Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/ikzzB-TS7fbu_e8Jm20uc--Bfbk.roa
File: ikzzB-TS7fbu_e8Jm20uc--Bfbk.roa (raw, json)
Hash identifier: L3G3izasb6pEF2T5imYXwo1rhko1cZpeUonzNyfE5G4=
Subject key identifier: 8A:4C:F3:07:E4:D2:ED:F6:EE:FD:EF:09:9B:6D:2E:73:EF:81:7D:B9
Certificate issuer: /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial: 0198F67EB791CB4700EFAA9E3ABFEC95933C
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/ikzzB-TS7fbu_e8Jm20uc--Bfbk.roa
Signing time: Fri 29 Aug 2025 15:42:36 +0000
ROA not before: Fri 29 Aug 2025 15:42:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29535
IP address blocks: 79.191.255.0/24 maxlen: 24
80.51.76.0/24 maxlen: 24
80.51.253.0/24 maxlen: 24
80.54.110.0/23 maxlen: 24
83.2.0.0/20 maxlen: 20
83.2.8.0/22 maxlen: 22
83.2.56.0/22 maxlen: 22
178.42.9.0/24 maxlen: 24
178.42.22.0/24 maxlen: 24
193.110.120.0/22 maxlen: 22
195.149.235.0/24 maxlen: 24
195.149.236.0/22 maxlen: 22
213.25.164.0/24 maxlen: 24
2001:7f8:27::/48 maxlen: 48
2a01:1101:5::/48 maxlen: 48
2a01:11f0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f6:7e:b7:91:cb:47:00:ef:aa:9e:3a:bf:ec:95:93:3c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Validity
Not Before: Aug 29 15:42:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8a4cf307e4d2edf6eefdef099b6d2e73ef817db9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:b6:45:b0:67:3a:bc:62:d9:0d:0b:2d:b7:ee:
13:8c:3e:3f:75:8b:15:6d:d8:cc:6c:f0:e7:60:de:
8e:ab:07:9a:76:02:55:50:a9:3d:f7:09:db:b5:c6:
bc:e5:df:3a:ba:e0:f5:09:0e:fb:0d:c8:e0:7f:31:
61:b6:01:6b:7f:6e:08:87:71:42:e8:05:11:84:3b:
3f:31:af:65:ab:e3:5e:86:6a:00:bc:90:0d:e5:e2:
00:a9:c2:f6:3f:46:b1:1a:68:d5:40:43:15:5e:13:
3d:bc:89:17:0d:80:5f:aa:7a:fa:e4:ab:83:a9:aa:
72:42:3d:aa:e8:61:1d:21:0e:af:6e:5b:69:9a:1a:
fa:07:61:6c:81:09:48:a6:99:a1:cb:02:5d:44:fa:
6f:ff:7f:01:9c:06:77:59:b5:8f:49:8b:9d:05:39:
48:3f:bb:ab:15:93:4f:1d:83:aa:58:54:43:54:a0:
b0:e2:37:90:95:4e:8c:11:d7:9c:84:66:cc:17:69:
e2:f3:19:b4:e8:5f:bd:05:3b:52:33:fd:72:18:8f:
57:6d:3c:36:b7:b0:80:fc:75:72:73:c1:32:7b:f4:
c5:48:f2:03:f5:6b:f0:a7:42:93:c5:49:d6:00:cb:
f8:f6:6a:6a:dd:f7:1a:d9:24:84:4e:d8:0b:4a:b7:
f2:33
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8A:4C:F3:07:E4:D2:ED:F6:EE:FD:EF:09:9B:6D:2E:73:EF:81:7D:B9
X509v3 Authority Key Identifier:
keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/ikzzB-TS7fbu_e8Jm20uc--Bfbk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.191.255.0/24
80.51.76.0/24
80.51.253.0/24
80.54.110.0/23
83.2.0.0/20
83.2.56.0/22
178.42.9.0/24
178.42.22.0/24
193.110.120.0/22
195.149.235.0-195.149.239.255
213.25.164.0/24
IPv6:
2001:7f8:27::/48
2a01:1101:5::/48
2a01:11f0::/28
Signature Algorithm: sha256WithRSAEncryption
37:67:af:31:64:86:c2:d3:47:ee:6b:ad:b8:4d:3c:76:1c:2e:
10:0a:6d:14:d7:a1:ea:b7:67:10:36:0d:da:c5:71:91:4c:f0:
51:df:ad:6a:5c:48:e9:3a:32:6a:10:e2:07:37:9a:0f:c0:28:
c7:e7:8e:7c:84:28:af:3f:88:93:0c:59:14:3b:0d:20:ee:df:
4f:83:e0:e9:45:ec:0d:99:e9:a4:09:79:a3:d8:b3:9d:45:4b:
db:a6:0f:93:19:f9:f2:07:30:a6:6f:6e:c3:8d:0c:23:62:b3:
5b:27:45:3d:49:b3:67:17:1e:ae:a9:d3:5c:05:d2:2f:92:2f:
b6:28:7f:d5:30:39:72:d5:7d:36:70:82:cf:89:4f:25:39:fc:
2f:c1:77:12:ac:1c:b7:d7:44:8e:00:d3:82:c9:62:2e:d3:3d:
45:dd:68:1e:a0:ba:84:45:38:6b:8d:1e:1e:3c:40:9e:c0:9f:
f5:8f:ad:be:9a:02:07:0c:55:48:22:57:15:16:84:8e:e6:9b:
64:89:4e:71:c4:9e:eb:71:f3:94:ca:53:a9:28:08:f5:ba:6a:
9d:22:54:b1:f3:a5:3c:fd:f6:94:52:7e:d5:12:84:11:f8:2a:
20:5c:48:1a:4a:01:b9:1a:7e:d8:82:92:84:be:8e:ee:e2:bf:
2a:03:55:ac
-----BEGIN CERTIFICATE-----
MIIFYzCCBEugAwIBAgISAZj2freRy0cA76qeOr/slZM8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjUwODI5MTU0MjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4YTRjZjMwN2U0ZDJlZGY2ZWVmZGVmMDk5YjZkMmU3M2VmODE3ZGI5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAq7ZFsGc6vGLZDQstt+4TjD4/dYsV
bdjMbPDnYN6OqweadgJVUKk99wnbtca85d86uuD1CQ77DcjgfzFhtgFrf24Ih3FC
6AURhDs/Ma9lq+NehmoAvJAN5eIAqcL2P0axGmjVQEMVXhM9vIkXDYBfqnr65KuD
qapyQj2q6GEdIQ6vbltpmhr6B2FsgQlIppmhywJdRPpv/38BnAZ3WbWPSYudBTlI
P7urFZNPHYOqWFRDVKCw4jeQlU6MEdechGbMF2ni8xm06F+9BTtSM/1yGI9XbTw2
t7CA/HVyc8Eye/TFSPID9Wvwp0KTxUnWAMv49mpq3fca2SSETtgLSrfyMwIDAQAB
o4ICbzCCAmswHQYDVR0OBBYEFIpM8wfk0u327v3vCZttLnPvgX25MB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvaWt6ekItVFM3ZmJ1X2U4Sm0yMHVjLS1CZmJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGEBggrBgEFBQcBBwEB/wR1MHMwUAQCAAEwSgMEAE+//wME
AFAzTAMEAFAz/QMEAVA2bgMEBFMCAAMEAlMCOAMEALIqCQMEALIqFgMEAsFueDAM
AwQAw5XrAwQEw5XgAwQA1RmkMB8EAgACMBkDBwAgAQf4ACcDBwAqAREBAAUDBQQq
ARHwMA0GCSqGSIb3DQEBCwUAA4IBAQA3Z68xZIbC00fua624TTx2HC4QCm0U16Hq
t2cQNg3axXGRTPBR361qXEjpOjJqEOIHN5oPwCjH5458hCivP4iTDFkUOw0g7t9P
g+DpRewNmemkCXmj2LOdRUvbpg+TGfnyBzCmb27DjQwjYrNbJ0U9SbNnFx6uqdNc
BdIvki+2KH/VMDly1X02cILPiU8lOfwvwXcSrBy310SOANOCyWIu0z1F3WgeoLqE
RThrjR4ePECewJ/1j62+mgIHDFVIIlcVFoSO5ptkiU5xxJ7rcfOUylOpKAj1umqd
IlSx86U8/faUUn7VEoQR+CogXEgaSgG5Gn7YgpKEvo7u4r8qA1Ws
-----END CERTIFICATE-----
Generated at Sat Sep 6 19:22:33 2025 by rpki-client