Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zhLKGrUYFSyL4h0BMUMECzZ00ic.roa
File: zhLKGrUYFSyL4h0BMUMECzZ00ic.roa (raw, json)
Hash identifier: ViExCfk/hU+EkSmAgkmvmghxNN3UcrFzk5vAC2GnX0w=
Subject key identifier: CE:12:CA:1A:B5:18:15:2C:8B:E2:1D:01:31:43:04:0B:36:74:D2:27
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0197D430E2FD0A50098F860F77EC584A80E0
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zhLKGrUYFSyL4h0BMUMECzZ00ic.roa
Signing time: Fri 04 Jul 2025 06:47:42 +0000
ROA not before: Fri 04 Jul 2025 06:47:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 2.59.253.0/24 maxlen: 24
5.252.132.0/22 maxlen: 24
31.13.211.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.9.157.0/24 maxlen: 24
45.12.253.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.66.231.0/24 maxlen: 24
45.81.39.0/24 maxlen: 24
45.88.64.0/24 maxlen: 24
45.89.247.0/24 maxlen: 24
45.90.89.0/24 maxlen: 24
45.128.96.0/24 maxlen: 24
45.139.106.0/24 maxlen: 24
45.141.158.0/24 maxlen: 24
45.141.159.0/24 maxlen: 24
45.151.90.0/24 maxlen: 24
81.161.238.0/24 maxlen: 24
83.219.97.0/24 maxlen: 24
84.54.48.0/24 maxlen: 24
87.120.87.0/24 maxlen: 24
87.120.89.0/24 maxlen: 24
87.120.126.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.121.20.0/23 maxlen: 23
87.121.22.0/24 maxlen: 24
87.121.38.0/24 maxlen: 24
87.121.45.0/24 maxlen: 24
87.121.87.0/24 maxlen: 24
87.121.88.0/24 maxlen: 24
87.121.165.0/24 maxlen: 24
91.92.70.0/24 maxlen: 24
91.92.240.0/20 maxlen: 24
92.119.196.0/23 maxlen: 24
92.249.50.0/24 maxlen: 24
93.123.47.0/24 maxlen: 24
93.123.85.0/24 maxlen: 24
93.123.109.0/24 maxlen: 24
93.123.117.0/24 maxlen: 24
93.123.119.0/24 maxlen: 24
94.103.125.0/24 maxlen: 24
94.154.162.0/23 maxlen: 24
94.156.64.0/22 maxlen: 24
94.156.175.0/24 maxlen: 24
94.156.232.0/24 maxlen: 24
94.156.239.0/24 maxlen: 24
141.98.1.0/24 maxlen: 24
141.98.6.0/24 maxlen: 24
171.22.73.0/24 maxlen: 24
171.22.74.0/23 maxlen: 24
178.215.227.0/24 maxlen: 24
185.216.84.0/22 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.18.0/24 maxlen: 24
193.222.96.0/24 maxlen: 24
193.222.98.0/24 maxlen: 24
194.55.186.0/24 maxlen: 24
194.169.175.0/24 maxlen: 24
195.178.111.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 16:26:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d4:30:e2:fd:0a:50:09:8f:86:0f:77:ec:58:4a:80:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 4 06:47:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce12ca1ab518152c8be21d013143040b3674d227
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:20:ac:4b:3f:9f:e1:c0:ec:25:48:fb:99:bf:
0b:67:62:bd:14:3d:65:03:13:1e:24:3e:27:89:1f:
fe:68:29:19:9a:5d:40:8a:ff:01:9d:93:f5:e3:ea:
96:05:5d:e8:e3:31:e7:63:c5:86:83:97:e0:8d:7f:
a5:eb:0c:bb:b0:37:4f:05:03:bc:9f:94:58:3e:ac:
1a:2c:32:8d:7e:26:9b:6e:c2:35:69:d2:b3:8b:c6:
4b:56:2a:5c:16:99:b9:79:4e:fc:27:e0:1e:be:4a:
07:7b:49:6d:c7:a4:36:19:3d:ba:59:b4:4a:b0:9d:
82:e8:46:63:56:8b:98:73:eb:ba:bb:cb:f8:88:93:
3b:f7:2e:9d:ba:9d:de:5e:49:bb:f8:71:59:fa:13:
06:cb:ab:66:85:39:7a:4e:01:13:52:31:b6:6d:e6:
38:19:a0:13:94:2a:24:e1:8d:f8:27:fb:98:4b:1a:
5a:e2:e6:6b:f7:0a:ec:ec:8e:54:3d:0d:4c:c7:08:
19:7f:c7:df:db:b4:29:20:ff:25:01:b9:60:78:b1:
2f:54:1d:4e:fb:73:f5:a8:2e:2f:75:74:04:d6:55:
eb:56:8c:18:65:34:8e:e9:99:fb:a4:8d:ee:c0:af:
14:ac:ea:c4:7f:cc:9e:f6:a8:a2:c4:4d:81:6b:69:
c6:11
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:12:CA:1A:B5:18:15:2C:8B:E2:1D:01:31:43:04:0B:36:74:D2:27
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/zhLKGrUYFSyL4h0BMUMECzZ00ic.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.253.0/24
5.252.132.0/22
31.13.211.0/24
45.8.93.0/24
45.9.157.0/24
45.12.253.0/24
45.66.228.0/24
45.66.231.0/24
45.81.39.0/24
45.88.64.0/24
45.89.247.0/24
45.90.89.0/24
45.128.96.0/24
45.139.106.0/24
45.141.158.0/23
45.151.90.0/24
81.161.238.0/24
83.219.97.0/24
84.54.48.0/24
87.120.87.0/24
87.120.89.0/24
87.120.126.0/24
87.120.166.0/24
87.121.20.0-87.121.22.255
87.121.38.0/24
87.121.45.0/24
87.121.87.0-87.121.88.255
87.121.165.0/24
91.92.70.0/24
91.92.240.0/20
92.119.196.0/23
92.249.50.0/24
93.123.47.0/24
93.123.85.0/24
93.123.109.0/24
93.123.117.0/24
93.123.119.0/24
94.103.125.0/24
94.154.162.0/23
94.156.64.0/22
94.156.175.0/24
94.156.232.0/24
94.156.239.0/24
141.98.1.0/24
141.98.6.0/24
171.22.73.0-171.22.75.255
178.215.227.0/24
185.216.84.0/22
193.25.216.0/24
193.35.18.0/24
193.222.96.0/24
193.222.98.0/24
194.55.186.0/24
194.169.175.0/24
195.178.111.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:f1:07:09:bd:41:62:5f:7e:fd:06:91:2f:f8:99:d9:09:46:
56:a1:f8:03:10:29:05:0a:1c:8e:94:9d:76:71:b3:df:0e:98:
b6:3c:c1:a5:b2:6e:bb:b6:3e:73:2e:33:0b:44:24:9e:79:b2:
51:9e:6e:4c:b1:19:cc:bf:4b:26:b9:18:03:6d:50:ae:14:6b:
ae:2c:ec:a4:dc:26:37:10:91:58:07:e7:2b:47:71:5d:2a:f7:
22:a8:78:59:9e:79:41:79:8d:c5:48:5a:d5:c4:cc:2b:d9:86:
eb:16:56:04:a0:32:d9:b1:65:55:6b:b6:8e:0f:d4:0c:c6:d0:
a9:9f:c6:60:80:7f:6e:df:fb:e2:c3:d4:22:d3:e2:59:e8:44:
4b:5a:7a:18:72:c6:2b:71:ed:02:c2:1e:53:a8:1e:5a:11:39:
a9:be:1d:27:26:62:ee:5a:3a:cc:5c:6f:03:5f:a7:ee:59:c4:
eb:94:78:ab:35:13:8f:f8:d2:02:55:11:b4:7d:5e:31:ae:11:
0a:c2:a5:91:68:d9:15:b7:d5:ad:cc:c9:33:bd:f9:9b:dc:58:
eb:49:37:e7:2f:8c:a9:2c:29:e3:bc:26:62:d9:08:ef:16:ac:
54:4f:e0:e3:ba:60:b4:52:84:06:c2:1c:8a:98:e2:4a:6f:c3:
bd:78:1c:29
-----BEGIN CERTIFICATE-----
MIIGYzCCBUugAwIBAgISAZfUMOL9ClAJj4YPd+xYSoDgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzA0MDY0NzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTEyY2ExYWI1MTgxNTJjOGJlMjFkMDEzMTQzMDQwYjM2NzRkMjI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsCCsSz+f4cDsJUj7mb8LZ2K9FD1l
AxMeJD4niR/+aCkZml1Aiv8BnZP14+qWBV3o4zHnY8WGg5fgjX+l6wy7sDdPBQO8
n5RYPqwaLDKNfiabbsI1adKzi8ZLVipcFpm5eU78J+AevkoHe0ltx6Q2GT26WbRK
sJ2C6EZjVouYc+u6u8v4iJM79y6dup3eXkm7+HFZ+hMGy6tmhTl6TgETUjG2beY4
GaATlCok4Y34J/uYSxpa4uZr9wrs7I5UPQ1MxwgZf8ff27QpIP8lAblgeLEvVB1O
+3P1qC4vdXQE1lXrVowYZTSO6Zn7pI3uwK8UrOrEf8ye9qiixE2Ba2nGEQIDAQAB
o4IDbzCCA2swHQYDVR0OBBYEFM4Syhq1GBUsi+IdATFDBAs2dNInMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvemhMS0dyVVlGU3lMNGgwQk1VTUVDelowMGljLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBgwYIKwYBBQUHAQcBAf8EggFyMIIBbjCCAWoEAgABMIIB
YgMEAAI7/QMEAgX8hAMEAB8N0wMEAC0IXQMEAC0JnQMEAC0M/QMEAC1C5AMEAC1C
5wMEAC1RJwMEAC1YQAMEAC1Z9wMEAC1aWQMEAC2AYAMEAC2LagMEAS2NngMEAC2X
WgMEAFGh7gMEAFPbYQMEAFQ2MAMEAFd4VwMEAFd4WQMEAFd4fgMEAFd4pjAMAwQC
V3kUAwQAV3kWAwQAV3kmAwQAV3ktMAwDBABXeVcDBABXeVgDBABXeaUDBABbXEYD
BARbXPADBAFcd8QDBABc+TIDBABdey8DBABde1UDBABde20DBABde3UDBABde3cD
BABeZ30DBAFemqIDBAJenEADBABenK8DBABenOgDBABenO8DBACNYgEDBACNYgYw
DAMEAKsWSQMEAqsWSAMEALLX4wMEArnYVAMEAMEZ2AMEAMEjEgMEAMHeYAMEAMHe
YgMEAMI3ugMEAMKprwMEAMOybzANBgkqhkiG9w0BAQsFAAOCAQEAsfEHCb1BYl9+
/QaRL/iZ2QlGVqH4AxApBQocjpSddnGz3w6YtjzBpbJuu7Y+cy4zC0QknnmyUZ5u
TLEZzL9LJrkYA21QrhRrrizspNwmNxCRWAfnK0dxXSr3Iqh4WZ55QXmNxUha1cTM
K9mG6xZWBKAy2bFlVWu2jg/UDMbQqZ/GYIB/bt/74sPUItPiWehES1p6GHLGK3Ht
AsIeU6geWhE5qb4dJyZi7lo6zFxvA1+n7lnE65R4qzUTj/jSAlURtH1eMa4RCsKl
kWjZFbfVrczJM735m9xY60k35y+MqSwp47wmYtkI7xasVE/g47pgtFKEBsIcipji
Sm/DvXgcKQ==
-----END CERTIFICATE-----
Generated at Sat Jul 5 23:48:42 2025 by rpki-client