Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/EZ_mzq2D_YZ73YAwCFHYYnjPWxg.roa
File: EZ_mzq2D_YZ73YAwCFHYYnjPWxg.roa (raw, json)
Hash identifier: EvCh7aaYoGsHa80/rAB8NDGilU1rYmyN4xwNLLUBcao=
Subject key identifier: 11:9F:E6:CE:AD:83:FD:86:7B:DD:80:30:08:51:D8:62:78:CF:5B:18
Certificate issuer: /CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Certificate serial: 0196D8B91637B5E553B39196C44E454283FB
Authority key identifier: C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/EZ_mzq2D_YZ73YAwCFHYYnjPWxg.roa
Signing time: Fri 16 May 2025 10:52:10 +0000
ROA not before: Fri 16 May 2025 10:52:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 31083
IP address blocks: 5.104.175.0/24 maxlen: 24
77.76.0.0/24 maxlen: 24
77.76.14.0/24 maxlen: 24
78.128.1.0/24 maxlen: 24
78.128.6.0/24 maxlen: 24
78.128.7.0/24 maxlen: 24
78.128.8.0/24 maxlen: 24
78.128.9.0/24 maxlen: 24
78.128.42.0/24 maxlen: 24
78.128.43.0/24 maxlen: 24
78.128.60.0/24 maxlen: 24
78.128.62.0/24 maxlen: 24
78.128.76.0/24 maxlen: 24
78.128.77.0/24 maxlen: 24
78.128.78.0/24 maxlen: 24
78.128.80.0/24 maxlen: 24
78.128.81.0/24 maxlen: 24
78.128.118.0/24 maxlen: 24
78.128.126.0/24 maxlen: 24
78.142.6.0/24 maxlen: 24
78.142.32.0/24 maxlen: 24
78.142.47.0/24 maxlen: 24
78.142.51.0/24 maxlen: 24
78.142.56.0/24 maxlen: 24
78.142.57.0/24 maxlen: 24
78.142.58.0/24 maxlen: 24
78.142.59.0/24 maxlen: 24
78.142.62.0/24 maxlen: 24
78.142.63.0/24 maxlen: 24
79.124.4.0/24 maxlen: 24
79.124.5.0/24 maxlen: 24
79.124.6.0/24 maxlen: 24
79.124.13.0/24 maxlen: 24
79.124.14.0/24 maxlen: 24
79.124.16.0/24 maxlen: 24
79.124.17.0/24 maxlen: 24
79.124.22.0/24 maxlen: 24
79.124.31.0/24 maxlen: 24
79.124.44.0/24 maxlen: 24
79.124.52.0/24 maxlen: 24
79.124.55.0/24 maxlen: 24
79.124.63.0/24 maxlen: 24
79.124.64.0/24 maxlen: 24
79.124.65.0/24 maxlen: 24
79.124.66.0/24 maxlen: 24
79.124.67.0/24 maxlen: 24
79.124.75.0/24 maxlen: 24
79.124.76.0/24 maxlen: 24
79.124.84.0/24 maxlen: 24
79.124.90.0/24 maxlen: 24
82.118.229.0/24 maxlen: 24
82.118.243.0/24 maxlen: 24
83.222.185.0/24 maxlen: 24
91.148.148.0/24 maxlen: 24
91.148.168.0/24 maxlen: 24
94.72.136.0/22 maxlen: 24
130.185.225.0/24 maxlen: 24
130.185.232.0/24 maxlen: 24
178.132.86.0/24 maxlen: 24
178.132.87.0/24 maxlen: 24
185.197.152.0/22 maxlen: 24
185.232.156.0/23 maxlen: 24
217.174.146.0/23 maxlen: 24
217.174.148.0/23 maxlen: 24
217.174.151.0/24 maxlen: 24
217.174.152.0/23 maxlen: 24
217.174.155.0/24 maxlen: 24
217.174.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.mft
rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 07 Jun 2025 06:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d8:b9:16:37:b5:e5:53:b3:91:96:c4:4e:45:42:83:fb
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c35eac64ea4802e6824686f7c0d201f2c85cb2aa
Validity
Not Before: May 16 10:52:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=119fe6cead83fd867bdd80300851d86278cf5b18
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:7d:3a:37:75:5b:66:7c:aa:03:bb:6f:38:b1:
9a:cb:b4:a9:2e:0d:f6:91:bb:d9:a9:c0:47:70:27:
46:0d:1e:4b:12:14:7e:be:fe:4e:9d:a2:61:e7:36:
8f:5b:fe:71:21:8e:55:e6:4b:c0:e9:14:4d:7e:a4:
a9:ab:6c:2d:c1:d1:6f:a7:f1:2d:f1:70:47:67:12:
49:09:02:4f:1f:9a:1d:fe:19:03:90:94:80:6e:ca:
b5:81:ae:8b:bc:7e:0f:63:df:a2:36:b9:1f:ff:d7:
20:13:ba:99:ae:21:d9:04:8f:2f:3a:a1:8d:91:5f:
ac:9b:23:37:87:64:b8:a3:93:bc:b7:4a:67:b2:fc:
f3:c4:5c:a5:d4:e2:bc:e2:26:72:e2:f4:3b:ed:9e:
c8:01:ef:de:37:80:5d:7a:60:98:3a:5b:36:5c:45:
16:9b:9d:d7:66:49:fc:d1:91:42:dc:c6:f4:5b:e9:
c3:8f:0f:cc:d9:35:b5:10:48:73:f2:f7:a2:91:5e:
3c:b6:df:c8:29:bf:2d:44:ed:77:6d:ee:d0:f3:9c:
ae:ca:29:69:60:1a:3e:7b:af:19:ac:b8:87:db:7c:
34:ae:d4:a5:56:7b:1d:01:f1:f9:75:50:1e:4a:f9:
db:82:3c:4a:98:39:a8:cf:22:65:ab:d5:44:b1:5e:
cb:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:9F:E6:CE:AD:83:FD:86:7B:DD:80:30:08:51:D8:62:78:CF:5B:18
X509v3 Authority Key Identifier:
keyid:C3:5E:AC:64:EA:48:02:E6:82:46:86:F7:C0:D2:01:F2:C8:5C:B2:AA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w16sZOpIAuaCRob3wNIB8shcsqo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/EZ_mzq2D_YZ73YAwCFHYYnjPWxg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/ccdd8b-7720-4de0-8c43-dacb5f356ea3/1/w16sZOpIAuaCRob3wNIB8shcsqo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.104.175.0/24
77.76.0.0/24
77.76.14.0/24
78.128.1.0/24
78.128.6.0-78.128.9.255
78.128.42.0/23
78.128.60.0/24
78.128.62.0/24
78.128.76.0-78.128.78.255
78.128.80.0/23
78.128.118.0/24
78.128.126.0/24
78.142.6.0/24
78.142.32.0/24
78.142.47.0/24
78.142.51.0/24
78.142.56.0/22
78.142.62.0/23
79.124.4.0-79.124.6.255
79.124.13.0-79.124.14.255
79.124.16.0/23
79.124.22.0/24
79.124.31.0/24
79.124.44.0/24
79.124.52.0/24
79.124.55.0/24
79.124.63.0-79.124.67.255
79.124.75.0-79.124.76.255
79.124.84.0/24
79.124.90.0/24
82.118.229.0/24
82.118.243.0/24
83.222.185.0/24
91.148.148.0/24
91.148.168.0/24
94.72.136.0/22
130.185.225.0/24
130.185.232.0/24
178.132.86.0/23
185.197.152.0/22
185.232.156.0/23
217.174.146.0-217.174.149.255
217.174.151.0-217.174.153.255
217.174.155.0-217.174.156.255
Signature Algorithm: sha256WithRSAEncryption
2f:86:31:c8:1f:b7:72:5e:ee:91:c7:73:d8:69:b2:fe:58:7a:
da:2c:94:d5:38:06:68:ea:98:10:40:1c:21:14:f0:83:8b:6b:
14:46:35:08:18:53:44:70:e7:0d:6f:75:4c:79:a2:e8:31:a0:
5a:c1:cb:c8:ec:14:d8:43:71:0a:5c:08:4d:59:b2:b6:80:7f:
73:a9:a7:29:8f:ab:ca:b9:d3:09:d9:37:fb:20:f9:41:ae:d2:
6f:61:8d:a0:f7:1d:4b:5f:92:b8:23:b3:9a:c0:da:2c:b8:13:
68:98:9d:ff:9b:b0:cc:56:75:ee:30:52:14:23:4b:84:b6:bb:
3f:bd:e7:6c:77:98:ef:c7:d6:d8:a8:e5:27:9e:ba:54:a3:94:
9c:06:d9:b3:0f:94:0c:05:f5:48:ed:40:36:aa:c5:b1:d2:db:
f9:5b:97:f4:b3:cc:f8:48:dc:c1:f7:38:09:19:47:fb:a5:a0:
a5:b4:b9:c1:f5:98:fd:cd:49:a4:32:89:b6:e7:4e:62:6a:a0:
2c:0a:38:9b:00:1d:d1:14:69:a2:b7:8a:fb:85:b9:5a:7c:26:
84:af:ef:86:17:f9:ef:7d:3d:f2:fe:dd:d1:d7:fa:e9:7c:0e:
f0:32:c7:3f:ca:f8:eb:e3:b7:54:b9:c3:e8:b5:14:9d:f5:7e:
45:b8:83:54
-----BEGIN CERTIFICATE-----
MIIGUTCCBTmgAwIBAgISAZbYuRY3teVTs5GWxE5FQoP7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNWVhYzY0ZWE0ODAyZTY4MjQ2ODZmN2MwZDIwMWYyYzg1
Y2IyYWEwHhcNMjUwNTE2MTA1MjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTlmZTZjZWFkODNmZDg2N2JkZDgwMzAwODUxZDg2Mjc4Y2Y1YjE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0n06N3VbZnyqA7tvOLGay7SpLg32
kbvZqcBHcCdGDR5LEhR+vv5OnaJh5zaPW/5xIY5V5kvA6RRNfqSpq2wtwdFvp/Et
8XBHZxJJCQJPH5od/hkDkJSAbsq1ga6LvH4PY9+iNrkf/9cgE7qZriHZBI8vOqGN
kV+smyM3h2S4o5O8t0pnsvzzxFyl1OK84iZy4vQ77Z7IAe/eN4BdemCYOls2XEUW
m53XZkn80ZFC3Mb0W+nDjw/M2TW1EEhz8veikV48tt/IKb8tRO13be7Q85yuyilp
YBo+e68ZrLiH23w0rtSlVnsdAfH5dVAeSvnbgjxKmDmozyJlq9VEsV7L1wIDAQAB
o4IDXTCCA1kwHQYDVR0OBBYEFBGf5s6tg/2Ge92AMAhR2GJ4z1sYMB8GA1UdIwQY
MBaAFMNerGTqSALmgkaG98DSAfLIXLKqMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMt
ZGFjYjVmMzU2ZWEzLzEvRVpfbXpxMkRfWVo3M1lBd0NGSFlZbmpQV3hnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy9jY2RkOGItNzcyMC00ZGUwLThjNDMtZGFjYjVmMzU2ZWEz
LzEvdzE2c1pPcElBdWFDUm9iM3dOSUI4c2hjc3FvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBcQYIKwYBBQUHAQcBAf8EggFgMIIBXDCCAVgEAgABMIIB
UAMEAAVorwMEAE1MAAMEAE1MDgMEAE6AATAMAwQBToAGAwQBToAIAwQBToAqAwQA
ToA8AwQAToA+MAwDBAJOgEwDBABOgE4DBAFOgFADBABOgHYDBABOgH4DBABOjgYD
BABOjiADBABOji8DBABOjjMDBAJOjjgDBAFOjj4wDAMEAk98BAMEAE98BjAMAwQA
T3wNAwQAT3wOAwQBT3wQAwQAT3wWAwQAT3wfAwQAT3wsAwQAT3w0AwQAT3w3MAwD
BABPfD8DBAJPfEAwDAMEAE98SwMEAE98TAMEAE98VAMEAE98WgMEAFJ25QMEAFJ2
8wMEAFPeuQMEAFuUlAMEAFuUqAMEAl5IiAMEAIK54QMEAIK56AMEAbKEVgMEArnF
mAMEAbnonDAMAwQB2a6SAwQB2a6UMAwDBADZrpcDBAHZrpgwDAMEANmumwMEANmu
nDANBgkqhkiG9w0BAQsFAAOCAQEAL4YxyB+3cl7ukcdz2Gmy/lh62iyU1TgGaOqY
EEAcIRTwg4trFEY1CBhTRHDnDW91THmi6DGgWsHLyOwU2ENxClwITVmytoB/c6mn
KY+ryrnTCdk3+yD5Qa7Sb2GNoPcdS1+SuCOzmsDaLLgTaJid/5uwzFZ17jBSFCNL
hLa7P73nbHeY78fW2KjlJ566VKOUnAbZsw+UDAX1SO1ANqrFsdLb+VuX9LPM+Ejc
wfc4CRlH+6WgpbS5wfWY/c1JpDKJtudOYmqgLAo4mwAd0RRporeK+4W5WnwmhK/v
hhf573098v7d0df66XwO8DLHP8r46+O3VLnD6LUUnfV+RbiDVA==
-----END CERTIFICATE-----
Generated at Fri Jun 6 17:44:03 2025 by rpki-client