Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/EZnMzUek9gtwLiflN9YhPfdICCc.roa
File: EZnMzUek9gtwLiflN9YhPfdICCc.roa (raw, json)
Hash identifier: 0uipmp89+pXMdetdnf7b2K62/6mGiNjIbKFkJwaQL7M=
Subject key identifier: 11:99:CC:CD:47:A4:F6:0B:70:2E:27:E5:37:D6:21:3D:F7:48:08:27
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 01988895A38E3F98C0ACE35273523C83A250
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/EZnMzUek9gtwLiflN9YhPfdICCc.roa
Signing time: Fri 08 Aug 2025 07:29:24 +0000
ROA not before: Fri 08 Aug 2025 07:29:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60446
IP address blocks: 31.210.37.0/24 maxlen: 24
31.210.38.0/24 maxlen: 24
31.210.39.0/24 maxlen: 24
31.210.40.0/24 maxlen: 24
77.92.147.0/24 maxlen: 24
78.135.75.0/24 maxlen: 24
78.135.76.0/24 maxlen: 24
188.132.216.0/24 maxlen: 24
188.132.223.0/24 maxlen: 24
188.132.224.0/24 maxlen: 24
188.132.226.0/24 maxlen: 24
188.132.230.0/24 maxlen: 24
188.132.239.0/24 maxlen: 24
188.132.241.0/24 maxlen: 24
188.132.242.0/24 maxlen: 24
188.132.243.0/24 maxlen: 24
188.132.250.0/24 maxlen: 24
188.132.251.0/24 maxlen: 24
212.68.55.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 04:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:88:95:a3:8e:3f:98:c0:ac:e3:52:73:52:3c:83:a2:50
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Aug 8 07:29:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=1199cccd47a4f60b702e27e537d6213df7480827
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:2e:cf:03:02:b0:30:3f:a7:29:33:9f:56:84:
28:c9:73:03:f6:ae:31:af:66:df:80:7e:e7:30:6e:
45:e2:a2:13:73:bf:8a:1b:87:2b:fe:c5:1e:eb:e8:
96:fb:29:ae:58:05:ce:a4:7d:0c:30:e3:ef:f9:73:
58:d8:f8:79:b0:9e:8f:2b:42:8c:83:54:62:e0:a8:
06:58:31:81:c5:a4:be:97:cd:0a:4c:70:31:3f:32:
90:ec:e8:16:09:cf:85:76:9e:97:be:78:f5:0b:52:
2b:fc:16:d1:ac:51:6d:a5:8d:88:49:21:85:9a:37:
14:00:ff:a8:6f:7e:50:37:34:bd:29:58:e8:ae:b6:
ba:7e:5a:8f:38:9a:47:d0:ea:0c:8c:89:b6:c2:9b:
c7:f7:7e:f4:73:b9:9e:46:6b:17:ae:9d:8b:39:31:
96:3e:a2:54:1b:8f:a9:6a:d3:99:24:65:3d:04:c9:
a7:0a:dd:80:0b:1d:c6:2d:1b:53:83:fe:fc:41:03:
03:53:98:c0:55:5f:0a:02:a4:7b:89:e7:dc:c9:ad:
7e:40:2c:88:9c:24:44:0b:fc:d2:d3:6a:a5:9c:5f:
3b:87:38:4e:40:bf:c3:0d:19:aa:9a:1f:02:6e:95:
b4:29:a7:1a:c7:2c:65:81:fe:a6:cf:65:79:9a:3b:
11:61
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
11:99:CC:CD:47:A4:F6:0B:70:2E:27:E5:37:D6:21:3D:F7:48:08:27
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/EZnMzUek9gtwLiflN9YhPfdICCc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.37.0-31.210.40.255
77.92.147.0/24
78.135.75.0-78.135.76.255
188.132.216.0/24
188.132.223.0-188.132.224.255
188.132.226.0/24
188.132.230.0/24
188.132.239.0/24
188.132.241.0-188.132.243.255
188.132.250.0/23
212.68.55.0/24
Signature Algorithm: sha256WithRSAEncryption
75:5f:2a:85:98:b6:ec:3d:ac:14:cb:87:42:16:23:97:b2:33:
33:a8:0f:5a:10:ac:83:41:20:07:90:f9:9a:e0:d7:d8:74:c9:
b3:77:39:be:8b:7c:2d:12:64:9a:45:3e:cd:2a:81:8b:46:11:
5b:0c:3d:c7:9e:e1:6d:70:74:6d:ca:60:9f:9f:8f:10:23:91:
bf:c9:d2:53:17:88:73:63:94:12:e4:62:54:f7:5a:d9:d1:33:
f4:cb:38:04:ba:76:33:17:47:2f:6a:7c:3f:ab:6a:ed:51:e1:
1d:b9:f3:47:2c:55:0c:bf:4e:7d:4c:f0:5d:0a:d5:70:44:d5:
cd:e6:db:87:56:7c:af:f3:cb:bf:47:97:c4:bd:5c:d6:48:25:
7f:4b:ba:c3:56:33:6a:9f:88:bb:18:2b:9c:19:45:d6:ec:62:
47:ba:ae:7d:76:1b:46:2f:df:93:af:00:aa:b0:f6:ea:c3:cc:
e8:ec:f4:23:97:f1:9c:8f:21:eb:3b:3c:db:f3:44:af:03:0c:
71:8b:bb:9e:33:0e:c8:2e:bd:fb:6b:a3:df:c9:f7:3e:f8:07:
1b:92:1e:da:07:74:26:b9:8b:a0:94:5d:89:82:f2:63:56:31:
74:33:46:7e:2c:8f:26:57:5d:ec:5e:16:8e:c7:51:e2:2b:09:
de:eb:4d:75
-----BEGIN CERTIFICATE-----
MIIFWTCCBEGgAwIBAgISAZiIlaOOP5jArONSc1I8g6JQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwODA4MDcyOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxMTk5Y2NjZDQ3YTRmNjBiNzAyZTI3ZTUzN2Q2MjEzZGY3NDgwODI3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAny7PAwKwMD+nKTOfVoQoyXMD9q4x
r2bfgH7nMG5F4qITc7+KG4cr/sUe6+iW+ymuWAXOpH0MMOPv+XNY2Ph5sJ6PK0KM
g1Ri4KgGWDGBxaS+l80KTHAxPzKQ7OgWCc+Fdp6Xvnj1C1Ir/BbRrFFtpY2ISSGF
mjcUAP+ob35QNzS9KVjorra6flqPOJpH0OoMjIm2wpvH9370c7meRmsXrp2LOTGW
PqJUG4+patOZJGU9BMmnCt2ACx3GLRtTg/78QQMDU5jAVV8KAqR7iefcya1+QCyI
nCREC/zS02qlnF87hzhOQL/DDRmqmh8CbpW0Kacaxyxlgf6mz2V5mjsRYQIDAQAB
o4ICZTCCAmEwHQYDVR0OBBYEFBGZzM1HpPYLcC4n5TfWIT33SAgnMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvRVpuTXpVZWs5Z3R3TGlmbE45WWhQZmRJQ0NjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHsGCCsGAQUFBwEHAQH/BGwwajBoBAIAATBiMAwDBAAf0iUD
BAAf0igDBABNXJMwDAMEAE6HSwMEAE6HTAMEALyE2DAMAwQAvITfAwQAvITgAwQA
vITiAwQAvITmAwQAvITvMAwDBAC8hPEDBAK8hPADBAG8hPoDBADURDcwDQYJKoZI
hvcNAQELBQADggEBAHVfKoWYtuw9rBTLh0IWI5eyMzOoD1oQrINBIAeQ+Zrg19h0
ybN3Ob6LfC0SZJpFPs0qgYtGEVsMPcee4W1wdG3KYJ+fjxAjkb/J0lMXiHNjlBLk
YlT3WtnRM/TLOAS6djMXRy9qfD+rau1R4R2580csVQy/Tn1M8F0K1XBE1c3m24dW
fK/zy79Hl8S9XNZIJX9LusNWM2qfiLsYK5wZRdbsYke6rn12G0Yv35OvAKqw9urD
zOjs9COX8ZyPIes7PNvzRK8DDHGLu54zDsguvftro9/J9z74BxuSHtoHdCa5i6CU
XYmC8mNWMXQzRn4sjyZXXexeFo7HUeIrCd7rTXU=
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:30:29 2025 by rpki-client