Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/ZxAsBDM9cuoyGobJXXvAaIAzrYo.roa
File: ZxAsBDM9cuoyGobJXXvAaIAzrYo.roa (raw, json)
Hash identifier: SkB8cFJ0rd32rFH2M62gUtujCyjJXdgWVQ4tyxEgN0s=
Subject key identifier: 67:10:2C:04:33:3D:72:EA:32:1A:86:C9:5D:7B:C0:68:80:33:AD:8A
Certificate issuer: /CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Certificate serial: 0198385312EE8EFD33E0987AA5C297409F60
Authority key identifier: 24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/ZxAsBDM9cuoyGobJXXvAaIAzrYo.roa
Signing time: Wed 23 Jul 2025 17:27:05 +0000
ROA not before: Wed 23 Jul 2025 17:27:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202
IP address blocks: 149.250.0.0/16 maxlen: 16
192.109.236.0/24 maxlen: 24
195.203.0.0/17 maxlen: 17
195.203.128.0/17 maxlen: 17
195.203.152.0/23 maxlen: 23
195.203.156.0/22 maxlen: 22
217.27.0.0/23 maxlen: 23
217.27.2.0/23 maxlen: 23
217.27.4.0/24 maxlen: 24
217.27.6.0/24 maxlen: 24
217.27.7.0/24 maxlen: 24
2a03:5000:1::/48 maxlen: 48
2a03:5000:2::/48 maxlen: 48
2a03:5000:11::/48 maxlen: 48
2a03:5000:12::/48 maxlen: 48
2a03:5000:20::/48 maxlen: 48
2a03:5000:21::/48 maxlen: 48
2a03:5000:22::/48 maxlen: 48
2a03:5000:30::/48 maxlen: 48
2a03:5000:31::/48 maxlen: 48
2a03:5000:32::/48 maxlen: 48
2a03:5000:41::/48 maxlen: 48
2a03:5000:42::/48 maxlen: 48
2a03:5000:51::/48 maxlen: 48
2a03:5000:52::/48 maxlen: 48
2a03:5000:61::/48 maxlen: 48
2a03:5000:62::/48 maxlen: 48
2a03:5000:71::/48 maxlen: 48
2a03:5000:72::/48 maxlen: 48
2a03:5000:81::/48 maxlen: 48
2a03:5000:82::/48 maxlen: 48
2a03:5000:91::/48 maxlen: 48
2a03:5000:92::/48 maxlen: 48
2a03:5000:101::/48 maxlen: 48
2a03:5000:102::/48 maxlen: 48
2a03:5000:111::/48 maxlen: 48
2a03:5000:112::/48 maxlen: 48
2a03:5000:121::/48 maxlen: 48
2a03:5000:122::/48 maxlen: 48
2a03:5000:131::/48 maxlen: 48
2a03:5000:132::/48 maxlen: 48
2a03:5000:141::/48 maxlen: 48
2a03:5000:142::/48 maxlen: 48
2a03:5000:151::/48 maxlen: 48
2a03:5000:152::/48 maxlen: 48
2a03:5000:161::/48 maxlen: 48
2a03:5000:162::/48 maxlen: 48
2a03:5000:171::/48 maxlen: 48
2a03:5000:172::/48 maxlen: 48
2a03:5000:181::/48 maxlen: 48
2a03:5000:182::/48 maxlen: 48
2a03:5000:191::/48 maxlen: 48
2a03:5000:192::/48 maxlen: 48
2a03:5000:201::/48 maxlen: 48
2a03:5000:202::/48 maxlen: 48
2a03:5000:211::/48 maxlen: 48
2a03:5000:212::/48 maxlen: 48
2a03:5000:221::/48 maxlen: 48
2a03:5000:222::/48 maxlen: 48
2a03:5000:231::/48 maxlen: 48
2a03:5000:232::/48 maxlen: 48
2a03:5000:241::/48 maxlen: 48
2a03:5000:242::/48 maxlen: 48
2a03:5000:251::/48 maxlen: 48
2a03:5000:252::/48 maxlen: 48
2a03:5000:271::/48 maxlen: 48
2a03:5000:272::/48 maxlen: 48
2a03:5000:291::/48 maxlen: 48
2a03:5000:292::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.mft
rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:38:53:12:ee:8e:fd:33:e0:98:7a:a5:c2:97:40:9f:60
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=24cc6b9c37faa0da3b412007c0b10b2c5bf2cf4e
Validity
Not Before: Jul 23 17:27:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67102c04333d72ea321a86c95d7bc0688033ad8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:62:49:ce:a3:88:15:bb:da:3f:3a:1b:7f:cb:
65:cb:98:f9:33:51:cf:97:fa:50:fb:c7:59:e4:51:
22:26:a4:25:84:25:68:2b:8c:f0:f6:4f:82:4d:94:
e1:fb:69:7b:23:4a:0e:9a:4f:04:f4:98:25:9b:83:
10:bd:c8:df:f5:85:c4:b5:55:85:5e:4a:27:47:38:
3f:72:c4:13:fe:20:25:46:66:7b:30:92:d2:39:3b:
c3:9e:fd:e6:0e:6a:81:b6:93:78:4c:5e:4e:c0:44:
e1:2e:82:fd:63:77:24:8a:9a:28:c1:0b:4f:38:db:
84:49:b4:8e:8b:37:55:3c:fe:d7:fa:32:31:58:00:
22:04:97:25:1f:4a:f0:3f:c5:e8:bc:4a:8a:26:ae:
fa:a3:d2:e4:3e:e2:cf:0c:b5:32:9e:0d:5f:8c:f2:
50:4c:80:a6:bf:3e:50:b7:97:b5:ca:d8:aa:a6:e2:
67:13:d1:d2:ed:67:67:96:7c:ee:9d:05:36:a6:50:
70:af:fd:df:70:99:68:22:53:b1:29:ff:64:e7:19:
5d:27:8a:82:6a:da:19:2d:dc:4c:00:a1:7d:22:5f:
57:49:07:76:fc:82:5d:8c:9b:f2:d6:03:34:f3:2f:
57:70:45:7b:b4:e9:94:13:88:c7:36:48:a4:1e:51:
7a:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:10:2C:04:33:3D:72:EA:32:1A:86:C9:5D:7B:C0:68:80:33:AD:8A
X509v3 Authority Key Identifier:
keyid:24:CC:6B:9C:37:FA:A0:DA:3B:41:20:07:C0:B1:0B:2C:5B:F2:CF:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/JMxrnDf6oNo7QSAHwLELLFvyz04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/ZxAsBDM9cuoyGobJXXvAaIAzrYo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/0ff449-ad98-482d-ac75-864238bc049b/1/JMxrnDf6oNo7QSAHwLELLFvyz04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
149.250.0.0/16
192.109.236.0/24
195.203.0.0/16
217.27.0.0-217.27.4.255
217.27.6.0/23
IPv6:
2a03:5000:1::-2a03:5000:2:ffff:ffff:ffff:ffff:ffff
2a03:5000:11::-2a03:5000:12:ffff:ffff:ffff:ffff:ffff
2a03:5000:20::-2a03:5000:22:ffff:ffff:ffff:ffff:ffff
2a03:5000:30::-2a03:5000:32:ffff:ffff:ffff:ffff:ffff
2a03:5000:41::-2a03:5000:42:ffff:ffff:ffff:ffff:ffff
2a03:5000:51::-2a03:5000:52:ffff:ffff:ffff:ffff:ffff
2a03:5000:61::-2a03:5000:62:ffff:ffff:ffff:ffff:ffff
2a03:5000:71::-2a03:5000:72:ffff:ffff:ffff:ffff:ffff
2a03:5000:81::-2a03:5000:82:ffff:ffff:ffff:ffff:ffff
2a03:5000:91::-2a03:5000:92:ffff:ffff:ffff:ffff:ffff
2a03:5000:101::-2a03:5000:102:ffff:ffff:ffff:ffff:ffff
2a03:5000:111::-2a03:5000:112:ffff:ffff:ffff:ffff:ffff
2a03:5000:121::-2a03:5000:122:ffff:ffff:ffff:ffff:ffff
2a03:5000:131::-2a03:5000:132:ffff:ffff:ffff:ffff:ffff
2a03:5000:141::-2a03:5000:142:ffff:ffff:ffff:ffff:ffff
2a03:5000:151::-2a03:5000:152:ffff:ffff:ffff:ffff:ffff
2a03:5000:161::-2a03:5000:162:ffff:ffff:ffff:ffff:ffff
2a03:5000:171::-2a03:5000:172:ffff:ffff:ffff:ffff:ffff
2a03:5000:181::-2a03:5000:182:ffff:ffff:ffff:ffff:ffff
2a03:5000:191::-2a03:5000:192:ffff:ffff:ffff:ffff:ffff
2a03:5000:201::-2a03:5000:202:ffff:ffff:ffff:ffff:ffff
2a03:5000:211::-2a03:5000:212:ffff:ffff:ffff:ffff:ffff
2a03:5000:221::-2a03:5000:222:ffff:ffff:ffff:ffff:ffff
2a03:5000:231::-2a03:5000:232:ffff:ffff:ffff:ffff:ffff
2a03:5000:241::-2a03:5000:242:ffff:ffff:ffff:ffff:ffff
2a03:5000:251::-2a03:5000:252:ffff:ffff:ffff:ffff:ffff
2a03:5000:271::-2a03:5000:272:ffff:ffff:ffff:ffff:ffff
2a03:5000:291::-2a03:5000:292:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
54:ec:28:49:75:d8:b6:15:28:fa:fa:96:c6:25:c3:64:83:01:
86:57:62:57:82:14:73:af:09:38:5f:7e:2f:29:a6:70:a1:6d:
41:3e:a6:11:7a:64:ac:65:f7:f9:d0:71:eb:2b:cb:5f:65:03:
9e:39:71:b1:2a:92:ce:df:15:1c:74:4f:8d:92:c8:e5:30:01:
07:e0:f7:b2:2d:c8:6c:34:ef:b2:69:25:bd:a5:e8:98:3f:91:
2e:4e:88:f0:b6:82:c9:c1:c0:8d:8e:3d:ab:60:2a:52:e9:4b:
85:ad:84:d0:b7:03:0d:96:c9:52:d9:bf:ad:2c:46:e3:1e:95:
31:2f:57:42:33:45:09:b9:10:99:1c:78:eb:c2:bf:c4:65:b8:
3b:cf:65:ed:9f:5e:7c:7c:c8:3f:99:b7:de:87:99:05:d1:85:
2a:87:d9:b4:ad:6a:36:45:ed:57:7f:69:a8:66:d4:f9:f9:61:
74:d7:55:08:f1:8f:c6:e3:71:ca:0d:31:51:d0:9e:8c:89:a7:
69:ff:cf:d5:42:ce:b8:a9:c1:60:2d:48:3f:77:1a:14:94:93:
f6:41:36:0c:ed:3d:b6:f5:41:e3:6e:0f:59:38:72:cf:87:11:
b7:dd:a5:05:ef:d1:56:02:56:77:a1:21:b0:45:ff:db:99:b2:
42:2d:39:62
-----BEGIN CERTIFICATE-----
MIIHXDCCBkSgAwIBAgISAZg4UxLujv0z4Jh6pcKXQJ9gMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI0Y2M2YjljMzdmYWEwZGEzYjQxMjAwN2MwYjEwYjJjNWJm
MmNmNGUwHhcNMjUwNzIzMTcyNzA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzEwMmMwNDMzM2Q3MmVhMzIxYTg2Yzk1ZDdiYzA2ODgwMzNhZDhhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkGJJzqOIFbvaPzobf8tly5j5M1HP
l/pQ+8dZ5FEiJqQlhCVoK4zw9k+CTZTh+2l7I0oOmk8E9Jglm4MQvcjf9YXEtVWF
XkonRzg/csQT/iAlRmZ7MJLSOTvDnv3mDmqBtpN4TF5OwEThLoL9Y3ckipoowQtP
ONuESbSOizdVPP7X+jIxWAAiBJclH0rwP8XovEqKJq76o9LkPuLPDLUyng1fjPJQ
TICmvz5Qt5e1ytiqpuJnE9HS7WdnlnzunQU2plBwr/3fcJloIlOxKf9k5xldJ4qC
atoZLdxMAKF9Il9XSQd2/IJdjJvy1gM08y9XcEV7tOmUE4jHNkikHlF6KQIDAQAB
o4IEaDCCBGQwHQYDVR0OBBYEFGcQLAQzPXLqMhqGyV17wGiAM62KMB8GA1UdIwQY
MBaAFCTMa5w3+qDaO0EgB8CxCyxb8s9OMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUt
ODY0MjM4YmMwNDliLzEvWnhBc0JETTljdW95R29iSlhYdkFhSUF6cllvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC8wZmY0NDktYWQ5OC00ODJkLWFjNzUtODY0MjM4YmMwNDli
LzEvSk14cm5EZjZvTm83UVNBSHdMRUxMRnZ5ejA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIICfAYIKwYBBQUHAQcBAf8EggJrMIICZzApBAIAATAjAwMA
lfoDBADAbewDAwDDyzALAwMA2RsDBADZGwQDBAHZGwYwggI4BAIAAjCCAjAwEgMH
ACoDUAAAAQMHACoDUAAAAjASAwcAKgNQAAARAwcAKgNQAAASMBIDBwUqA1AAACAD
BwAqA1AAACIwEgMHBCoDUAAAMAMHACoDUAAAMjASAwcAKgNQAABBAwcAKgNQAABC
MBIDBwAqA1AAAFEDBwAqA1AAAFIwEgMHACoDUAAAYQMHACoDUAAAYjASAwcAKgNQ
AABxAwcAKgNQAAByMBIDBwAqA1AAAIEDBwAqA1AAAIIwEgMHACoDUAAAkQMHACoD
UAAAkjASAwcAKgNQAAEBAwcAKgNQAAECMBIDBwAqA1AAAREDBwAqA1AAARIwEgMH
ACoDUAABIQMHACoDUAABIjASAwcAKgNQAAExAwcAKgNQAAEyMBIDBwAqA1AAAUED
BwAqA1AAAUIwEgMHACoDUAABUQMHACoDUAABUjASAwcAKgNQAAFhAwcAKgNQAAFi
MBIDBwAqA1AAAXEDBwAqA1AAAXIwEgMHACoDUAABgQMHACoDUAABgjASAwcAKgNQ
AAGRAwcAKgNQAAGSMBIDBwAqA1AAAgEDBwAqA1AAAgIwEgMHACoDUAACEQMHACoD
UAACEjASAwcAKgNQAAIhAwcAKgNQAAIiMBIDBwAqA1AAAjEDBwAqA1AAAjIwEgMH
ACoDUAACQQMHACoDUAACQjASAwcAKgNQAAJRAwcAKgNQAAJSMBIDBwAqA1AAAnED
BwAqA1AAAnIwEgMHACoDUAACkQMHACoDUAACkjANBgkqhkiG9w0BAQsFAAOCAQEA
VOwoSXXYthUo+vqWxiXDZIMBhldiV4IUc68JOF9+LymmcKFtQT6mEXpkrGX3+dBx
6yvLX2UDnjlxsSqSzt8VHHRPjZLI5TABB+D3si3IbDTvsmklvaXomD+RLk6I8LaC
ycHAjY49q2AqUulLha2E0LcDDZbJUtm/rSxG4x6VMS9XQjNFCbkQmRx468K/xGW4
O89l7Z9efHzIP5m33oeZBdGFKofZtK1qNkXtV39pqGbU+flhdNdVCPGPxuNxyg0x
UdCejImnaf/P1ULOuKnBYC1IP3caFJST9kE2DO09tvVB424PWThyz4cRt92lBe/R
VgJWd6EhsEX/25myQi05Yg==
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:03:29 2025 by rpki-client