Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/zWjz2LNLq80pq2WuE0E1NBqZS1o.roa
File: zWjz2LNLq80pq2WuE0E1NBqZS1o.roa (raw, json)
Hash identifier: ap78rPxrVGTGOGfqvTyPywElC+o3n1VjpUH+IK1D8Yc=
Subject key identifier: CD:68:F3:D8:B3:4B:AB:CD:29:AB:65:AE:13:41:35:34:1A:99:4B:5A
Certificate issuer: /CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Certificate serial: 0199A9EFB413BF11D5CF58A046D5061A2F52
Authority key identifier: 0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/zWjz2LNLq80pq2WuE0E1NBqZS1o.roa
Signing time: Fri 03 Oct 2025 11:58:02 +0000
ROA not before: Fri 03 Oct 2025 11:58:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8708
IP address blocks: 5.2.128.0/17 maxlen: 24
5.12.0.0/14 maxlen: 24
31.14.224.0/22 maxlen: 24
62.231.64.0/18 maxlen: 24
62.231.120.0/24 maxlen: 24
79.114.0.0/15 maxlen: 24
79.118.0.0/15 maxlen: 24
79.118.155.0/24 maxlen: 24
81.18.64.0/19 maxlen: 24
81.196.0.0/16 maxlen: 24
82.76.0.0/14 maxlen: 24
82.79.10.0/24 maxlen: 24
82.137.0.0/18 maxlen: 24
82.137.0.0/21 maxlen: 24
82.137.16.0/20 maxlen: 24
82.137.32.0/19 maxlen: 24
84.232.128.0/17 maxlen: 24
84.232.149.0/24 maxlen: 24
86.120.0.0/13 maxlen: 24
86.121.222.0/24 maxlen: 24
86.127.54.0/24 maxlen: 24
86.127.59.0/24 maxlen: 24
89.43.180.0/23 maxlen: 24
89.45.72.0/22 maxlen: 24
89.46.12.0/22 maxlen: 24
93.113.40.0/22 maxlen: 24
185.129.36.0/22 maxlen: 22
188.24.0.0/15 maxlen: 24
188.26.0.0/17 maxlen: 24
188.26.128.0/18 maxlen: 24
188.26.224.0/19 maxlen: 24
188.27.0.0/16 maxlen: 24
188.27.120.0/24 maxlen: 24
193.111.232.0/24 maxlen: 24
194.102.80.0/24 maxlen: 24
194.102.81.0/24 maxlen: 24
212.54.96.0/19 maxlen: 24
212.54.120.0/24 maxlen: 24
212.54.122.0/24 maxlen: 24
212.54.123.0/24 maxlen: 24
212.93.128.0/19 maxlen: 24
212.93.143.0/24 maxlen: 24
213.154.100.0/24 maxlen: 24
213.157.160.0/19 maxlen: 24
213.157.189.0/24 maxlen: 24
2a02:2f00::/28 maxlen: 48
2a02:2f01:100::/48 maxlen: 48
2a02:2f09:3100::/48 maxlen: 48
2a02:2f0c:8002::/48 maxlen: 48
2a03:9c20::/32 maxlen: 32
2a03:9c20:1000::/48 maxlen: 48
2a03:9c20:f000::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.mft
rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:ef:b4:13:bf:11:d5:cf:58:a0:46:d5:06:1a:2f:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0b556acb5f3b961b5cc24a2995f34ee91f79dc16
Validity
Not Before: Oct 3 11:58:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd68f3d8b34babcd29ab65ae134135341a994b5a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:8b:ce:73:12:1b:7f:fd:12:f9:0c:f3:f2:d2:
42:1a:59:eb:69:a7:1a:43:af:c6:45:5c:b0:c1:be:
49:92:dd:1a:b4:2b:3e:50:3f:91:06:3d:dd:dc:63:
ac:ab:f7:88:0c:f7:02:2e:2e:64:cb:43:4a:6e:a8:
8d:c8:8e:42:4b:2f:e6:39:da:c2:a9:a7:14:11:fd:
f6:e2:38:9e:2f:d2:0a:fe:e8:5d:70:ef:70:cb:a1:
f2:fa:ee:df:e0:5f:39:ef:02:46:44:f3:59:b7:76:
98:81:79:c2:98:61:d7:c4:f3:81:2d:92:77:e2:ce:
3f:58:5c:a2:55:12:27:9c:39:1a:07:97:ac:1d:24:
e5:c2:13:33:37:53:8b:6d:d3:e3:bb:aa:d6:22:7b:
bc:91:b3:d8:7d:18:a2:9b:c8:b3:bb:33:7e:68:4a:
f7:37:63:32:de:1f:99:d2:51:d5:1d:27:cf:79:9d:
82:3d:77:6f:07:7b:61:76:b3:31:8a:a0:0e:85:4f:
e1:b1:5b:1e:d7:da:f9:30:b9:fd:93:84:69:28:19:
91:57:f7:ab:47:23:3a:12:2b:b4:a5:81:47:4d:c7:
77:a5:5f:6a:2e:bc:bd:57:e5:6f:3e:80:d4:84:63:
9f:bd:b7:cf:cd:fb:45:c0:4c:75:89:1b:43:39:ed:
c1:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:68:F3:D8:B3:4B:AB:CD:29:AB:65:AE:13:41:35:34:1A:99:4B:5A
X509v3 Authority Key Identifier:
keyid:0B:55:6A:CB:5F:3B:96:1B:5C:C2:4A:29:95:F3:4E:E9:1F:79:DC:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/C1Vqy187lhtcwkoplfNO6R953BY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/zWjz2LNLq80pq2WuE0E1NBqZS1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/829fdf-ba63-4c23-91d1-d2bbf37dabb4/1/C1Vqy187lhtcwkoplfNO6R953BY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.2.128.0/17
5.12.0.0/14
31.14.224.0/22
62.231.64.0/18
79.114.0.0/15
79.118.0.0/15
81.18.64.0/19
81.196.0.0/16
82.76.0.0/14
82.137.0.0/18
84.232.128.0/17
86.120.0.0/13
89.43.180.0/23
89.45.72.0/22
89.46.12.0/22
93.113.40.0/22
185.129.36.0/22
188.24.0.0-188.26.191.255
188.26.224.0-188.27.255.255
193.111.232.0/24
194.102.80.0/23
212.54.96.0/19
212.93.128.0/19
213.154.100.0/24
213.157.160.0/19
IPv6:
2a02:2f00::/28
2a03:9c20::/32
Signature Algorithm: sha256WithRSAEncryption
78:34:c8:24:7d:98:fd:2e:2f:13:50:e4:04:ac:ad:50:3c:62:
9d:05:18:85:34:2f:b0:d7:c8:4b:04:00:ae:0e:94:28:bf:ef:
e3:9a:81:b8:58:77:42:0d:ed:54:89:42:8b:44:f5:cf:93:fd:
f6:c9:d9:e0:24:ae:47:07:71:dc:7a:0c:58:0c:fc:ef:af:cd:
a2:a6:17:07:a9:9c:fb:73:ab:f5:0c:73:9a:4f:d1:a9:58:29:
ab:cd:03:56:fe:ee:7b:aa:24:61:36:4a:3c:b4:84:42:31:b1:
8d:92:45:c0:db:2d:29:1a:de:3f:22:21:f8:76:f9:90:79:61:
21:bc:ee:b0:e2:b5:f6:e9:8b:33:75:bc:2d:d5:c9:25:18:a6:
5f:f0:e0:04:90:71:a1:f1:1c:fe:3b:d2:c0:05:b2:0c:b9:bc:
b4:e9:ec:6b:dd:7f:91:59:c4:d0:eb:a4:6a:d9:02:3e:a2:9c:
fb:c6:86:f4:de:c5:da:74:e0:bf:49:35:9e:5f:c7:66:3f:b0:
bc:57:86:14:22:2a:33:45:65:af:56:ac:2a:09:11:d2:c0:3b:
51:a2:fb:af:93:23:6e:be:ce:b1:88:d8:01:a4:90:4f:da:d1:
dc:7c:0c:52:01:23:ae:17:31:ef:f3:06:0c:86:a1:eb:88:ec:
54:0f:3b:9d
-----BEGIN CERTIFICATE-----
MIIFsDCCBJigAwIBAgISAZmp77QTvxHVz1igRtUGGi9SMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBiNTU2YWNiNWYzYjk2MWI1Y2MyNGEyOTk1ZjM0ZWU5MWY3
OWRjMTYwHhcNMjUxMDAzMTE1ODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDY4ZjNkOGIzNGJhYmNkMjlhYjY1YWUxMzQxMzUzNDFhOTk0YjVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArovOcxIbf/0S+Qzz8tJCGlnraaca
Q6/GRVywwb5Jkt0atCs+UD+RBj3d3GOsq/eIDPcCLi5ky0NKbqiNyI5CSy/mOdrC
qacUEf324jieL9IK/uhdcO9wy6Hy+u7f4F857wJGRPNZt3aYgXnCmGHXxPOBLZJ3
4s4/WFyiVRInnDkaB5esHSTlwhMzN1OLbdPju6rWInu8kbPYfRiim8izuzN+aEr3
N2My3h+Z0lHVHSfPeZ2CPXdvB3thdrMxiqAOhU/hsVse19r5MLn9k4RpKBmRV/er
RyM6Eiu0pYFHTcd3pV9qLry9V+VvPoDUhGOfvbfPzftFwEx1iRtDOe3BWQIDAQAB
o4ICvDCCArgwHQYDVR0OBBYEFM1o89izS6vNKatlrhNBNTQamUtaMB8GA1UdIwQY
MBaAFAtVastfO5YbXMJKKZXzTukfedwWMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEt
ZDJiYmYzN2RhYmI0LzEveldqejJMTkxxODBwcTJXdUUwRTFOQnFaUzFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS84MjlmZGYtYmE2My00YzIzLTkxZDEtZDJiYmYzN2RhYmI0
LzEvQzFWcXkxODdsaHRjd2tvcGxmTk82Ujk1M0JZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHRBggrBgEFBQcBBwEB/wSBwTCBvjCBpQQCAAEwgZ4DBAcF
AoADAwIFDAMEAh8O4AMEBj7nQAMDAU9yAwMBT3YDBAVREkADAwBRxAMDAlJMAwQG
UokAAwQHVOiAAwMDVngDBAFZK7QDBAJZLUgDBAJZLgwDBAJdcSgDBAK5gSQwCwMD
A7wYAwQGvBqAMAsDBAW8GuADAwK8GAMEAMFv6AMEAcJmUAMEBdQ2YAMEBdRdgAME
ANWaZAMEBdWdoDAUBAIAAjAOAwUEKgIvAAMFACoDnCAwDQYJKoZIhvcNAQELBQAD
ggEBAHg0yCR9mP0uLxNQ5ASsrVA8Yp0FGIU0L7DXyEsEAK4OlCi/7+OagbhYd0IN
7VSJQotE9c+T/fbJ2eAkrkcHcdx6DFgM/O+vzaKmFwepnPtzq/UMc5pP0alYKavN
A1b+7nuqJGE2Sjy0hEIxsY2SRcDbLSka3j8iIfh2+ZB5YSG87rDitfbpizN1vC3V
ySUYpl/w4ASQcaHxHP470sAFsgy5vLTp7Gvdf5FZxNDrpGrZAj6inPvGhvTexdp0
4L9JNZ5fx2Y/sLxXhhQiKjNFZa9WrCoJEdLAO1Gi+6+TI26+zrGI2AGkkE/a0dx8
DFIBI64XMe/zBgyGoeuI7FQPO50=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:45:54 2025 by rpki-client