Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KZJHRZnZI4pWb6c1iJ_xsDt652k.roa
File: KZJHRZnZI4pWb6c1iJ_xsDt652k.roa (raw, json)
Hash identifier: Y/Cg891oLDCBXc+mdpadtkMEBPhmA5UQhw1qZvVDlCs=
Subject key identifier: 29:92:47:45:99:D9:23:8A:56:6F:A7:35:88:9F:F1:B0:3B:7A:E7:69
Certificate issuer: /CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Certificate serial: 019A58163A710FB8C7AF42E4BD64CF9E0FA4
Authority key identifier: 9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KZJHRZnZI4pWb6c1iJ_xsDt652k.roa
Signing time: Thu 06 Nov 2025 07:34:03 +0000
ROA not before: Thu 06 Nov 2025 07:34:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62206
IP address blocks: 5.181.84.0/24 maxlen: 24
5.181.87.0/24 maxlen: 24
45.9.29.0/24 maxlen: 24
45.13.189.0/24 maxlen: 24
45.13.190.0/24 maxlen: 24
45.94.171.0/24 maxlen: 24
45.132.180.0/24 maxlen: 24
45.132.182.0/23 maxlen: 24
77.83.39.0/24 maxlen: 24
146.19.125.0/24 maxlen: 24
185.43.248.0/24 maxlen: 24
185.43.249.0/24 maxlen: 24
185.43.251.0/24 maxlen: 24
185.200.62.0/24 maxlen: 24
185.200.63.0/24 maxlen: 24
193.30.240.0/24 maxlen: 24
193.30.242.0/24 maxlen: 24
193.30.243.0/24 maxlen: 24
193.57.43.0/24 maxlen: 24
194.242.96.0/24 maxlen: 24
194.242.98.0/24 maxlen: 24
194.242.99.0/24 maxlen: 24
195.177.92.0/24 maxlen: 24
195.177.93.0/24 maxlen: 24
195.177.94.0/24 maxlen: 24
195.177.95.0/24 maxlen: 24
195.211.188.0/24 maxlen: 24
195.211.189.0/24 maxlen: 24
195.211.190.0/24 maxlen: 24
195.211.191.0/24 maxlen: 24
2a01:7120::/32 maxlen: 32
2a01:7120:7::/48 maxlen: 48
2a07:9200::/29 maxlen: 32
2a07:9201::/32 maxlen: 32
2a07:9206::/32 maxlen: 32
2a07:9207::/32 maxlen: 32
2a09:340::/32 maxlen: 32
2a09:342::/32 maxlen: 32
2a09:346::/32 maxlen: 32
2a09:c440::/32 maxlen: 32
2a0c:5d40::/32 maxlen: 32
2a0c:a580::/29 maxlen: 32
2a0c:a580::/32 maxlen: 32
2a0c:a581::/32 maxlen: 32
2a0c:a584::/32 maxlen: 32
2a0c:a586::/32 maxlen: 32
2a10:dfc0::/29 maxlen: 32
2a10:dfc0::/32 maxlen: 32
2a10:fac0::/32 maxlen: 32
2a11:580::/29 maxlen: 29
2a11:580::/32 maxlen: 32
2a11:1600::/32 maxlen: 32
2a11:2a80::/32 maxlen: 32
2a11:3900::/32 maxlen: 32
2a11:d680::/32 maxlen: 32
2a12:9f00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.mft
rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 08 Nov 2025 12:35:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:58:16:3a:71:0f:b8:c7:af:42:e4:bd:64:cf:9e:0f:a4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9d2a478bb0b08e661b0b2f9fbe8935bc9c2a28a1
Validity
Not Before: Nov 6 07:34:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=2992474599d9238a566fa735889ff1b03b7ae769
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:c8:ec:ea:32:39:28:02:05:c1:9d:c3:8c:b6:
9c:76:cc:14:65:09:5a:26:7d:19:03:d1:9b:86:9b:
05:5d:90:1b:e4:b4:81:38:88:ed:cc:10:df:de:81:
8c:7c:b0:fb:d2:8b:03:28:03:b7:79:72:9c:49:0a:
a9:29:b8:13:58:ed:7d:a7:59:a4:6d:e5:af:6b:c1:
64:54:1e:32:2a:df:b1:b2:35:63:90:be:08:a3:90:
ab:79:df:f6:34:45:92:a7:25:0e:57:dc:c8:ae:ac:
fc:cd:d0:30:2b:67:9b:22:ae:10:08:da:ec:ef:ec:
13:5d:18:30:46:8e:8e:bf:8c:7f:f1:23:60:cc:b7:
8c:8f:6e:6f:7f:89:cc:fe:2c:73:6a:86:c8:31:fd:
a3:6c:84:f8:b0:b4:6f:0d:5a:54:e1:cd:3f:43:96:
e1:97:4d:73:17:d4:e3:49:78:00:88:76:f9:26:89:
68:21:0d:03:70:1e:b7:56:a7:e3:c7:f0:9c:02:0c:
14:57:f4:40:76:85:ac:57:59:3e:64:af:5c:c5:6f:
bb:fe:7a:f6:f9:32:f8:9c:95:e7:dd:a8:6a:ea:4c:
25:87:15:80:6f:6b:de:c3:31:47:1e:81:bc:df:8a:
be:5c:91:d1:af:fc:4a:53:85:a8:eb:df:ac:26:68:
10:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
29:92:47:45:99:D9:23:8A:56:6F:A7:35:88:9F:F1:B0:3B:7A:E7:69
X509v3 Authority Key Identifier:
keyid:9D:2A:47:8B:B0:B0:8E:66:1B:0B:2F:9F:BE:89:35:BC:9C:2A:28:A1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/nSpHi7CwjmYbCy-fvok1vJwqKKE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/KZJHRZnZI4pWb6c1iJ_xsDt652k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/663df5-580c-4f2c-a66c-eef3511f6c60/1/nSpHi7CwjmYbCy-fvok1vJwqKKE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.181.84.0/24
5.181.87.0/24
45.9.29.0/24
45.13.189.0-45.13.190.255
45.94.171.0/24
45.132.180.0/24
45.132.182.0/23
77.83.39.0/24
146.19.125.0/24
185.43.248.0/23
185.43.251.0/24
185.200.62.0/23
193.30.240.0/24
193.30.242.0/23
193.57.43.0/24
194.242.96.0/24
194.242.98.0/23
195.177.92.0/22
195.211.188.0/22
IPv6:
2a01:7120::/32
2a07:9200::/29
2a09:340::/32
2a09:342::/32
2a09:346::/32
2a09:c440::/32
2a0c:5d40::/32
2a0c:a580::/29
2a10:dfc0::/29
2a10:fac0::/32
2a11:580::/29
2a11:1600::/32
2a11:2a80::/32
2a11:3900::/32
2a11:d680::/32
2a12:9f00::/32
Signature Algorithm: sha256WithRSAEncryption
2b:6f:88:c9:7f:9c:55:a0:41:9d:88:4c:65:e8:c0:fa:2e:d7:
37:1b:3e:7f:d6:78:64:08:d8:3a:eb:e4:39:a0:99:9b:e3:ad:
e3:57:bf:c9:5c:52:8e:35:97:ad:a5:f0:83:91:bb:24:bd:58:
01:fb:9d:3b:30:32:ed:a3:13:cd:4f:75:1a:32:e4:f2:8c:3c:
8c:16:74:67:c1:0a:18:d5:50:af:90:44:68:88:9d:8b:d3:ac:
b3:81:ea:e0:e0:19:d6:91:c2:1b:ce:5a:8d:02:5a:ff:4d:f6:
d7:fa:27:65:26:0e:e6:ee:65:23:39:b2:d5:80:2b:b3:99:9b:
ed:cf:fa:e0:bc:1a:14:e5:6f:0e:25:01:4a:ce:1d:9b:e1:47:
be:d3:04:7f:51:a0:ea:30:30:bb:0e:74:a7:6d:d8:0c:4c:c0:
49:6e:a3:9c:60:ad:00:e4:c1:53:af:d2:9f:81:7b:55:39:e2:
76:18:f2:6a:74:fa:da:3d:3c:ea:a4:17:f8:10:f8:5f:14:02:
a6:e8:82:0b:16:67:2a:d4:0f:12:ed:59:96:cf:90:48:ce:f4:
05:b4:13:61:52:1f:4e:f5:7f:af:57:57:56:0b:14:17:8c:8c:
4d:48:84:90:62:f3:1c:e6:95:63:16:fd:4f:4f:ce:8e:54:8d:
8a:d3:86:7a
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZpYFjpxD7jHr0LkvWTPng+kMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDlkMmE0NzhiYjBiMDhlNjYxYjBiMmY5ZmJlODkzNWJjOWMy
YTI4YTEwHhcNMjUxMTA2MDczNDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyOTkyNDc0NTk5ZDkyMzhhNTY2ZmE3MzU4ODlmZjFiMDNiN2FlNzY5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnsjs6jI5KAIFwZ3DjLacdswUZQla
Jn0ZA9GbhpsFXZAb5LSBOIjtzBDf3oGMfLD70osDKAO3eXKcSQqpKbgTWO19p1mk
beWva8FkVB4yKt+xsjVjkL4Io5Cred/2NEWSpyUOV9zIrqz8zdAwK2ebIq4QCNrs
7+wTXRgwRo6Ov4x/8SNgzLeMj25vf4nM/ixzaobIMf2jbIT4sLRvDVpU4c0/Q5bh
l01zF9TjSXgAiHb5JoloIQ0DcB63Vqfjx/CcAgwUV/RAdoWsV1k+ZK9cxW+7/nr2
+TL4nJXn3ahq6kwlhxWAb2vewzFHHoG834q+XJHRr/xKU4Wo69+sJmgQiwIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFCmSR0WZ2SOKVm+nNYif8bA7eudpMB8GA1UdIwQY
MBaAFJ0qR4uwsI5mGwsvn76JNbycKiihMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMt
ZWVmMzUxMWY2YzYwLzEvS1pKSFJablpJNHBXYjZjMWlKX3hzRHQ2NTJrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi82NjNkZjUtNTgwYy00ZjJjLWE2NmMtZWVmMzUxMWY2YzYw
LzEvblNwSGk3Q3dqbVliQ3ktZnZvazF2SndxS0tFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgYAEAgABMHoDBAAF
tVQDBAAFtVcDBAAtCR0wDAMEAC0NvQMEAC0NvgMEAC1eqwMEAC2EtAMEAS2EtgME
AE1TJwMEAJITfQMEAbkr+AMEALkr+wMEAbnIPgMEAMEe8AMEAcEe8gMEAME5KwME
AMLyYAMEAcLyYgMEAsOxXAMEAsPTvDB2BAIAAjBwAwUAKgFxIAMFAyoHkgADBQAq
CQNAAwUAKgkDQgMFACoJA0YDBQAqCcRAAwUAKgxdQAMFAyoMpYADBQMqEN/AAwUA
KhD6wAMFAyoRBYADBQAqERYAAwUAKhEqgAMFACoROQADBQAqEdaAAwUAKhKfADAN
BgkqhkiG9w0BAQsFAAOCAQEAK2+IyX+cVaBBnYhMZejA+i7XNxs+f9Z4ZAjYOuvk
OaCZm+Ot41e/yVxSjjWXraXwg5G7JL1YAfudOzAy7aMTzU91GjLk8ow8jBZ0Z8EK
GNVQr5BEaIidi9Oss4Hq4OAZ1pHCG85ajQJa/0321/onZSYO5u5lIzmy1YArs5mb
7c/64LwaFOVvDiUBSs4dm+FHvtMEf1Gg6jAwuw50p23YDEzASW6jnGCtAOTBU6/S
n4F7VTnidhjyanT62j086qQX+BD4XxQCpuiCCxZnKtQPEu1Zls+QSM70BbQTYVIf
TvV/r1dXVgsUF4yMTUiEkGLzHOaVYxb9T0/OjlSNitOGeg==
-----END CERTIFICATE-----
Generated at Fri Nov 7 18:46:51 2025 by rpki-client