704
IP address blocks: 31.222.80.0/20 maxlen: 20
31.222.88.0/24 maxlen: 24
31.222.89.0/24 maxlen: 24
31.222.90.0/24 maxlen: 24
66.81.160.0/21 maxlen: 21
66.81.168.0/21 maxlen: 21
66.81.176.0/21 maxlen: 21
66.81.184.0/21 maxlen: 21
67.218.224.0/21 maxlen: 21
67.218.232.0/21 maxlen: 21
67.218.240.0/21 maxlen: 21
67.218.248.0/21 maxlen: 21
77.241.48.0/20 maxlen: 20
78.30.0.0/18 maxlen: 21
81.0.0.0/18 maxlen: 20
82.213.192.0/20 maxlen: 20
82.213.208.0/20 maxlen: 20
82.213.224.0/19 maxlen: 19
83.138.40.0/21 maxlen: 21
84.39.176.0/21 maxlen: 21
85.31.128.0/22 maxlen: 22
85.31.132.0/22 maxlen: 22
85.187.52.0/22 maxlen: 22
85.235.68.0/22 maxlen: 22
85.239.128.0/22 maxlen: 22
85.239.132.0/22 maxlen: 22
85.239.136.0/22 maxlen: 22
85.239.140.0/22 maxlen: 22
87.124.128.0/18 maxlen: 18
87.124.176.0/20 maxlen: 20
89.35.62.0/23 maxlen: 23
89.39.32.0/19 maxlen: 19
89.39.52.0/24 maxlen: 24
91.106.16.0/21 maxlen: 21
91.194.62.0/23 maxlen: 23
91.242.152.0/21 maxlen: 21
93.115.37.0/24 maxlen: 24
93.115.128.0/22 maxlen: 22
93.115.132.0/22 maxlen: 22
93.115.152.0/24 maxlen: 24
93.115.202.0/24 maxlen: 24
93.115.242.0/24 maxlen: 24
93.176.128.0/18 maxlen: 21
93.177.120.0/22 maxlen: 23
94.73.32.0/19 maxlen: 19
119.12.224.0/22 maxlen: 22
119.12.228.0/22 maxlen: 22
119.12.228.0/23 maxlen: 23
119.12.230.0/23 maxlen: 23
119.12.232.0/23 maxlen: 23
119.12.234.0/23 maxlen: 23
119.12.236.0/22 maxlen: 22
119.12.240.0/23 maxlen: 23
119.12.242.0/23 maxlen: 23
119.12.244.0/22 maxlen: 22
119.12.248.0/22 maxlen: 22
119.12.252.0/23 maxlen: 23
119.12.254.0/23 maxlen: 23
137.59.58.0/24 maxlen: 24
170.253.0.0/20 maxlen: 20
170.253.16.0/20 maxlen: 20
170.253.32.0/20 maxlen: 20
170.253.48.0/20 maxlen: 20
176.222.64.0/19 maxlen: 19
176.222.75.0/24 maxlen: 24
176.222.82.0/24 maxlen: 24
178.218.194.0/24 maxlen: 24
181.41.128.0/21 maxlen: 21
185.79.20.0/22 maxlen: 22
185.145.64.0/22 maxlen: 22
185.146.56.0/22 maxlen: 22
185.153.164.0/23 maxlen: 23
185.153.166.0/23 maxlen: 23
185.176.4.0/22 maxlen: 22
185.197.240.0/22 maxlen: 22
185.227.212.0/23 maxlen: 23
185.227.214.0/23 maxlen: 23
185.228.152.0/22 maxlen: 22
185.252.12.0/22 maxlen: 22
188.65.88.0/21 maxlen: 21
188.208.219.0/24 maxlen: 24
188.212.23.0/24 maxlen: 24
193.17.66.0/24 maxlen: 24
193.53.160.0/22 maxlen: 22
193.177.208.0/22 maxlen: 22
195.160.224.0/22 maxlen: 22
206.204.128.0/23 maxlen: 23
206.204.130.0/23 maxlen: 23
206.204.132.0/23 maxlen: 23
206.204.134.0/24 maxlen: 24
206.204.135.0/24 maxlen: 24
206.204.136.0/23 maxlen: 23
206.204.138.0/23 maxlen: 23
206.204.140.0/22 maxlen: 22
206.204.148.0/23 maxlen: 23
206.204.150.0/23 maxlen: 23
206.204.152.0/22 maxlen: 22
206.204.156.0/22 maxlen: 22
207.188.128.0/21 maxlen: 21
207.188.136.0/21 maxlen: 21
207.188.144.0/21 maxlen: 21
207.188.152.0/21 maxlen: 21
207.188.160.0/21 maxlen: 21
207.188.168.0/21 maxlen: 21
207.188.176.0/21 maxlen: 21
207.188.184.0/21 maxlen: 21
212.7.32.0/20 maxlen: 20
212.7.63.0/24 maxlen: 24
212.14.96.0/19 maxlen: 23
212.14.96.0/22 maxlen: 22
212.14.100.0/22 maxlen: 22
212.14.104.0/23 maxlen: 23
212.14.108.0/22 maxlen: 22
212.14.118.0/23 maxlen: 23
212.166.66.0/24 maxlen: 24
212.166.67.0/24 maxlen: 24
212.166.68.0/24 maxlen: 24
212.166.69.0/24 maxlen: 24
212.166.70.0/24 maxlen: 24
212.166.71.0/24 maxlen: 24
212.166.74.0/24 maxlen: 24
212.166.76.0/24 maxlen: 24
212.230.0.0/15 maxlen: 15
212.230.22.0/24 maxlen: 24
212.230.136.0/24 maxlen: 24
212.230.156.0/24 maxlen: 24
212.230.157.0/24 maxlen: 24
212.230.159.0/24 maxlen: 24
212.230.178.0/24 maxlen: 24
212.230.233.0/24 maxlen: 24
212.231.112.0/21 maxlen: 21
212.231.120.0/22 maxlen: 22
212.231.124.0/22 maxlen: 22
213.94.0.0/18 maxlen: 23
213.94.0.0/21 maxlen: 21
213.94.16.0/22 maxlen: 22
213.94.40.0/22 maxlen: 22
213.177.192.0/19 maxlen: 21
213.177.208.0/21 maxlen: 21
217.113.240.0/20 maxlen: 22
2a00:d100::/29 maxlen: 37
2a01:8480::/32 maxlen: 32
2a01:8480:2001::/48 maxlen: 48
2a01:8480:2002::/48 maxlen: 48
2a01:8480:2003::/48 maxlen: 48
2a01:8480:2004::/48 maxlen: 48
2a01:8480:2008::/47 maxlen: 47
2a01:8480:200a::/47 maxlen: 47
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.mft
rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:f3:0e:93:1a:73:9b:61:63:63:43:d6:a1:4a:d9:db:b8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=85d0e763f935c171694f172056eb44209db2e2cd
Validity
Not Before: Jul 10 06:38:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd8785e043970c7f7081ad879756bdc6de3773f1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:2f:63:44:24:12:9c:5b:7f:49:51:d1:3a:d2:
e3:42:c4:f4:e5:6c:46:8e:3e:c8:8f:d9:f4:f2:53:
63:d1:42:57:56:4f:ee:9f:21:de:c0:e7:34:0b:a1:
27:cd:1a:ee:b3:7f:24:8e:8a:1d:57:ba:36:b3:8c:
c1:a4:72:45:3a:2c:03:14:f2:90:14:39:16:6e:4b:
60:eb:cc:c6:11:ad:95:68:47:99:83:b7:b0:9d:ee:
35:23:06:e6:de:ee:ab:eb:6d:c3:1d:f8:9b:89:5b:
96:92:08:1d:a1:e8:3f:3b:e4:9b:fb:be:ad:21:0f:
ff:a0:78:98:76:f2:71:b2:02:27:06:5c:cb:8c:c0:
2e:f8:18:19:1d:24:07:27:63:05:a6:ef:3c:7e:12:
19:7d:6c:bf:ec:6e:16:84:cb:1b:1b:6e:db:64:83:
51:e7:65:1e:b9:f5:84:cb:28:2b:2c:ef:3f:ff:f8:
07:45:ca:bb:91:ca:77:7f:37:76:98:1d:9f:fe:7c:
c3:c9:d7:0f:5e:df:c3:e1:4d:af:d1:10:f8:60:ce:
cd:e4:ff:84:60:10:a0:ca:cc:17:d9:3a:bd:ca:e2:
6d:a4:e8:c1:8e:88:07:c1:81:89:11:43:79:f0:9e:
dd:3b:c1:ac:28:3e:cf:4a:df:19:3d:7c:fb:37:3d:
37:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:87:85:E0:43:97:0C:7F:70:81:AD:87:97:56:BD:C6:DE:37:73:F1
X509v3 Authority Key Identifier:
keyid:85:D0:E7:63:F9:35:C1:71:69:4F:17:20:56:EB:44:20:9D:B2:E2:CD
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/hdDnY_k1wXFpTxcgVutEIJ2y4s0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/zYeF4EOXDH9wga2Hl1a9xt43c_E.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/746410-026b-45c9-81cd-f12835f0247b/1/hdDnY_k1wXFpTxcgVutEIJ2y4s0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.222.80.0/20
66.81.160.0/19
67.218.224.0/19
77.241.48.0/20
78.30.0.0/18
81.0.0.0/18
82.213.192.0/18
83.138.40.0/21
84.39.176.0/21
85.31.128.0/21
85.187.52.0/22
85.235.68.0/22
85.239.128.0/20
87.124.128.0/18
89.35.62.0/23
89.39.32.0/19
91.106.16.0/21
91.194.62.0/23
91.242.152.0/21
93.115.37.0/24
93.115.128.0/21
93.115.152.0/24
93.115.202.0/24
93.115.242.0/24
93.176.128.0/18
93.177.120.0/22
94.73.32.0/19
119.12.224.0/19
137.59.58.0/24
170.253.0.0/18
176.222.64.0/19
178.218.194.0/24
181.41.128.0/21
185.79.20.0/22
185.145.64.0/22
185.146.56.0/22
185.153.164.0/22
185.176.4.0/22
185.197.240.0/22
185.227.212.0/22
185.228.152.0/22
185.252.12.0/22
188.65.88.0/21
188.208.219.0/24
188.212.23.0/24
193.17.66.0/24
193.53.160.0/22
193.177.208.0/22
195.160.224.0/22
206.204.128.0/20
206.204.148.0-206.204.159.255
207.188.128.0/18
212.7.32.0/20
212.7.63.0/24
212.14.96.0/19
212.166.66.0-212.166.71.255
212.166.74.0/24
212.166.76.0/24
212.230.0.0/15
213.94.0.0/18
213.177.192.0/19
217.113.240.0/20
IPv6:
2a00:d100::/29
2a01:8480::/32
Signature Algorithm: sha256WithRSAEncryption
a7:93:d6:7e:e3:a0:7a:fe:0d:e0:e4:b0:18:94:06:51:ef:bd:
17:86:2a:db:ef:ce:d1:a4:3a:54:c9:33:ec:e8:14:2d:1a:a2:
be:88:a3:69:f9:07:88:5c:c8:b1:7e:64:ae:4f:7b:75:3e:f7:
8f:c5:3c:ac:a5:09:95:37:94:c7:74:c3:29:33:02:55:f6:ff:
fc:c5:a9:49:10:5e:2e:fc:c3:46:de:b7:9f:44:54:1d:e9:39:
f1:29:d7:1d:21:10:f9:25:90:9b:3c:b8:85:9f:12:59:80:e9:
51:d2:b8:7a:1e:f5:58:40:0e:7a:01:aa:05:04:0f:61:f6:e1:
48:e7:08:7f:91:69:be:ac:68:94:f6:56:8f:6d:cc:6b:72:41:
ad:01:db:5a:aa:f0:e8:ac:49:7f:93:e7:9a:bf:9c:b7:25:65:
5a:78:6b:86:16:5c:41:e2:c3:82:c4:05:b5:25:0e:0c:c7:be:
d2:ec:ab:c4:63:90:7c:2c:49:4f:53:b8:f6:6c:d9:aa:fd:a4:
64:72:ab:c9:65:db:cd:55:0b:85:89:51:73:87:32:8d:c5:d6:
47:34:f9:12:1e:ca:00:4f:79:a4:1b:79:91:d2:0e:8b:6c:da:
94:77:b2:77:75:a8:ca:a9:90:49:15:5b:6f:11:4d:88:22:20:
04:fd:7f:c4
-----BEGIN CERTIFICATE-----
MIIGmjCCBYKgAwIBAgISAZfzDpMac5thY2ND1qFK2du4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDg1ZDBlNzYzZjkzNWMxNzE2OTRmMTcyMDU2ZWI0NDIwOWRi
MmUyY2QwHhcNMjUwNzEwMDYzODI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDg3ODVlMDQzOTcwYzdmNzA4MWFkODc5NzU2YmRjNmRlMzc3M2YxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlS9jRCQSnFt/SVHROtLjQsT05WxG
jj7Ij9n08lNj0UJXVk/unyHewOc0C6EnzRrus38kjoodV7o2s4zBpHJFOiwDFPKQ
FDkWbktg68zGEa2VaEeZg7ewne41Iwbm3u6r623DHfibiVuWkggdoeg/O+Sb+76t
IQ//oHiYdvJxsgInBlzLjMAu+BgZHSQHJ2MFpu88fhIZfWy/7G4WhMsbG27bZINR
52UeufWEyygrLO8///gHRcq7kcp3fzd2mB2f/nzDydcPXt/D4U2v0RD4YM7N5P+E
YBCgyswX2Tq9yuJtpOjBjogHwYGJEUN58J7dO8GsKD7PSt8ZPXz7Nz03EQIDAQAB
o4IDpjCCA6IwHQYDVR0OBBYEFM2HheBDlwx/cIGth5dWvcbeN3PxMB8GA1UdIwQY
MBaAFIXQ52P5NcFxaU8XIFbrRCCdsuLNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2Qt
ZjEyODM1ZjAyNDdiLzEvelllRjRFT1hESDl3Z2EySGwxYTl4dDQzY19FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi83NDY0MTAtMDI2Yi00NWM5LTgxY2QtZjEyODM1ZjAyNDdi
LzEvaGREbllfazF3WEZwVHhjZ1Z1dEVJSjJ5NHMwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBugYIKwYBBQUHAQcBAf8EggGpMIIBpTCCAYsEAgABMIIB
gwMEBB/eUAMEBUJRoAMEBUPa4AMEBE3xMAMEBk4eAAMEBlEAAAMEBlLVwAMEA1OK
KAMEA1QnsAMEA1UfgAMEAlW7NAMEAlXrRAMEBFXvgAMEBld8gAMEAVkjPgMEBVkn
IAMEA1tqEAMEAVvCPgMEA1vymAMEAF1zJQMEA11zgAMEAF1zmAMEAF1zygMEAF1z
8gMEBl2wgAMEAl2xeAMEBV5JIAMEBXcM4AMEAIk7OgMEBqr9AAMEBbDeQAMEALLa
wgMEA7UpgAMEArlPFAMEArmRQAMEArmSOAMEArmZpAMEArmwBAMEArnF8AMEArnj
1AMEArnkmAMEArn8DAMEA7xBWAMEALzQ2wMEALzUFwMEAMERQgMEAsE1oAMEAsGx
0AMEAsOg4AMEBM7MgDAMAwQCzsyUAwQFzsyAAwQGz7yAAwQE1AcgAwQA1Ac/AwQF
1A5gMAwDBAHUpkIDBAPUpkADBADUpkoDBADUpkwDAwHU5gMEBtVeAAMEBdWxwAME
BNlx8DAUBAIAAjAOAwUDKgDRAAMFACoBhIAwDQYJKoZIhvcNAQELBQADggEBAKeT
1n7joHr+DeDksBiUBlHvvReGKtvvztGkOlTJM+zoFC0aor6Io2n5B4hcyLF+ZK5P
e3U+94/FPKylCZU3lMd0wykzAlX2//zFqUkQXi78w0bet59EVB3pOfEp1x0hEPkl
kJs8uIWfElmA6VHSuHoe9VhADnoBqgUED2H24UjnCH+Rab6saJT2Vo9tzGtyQa0B
21qq8OisSX+T55q/nLclZVp4a4YWXEHiw4LEBbUlDgzHvtLsq8RjkHwsSU9TuPZs
2ar9pGRyq8ll281VC4WJUXOHMo3F1kc0+RIeygBPeaQbeZHSDots2pR3snd1qMqp
kEkVW28RTYgiIAT9f8Q=
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:16:08 2025 by rpki-client