Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/ZKSjUDV7YYXSk26qYBs_yOsla8k.roa
File: ZKSjUDV7YYXSk26qYBs_yOsla8k.roa (raw, json)
Hash identifier: lWwq5pGIk+V7vgTPrFGKaZQZtKXup/loEuTJ/CcfpTQ=
Subject key identifier: 64:A4:A3:50:35:7B:61:85:D2:93:6E:AA:60:1B:3F:C8:EB:25:6B:C9
Certificate issuer: /CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Certificate serial: 01971847997F8EDF2AF6A761AE983300BDEE
Authority key identifier: 0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/ZKSjUDV7YYXSk26qYBs_yOsla8k.roa
Signing time: Wed 28 May 2025 19:03:54 +0000
ROA not before: Wed 28 May 2025 19:03:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 45.66.132.0/24 maxlen: 24
45.66.135.0/24 maxlen: 24
45.82.165.0/24 maxlen: 24
45.85.2.0/24 maxlen: 24
45.134.18.0/24 maxlen: 24
45.144.242.0/24 maxlen: 24
45.144.243.0/24 maxlen: 24
91.220.202.0/24 maxlen: 24
91.220.203.0/24 maxlen: 24
147.78.14.0/24 maxlen: 24
185.105.191.0/24 maxlen: 24
185.120.17.0/24 maxlen: 24
185.126.68.0/24 maxlen: 24
185.126.136.0/24 maxlen: 24
185.126.137.0/24 maxlen: 24
185.171.122.0/24 maxlen: 24
185.172.114.0/24 maxlen: 24
185.175.142.0/24 maxlen: 24
185.175.143.0/24 maxlen: 24
188.119.102.0/24 maxlen: 24
192.54.58.0/24 maxlen: 24
193.37.57.0/24 maxlen: 24
194.124.32.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 03 Jun 2025 23:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:18:47:99:7f:8e:df:2a:f6:a7:61:ae:98:33:00:bd:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b247e73391ec9d6a2a46f2cb0b02fc994288f13
Validity
Not Before: May 28 19:03:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64a4a350357b6185d2936eaa601b3fc8eb256bc9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:94:18:95:c1:fe:ea:db:76:f7:b0:bd:f8:df:
5c:66:09:39:25:31:28:b4:c9:72:5f:bf:20:9d:a6:
0b:a2:9c:58:27:1f:54:15:be:98:24:2c:e6:df:a7:
c9:c5:60:b9:eb:6f:9a:c7:bd:4f:7e:13:26:66:6a:
50:85:99:96:04:f5:15:0b:bc:3d:42:19:75:4a:bf:
64:05:74:fa:b6:dc:14:5f:73:e6:b7:e8:29:ab:84:
e3:2d:3b:92:c1:3a:ce:2c:19:f7:85:6f:d6:a0:7b:
9e:73:70:f5:4b:aa:f0:a8:27:21:80:a4:d3:82:cd:
d6:a2:fc:30:ea:7d:d6:23:a5:bb:fd:dd:0c:d7:63:
be:85:cb:43:e4:c6:cf:7f:43:92:0c:45:40:0e:de:
b4:06:52:cc:f9:b9:45:a6:c5:cc:a6:65:2f:68:76:
0a:0f:38:3d:c3:3d:ab:6f:bc:2a:57:7c:1b:e9:9f:
b9:69:2d:87:21:07:16:d8:5d:69:0d:2b:67:b5:ee:
e1:df:2c:55:38:38:e2:c5:57:76:3b:bf:50:e1:de:
ff:db:19:71:a9:d2:67:73:90:6e:aa:53:00:f8:11:
07:96:d6:21:07:1a:9d:c7:80:15:16:92:d4:03:7b:
4a:b4:e7:c5:bf:f8:89:9a:d8:5f:4f:7e:a6:84:1e:
df:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:A4:A3:50:35:7B:61:85:D2:93:6E:AA:60:1B:3F:C8:EB:25:6B:C9
X509v3 Authority Key Identifier:
keyid:0B:24:7E:73:39:1E:C9:D6:A2:A4:6F:2C:B0:B0:2F:C9:94:28:8F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/CyR-czkeydaipG8ssLAvyZQojxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/ZKSjUDV7YYXSk26qYBs_yOsla8k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a0/b3fd40-b125-4282-b883-736789ee6fd0/1/CyR-czkeydaipG8ssLAvyZQojxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.132.0/24
45.66.135.0/24
45.82.165.0/24
45.85.2.0/24
45.134.18.0/24
45.144.242.0/23
91.220.202.0/23
147.78.14.0/24
185.105.191.0/24
185.120.17.0/24
185.126.68.0/24
185.126.136.0/23
185.171.122.0/24
185.172.114.0/24
185.175.142.0/23
188.119.102.0/24
192.54.58.0/24
193.37.57.0/24
194.124.32.0/24
Signature Algorithm: sha256WithRSAEncryption
1a:84:ec:73:27:2f:d7:17:e5:c5:32:00:ec:9c:f0:86:61:84:
4d:4b:94:22:ac:f9:f9:8b:28:21:31:00:08:55:33:18:a3:97:
9c:89:e8:6d:7a:85:37:71:7b:96:0e:cb:21:e0:30:eb:90:70:
a5:f3:4c:5f:2f:a3:09:d5:82:0b:c8:9a:0f:d9:07:41:25:59:
a6:67:54:30:eb:ba:f0:25:e8:79:c3:fb:a1:c8:fe:d9:cd:09:
24:a9:0a:f1:1a:55:d1:4b:76:91:9f:81:e6:d7:90:77:e7:e0:
bc:23:f1:dc:75:e1:fa:6b:b4:e3:9d:23:d6:07:50:b8:3d:fe:
29:9e:3e:48:5a:52:a2:d3:00:a5:bd:ea:6d:d7:54:37:1c:b5:
e6:29:64:5b:56:da:6c:7b:56:6a:ae:3c:bc:11:a8:34:df:e4:
5e:4b:46:b8:2f:38:49:7c:76:d5:fc:b3:f9:a3:94:80:b3:60:
aa:d3:8d:68:06:e9:7a:e3:68:1b:87:b1:25:1b:41:03:cc:94:
20:c9:67:2a:53:82:46:18:7a:bd:ee:0c:cf:4d:aa:06:c0:42:
68:bc:73:ec:aa:42:06:10:c7:e6:e1:e3:ca:c6:b8:13:aa:31:
f9:e6:f6:94:e1:f7:24:82:f4:97:dc:a9:35:34:d5:48:e9:35:
df:3b:36:1b
-----BEGIN CERTIFICATE-----
MIIFajCCBFKgAwIBAgISAZcYR5l/jt8q9qdhrpgzAL3uMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiMjQ3ZTczMzkxZWM5ZDZhMmE0NmYyY2IwYjAyZmM5OTQy
ODhmMTMwHhcNMjUwNTI4MTkwMzU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGE0YTM1MDM1N2I2MTg1ZDI5MzZlYWE2MDFiM2ZjOGViMjU2YmM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvZQYlcH+6tt297C9+N9cZgk5JTEo
tMlyX78gnaYLopxYJx9UFb6YJCzm36fJxWC562+ax71PfhMmZmpQhZmWBPUVC7w9
Qhl1Sr9kBXT6ttwUX3Pmt+gpq4TjLTuSwTrOLBn3hW/WoHuec3D1S6rwqCchgKTT
gs3Wovww6n3WI6W7/d0M12O+hctD5MbPf0OSDEVADt60BlLM+blFpsXMpmUvaHYK
Dzg9wz2rb7wqV3wb6Z+5aS2HIQcW2F1pDStnte7h3yxVODjixVd2O79Q4d7/2xlx
qdJnc5BuqlMA+BEHltYhBxqdx4AVFpLUA3tKtOfFv/iJmthfT36mhB7fywIDAQAB
o4ICdjCCAnIwHQYDVR0OBBYEFGSko1A1e2GF0pNuqmAbP8jrJWvJMB8GA1UdIwQY
MBaAFAskfnM5HsnWoqRvLLCwL8mUKI8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMt
NzM2Nzg5ZWU2ZmQwLzEvWktTalVEVjdZWVhTazI2cVlCc195T3NsYThrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hMC9iM2ZkNDAtYjEyNS00MjgyLWI4ODMtNzM2Nzg5ZWU2ZmQw
LzEvQ3lSLWN6a2V5ZGFpcEc4c3NMQXZ5WlFvanhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGLBggrBgEFBQcBBwEB/wR8MHoweAQCAAEwcgMEAC1ChAME
AC1ChwMEAC1SpQMEAC1VAgMEAC2GEgMEAS2Q8gMEAVvcygMEAJNODgMEALlpvwME
ALl4EQMEALl+RAMEAbl+iAMEALmregMEALmscgMEAbmvjgMEALx3ZgMEAMA2OgME
AMElOQMEAMJ8IDANBgkqhkiG9w0BAQsFAAOCAQEAGoTscycv1xflxTIA7JzwhmGE
TUuUIqz5+YsoITEACFUzGKOXnInobXqFN3F7lg7LIeAw65BwpfNMXy+jCdWCC8ia
D9kHQSVZpmdUMOu68CXoecP7ocj+2c0JJKkK8RpV0Ut2kZ+B5teQd+fgvCPx3HXh
+mu0450j1gdQuD3+KZ4+SFpSotMApb3qbddUNxy15ilkW1babHtWaq48vBGoNN/k
XktGuC84SXx21fyz+aOUgLNgqtONaAbpeuNoG4exJRtBA8yUIMlnKlOCRhh6ve4M
z02qBsBCaLxz7KpCBhDH5uHjysa4E6ox+eb2lOH3JIL0l9ypNTTVSOk13zs2Gw==
-----END CERTIFICATE-----
Generated at Tue Jun 3 10:22:16 2025 by rpki-client