Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/ZYNMLeZV6uMjKO03-jW6YTqiSW4.roa
File: ZYNMLeZV6uMjKO03-jW6YTqiSW4.roa (raw, json)
Hash identifier: krbVJoOGLyeDpoeNky9ZOE+tnfOGV0J+XN0ZCMIwYdg=
Subject key identifier: 65:83:4C:2D:E6:55:EA:E3:23:28:ED:37:FA:35:BA:61:3A:A2:49:6E
Certificate issuer: /CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Certificate serial: 019A48DA1541D39DE15293A5FFEAD5DB35CC
Authority key identifier: 8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/ZYNMLeZV6uMjKO03-jW6YTqiSW4.roa
Signing time: Mon 03 Nov 2025 08:34:02 +0000
ROA not before: Mon 03 Nov 2025 08:34:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41155
IP address blocks: 45.91.151.0/24 maxlen: 24
45.93.244.0/24 maxlen: 24
45.93.245.0/24 maxlen: 24
45.93.246.0/24 maxlen: 24
45.93.247.0/24 maxlen: 24
45.156.72.0/24 maxlen: 24
45.156.73.0/24 maxlen: 24
45.156.74.0/24 maxlen: 24
45.156.75.0/24 maxlen: 24
45.158.136.0/24 maxlen: 24
45.158.137.0/24 maxlen: 24
45.158.138.0/24 maxlen: 24
45.158.139.0/24 maxlen: 24
77.75.231.0/24 maxlen: 24
109.107.134.0/24 maxlen: 24
185.34.103.0/24 maxlen: 24
185.52.230.0/24 maxlen: 24
185.52.231.0/24 maxlen: 24
185.89.23.0/24 maxlen: 24
185.222.215.0/24 maxlen: 24
188.244.116.0/24 maxlen: 24
194.0.193.0/24 maxlen: 24
194.0.221.0/24 maxlen: 24
194.0.223.0/24 maxlen: 24
194.1.200.0/24 maxlen: 24
2a0d:8e80:2659::/48 maxlen: 48
2a0d:8e80:8080::/48 maxlen: 48
2a0d:8e80:8a80::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 05 Nov 2025 00:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:da:15:41:d3:9d:e1:52:93:a5:ff:ea:d5:db:35:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8bb1308c6a977d5cb903bf25a96308b0e8ce3b46
Validity
Not Before: Nov 3 08:34:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65834c2de655eae32328ed37fa35ba613aa2496e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:3b:b9:6c:75:b7:d5:ac:cc:49:75:da:a3:37:
d3:e0:48:b1:9e:9c:92:a5:71:92:3b:1c:72:92:3e:
6d:14:7c:db:24:e4:fd:20:19:a7:61:ee:7b:ec:28:
0b:f8:1c:0f:7e:71:46:f7:a4:77:a1:91:8d:7c:00:
ae:ae:2f:4d:e7:bf:7d:cb:40:fe:98:54:14:15:56:
1a:c6:a4:08:fd:ab:1b:73:22:9b:f1:a3:7b:5b:fc:
ff:bc:8f:45:c6:65:8e:32:24:72:f4:92:eb:b8:3e:
3a:f9:1d:bf:ea:ee:b7:06:a5:10:07:89:f1:ee:fc:
df:59:f9:19:10:df:c5:bb:25:9a:fc:99:49:c4:b6:
9d:95:b3:e6:2e:d1:78:47:9f:5b:38:e1:6f:38:02:
77:29:a6:48:ba:54:0c:0d:44:da:32:ff:b6:84:98:
9f:e4:c5:e7:c4:16:36:c7:f5:52:7e:6a:b6:a3:96:
c6:9f:d8:ba:03:76:39:2a:f7:a4:d3:d3:0c:ae:08:
ce:55:10:69:5b:18:95:3e:84:87:31:d0:a2:8c:19:
12:28:a9:ce:16:4a:4c:27:c4:d4:0a:7a:58:48:61:
48:36:2f:b0:1f:62:b8:d1:b9:09:0e:cd:a2:08:fc:
fb:ac:2c:30:d0:af:f1:5f:dc:07:13:18:fe:89:a0:
a5:57
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:83:4C:2D:E6:55:EA:E3:23:28:ED:37:FA:35:BA:61:3A:A2:49:6E
X509v3 Authority Key Identifier:
keyid:8B:B1:30:8C:6A:97:7D:5C:B9:03:BF:25:A9:63:08:B0:E8:CE:3B:46
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i7EwjGqXfVy5A78lqWMIsOjOO0Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/ZYNMLeZV6uMjKO03-jW6YTqiSW4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/33/776681-b5ee-430f-8693-101abd7391a6/1/i7EwjGqXfVy5A78lqWMIsOjOO0Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.91.151.0/24
45.93.244.0/22
45.156.72.0/22
45.158.136.0/22
77.75.231.0/24
109.107.134.0/24
185.34.103.0/24
185.52.230.0/23
185.89.23.0/24
185.222.215.0/24
188.244.116.0/24
194.0.193.0/24
194.0.221.0/24
194.0.223.0/24
194.1.200.0/24
IPv6:
2a0d:8e80:2659::/48
2a0d:8e80:8080::/48
2a0d:8e80:8a80::/48
Signature Algorithm: sha256WithRSAEncryption
2a:ba:8a:6c:b6:84:42:6a:07:01:cc:5c:18:26:f0:1b:07:68:
78:ae:b9:fc:66:ab:54:1d:8c:ff:2b:2d:03:0d:d8:75:c2:c3:
86:8b:c6:e6:f5:0a:1c:5d:9a:92:9d:4e:b5:bd:e7:74:22:b2:
3a:b3:65:dd:9a:12:e4:74:92:90:97:c1:b2:47:95:05:7f:15:
0e:d7:9b:f0:58:89:60:55:72:36:96:8d:93:fa:3a:51:92:5d:
28:34:d7:b6:e3:14:2e:30:ed:62:b8:63:ec:33:8b:ea:d0:4b:
c3:3a:ea:4d:2c:36:25:d1:1c:4c:8e:69:ec:31:e3:49:9a:23:
f3:bb:3c:79:df:38:7e:ba:ab:9f:7f:40:a1:99:fa:f8:e7:d3:
3c:f4:f2:d2:75:dc:34:e0:cf:69:c7:ec:f5:8b:28:e2:dd:68:
e2:c3:55:96:7f:ae:3d:80:e7:65:ab:44:a3:23:30:d0:43:96:
26:2f:20:5c:87:c4:d4:3c:c3:27:33:db:92:ba:a5:63:e3:48:
af:3b:11:0c:6e:04:cf:c9:10:cd:4d:8c:9b:61:39:6e:dc:11:
77:ae:70:bf:a8:a6:11:22:fc:69:0e:6a:a3:17:d9:bb:73:62:
26:df:f8:08:e2:d4:8c:2f:d9:41:be:4d:ee:c7:34:6d:44:a6:
d0:54:26:59
-----BEGIN CERTIFICATE-----
MIIFdzCCBF+gAwIBAgISAZpI2hVB053hUpOl/+rV2zXMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhiYjEzMDhjNmE5NzdkNWNiOTAzYmYyNWE5NjMwOGIwZThj
ZTNiNDYwHhcNMjUxMTAzMDgzNDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTgzNGMyZGU2NTVlYWUzMjMyOGVkMzdmYTM1YmE2MTNhYTI0OTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0ju5bHW31azMSXXaozfT4EixnpyS
pXGSOxxykj5tFHzbJOT9IBmnYe577CgL+BwPfnFG96R3oZGNfACuri9N5799y0D+
mFQUFVYaxqQI/asbcyKb8aN7W/z/vI9FxmWOMiRy9JLruD46+R2/6u63BqUQB4nx
7vzfWfkZEN/FuyWa/JlJxLadlbPmLtF4R59bOOFvOAJ3KaZIulQMDUTaMv+2hJif
5MXnxBY2x/VSfmq2o5bGn9i6A3Y5Kvek09MMrgjOVRBpWxiVPoSHMdCijBkSKKnO
FkpMJ8TUCnpYSGFINi+wH2K40bkJDs2iCPz7rCww0K/xX9wHExj+iaClVwIDAQAB
o4ICgzCCAn8wHQYDVR0OBBYEFGWDTC3mVerjIyjtN/o1umE6okluMB8GA1UdIwQY
MBaAFIuxMIxql31cuQO/JaljCLDozjtGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMt
MTAxYWJkNzM5MWE2LzEvWllOTUxlWlY2dU1qS08wMy1qVzZZVHFpU1c0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zMy83NzY2ODEtYjVlZS00MzBmLTg2OTMtMTAxYWJkNzM5MWE2
LzEvaTdFd2pHcVhmVnk1QTc4bHFXTUlzT2pPTzBZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGYBggrBgEFBQcBBwEB/wSBiDCBhTBgBAIAATBaAwQALVuX
AwQCLV30AwQCLZxIAwQCLZ6IAwQATUvnAwQAbWuGAwQAuSJnAwQBuTTmAwQAuVkX
AwQAud7XAwQAvPR0AwQAwgDBAwQAwgDdAwQAwgDfAwQAwgHIMCEEAgACMBsDBwAq
DY6AJlkDBwAqDY6AgIADBwAqDY6AioAwDQYJKoZIhvcNAQELBQADggEBACq6imy2
hEJqBwHMXBgm8BsHaHiuufxmq1QdjP8rLQMN2HXCw4aLxub1ChxdmpKdTrW953Qi
sjqzZd2aEuR0kpCXwbJHlQV/FQ7Xm/BYiWBVcjaWjZP6OlGSXSg017bjFC4w7WK4
Y+wzi+rQS8M66k0sNiXRHEyOaewx40maI/O7PHnfOH66q59/QKGZ+vjn0zz08tJ1
3DTgz2nH7PWLKOLdaOLDVZZ/rj2A52WrRKMjMNBDliYvIFyHxNQ8wycz25K6pWPj
SK87EQxuBM/JEM1NjJthOW7cEXeucL+ophEi/GkOaqMX2btzYibf+Aji1Iwv2UG+
Te7HNG1EptBUJlk=
-----END CERTIFICATE-----
Generated at Tue Nov 4 09:41:39 2025 by rpki-client