Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/ZwlANAaAmvWFJg4oN0Kigut0u8A.roa
File: ZwlANAaAmvWFJg4oN0Kigut0u8A.roa (raw, json)
Hash identifier: xCGLRl7E5Z55wWdT0lqlDrtOMIU0KHDV+L6PHOcX4k0=
Subject key identifier: 67:09:40:34:06:80:9A:F5:85:26:0E:28:37:42:A2:82:EB:74:BB:C0
Certificate issuer: /CN=b1267a51acb66f2991bea5243fe388068971a1f1
Certificate serial: 019980431094DC587AE4B11BC7477EFB9802
Authority key identifier: B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/ZwlANAaAmvWFJg4oN0Kigut0u8A.roa
Signing time: Thu 25 Sep 2025 09:45:02 +0000
ROA not before: Thu 25 Sep 2025 09:45:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47764
IP address blocks: 5.61.232.0/21 maxlen: 21
5.181.61.0/24 maxlen: 24
5.188.140.0/22 maxlen: 22
37.139.32.0/22 maxlen: 22
37.139.40.0/22 maxlen: 22
45.84.128.0/22 maxlen: 22
62.217.160.0/20 maxlen: 20
83.166.232.0/21 maxlen: 21
83.166.248.0/21 maxlen: 21
83.217.216.0/22 maxlen: 22
84.23.52.0/22 maxlen: 22
85.192.32.0/22 maxlen: 22
87.239.104.0/21 maxlen: 21
89.208.196.0/22 maxlen: 22
89.208.208.0/22 maxlen: 22
89.208.216.0/23 maxlen: 23
89.208.218.0/23 maxlen: 23
89.208.220.0/22 maxlen: 22
89.208.228.0/22 maxlen: 22
89.221.235.0/24 maxlen: 24
90.156.148.0/22 maxlen: 22
90.156.151.0/24 maxlen: 24
90.156.212.0/22 maxlen: 22
90.156.216.0/22 maxlen: 22
90.156.232.0/21 maxlen: 21
94.100.176.0/20 maxlen: 20
95.163.32.0/19 maxlen: 19
95.163.180.0/22 maxlen: 22
95.163.208.0/21 maxlen: 21
95.163.216.0/22 maxlen: 22
146.185.208.0/22 maxlen: 22
146.185.240.0/22 maxlen: 22
176.112.168.0/21 maxlen: 21
178.22.88.0/21 maxlen: 21
178.237.16.0/20 maxlen: 20
178.237.29.0/24 maxlen: 24
185.86.144.0/22 maxlen: 22
185.180.200.0/22 maxlen: 22
185.187.63.0/24 maxlen: 24
188.93.56.0/21 maxlen: 21
213.219.212.0/22 maxlen: 22
2a00:1148::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl
rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.mft
rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:80:43:10:94:dc:58:7a:e4:b1:1b:c7:47:7e:fb:98:02
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b1267a51acb66f2991bea5243fe388068971a1f1
Validity
Not Before: Sep 25 09:45:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6709403406809af585260e283742a282eb74bbc0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:85:d2:29:36:a7:ba:ce:55:e0:e5:b5:e9:8c:
56:e4:9e:13:f3:a5:c0:37:5a:3c:a9:f6:05:c5:c5:
3a:a0:5e:06:02:18:86:19:89:82:40:25:75:21:eb:
46:d3:ba:5e:ba:8b:ac:cf:25:d7:74:d8:2a:1e:a1:
65:8f:cd:db:f3:a1:a9:18:51:06:51:c1:45:99:75:
09:df:37:a4:fd:97:bd:48:71:cd:8f:de:ee:42:ce:
0a:b8:3f:80:1a:32:8d:e3:19:19:75:c9:f2:7b:0b:
41:3f:cb:8a:8d:8c:37:e9:8b:be:6e:74:1c:75:40:
28:48:94:6c:4b:8e:e8:91:e9:b5:6e:1d:a2:10:d8:
97:25:0b:70:67:90:19:b0:8f:8d:12:c4:9a:9c:0b:
70:e2:7c:76:fb:37:8e:d0:5a:e8:e8:2b:c7:46:ab:
7b:ea:ec:e4:ca:00:43:c1:7f:46:9f:26:3e:cb:ef:
86:58:97:cf:fa:38:ae:14:fd:5f:6d:fd:42:3b:e5:
82:d5:56:b8:dd:38:05:1c:54:01:01:81:3a:d6:a1:
8a:77:01:e5:1c:e0:dd:b4:26:7e:d5:62:b4:2e:1e:
26:87:43:d9:51:38:42:7b:af:d4:33:08:59:a8:6b:
93:9a:88:ff:02:26:6f:4d:a2:ee:23:36:91:3c:56:
87:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:09:40:34:06:80:9A:F5:85:26:0E:28:37:42:A2:82:EB:74:BB:C0
X509v3 Authority Key Identifier:
keyid:B1:26:7A:51:AC:B6:6F:29:91:BE:A5:24:3F:E3:88:06:89:71:A1:F1
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/sSZ6Uay2bymRvqUkP-OIBolxofE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/ZwlANAaAmvWFJg4oN0Kigut0u8A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4e/d74ca2-3de6-4b69-a000-94d1b89f8cb2/1/sSZ6Uay2bymRvqUkP-OIBolxofE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.232.0/21
5.181.61.0/24
5.188.140.0/22
37.139.32.0/22
37.139.40.0/22
45.84.128.0/22
62.217.160.0/20
83.166.232.0/21
83.166.248.0/21
83.217.216.0/22
84.23.52.0/22
85.192.32.0/22
87.239.104.0/21
89.208.196.0/22
89.208.208.0/22
89.208.216.0/21
89.208.228.0/22
89.221.235.0/24
90.156.148.0/22
90.156.212.0-90.156.219.255
90.156.232.0/21
94.100.176.0/20
95.163.32.0/19
95.163.180.0/22
95.163.208.0-95.163.219.255
146.185.208.0/22
146.185.240.0/22
176.112.168.0/21
178.22.88.0/21
178.237.16.0/20
185.86.144.0/22
185.180.200.0/22
185.187.63.0/24
188.93.56.0/21
213.219.212.0/22
IPv6:
2a00:1148::/32
Signature Algorithm: sha256WithRSAEncryption
63:88:97:21:fb:60:2c:4a:f7:91:e3:a8:e3:3f:0e:ab:44:cb:
57:4a:fa:4b:23:9c:fe:d4:db:24:41:66:36:91:15:ba:d4:10:
ce:f2:da:70:50:01:0a:38:eb:81:0a:91:86:ec:39:35:c1:00:
31:f2:20:86:b4:fb:cb:70:4b:6f:76:d9:10:40:38:29:84:3a:
b8:ec:c9:06:ec:a3:9b:a0:5f:77:79:93:b0:37:69:3a:3b:a4:
92:ce:d0:5f:4a:45:85:84:f7:d7:c4:6a:cd:30:bb:19:27:de:
b4:d4:ea:d8:59:00:f6:b1:ed:b6:52:27:dc:39:e3:46:5a:a5:
3a:ae:e9:d0:d7:39:97:ef:1a:85:f6:86:b5:3f:9e:be:d6:a9:
f1:e1:54:f3:93:d9:f7:ac:87:13:fe:ab:1a:5f:f1:77:2a:f1:
eb:f4:ae:30:30:6d:56:71:79:e6:47:e3:c3:51:e9:04:67:93:
ea:7f:b8:28:32:23:e6:4c:af:ab:75:79:79:5e:38:5a:7b:1a:
68:5e:91:8e:bb:6a:2b:dc:b1:37:8e:bc:d5:bd:eb:47:d1:a3:
65:3b:6f:f8:ab:9b:0e:8f:6e:c8:4b:46:36:e6:f4:27:a0:79:
68:ca:97:18:d6:64:e7:4d:98:a6:eb:dd:51:65:04:e6:2d:e2:
06:cf:a9:65
-----BEGIN CERTIFICATE-----
MIIF7jCCBNagAwIBAgISAZmAQxCU3Fh65LEbx0d++5gCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGIxMjY3YTUxYWNiNjZmMjk5MWJlYTUyNDNmZTM4ODA2ODk3
MWExZjEwHhcNMjUwOTI1MDk0NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzA5NDAzNDA2ODA5YWY1ODUyNjBlMjgzNzQyYTI4MmViNzRiYmMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoXSKTanus5V4OW16YxW5J4T86XA
N1o8qfYFxcU6oF4GAhiGGYmCQCV1IetG07peuouszyXXdNgqHqFlj83b86GpGFEG
UcFFmXUJ3zek/Ze9SHHNj97uQs4KuD+AGjKN4xkZdcnyewtBP8uKjYw36Yu+bnQc
dUAoSJRsS47okem1bh2iENiXJQtwZ5AZsI+NEsSanAtw4nx2+zeO0Fro6CvHRqt7
6uzkygBDwX9GnyY+y++GWJfP+jiuFP1fbf1CO+WC1Va43TgFHFQBAYE61qGKdwHl
HODdtCZ+1WK0Lh4mh0PZUThCe6/UMwhZqGuTmoj/AiZvTaLuIzaRPFaHCQIDAQAB
o4IC+jCCAvYwHQYDVR0OBBYEFGcJQDQGgJr1hSYOKDdCooLrdLvAMB8GA1UdIwQY
MBaAFLEmelGstm8pkb6lJD/jiAaJcaHxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAt
OTRkMWI4OWY4Y2IyLzEvWndsQU5BYUFtdldGSmc0b04wS2lndXQwdThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZS9kNzRjYTItM2RlNi00YjY5LWEwMDAtOTRkMWI4OWY4Y2Iy
LzEvc1NaNlVheTJieW1SdnFVa1AtT0lCb2x4b2ZFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBDgYIKwYBBQUHAQcBAf8Egf4wgfswgekEAgABMIHiAwQD
BT3oAwQABbU9AwQCBbyMAwQCJYsgAwQCJYsoAwQCLVSAAwQEPtmgAwQDU6boAwQD
U6b4AwQCU9nYAwQCVBc0AwQCVcAgAwQDV+9oAwQCWdDEAwQCWdDQAwQDWdDYAwQC
WdDkAwQAWd3rAwQCWpyUMAwDBAJanNQDBAJanNgDBANanOgDBAReZLADBAVfoyAD
BAJfo7QwDAMEBF+j0AMEAl+j2AMEApK50AMEApK58AMEA7BwqAMEA7IWWAMEBLLt
EAMEArlWkAMEArm0yAMEALm7PwMEA7xdOAMEAtXb1DANBAIAAjAHAwUAKgARSDAN
BgkqhkiG9w0BAQsFAAOCAQEAY4iXIftgLEr3keOo4z8Oq0TLV0r6SyOc/tTbJEFm
NpEVutQQzvLacFABCjjrgQqRhuw5NcEAMfIghrT7y3BLb3bZEEA4KYQ6uOzJBuyj
m6Bfd3mTsDdpOjukks7QX0pFhYT318RqzTC7GSfetNTq2FkA9rHttlIn3DnjRlql
Oq7p0Nc5l+8ahfaGtT+evtap8eFU85PZ96yHE/6rGl/xdyrx6/SuMDBtVnF55kfj
w1HpBGeT6n+4KDIj5kyvq3V5eV44WnsaaF6RjrtqK9yxN4681b3rR9GjZTtv+Kub
Do9uyEtGNub0J6B5aMqXGNZk502YpuvdUWUE5i3iBs+pZQ==
-----END CERTIFICATE-----
Generated at Mon Oct 20 09:58:56 2025 by rpki-client