Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/ZMO3GRpIMCOc63JONFzvD70jPxI.roa
File: ZMO3GRpIMCOc63JONFzvD70jPxI.roa (raw, json)
Hash identifier: OezO4NKW0B8AfY/4oRlgfRT7HTSEOCWWwSaXei6kgkA=
Subject key identifier: 64:C3:B7:19:1A:48:30:23:9C:EB:72:4E:34:5C:EF:0F:BD:23:3F:12
Certificate issuer: /CN=70e5b30272e43053208978dbe44bfee10a5d007e
Certificate serial: 019E72C27682F0B79A15641D4184C9F60591
Authority key identifier: 70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/ZMO3GRpIMCOc63JONFzvD70jPxI.roa
Signing time: Fri 29 May 2026 08:03:27 +0000
ROA not before: Fri 29 May 2026 08:03:27 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 44051
IP address blocks: 2.58.64.0/24 maxlen: 24
2.58.65.0/24 maxlen: 24
2.58.66.0/24 maxlen: 24
2.58.67.0/24 maxlen: 24
5.187.0.0/24 maxlen: 24
5.187.1.0/24 maxlen: 24
5.187.2.0/24 maxlen: 24
5.187.3.0/24 maxlen: 24
5.187.4.0/24 maxlen: 24
5.187.5.0/24 maxlen: 24
5.187.6.0/24 maxlen: 24
5.187.7.0/24 maxlen: 24
31.172.68.0/24 maxlen: 24
31.172.70.0/24 maxlen: 24
31.172.71.0/24 maxlen: 24
31.172.72.0/24 maxlen: 24
31.172.73.0/24 maxlen: 24
31.172.75.0/24 maxlen: 24
31.172.77.0/24 maxlen: 24
79.132.136.0/24 maxlen: 24
79.132.138.0/24 maxlen: 24
79.132.140.0/24 maxlen: 24
79.132.142.0/24 maxlen: 24
79.132.143.0/24 maxlen: 24
89.127.192.0/24 maxlen: 24
89.127.194.0/24 maxlen: 24
89.127.198.0/24 maxlen: 24
89.127.200.0/24 maxlen: 24
89.127.203.0/24 maxlen: 24
89.127.208.0/24 maxlen: 24
89.127.210.0/24 maxlen: 24
89.127.213.0/24 maxlen: 24
89.127.215.0/24 maxlen: 24
89.127.218.0/24 maxlen: 24
89.127.220.0/24 maxlen: 24
91.228.152.0/22 maxlen: 22
91.228.152.0/24 maxlen: 24
91.228.153.0/24 maxlen: 24
91.228.154.0/24 maxlen: 24
91.228.155.0/24 maxlen: 24
103.75.124.0/24 maxlen: 24
103.75.127.0/24 maxlen: 24
103.228.168.0/24 maxlen: 24
103.228.169.0/24 maxlen: 24
103.228.170.0/24 maxlen: 24
103.228.171.0/24 maxlen: 24
162.248.160.0/24 maxlen: 24
162.248.164.0/24 maxlen: 24
162.248.165.0/24 maxlen: 24
162.248.166.0/24 maxlen: 24
162.248.167.0/24 maxlen: 24
185.21.8.0/24 maxlen: 24
185.44.206.0/24 maxlen: 24
185.44.207.0/24 maxlen: 24
194.154.24.0/24 maxlen: 24
194.154.30.0/24 maxlen: 24
195.26.237.0/24 maxlen: 24
212.2.234.0/24 maxlen: 24
212.2.235.0/24 maxlen: 24
213.239.156.0/24 maxlen: 24
217.177.10.0/24 maxlen: 24
217.177.72.0/24 maxlen: 24
2a02:6b40::/32 maxlen: 32
2a02:6b40::/48 maxlen: 48
2a02:6b40:1::/48 maxlen: 48
2a02:6b40:1000::/48 maxlen: 48
2a02:6b40:2000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.mft
rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 12 Jun 2026 11:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:72:c2:76:82:f0:b7:9a:15:64:1d:41:84:c9:f6:05:91
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=70e5b30272e43053208978dbe44bfee10a5d007e
Validity
Not Before: May 29 08:03:27 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=64c3b7191a4830239ceb724e345cef0fbd233f12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:f8:6f:a8:a8:b7:64:0a:0d:31:ed:3e:98:8d:
e1:98:32:80:82:7c:ab:86:88:79:91:c8:f9:64:b2:
3e:4e:0a:a7:af:cb:9f:f8:62:49:5f:98:70:4e:a5:
0c:32:f5:47:05:f2:69:4a:93:22:79:88:b5:30:af:
ee:a7:3c:d9:84:6e:4f:8b:59:9a:a5:10:ea:38:03:
c9:2d:c0:a4:20:74:f8:2e:d0:cb:66:73:17:9a:a7:
2a:59:4e:4d:7c:98:e9:55:81:23:ae:6a:eb:1a:b3:
6f:ac:89:a2:50:48:73:b9:8d:60:1f:63:d1:48:a7:
34:de:e1:fc:da:3e:75:84:8f:37:4d:04:2b:f0:31:
eb:4d:61:15:3d:58:0a:d2:da:66:3f:3d:df:9e:52:
ed:bd:4b:cd:3b:db:7f:41:84:f5:0f:1d:e6:31:d8:
03:f3:f0:0d:d9:53:d2:6c:b5:b9:09:24:f9:71:11:
86:cc:e5:42:8f:f8:b4:37:01:5a:ff:da:0d:d7:7e:
af:71:15:63:44:77:59:c4:8c:2c:82:c7:47:f2:e0:
c6:c5:96:52:02:4b:80:e7:42:fb:43:61:01:81:e6:
f7:9c:91:38:79:38:84:42:62:a3:7a:c5:7b:dd:6d:
c8:80:0d:70:f4:64:0d:ac:2b:a6:76:ff:7b:b6:e9:
e5:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:C3:B7:19:1A:48:30:23:9C:EB:72:4E:34:5C:EF:0F:BD:23:3F:12
X509v3 Authority Key Identifier:
keyid:70:E5:B3:02:72:E4:30:53:20:89:78:DB:E4:4B:FE:E1:0A:5D:00:7E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/ZMO3GRpIMCOc63JONFzvD70jPxI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/22f1d5-f269-4f4f-bf8a-1fbc641b50b1/1/cOWzAnLkMFMgiXjb5Ev-4QpdAH4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.64.0/22
5.187.0.0/21
31.172.68.0/24
31.172.70.0-31.172.73.255
31.172.75.0/24
31.172.77.0/24
79.132.136.0/24
79.132.138.0/24
79.132.140.0/24
79.132.142.0/23
89.127.192.0/24
89.127.194.0/24
89.127.198.0/24
89.127.200.0/24
89.127.203.0/24
89.127.208.0/24
89.127.210.0/24
89.127.213.0/24
89.127.215.0/24
89.127.218.0/24
89.127.220.0/24
91.228.152.0/22
103.75.124.0/24
103.75.127.0/24
103.228.168.0/22
162.248.160.0/24
162.248.164.0/22
185.21.8.0/24
185.44.206.0/23
194.154.24.0/24
194.154.30.0/24
195.26.237.0/24
212.2.234.0/23
213.239.156.0/24
217.177.10.0/24
217.177.72.0/24
IPv6:
2a02:6b40::/32
Signature Algorithm: sha256WithRSAEncryption
4a:b0:44:84:e6:28:b4:b8:c6:bf:56:90:ec:81:35:c3:77:59:
7d:f4:c2:e8:f9:9d:23:ee:4f:23:fb:ed:63:9d:14:59:b8:ee:
b5:85:2d:ae:49:8b:c8:95:b7:fc:43:82:89:96:e5:19:78:7b:
3f:03:fd:a0:52:aa:4a:94:de:8d:41:66:d3:0e:37:3a:1e:78:
b9:b2:81:db:dd:35:18:e5:53:60:cf:11:24:5f:ed:c1:eb:1f:
7f:45:5d:23:67:68:c6:52:dd:9b:b5:ef:cb:24:3e:f9:bb:09:
2f:63:38:68:46:e8:2f:62:f4:46:dd:29:b3:0d:a7:55:2a:54:
66:c0:03:9e:ff:c9:6b:75:62:9a:d5:64:0b:ad:4b:1a:6b:04:
cf:dc:09:82:5a:9c:10:84:8f:e1:8d:29:84:fb:98:9f:c4:fc:
6c:9a:9b:37:ae:02:7a:3f:e0:67:54:a6:32:d9:cd:f8:34:1c:
a3:0b:9d:98:40:0c:d9:fd:28:84:1d:c4:29:b6:48:65:12:c6:
86:7c:c8:82:df:13:b9:ed:9b:a7:6f:19:2d:7e:f5:14:2f:fb:
32:7b:17:70:28:b9:f0:a3:9a:d2:78:23:84:0e:43:78:eb:16:
df:bf:88:b1:b7:95:72:34:bd:ca:ca:ac:d3:a7:4b:0b:82:e4:
ee:67:6b:cd
-----BEGIN CERTIFICATE-----
MIIF7DCCBNSgAwIBAgISAZ5ywnaC8LeaFWQdQYTJ9gWRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcwZTViMzAyNzJlNDMwNTMyMDg5NzhkYmU0NGJmZWUxMGE1
ZDAwN2UwHhcNMjYwNTI5MDgwMzI3WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGMzYjcxOTFhNDgzMDIzOWNlYjcyNGUzNDVjZWYwZmJkMjMzZjEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs/hvqKi3ZAoNMe0+mI3hmDKAgnyr
hoh5kcj5ZLI+Tgqnr8uf+GJJX5hwTqUMMvVHBfJpSpMieYi1MK/upzzZhG5Pi1ma
pRDqOAPJLcCkIHT4LtDLZnMXmqcqWU5NfJjpVYEjrmrrGrNvrImiUEhzuY1gH2PR
SKc03uH82j51hI83TQQr8DHrTWEVPVgK0tpmPz3fnlLtvUvNO9t/QYT1Dx3mMdgD
8/AN2VPSbLW5CST5cRGGzOVCj/i0NwFa/9oN136vcRVjRHdZxIwsgsdH8uDGxZZS
AkuA50L7Q2EBgeb3nJE4eTiEQmKjesV73W3IgA1w9GQNrCumdv97tunlcQIDAQAB
o4IC+DCCAvQwHQYDVR0OBBYEFGTDtxkaSDAjnOtyTjRc7w+9Iz8SMB8GA1UdIwQY
MBaAFHDlswJy5DBTIIl42+RL/uEKXQB+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEt
MWZiYzY0MWI1MGIxLzEvWk1PM0dScElNQ09jNjNKT05GenZENzBqUHhJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8yMmYxZDUtZjI2OS00ZjRmLWJmOGEtMWZiYzY0MWI1MGIx
LzEvY09XekFuTGtNRk1naVhqYjVFdi00UXBkQUg0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDAYIKwYBBQUHAQcBAf8EgfwwgfkwgecEAgABMIHgAwQC
AjpAAwQDBbsAAwQAH6xEMAwDBAEfrEYDBAEfrEgDBAAfrEsDBAAfrE0DBABPhIgD
BABPhIoDBABPhIwDBAFPhI4DBABZf8ADBABZf8IDBABZf8YDBABZf8gDBABZf8sD
BABZf9ADBABZf9IDBABZf9UDBABZf9cDBABZf9oDBABZf9wDBAJb5JgDBABnS3wD
BABnS38DBAJn5KgDBACi+KADBAKi+KQDBAC5FQgDBAG5LM4DBADCmhgDBADCmh4D
BADDGu0DBAHUAuoDBADV75wDBADZsQoDBADZsUgwDQQCAAIwBwMFACoCa0AwDQYJ
KoZIhvcNAQELBQADggEBAEqwRITmKLS4xr9WkOyBNcN3WX30wuj5nSPuTyP77WOd
FFm47rWFLa5Ji8iVt/xDgomW5Rl4ez8D/aBSqkqU3o1BZtMONzoeeLmygdvdNRjl
U2DPESRf7cHrH39FXSNnaMZS3Zu178skPvm7CS9jOGhG6C9i9EbdKbMNp1UqVGbA
A57/yWt1YprVZAutSxprBM/cCYJanBCEj+GNKYT7mJ/E/GyamzeuAno/4GdUpjLZ
zfg0HKMLnZhADNn9KIQdxCm2SGUSxoZ8yILfE7ntm6dvGS1+9RQv+zJ7F3AoufCj
mtJ4I4QOQ3jrFt+/iLG3lXI0vcrKrNOnSwuC5O5na80=
-----END CERTIFICATE-----
Generated at Thu Jun 11 21:37:30 2026 by rpki-client