Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/1ZXZrb7_KMMAffteaFQez59OJV0.roa
File: 1ZXZrb7_KMMAffteaFQez59OJV0.roa (raw, json)
Hash identifier: qoGAFlDhNoBjbRdWcrJQCoTnOEYR10v5Gl4Yr+NRQu4=
Subject key identifier: D5:95:D9:AD:BE:FF:28:C3:00:7D:FB:5E:68:54:1E:CF:9F:4E:25:5D
Certificate issuer: /CN=6090cdd31d3a71da1ce4a4bd85f1987e3ca4eafa
Certificate serial: 019A01E51AE93EB826BD17438FE462DB2B3D
Authority key identifier: 60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/1ZXZrb7_KMMAffteaFQez59OJV0.roa
Signing time: Mon 20 Oct 2025 13:53:03 +0000
ROA not before: Mon 20 Oct 2025 13:53:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 21453
IP address blocks: 80.84.112.0/20 maxlen: 20
80.252.128.0/19 maxlen: 19
88.84.192.0/19 maxlen: 19
94.253.0.0/17 maxlen: 17
94.253.0.0/18 maxlen: 18
94.253.2.0/24 maxlen: 24
94.253.64.0/20 maxlen: 20
94.253.96.0/19 maxlen: 19
94.253.102.0/23 maxlen: 23
95.183.64.0/18 maxlen: 18
178.57.224.0/19 maxlen: 19
178.167.0.0/17 maxlen: 17
178.167.0.0/18 maxlen: 18
178.167.64.0/19 maxlen: 19
178.167.96.0/19 maxlen: 19
185.5.148.0/22 maxlen: 22
212.7.224.0/19 maxlen: 19
2a01:4200::/30 maxlen: 30
2a01:4200::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.crl
rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.mft
rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 02 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:01:e5:1a:e9:3e:b8:26:bd:17:43:8f:e4:62:db:2b:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6090cdd31d3a71da1ce4a4bd85f1987e3ca4eafa
Validity
Not Before: Oct 20 13:53:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d595d9adbeff28c3007dfb5e68541ecf9f4e255d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:a3:af:12:81:77:95:17:22:9d:64:55:7c:26:
2c:36:76:c4:9d:33:ab:3c:9d:a8:74:83:2e:09:7a:
db:18:31:5b:50:6c:c9:4e:1e:ca:b0:64:d0:96:31:
18:f9:56:6a:df:86:04:52:12:39:65:bd:12:cb:0d:
48:53:dc:7a:b0:71:85:25:a6:6a:9e:c7:1a:89:93:
01:d6:1e:d4:88:c0:22:ca:e9:67:b0:30:f4:85:bd:
8f:98:8f:91:c8:86:d9:79:0d:96:9f:d6:fc:54:3c:
29:55:dc:d4:db:d5:7b:cd:92:61:fb:45:47:1a:b5:
da:27:f0:94:71:78:0b:72:5c:a5:52:1e:45:34:af:
75:8c:64:db:04:8a:79:4b:fc:1c:ec:bf:95:9d:dd:
89:53:de:20:d9:42:b9:28:4e:4f:21:23:be:74:eb:
2a:02:50:86:49:57:4e:a6:fa:d3:5e:30:d5:a0:b9:
8f:f8:91:ba:00:db:e8:f8:67:58:9d:b2:1a:32:cf:
2b:dc:eb:97:88:fd:ca:58:80:96:3b:0a:ec:4e:86:
50:d1:7b:c9:fc:4b:85:76:89:69:92:fe:bd:a9:b5:
8b:c7:26:53:5e:e0:60:38:12:3d:9b:b7:12:73:a5:
9b:8f:b1:19:86:bb:f3:ea:59:95:e3:40:59:10:5e:
07:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D5:95:D9:AD:BE:FF:28:C3:00:7D:FB:5E:68:54:1E:CF:9F:4E:25:5D
X509v3 Authority Key Identifier:
keyid:60:90:CD:D3:1D:3A:71:DA:1C:E4:A4:BD:85:F1:98:7E:3C:A4:EA:FA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YJDN0x06cdoc5KS9hfGYfjyk6vo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/1ZXZrb7_KMMAffteaFQez59OJV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/14/08900f-b361-47ad-893f-7351f869b42b/1/YJDN0x06cdoc5KS9hfGYfjyk6vo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.84.112.0/20
80.252.128.0/19
88.84.192.0/19
94.253.0.0/17
95.183.64.0/18
178.57.224.0/19
178.167.0.0/17
185.5.148.0/22
212.7.224.0/19
IPv6:
2a01:4200::/30
Signature Algorithm: sha256WithRSAEncryption
1d:97:e7:ea:b8:1d:f6:92:b8:29:da:bf:a2:90:de:bc:39:95:
9f:67:87:91:f2:3f:9b:d4:29:13:2b:4c:15:02:48:25:d3:07:
93:8d:09:33:a5:6a:02:90:98:fb:b4:cc:54:89:f1:d3:e2:3c:
3c:43:92:51:9c:1b:d7:fe:74:71:0e:1e:af:83:a2:05:94:7b:
d6:41:08:d8:32:38:72:8b:12:0d:04:e3:27:62:a8:c9:c1:cd:
9c:6d:be:20:45:c0:0d:89:43:00:c6:f1:d4:d5:c6:3c:81:da:
f9:74:d9:49:b1:ef:fe:1a:85:de:e8:fa:8d:1b:b6:98:59:63:
5a:cf:f6:3a:ab:be:ae:76:15:42:c6:b4:68:5d:1d:77:8d:97:
8e:30:4b:37:df:f9:2e:2a:9d:df:cd:2a:75:7e:6a:c8:2e:31:
f4:5d:18:ac:b4:1d:47:07:86:27:92:22:10:91:e0:e4:5a:bd:
09:fa:68:a7:3a:47:88:be:cc:be:ac:4e:b4:c9:7f:3e:ec:68:
67:92:f5:d4:0f:f6:9e:b6:22:f5:89:09:85:6a:20:74:8b:e6:
84:14:78:d3:27:7f:39:25:eb:fe:ae:f2:31:19:52:52:9d:84:
3d:c9:b4:d6:51:9b:2a:17:7b:9f:36:71:38:da:32:0d:e1:b8:
70:9a:d8:ab
-----BEGIN CERTIFICATE-----
MIIFPDCCBCSgAwIBAgISAZoB5RrpPrgmvRdDj+Ri2ys9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYwOTBjZGQzMWQzYTcxZGExY2U0YTRiZDg1ZjE5ODdlM2Nh
NGVhZmEwHhcNMjUxMDIwMTM1MzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNTk1ZDlhZGJlZmYyOGMzMDA3ZGZiNWU2ODU0MWVjZjlmNGUyNTVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlaOvEoF3lRcinWRVfCYsNnbEnTOr
PJ2odIMuCXrbGDFbUGzJTh7KsGTQljEY+VZq34YEUhI5Zb0Syw1IU9x6sHGFJaZq
nscaiZMB1h7UiMAiyulnsDD0hb2PmI+RyIbZeQ2Wn9b8VDwpVdzU29V7zZJh+0VH
GrXaJ/CUcXgLclylUh5FNK91jGTbBIp5S/wc7L+Vnd2JU94g2UK5KE5PISO+dOsq
AlCGSVdOpvrTXjDVoLmP+JG6ANvo+GdYnbIaMs8r3OuXiP3KWICWOwrsToZQ0XvJ
/EuFdolpkv69qbWLxyZTXuBgOBI9m7cSc6Wbj7EZhrvz6lmV40BZEF4HaQIDAQAB
o4ICSDCCAkQwHQYDVR0OBBYEFNWV2a2+/yjDAH37XmhUHs+fTiVdMB8GA1UdIwQY
MBaAFGCQzdMdOnHaHOSkvYXxmH48pOr6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWUpETjB4MDZjZG9jNUtTOWhmR1lmanlrNnZvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNC8wODkwMGYtYjM2MS00N2FkLTg5M2Yt
NzM1MWY4NjliNDJiLzEvMVpYWnJiN19LTU1BZmZ0ZWFGUWV6NTlPSlYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNC8wODkwMGYtYjM2MS00N2FkLTg5M2YtNzM1MWY4NjliNDJi
LzEvWUpETjB4MDZjZG9jNUtTOWhmR1lmanlrNnZvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMF4GCCsGAQUFBwEHAQH/BE8wTTA8BAIAATA2AwQEUFRwAwQF
UPyAAwQFWFTAAwQHXv0AAwQGX7dAAwQFsjngAwQHsqcAAwQCuQWUAwQF1AfgMA0E
AgACMAcDBQIqAUIAMA0GCSqGSIb3DQEBCwUAA4IBAQAdl+fquB32krgp2r+ikN68
OZWfZ4eR8j+b1CkTK0wVAkgl0weTjQkzpWoCkJj7tMxUifHT4jw8Q5JRnBvX/nRx
Dh6vg6IFlHvWQQjYMjhyixINBOMnYqjJwc2cbb4gRcANiUMAxvHU1cY8gdr5dNlJ
se/+GoXe6PqNG7aYWWNaz/Y6q76udhVCxrRoXR13jZeOMEs33/kuKp3fzSp1fmrI
LjH0XRistB1HB4YnkiIQkeDkWr0J+minOkeIvsy+rE60yX8+7GhnkvXUD/aetiL1
iQmFaiB0i+aEFHjTJ385Jev+rvIxGVJSnYQ9ybTWUZsqF3ufNnE42jIN4bhwmtir
-----END CERTIFICATE-----
Generated at Sat Nov 1 07:13:20 2025 by rpki-client