
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/ZI7vOrG6oAyS8YfJbBpZewDNGXQ.roa
File: ZI7vOrG6oAyS8YfJbBpZewDNGXQ.roa (raw, json)
Hash identifier: npYfXMzfry1oEZ/+7tKck9ENcVNUZ6jLLVA2nOAVsn8=
Subject key identifier: 64:8E:EF:3A:B1:BA:A0:0C:92:F1:87:C9:6C:1A:59:7B:00:CD:19:74
Certificate issuer: /CN=1b12120c351c14eec22109f603249fcdac1d3321
Certificate serial: 0199E85B4326071398DA58770F646232AA0A
Authority key identifier: 1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/ZI7vOrG6oAyS8YfJbBpZewDNGXQ.roa
Signing time: Wed 15 Oct 2025 14:51:59 +0000
ROA not before: Wed 15 Oct 2025 14:51:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214943
IP address blocks: 91.92.240.0/24 maxlen: 24
91.92.241.0/24 maxlen: 24
91.92.242.0/24 maxlen: 24
91.92.243.0/24 maxlen: 24
158.94.208.0/24 maxlen: 24
158.94.209.0/24 maxlen: 24
158.94.210.0/24 maxlen: 24
158.94.211.0/24 maxlen: 24
178.16.52.0/24 maxlen: 24
178.16.53.0/24 maxlen: 24
178.16.54.0/24 maxlen: 24
178.16.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.mft
rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e8:5b:43:26:07:13:98:da:58:77:0f:64:62:32:aa:0a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=1b12120c351c14eec22109f603249fcdac1d3321
Validity
Not Before: Oct 15 14:51:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=648eef3ab1baa00c92f187c96c1a597b00cd1974
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b7:f9:14:24:7f:6d:36:4a:0b:48:7a:38:d7:eb:
a8:6b:3a:50:29:13:71:0c:f6:45:33:4a:7e:21:7b:
bf:1a:fc:09:fd:d2:8a:d1:c8:27:d7:e0:77:cb:c3:
cd:0d:ce:45:67:f6:00:b1:eb:6a:4a:d4:bc:cf:c7:
e7:5f:84:cb:fb:0a:0d:bc:c5:f1:38:4f:02:05:b0:
d4:86:dc:85:7d:5c:09:14:3d:e0:05:a7:fd:86:3e:
53:0b:9b:d1:bb:9c:25:8e:a3:38:37:48:f9:09:5d:
ea:48:e4:ae:ee:81:2d:b3:41:0f:15:94:81:c5:51:
3e:56:30:4c:71:1f:b3:3d:1f:72:f0:78:40:dc:b9:
f0:73:44:50:ed:2e:6e:4c:36:c4:74:a1:32:68:e4:
a5:cc:7d:d6:a0:02:3e:39:92:d6:b1:da:15:f3:82:
b8:6a:3f:a7:25:80:af:0b:da:ba:8b:38:fe:b3:5c:
74:ae:3e:40:fe:76:ca:48:89:c9:20:e6:3a:0e:13:
05:e2:61:53:6d:fe:b6:29:4a:38:94:b3:2f:60:ac:
25:93:4b:01:d9:e8:69:ba:e9:55:13:3a:20:b8:03:
82:19:05:fe:37:b1:ae:6d:52:aa:cb:ad:6d:54:e8:
f6:d3:ed:3d:e3:4b:c8:ed:89:75:f6:9e:44:cb:68:
7b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:8E:EF:3A:B1:BA:A0:0C:92:F1:87:C9:6C:1A:59:7B:00:CD:19:74
X509v3 Authority Key Identifier:
keyid:1B:12:12:0C:35:1C:14:EE:C2:21:09:F6:03:24:9F:CD:AC:1D:33:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GxISDDUcFO7CIQn2AySfzawdMyE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/ZI7vOrG6oAyS8YfJbBpZewDNGXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/3daf7f-301d-423e-946e-43df47d5a1e7/1/GxISDDUcFO7CIQn2AySfzawdMyE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.92.240.0/22
158.94.208.0/22
178.16.52.0/22
Signature Algorithm: sha256WithRSAEncryption
83:84:54:b2:d6:33:49:f4:2e:d5:74:ca:c8:88:05:2f:94:7c:
7d:46:1d:40:b0:61:63:e6:c4:13:ae:b0:19:eb:c6:bc:c6:f3:
2e:dc:54:c1:b7:94:fa:27:df:e6:c0:b5:1b:b8:8c:8b:16:28:
cc:16:a8:91:0e:bc:1e:5c:86:ce:81:36:9d:0e:a8:04:4b:b5:
b7:be:96:af:d0:b4:99:2e:b6:34:b7:b3:5d:0e:c2:23:ae:9a:
18:01:ab:82:86:7f:2d:c9:0a:a0:8a:0e:12:72:51:cc:7a:4a:
72:38:02:74:5d:ce:c9:b1:8b:51:7d:3c:ac:bb:e6:08:df:8d:
ee:5e:ab:52:b9:b6:17:30:57:e5:52:57:76:01:b1:18:06:2d:
ab:b8:e1:52:c3:84:7d:7c:a0:69:58:01:0b:78:bf:56:18:53:
1e:d0:e6:37:81:0b:04:21:7b:d6:27:7e:9a:52:5a:45:9e:bd:
d2:93:98:d5:f2:66:f3:eb:7a:e0:36:25:dd:f8:c3:94:7d:22:
a6:5d:7b:f7:21:2a:67:93:f3:24:a2:e7:66:4a:9e:4f:ba:11:
41:22:af:15:cb:8d:f9:fc:3a:ef:c6:63:61:ca:95:1d:1a:83:
c0:9f:b2:0e:93:f6:0d:4d:f3:12:a9:50:f1:ce:7a:24:ff:d7:
10:d5:1d:16
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZnoW0MmBxOY2lh3D2RiMqoKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDFiMTIxMjBjMzUxYzE0ZWVjMjIxMDlmNjAzMjQ5ZmNkYWMx
ZDMzMjEwHhcNMjUxMDE1MTQ1MTU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDhlZWYzYWIxYmFhMDBjOTJmMTg3Yzk2YzFhNTk3YjAwY2QxOTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAt/kUJH9tNkoLSHo41+uoazpQKRNx
DPZFM0p+IXu/GvwJ/dKK0cgn1+B3y8PNDc5FZ/YAsetqStS8z8fnX4TL+woNvMXx
OE8CBbDUhtyFfVwJFD3gBaf9hj5TC5vRu5wljqM4N0j5CV3qSOSu7oEts0EPFZSB
xVE+VjBMcR+zPR9y8HhA3Lnwc0RQ7S5uTDbEdKEyaOSlzH3WoAI+OZLWsdoV84K4
aj+nJYCvC9q6izj+s1x0rj5A/nbKSInJIOY6DhMF4mFTbf62KUo4lLMvYKwlk0sB
2ehpuulVEzoguAOCGQX+N7GubVKqy61tVOj20+0940vI7Yl19p5Ey2h7vQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGSO7zqxuqAMkvGHyWwaWXsAzRl0MB8GA1UdIwQY
MBaAFBsSEgw1HBTuwiEJ9gMkn82sHTMhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUt
NDNkZjQ3ZDVhMWU3LzEvWkk3dk9yRzZvQXlTOFlmSmJCcFpld0ROR1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS8zZGFmN2YtMzAxZC00MjNlLTk0NmUtNDNkZjQ3ZDVhMWU3
LzEvR3hJU0REVWNGTzdDSVFuMkF5U2Z6YXdkTXlFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCW1zwAwQC
nl7QAwQCshA0MA0GCSqGSIb3DQEBCwUAA4IBAQCDhFSy1jNJ9C7VdMrIiAUvlHx9
Rh1AsGFj5sQTrrAZ68a8xvMu3FTBt5T6J9/mwLUbuIyLFijMFqiRDrweXIbOgTad
DqgES7W3vpav0LSZLrY0t7NdDsIjrpoYAauChn8tyQqgig4SclHMekpyOAJ0Xc7J
sYtRfTysu+YI343uXqtSubYXMFflUld2AbEYBi2ruOFSw4R9fKBpWAELeL9WGFMe
0OY3gQsEIXvWJ36aUlpFnr3Sk5jV8mbz63rgNiXd+MOUfSKmXXv3ISpnk/Mkoudm
Sp5PuhFBIq8Vy435/DrvxmNhypUdGoPAn7IOk/YNTfMSqVDxznok/9cQ1R0W
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:20:41 2025 by rpki-client