Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/ZlDfI1uu-dfJ7bkWIwNbrouZ8LU.roa
File: ZlDfI1uu-dfJ7bkWIwNbrouZ8LU.roa (raw, json)
Hash identifier: RwbfiOlsTOjHsdHQ269mkGq2Xn2wHvdgM/XYUPYNH8I=
Subject key identifier: 66:50:DF:23:5B:AE:F9:D7:C9:ED:B9:16:23:03:5B:AE:8B:99:F0:B5
Certificate issuer: /CN=3be2f0164b66a76795860b4ea3586fad563bac47
Certificate serial: 0196F80A2078C807B7AE6C5024FB6BC02587
Authority key identifier: 3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/ZlDfI1uu-dfJ7bkWIwNbrouZ8LU.roa
Signing time: Thu 22 May 2025 12:48:55 +0000
ROA not before: Thu 22 May 2025 12:48:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206264
IP address blocks: 2.57.214.0/24 maxlen: 24
2.57.215.0/24 maxlen: 24
5.183.209.0/24 maxlen: 24
5.187.35.0/24 maxlen: 24
45.129.84.0/24 maxlen: 24
45.139.122.0/24 maxlen: 24
80.251.152.0/23 maxlen: 24
89.42.231.0/24 maxlen: 24
89.249.49.0/24 maxlen: 24
93.123.72.0/24 maxlen: 24
94.156.33.0/24 maxlen: 24
185.177.74.0/24 maxlen: 24
185.177.75.0/24 maxlen: 24
185.191.124.0/24 maxlen: 24
185.191.125.0/24 maxlen: 24
185.191.126.0/24 maxlen: 24
185.191.127.0/24 maxlen: 24
2a0d:1000::/29 maxlen: 29
2a0d:1000::/30 maxlen: 30
2a0d:1004::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 15:01:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:f8:0a:20:78:c8:07:b7:ae:6c:50:24:fb:6b:c0:25:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3be2f0164b66a76795860b4ea3586fad563bac47
Validity
Not Before: May 22 12:48:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6650df235baef9d7c9edb91623035bae8b99f0b5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:21:b4:b7:4e:fc:1b:df:b6:16:34:3d:d4:50:
26:23:4e:b3:25:33:6c:bb:1e:5b:d7:28:0a:20:99:
3b:1f:9c:fe:89:a9:2f:51:ad:90:d8:1d:53:e2:46:
18:90:b3:20:1f:30:fa:ea:16:2b:65:8f:5e:1c:ce:
b8:42:70:a0:6c:78:bb:3c:f3:24:92:9c:a7:c6:66:
8d:c7:8d:04:e0:ea:b5:df:d0:6b:e3:37:56:bb:af:
d4:b8:3a:99:dc:ad:3b:01:7f:4e:39:90:9d:fc:40:
cc:dc:26:ba:fd:53:ed:ee:1d:d8:c2:b6:0a:a6:6c:
ff:96:21:cf:11:b6:ab:e9:28:16:d2:e7:7c:7b:cf:
dc:67:4d:66:a0:41:ba:42:f6:b6:42:b2:05:4f:e5:
d1:9f:19:cb:97:c8:df:36:d0:2f:cd:8d:3a:82:53:
78:12:9d:82:31:f8:a3:58:bd:87:7a:ad:d8:0e:f0:
70:79:ec:a2:d6:8e:00:9a:d3:ba:18:d6:d6:2a:8b:
02:81:6d:1c:ec:5e:b7:a8:67:b9:2f:12:40:bc:95:
00:03:de:08:7a:9e:42:6c:ee:43:83:f8:5a:82:5d:
86:e3:63:5b:4b:32:dc:93:23:c8:67:7b:9e:51:bc:
f3:98:cd:44:f9:6c:5a:4c:c8:63:ec:39:82:f0:b1:
26:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:50:DF:23:5B:AE:F9:D7:C9:ED:B9:16:23:03:5B:AE:8B:99:F0:B5
X509v3 Authority Key Identifier:
keyid:3B:E2:F0:16:4B:66:A7:67:95:86:0B:4E:A3:58:6F:AD:56:3B:AC:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/O-LwFktmp2eVhgtOo1hvrVY7rEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/ZlDfI1uu-dfJ7bkWIwNbrouZ8LU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/c72b67-76ec-4afa-b376-f9ad38051220/1/O-LwFktmp2eVhgtOo1hvrVY7rEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.57.214.0/23
5.183.209.0/24
5.187.35.0/24
45.129.84.0/24
45.139.122.0/24
80.251.152.0/23
89.42.231.0/24
89.249.49.0/24
93.123.72.0/24
94.156.33.0/24
185.177.74.0/23
185.191.124.0/22
IPv6:
2a0d:1000::/29
Signature Algorithm: sha256WithRSAEncryption
94:eb:76:45:3d:be:1f:4d:24:39:e0:16:e0:07:b3:b6:d6:b5:
1b:df:1e:e0:4f:0b:76:f1:4b:04:b3:e4:1a:ac:8c:c3:68:38:
37:19:a4:96:01:91:be:87:2f:af:ee:55:e6:57:97:ef:26:0f:
61:a0:02:5a:65:47:ab:39:45:db:6d:ba:a2:01:64:cb:9c:e5:
6a:4c:9e:22:30:be:d9:3d:19:91:0f:06:78:72:ad:c2:65:c8:
c4:1f:cd:c3:4b:4d:54:68:96:cc:eb:15:91:f0:fe:7a:36:c1:
87:52:cb:05:b4:68:b8:6f:fb:51:cf:28:fa:55:72:a3:80:6f:
61:e0:b1:43:c4:64:8d:c6:ab:dd:e0:0f:cb:c3:ed:0e:88:f0:
a9:dc:8c:ac:c2:49:17:f0:cc:72:6e:18:e1:4e:20:dd:9d:43:
eb:59:47:9e:5a:e6:3b:18:0b:12:21:50:43:27:14:fa:9a:93:
3b:21:d0:0e:bf:17:81:dd:20:22:59:66:a9:07:fb:2d:10:fc:
13:78:cc:63:9f:f6:ad:4d:ac:0a:7f:04:10:d6:fc:3e:29:70:
34:2c:36:13:6d:89:44:1a:2f:2d:c0:86:f0:e9:a5:fe:5f:1d:
63:14:b3:46:60:89:eb:86:77:29:4e:de:da:d5:26:46:92:ff:
00:3f:72:84
-----BEGIN CERTIFICATE-----
MIIFTjCCBDagAwIBAgISAZb4CiB4yAe3rmxQJPtrwCWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNiZTJmMDE2NGI2NmE3Njc5NTg2MGI0ZWEzNTg2ZmFkNTYz
YmFjNDcwHhcNMjUwNTIyMTI0ODU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjUwZGYyMzViYWVmOWQ3YzllZGI5MTYyMzAzNWJhZThiOTlmMGI1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoSG0t078G9+2FjQ91FAmI06zJTNs
ux5b1ygKIJk7H5z+iakvUa2Q2B1T4kYYkLMgHzD66hYrZY9eHM64QnCgbHi7PPMk
kpynxmaNx40E4Oq139Br4zdWu6/UuDqZ3K07AX9OOZCd/EDM3Ca6/VPt7h3YwrYK
pmz/liHPEbar6SgW0ud8e8/cZ01moEG6Qva2QrIFT+XRnxnLl8jfNtAvzY06glN4
Ep2CMfijWL2Heq3YDvBweeyi1o4AmtO6GNbWKosCgW0c7F63qGe5LxJAvJUAA94I
ep5CbO5Dg/hagl2G42NbSzLckyPIZ3ueUbzzmM1E+WxaTMhj7DmC8LEmHQIDAQAB
o4ICWjCCAlYwHQYDVR0OBBYEFGZQ3yNbrvnXye25FiMDW66LmfC1MB8GA1UdIwQY
MBaAFDvi8BZLZqdnlYYLTqNYb61WO6xHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYt
ZjlhZDM4MDUxMjIwLzEvWmxEZkkxdXUtZGZKN2JrV0l3TmJyb3VaOExVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC9jNzJiNjctNzZlYy00YWZhLWIzNzYtZjlhZDM4MDUxMjIw
LzEvTy1Md0ZrdG1wMmVWaGd0T28xaHZyVlk3ckVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHAGCCsGAQUFBwEHAQH/BGEwXzBOBAIAATBIAwQBAjnWAwQA
BbfRAwQABbsjAwQALYFUAwQALYt6AwQBUPuYAwQAWSrnAwQAWfkxAwQAXXtIAwQA
XpwhAwQBubFKAwQCub98MA0EAgACMAcDBQMqDRAAMA0GCSqGSIb3DQEBCwUAA4IB
AQCU63ZFPb4fTSQ54BbgB7O21rUb3x7gTwt28UsEs+QarIzDaDg3GaSWAZG+hy+v
7lXmV5fvJg9hoAJaZUerOUXbbbqiAWTLnOVqTJ4iML7ZPRmRDwZ4cq3CZcjEH83D
S01UaJbM6xWR8P56NsGHUssFtGi4b/tRzyj6VXKjgG9h4LFDxGSNxqvd4A/Lw+0O
iPCp3IyswkkX8MxybhjhTiDdnUPrWUeeWuY7GAsSIVBDJxT6mpM7IdAOvxeB3SAi
WWapB/stEPwTeMxjn/atTawKfwQQ1vw+KXA0LDYTbYlEGi8twIbw6aX+Xx1jFLNG
YInrhncpTt7a1SZGkv8AP3KE
-----END CERTIFICATE-----
Generated at Sat Jun 7 23:17:48 2025 by rpki-client