Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/Vf3KOZmAgXwsv3aJ9v6n81tZxJk.roa
File: Vf3KOZmAgXwsv3aJ9v6n81tZxJk.roa (raw, json)
Hash identifier: VIja1t2wHpssk2GDc0sbNbLZHRB1tapmUzbQerIfxjw=
Subject key identifier: 55:FD:CA:39:99:80:81:7C:2C:BF:76:89:F6:FE:A7:F3:5B:59:C4:99
Certificate issuer: /CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Certificate serial: 01993A35E8C0FE77044B033DE8269EB5DD94
Authority key identifier: CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/Vf3KOZmAgXwsv3aJ9v6n81tZxJk.roa
Signing time: Thu 11 Sep 2025 19:17:15 +0000
ROA not before: Thu 11 Sep 2025 19:17:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210083
IP address blocks: 121.127.33.0/24 maxlen: 24
185.130.44.0/24 maxlen: 24
185.130.45.0/24 maxlen: 24
185.130.46.0/24 maxlen: 24
185.130.47.0/24 maxlen: 24
199.231.235.0/24 maxlen: 24
202.181.177.0/24 maxlen: 24
2a07:e00::/48 maxlen: 48
2a07:e00:a::/48 maxlen: 48
2a07:e00:b::/48 maxlen: 48
2a07:e00:c::/48 maxlen: 48
2a07:e00:ac::/48 maxlen: 48
2a07:e00:bb::/48 maxlen: 48
2a07:e00:bc::/48 maxlen: 48
2a07:e00:ff::/48 maxlen: 48
2a07:e00:19f::/48 maxlen: 48
2a07:e00:f9f9::/48 maxlen: 48
2a07:e01::/32 maxlen: 32
2a07:e02:41::/48 maxlen: 48
2a07:e02:a00::/40 maxlen: 40
2a07:e02:b00::/40 maxlen: 56
2a07:e02:baf::/48 maxlen: 48
2a07:e02:bee::/48 maxlen: 48
2a07:e02:1000::/36 maxlen: 40
2a07:e02:1000::/40 maxlen: 40
2a07:e03::/32 maxlen: 48
2a07:e04::/36 maxlen: 36
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.mft
rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Sep 2025 16:00:46 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:3a:35:e8:c0:fe:77:04:4b:03:3d:e8:26:9e:b5:dd:94
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cc2eb5b38bb62ede5c98cbfbcff9532852180516
Validity
Not Before: Sep 11 19:17:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=55fdca399980817c2cbf7689f6fea7f35b59c499
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d8:26:0e:e5:0a:f7:e8:31:44:df:f7:57:13:93:
b4:e1:c0:b2:25:a0:8a:f5:1a:e0:82:a8:97:10:75:
de:31:da:92:61:ac:40:ba:a9:bb:95:5e:92:94:69:
ec:b9:7f:87:7d:7d:2b:93:e7:32:91:f0:34:09:c2:
77:05:99:d6:c9:7e:46:f9:9d:ad:eb:fe:80:4e:7c:
28:14:e4:78:f0:5e:cc:cf:ad:a0:d2:64:5d:ca:29:
f3:52:92:14:67:e5:75:94:b7:26:92:0f:0c:53:52:
54:eb:93:c6:2a:21:b9:94:c0:9e:91:89:04:88:ba:
ab:da:8c:ae:05:55:83:3c:44:b3:a1:4e:c2:17:7d:
a1:20:fa:96:18:10:c1:3d:fd:bf:14:5c:e9:b5:e9:
43:c7:0e:83:73:54:f0:c1:3d:77:d0:88:63:c0:d2:
e6:9e:60:aa:38:5a:ee:85:ac:cb:e3:d3:f1:f2:59:
2c:ef:6b:a3:c2:2a:89:ba:f8:18:52:d2:78:24:58:
be:f0:31:47:ae:71:f3:53:c3:a5:9e:42:a0:e7:82:
33:b3:8e:60:35:f9:bd:83:71:4d:ab:f5:32:66:d6:
b9:9d:db:61:43:49:d8:63:51:bc:cf:aa:83:fa:de:
fe:5e:bc:07:d3:ba:61:63:a4:6f:47:cd:41:a0:96:
1b:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
55:FD:CA:39:99:80:81:7C:2C:BF:76:89:F6:FE:A7:F3:5B:59:C4:99
X509v3 Authority Key Identifier:
keyid:CC:2E:B5:B3:8B:B6:2E:DE:5C:98:CB:FB:CF:F9:53:28:52:18:05:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zC61s4u2Lt5cmMv7z_lTKFIYBRY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/Vf3KOZmAgXwsv3aJ9v6n81tZxJk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/6f0269-834e-47c5-98e1-f1f802e6613b/1/zC61s4u2Lt5cmMv7z_lTKFIYBRY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
121.127.33.0/24
185.130.44.0/22
199.231.235.0/24
202.181.177.0/24
IPv6:
2a07:e00::/48
2a07:e00:a::-2a07:e00:c:ffff:ffff:ffff:ffff:ffff
2a07:e00:ac::/48
2a07:e00:bb::-2a07:e00:bc:ffff:ffff:ffff:ffff:ffff
2a07:e00:ff::/48
2a07:e00:19f::/48
2a07:e00:f9f9::/48
2a07:e01::/32
2a07:e02:41::/48
2a07:e02:a00::/39
2a07:e02:1000::/36
2a07:e03::-2a07:e04:fff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
5c:c4:37:10:a7:eb:5a:52:08:6a:90:3e:a7:30:9b:d1:85:3e:
94:b4:ec:38:87:3b:a0:9b:d3:66:e5:5d:5b:77:c0:a6:ad:38:
35:4c:8e:8f:6a:b2:bb:c2:f8:23:08:27:ea:30:42:46:ad:d5:
ff:69:0a:98:24:42:c2:4f:3b:14:ff:43:44:85:e7:60:33:30:
92:c0:ba:2d:39:10:9a:fb:4e:08:23:0a:df:f9:cd:cb:a3:7e:
c9:0a:89:3b:14:c7:a0:bf:b3:cd:4f:c3:68:88:d1:d1:21:57:
91:6d:de:a9:d2:a4:4e:1f:c0:2a:3f:f3:a1:c3:67:09:8c:aa:
1c:48:0e:06:e1:e4:34:22:f2:97:16:01:64:b4:fd:65:6b:cd:
b5:ba:b7:a5:5d:36:81:71:82:d8:dd:98:10:5c:a5:15:d8:29:
4b:21:c2:7b:54:2d:33:3d:b7:06:5f:83:9c:88:77:2b:bd:df:
be:e7:76:e4:d0:a8:0c:f7:53:5c:19:40:ff:1f:42:25:e1:b3:
e0:fa:7a:79:7f:e9:9d:b7:4c:24:15:0d:0d:ce:8f:85:f7:5e:
82:7b:da:04:03:b4:29:a8:c9:bb:10:5f:85:64:9a:5c:c5:38:
12:37:00:7f:38:16:55:a8:99:cd:33:99:37:93:98:9e:71:db:
b7:c0:49:8e
-----BEGIN CERTIFICATE-----
MIIFojCCBIqgAwIBAgISAZk6NejA/ncESwM96Caetd2UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNjMmViNWIzOGJiNjJlZGU1Yzk4Y2JmYmNmZjk1MzI4NTIx
ODA1MTYwHhcNMjUwOTExMTkxNzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NWZkY2EzOTk5ODA4MTdjMmNiZjc2ODlmNmZlYTdmMzViNTljNDk5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2CYO5Qr36DFE3/dXE5O04cCyJaCK
9RrggqiXEHXeMdqSYaxAuqm7lV6SlGnsuX+HfX0rk+cykfA0CcJ3BZnWyX5G+Z2t
6/6ATnwoFOR48F7Mz62g0mRdyinzUpIUZ+V1lLcmkg8MU1JU65PGKiG5lMCekYkE
iLqr2oyuBVWDPESzoU7CF32hIPqWGBDBPf2/FFzptelDxw6Dc1TwwT130IhjwNLm
nmCqOFruhazL49Px8lks72ujwiqJuvgYUtJ4JFi+8DFHrnHzU8OlnkKg54Izs45g
Nfm9g3FNq/UyZta5ndthQ0nYY1G8z6qD+t7+XrwH07phY6RvR81BoJYb9QIDAQAB
o4ICrjCCAqowHQYDVR0OBBYEFFX9yjmZgIF8LL92ifb+p/NbWcSZMB8GA1UdIwQY
MBaAFMwutbOLti7eXJjL+8/5UyhSGAUWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEt
ZjFmODAyZTY2MTNiLzEvVmYzS09abUFnWHdzdjNhSjl2Nm44MXRaeEprLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMC82ZjAyNjktODM0ZS00N2M1LTk4ZTEtZjFmODAyZTY2MTNi
LzEvekM2MXM0dTJMdDVjbU12N3pfbFRLRklZQlJZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHDBggrBgEFBQcBBwEB/wSBszCBsDAeBAIAATAYAwQAeX8h
AwQCuYIsAwQAx+frAwQAyrWxMIGNBAIAAjCBhgMHACoHDgAAADASAwcBKgcOAAAK
AwcAKgcOAAAMAwcAKgcOAACsMBIDBwAqBw4AALsDBwAqBw4AALwDBwAqBw4AAP8D
BwAqBw4AAZ8DBwAqBw4A+fkDBQAqBw4BAwcAKgcOAgBBAwYBKgcOAgoDBgQqBw4C
EDAPAwUAKgcOAwMGBCoHDgQAMA0GCSqGSIb3DQEBCwUAA4IBAQBcxDcQp+taUghq
kD6nMJvRhT6UtOw4hzugm9Nm5V1bd8CmrTg1TI6ParK7wvgjCCfqMEJGrdX/aQqY
JELCTzsU/0NEhedgMzCSwLotORCa+04IIwrf+c3Lo37JCok7FMegv7PNT8NoiNHR
IVeRbd6p0qROH8AqP/Ohw2cJjKocSA4G4eQ0IvKXFgFktP1la821urelXTaBcYLY
3ZgQXKUV2ClLIcJ7VC0zPbcGX4OciHcrvd++53bk0KgM91NcGUD/H0Il4bPg+np5
f+mdt0wkFQ0Nzo+F916Ce9oEA7QpqMm7EF+FZJpcxTgSNwB/OBZVqJnNM5k3k5ie
cdu3wEmO
-----END CERTIFICATE-----
Generated at Sat Sep 13 23:06:55 2025 by rpki-client