Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/7ZbG0xXWdD8Lswxvpmjc5lREOro.roa
File: 7ZbG0xXWdD8Lswxvpmjc5lREOro.roa (raw, json)
Hash identifier: iJ5IHDML3gtXc2e06zwEreMcR6FoWGlQuiZScFBYWYw=
Subject key identifier: ED:96:C6:D3:15:D6:74:3F:0B:B3:0C:6F:A6:68:DC:E6:54:44:3A:BA
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0198F63EA193A0AA9616BBC7BB75EAC0F67A
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/7ZbG0xXWdD8Lswxvpmjc5lREOro.roa
Signing time: Fri 29 Aug 2025 14:32:36 +0000
ROA not before: Fri 29 Aug 2025 14:32:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205090
IP address blocks: 89.44.86.0/24 maxlen: 24
95.81.121.0/24 maxlen: 24
95.81.122.0/24 maxlen: 24
103.71.20.0/24 maxlen: 24
103.71.21.0/24 maxlen: 24
109.69.62.0/24 maxlen: 24
185.105.88.0/24 maxlen: 24
185.105.89.0/24 maxlen: 24
185.105.90.0/24 maxlen: 24
185.105.91.0/24 maxlen: 24
185.128.105.0/24 maxlen: 24
185.128.106.0/24 maxlen: 24
185.128.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 02:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:f6:3e:a1:93:a0:aa:96:16:bb:c7:bb:75:ea:c0:f6:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Aug 29 14:32:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ed96c6d315d6743f0bb30c6fa668dce654443aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:ba:3d:4a:78:60:ee:52:2f:8c:6e:c2:bf:01:
64:0d:d8:26:05:4b:38:2f:2b:f5:30:e2:16:3e:83:
9a:49:c7:30:85:bf:d3:c5:85:e2:69:f9:4e:ed:0a:
5f:1a:25:06:64:a9:c6:50:b9:81:33:ec:ca:81:9a:
97:32:f9:27:86:00:f3:70:d8:e6:25:cd:13:78:43:
89:0f:5e:89:19:54:e2:1b:82:c8:d9:88:94:9d:6d:
f7:28:4f:dd:2d:6e:e4:96:d2:10:6b:f8:33:f5:b7:
b3:eb:03:db:17:54:01:62:52:59:17:b5:34:2b:c3:
44:8a:b4:15:30:f9:c3:83:39:37:7f:31:cb:58:f9:
9e:88:34:4f:ba:46:78:1e:71:66:90:5d:16:01:b2:
ec:56:0b:b2:81:6b:cf:ec:68:2c:bb:88:2a:87:95:
ed:a0:9e:83:2f:1b:79:92:0a:c7:8d:67:07:f1:03:
fa:15:9d:63:9b:be:22:03:53:3f:ce:d1:a7:74:72:
c4:b4:07:40:08:36:f0:5b:ef:62:f5:6c:39:a7:09:
6b:8a:55:29:25:6f:b5:b8:39:6e:8a:f3:d6:2f:1f:
46:5f:94:05:c8:0e:7e:82:23:16:11:34:a8:39:7f:
e4:0e:51:50:7a:2f:13:c1:b5:50:b0:6c:7a:21:54:
fe:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
ED:96:C6:D3:15:D6:74:3F:0B:B3:0C:6F:A6:68:DC:E6:54:44:3A:BA
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/7ZbG0xXWdD8Lswxvpmjc5lREOro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.86.0/24
95.81.121.0-95.81.122.255
103.71.20.0/23
109.69.62.0/24
185.105.88.0/22
185.128.105.0-185.128.107.255
Signature Algorithm: sha256WithRSAEncryption
1c:6b:16:d3:2e:2e:c5:09:38:90:25:b5:ac:26:10:c3:8f:f1:
90:8f:a9:dc:63:86:01:6b:df:29:9f:2c:b7:c1:7d:98:c4:9c:
24:ab:62:dc:de:f9:9d:11:55:f3:5b:49:23:fa:a2:f3:fd:71:
6b:29:9d:5e:4f:e3:08:aa:fe:5a:8f:a2:04:b2:be:00:0f:b8:
fa:27:49:00:2b:34:96:c0:82:a8:64:3f:30:29:73:92:7c:00:
72:b4:00:d0:23:d3:24:1f:45:0d:c1:f6:62:dd:e9:41:fd:68:
02:95:35:45:55:37:aa:6a:03:b9:8b:9d:a0:f6:98:cb:e9:38:
12:6c:f0:91:80:fc:77:9f:04:65:28:cb:c6:aa:92:40:50:ed:
c5:c6:4c:a1:d4:ad:87:15:ab:0e:16:c5:58:ad:07:79:7a:4a:
a9:86:9b:f2:7a:55:f1:49:a3:14:68:90:31:61:b4:91:73:50:
f1:76:1c:36:23:2f:67:4a:6c:48:52:77:2a:42:0f:d6:bb:2c:
87:79:41:9e:24:f8:77:18:63:fe:92:e9:d8:f0:19:3e:2d:c6:
f4:5b:1e:b9:57:e8:b9:80:4d:b1:54:f7:b9:19:36:2d:d7:10:
ed:da:9e:39:e3:a5:e4:b7:f1:ff:c9:fc:dd:5b:0c:c3:9e:56:
4a:ac:90:30
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZj2PqGToKqWFrvHu3XqwPZ6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwODI5MTQzMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhlZDk2YzZkMzE1ZDY3NDNmMGJiMzBjNmZhNjY4ZGNlNjU0NDQzYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAv7o9Snhg7lIvjG7CvwFkDdgmBUs4
Lyv1MOIWPoOaSccwhb/TxYXiaflO7QpfGiUGZKnGULmBM+zKgZqXMvknhgDzcNjm
Jc0TeEOJD16JGVTiG4LI2YiUnW33KE/dLW7kltIQa/gz9bez6wPbF1QBYlJZF7U0
K8NEirQVMPnDgzk3fzHLWPmeiDRPukZ4HnFmkF0WAbLsVguygWvP7Ggsu4gqh5Xt
oJ6DLxt5kgrHjWcH8QP6FZ1jm74iA1M/ztGndHLEtAdACDbwW+9i9Ww5pwlrilUp
JW+1uDluivPWLx9GX5QFyA5+giMWETSoOX/kDlFQei8TwbVQsGx6IVT+UQIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFO2WxtMV1nQ/C7MMb6Zo3OZURDq6MB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvN1piRzB4WFdkRDhMc3d4dnBtamM1bFJFT3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0AwQAWSxWMAwD
BABfUXkDBABfUXoDBAFnRxQDBABtRT4DBAK5aVgwDAMEALmAaQMEArmAaDANBgkq
hkiG9w0BAQsFAAOCAQEAHGsW0y4uxQk4kCW1rCYQw4/xkI+p3GOGAWvfKZ8st8F9
mMScJKti3N75nRFV81tJI/qi8/1xaymdXk/jCKr+Wo+iBLK+AA+4+idJACs0lsCC
qGQ/MClzknwAcrQA0CPTJB9FDcH2Yt3pQf1oApU1RVU3qmoDuYudoPaYy+k4Emzw
kYD8d58EZSjLxqqSQFDtxcZModSthxWrDhbFWK0HeXpKqYab8npV8UmjFGiQMWG0
kXNQ8XYcNiMvZ0psSFJ3KkIP1rssh3lBniT4dxhj/pLp2PAZPi3G9FseuVfouYBN
sVT3uRk2LdcQ7dqeOeOl5Lfx/8n83VsMw55WSqyQMA==
-----END CERTIFICATE-----
Generated at Sat Sep 6 12:26:53 2025 by rpki-client