Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/0TzJK__KWaWwj7IIFGxcW_zcy6A.roa
File: 0TzJK__KWaWwj7IIFGxcW_zcy6A.roa (raw, json)
Hash identifier: zzUxvFov3vux2BIMLPpoZFjho4ThQjWHPRuDNEigsXI=
Subject key identifier: D1:3C:C9:2B:FF:CA:59:A5:B0:8F:B2:08:14:6C:5C:5B:FC:DC:CB:A0
Certificate issuer: /CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Certificate serial: 019A0BAA52A788900F5652BAEF41138085F7
Authority key identifier: A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/0TzJK__KWaWwj7IIFGxcW_zcy6A.roa
Signing time: Wed 22 Oct 2025 11:25:02 +0000
ROA not before: Wed 22 Oct 2025 11:25:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 51956
IP address blocks: 92.53.236.0/22 maxlen: 22
92.53.236.0/24 maxlen: 24
92.53.237.0/24 maxlen: 24
92.53.238.0/24 maxlen: 24
92.53.239.0/24 maxlen: 24
185.144.132.0/22 maxlen: 22
185.144.132.0/24 maxlen: 24
185.144.133.0/24 maxlen: 24
185.144.134.0/24 maxlen: 24
185.144.135.0/24 maxlen: 24
185.201.172.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.mft
rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 29 Oct 2025 11:00:16 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0b:aa:52:a7:88:90:0f:56:52:ba:ef:41:13:80:85:f7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a8dff01f56e3419d027be7591ceef62851ce0f6b
Validity
Not Before: Oct 22 11:25:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d13cc92bffca59a5b08fb208146c5c5bfcdccba0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:ad:14:fb:a3:81:7d:3c:09:e9:93:7e:42:91:
77:e4:b0:a1:e2:3e:0f:ff:6e:18:ae:9e:5e:ae:e9:
56:2f:2b:d7:97:d9:8e:fb:7e:6d:fa:5b:14:62:9e:
35:00:14:13:09:b8:24:48:fe:ed:ec:8b:ef:cb:70:
1d:55:11:8f:57:26:6d:02:dc:44:88:94:3a:30:b3:
fc:eb:20:e5:1d:5f:2c:4e:d3:9b:42:20:ea:fd:6b:
3c:ee:3f:8e:25:60:c5:dd:e4:b1:d2:1a:58:4f:b9:
71:b4:20:8e:82:e4:a6:0c:a6:b2:b3:cd:8f:27:69:
d4:83:cd:55:6a:83:c7:45:f8:5a:d2:c4:b7:5f:99:
3b:8c:c7:0e:4d:37:51:11:8d:3c:67:c5:73:54:93:
82:a6:d1:26:79:3f:cd:9b:54:8e:17:90:cc:16:73:
43:40:91:af:47:be:e3:36:4b:c0:f8:e6:61:75:fd:
91:64:6f:f4:f5:8a:eb:09:0a:6a:29:e1:31:8a:e2:
c0:dc:aa:dc:fa:21:3a:9d:8d:57:3d:38:25:4c:1f:
61:bb:8f:35:62:77:7b:cb:b3:56:98:dc:67:29:35:
7d:e9:e6:94:a8:60:93:ac:2d:a6:1e:b7:51:12:f0:
ba:dc:ac:e1:01:40:2f:69:db:9d:06:0b:37:d3:b7:
01:05
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D1:3C:C9:2B:FF:CA:59:A5:B0:8F:B2:08:14:6C:5C:5B:FC:DC:CB:A0
X509v3 Authority Key Identifier:
keyid:A8:DF:F0:1F:56:E3:41:9D:02:7B:E7:59:1C:EE:F6:28:51:CE:0F:6B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/0TzJK__KWaWwj7IIFGxcW_zcy6A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/473366-702d-473f-bfbe-882c448e2ef6/1/qN_wH1bjQZ0Ce-dZHO72KFHOD2s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
92.53.236.0/22
185.144.132.0/22
185.201.172.0/22
Signature Algorithm: sha256WithRSAEncryption
8b:d7:22:ea:11:11:02:9f:2d:f3:5d:a8:a9:54:dd:88:cc:96:
c4:21:05:0e:38:f5:5e:1e:4c:82:a3:79:13:ec:6b:13:05:da:
08:de:20:c3:ae:58:13:e2:e2:ae:dc:d2:1c:62:df:c7:70:b7:
62:d0:1a:35:50:f0:86:fb:ee:48:a4:df:e7:1d:22:be:88:cf:
aa:47:fc:3e:f4:ba:56:8b:57:78:d4:62:ee:c5:55:08:d2:8a:
b6:af:6e:0e:08:a9:e2:61:5a:91:75:22:8c:1e:2e:17:40:cc:
40:c3:5d:06:81:27:df:17:1a:2d:b9:92:06:7e:e9:81:96:fb:
e1:67:b4:9e:2c:a8:5a:52:24:3e:d1:af:15:b5:8b:bd:f3:8e:
9a:6f:80:78:8b:af:08:ea:67:84:9c:d9:b7:2d:75:90:6b:f7:
25:58:a8:3b:38:e1:ff:bd:fd:f1:13:10:84:9a:45:e7:ab:96:
b1:01:ae:8a:e9:6e:e1:f6:3e:2a:b9:91:80:e6:25:9a:b0:57:
3e:75:e0:dd:e0:fe:f7:fd:d3:30:5f:61:11:7b:42:11:1e:4d:
89:f6:41:4f:cd:ed:ac:d1:e5:18:20:44:84:31:ab:49:5c:52:
b4:8c:43:60:82:62:26:3f:39:b3:47:8c:1f:2d:df:66:07:bf:
d3:64:4c:c7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZoLqlKniJAPVlK670ETgIX3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE4ZGZmMDFmNTZlMzQxOWQwMjdiZTc1OTFjZWVmNjI4NTFj
ZTBmNmIwHhcNMjUxMDIyMTEyNTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMTNjYzkyYmZmY2E1OWE1YjA4ZmIyMDgxNDZjNWM1YmZjZGNjYmEwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw60U+6OBfTwJ6ZN+QpF35LCh4j4P
/24Yrp5erulWLyvXl9mO+35t+lsUYp41ABQTCbgkSP7t7Ivvy3AdVRGPVyZtAtxE
iJQ6MLP86yDlHV8sTtObQiDq/Ws87j+OJWDF3eSx0hpYT7lxtCCOguSmDKays82P
J2nUg81VaoPHRfha0sS3X5k7jMcOTTdREY08Z8VzVJOCptEmeT/Nm1SOF5DMFnND
QJGvR77jNkvA+OZhdf2RZG/09YrrCQpqKeExiuLA3Krc+iE6nY1XPTglTB9hu481
Ynd7y7NWmNxnKTV96eaUqGCTrC2mHrdREvC63KzhAUAvadudBgs307cBBQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNE8ySv/ylmlsI+yCBRsXFv83MugMB8GA1UdIwQY
MBaAFKjf8B9W40GdAnvnWRzu9ihRzg9rMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcU5fd0gxYmpRWjBDZS1kWkhPNzJLRkhPRDJzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS80NzMzNjYtNzAyZC00NzNmLWJmYmUt
ODgyYzQ0OGUyZWY2LzEvMFR6SktfX0tXYVd3ajdJSUZHeGNXX3pjeTZBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS80NzMzNjYtNzAyZC00NzNmLWJmYmUtODgyYzQ0OGUyZWY2
LzEvcU5fd0gxYmpRWjBDZS1kWkhPNzJLRkhPRDJzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCXDXsAwQC
uZCEAwQCucmsMA0GCSqGSIb3DQEBCwUAA4IBAQCL1yLqERECny3zXaipVN2IzJbE
IQUOOPVeHkyCo3kT7GsTBdoI3iDDrlgT4uKu3NIcYt/HcLdi0Bo1UPCG++5IpN/n
HSK+iM+qR/w+9LpWi1d41GLuxVUI0oq2r24OCKniYVqRdSKMHi4XQMxAw10GgSff
FxotuZIGfumBlvvhZ7SeLKhaUiQ+0a8VtYu9846ab4B4i68I6meEnNm3LXWQa/cl
WKg7OOH/vf3xExCEmkXnq5axAa6K6W7h9j4quZGA5iWasFc+deDd4P73/dMwX2ER
e0IRHk2J9kFPze2s0eUYIESEMatJXFK0jENggmImPzmzR4wfLd9mB7/TZEzH
-----END CERTIFICATE-----
Generated at Tue Oct 28 17:04:46 2025 by rpki-client