Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/Zi8H1V4DwLGzpwMuCoW1I2AYvoo.roa
File: Zi8H1V4DwLGzpwMuCoW1I2AYvoo.roa (raw, json)
Hash identifier: RUAWBYOmLbXxT3y+7jKLZ/kYscyqWHjEVJz4TGEVCe4=
Subject key identifier: 66:2F:07:D5:5E:03:C0:B1:B3:A7:03:2E:0A:85:B5:23:60:18:BE:8A
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199A93983EE676ECEC0B6E6A9030AF16590
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/Zi8H1V4DwLGzpwMuCoW1I2AYvoo.roa
Signing time: Fri 03 Oct 2025 08:39:02 +0000
ROA not before: Fri 03 Oct 2025 08:39:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42689
IP address blocks: 195.40.56.0/24 maxlen: 24
195.40.57.0/24 maxlen: 24
195.40.58.0/24 maxlen: 24
195.40.59.0/24 maxlen: 24
195.40.60.0/24 maxlen: 24
195.40.61.0/24 maxlen: 24
195.40.62.0/24 maxlen: 24
195.40.63.0/24 maxlen: 24
195.40.128.0/24 maxlen: 24
195.40.129.0/24 maxlen: 24
195.40.130.0/24 maxlen: 24
195.40.131.0/24 maxlen: 24
195.40.132.0/24 maxlen: 24
195.40.133.0/24 maxlen: 24
195.40.134.0/24 maxlen: 24
195.40.135.0/24 maxlen: 24
195.40.136.0/24 maxlen: 24
195.40.137.0/24 maxlen: 24
195.40.138.0/24 maxlen: 24
195.40.139.0/24 maxlen: 24
195.40.140.0/24 maxlen: 24
195.40.141.0/24 maxlen: 24
195.40.142.0/24 maxlen: 24
195.40.143.0/24 maxlen: 24
212.134.46.0/24 maxlen: 24
212.134.52.0/24 maxlen: 24
212.134.54.0/24 maxlen: 24
212.134.124.0/22 maxlen: 24
212.134.164.0/22 maxlen: 24
212.134.208.0/22 maxlen: 24
212.134.224.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a9:39:83:ee:67:6e:ce:c0:b6:e6:a9:03:0a:f1:65:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 3 08:39:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=662f07d55e03c0b1b3a7032e0a85b5236018be8a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:27:fa:63:62:f5:46:a5:3e:3c:36:06:fa:a0:
ab:04:63:6d:80:16:bc:07:95:60:8e:ea:c5:e9:fe:
d9:1c:1d:da:81:01:ec:87:59:97:ba:8b:46:14:87:
88:96:ec:61:72:ab:4b:c5:ab:7e:e7:90:ba:98:92:
b1:3a:27:16:f0:ed:95:8a:2f:b2:7d:d0:47:6c:86:
61:7c:09:ad:8e:62:d7:e8:90:77:1a:10:a2:eb:d7:
70:42:5d:b3:8a:56:65:f0:b9:00:38:c8:97:64:17:
9c:de:ad:a1:77:7a:fc:03:5e:3d:14:b5:84:21:73:
9b:63:15:03:77:d9:c4:58:f1:a9:b8:c7:f3:ce:eb:
43:c1:d7:25:bf:45:9e:8a:02:39:7b:9b:c7:29:74:
f4:41:7c:68:03:57:f4:48:d7:55:d9:42:47:49:6d:
8c:90:96:8f:fe:40:ca:9c:5f:4e:a2:55:ad:8f:e8:
22:3a:c3:ef:94:7a:f4:6a:0f:27:9d:1f:cf:ff:0b:
4f:85:e4:cc:da:7c:e3:ab:e0:4b:44:33:42:4c:ac:
bc:d2:28:b1:cd:38:eb:d1:fb:56:ab:a4:70:cd:f1:
30:92:4b:fa:ad:c9:15:df:1d:03:70:b7:ac:6a:bc:
48:28:40:4b:bf:59:b1:b4:fe:73:27:02:a7:c9:a9:
27:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:2F:07:D5:5E:03:C0:B1:B3:A7:03:2E:0A:85:B5:23:60:18:BE:8A
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/Zi8H1V4DwLGzpwMuCoW1I2AYvoo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.56.0/21
195.40.128.0/20
212.134.46.0/24
212.134.52.0/24
212.134.54.0/24
212.134.124.0/22
212.134.164.0/22
212.134.208.0/22
212.134.224.0/22
Signature Algorithm: sha256WithRSAEncryption
41:51:10:89:ab:b0:6f:be:93:5e:f7:d7:1a:09:7c:e4:88:29:
5c:ea:93:ad:f8:e9:31:66:41:fb:24:2d:7e:eb:38:2d:bf:8e:
3e:ba:d4:30:25:4e:a2:08:4a:5b:93:5e:be:29:a2:90:b8:65:
93:2b:fe:31:a3:b2:a4:d0:f8:6d:5a:91:03:ed:9d:6e:27:40:
7e:3a:25:91:72:4e:68:99:57:df:a0:3d:bb:7d:c7:a2:4d:c3:
df:8a:59:69:fc:d3:26:d0:e5:51:60:43:02:2c:e8:6a:1a:6b:
83:fe:53:0c:a5:e7:d7:b7:60:63:2d:4b:13:b6:16:0e:4f:f8:
80:ed:62:60:85:30:7b:00:f4:cf:01:b6:36:bd:41:6b:01:06:
b0:99:1c:c0:2d:22:7a:08:be:60:a0:bf:17:20:02:41:2b:66:
61:76:e7:02:94:e7:2d:75:7e:b0:99:3a:1f:27:8f:51:f5:3f:
07:1f:47:f8:b2:50:a8:0a:da:55:08:98:20:2f:ec:7a:e5:69:
fc:99:34:20:b2:07:3e:0c:56:76:6e:f7:cc:a0:4a:34:8a:84:
87:33:bf:5f:63:45:2d:c2:51:19:02:39:e4:8e:5b:c8:b9:19:
cb:7d:07:95:a2:0e:b4:00:db:6f:a8:61:e0:d7:74:10:2e:aa:
62:21:4a:b2
-----BEGIN CERTIFICATE-----
MIIFLTCCBBWgAwIBAgISAZmpOYPuZ27OwLbmqQMK8WWQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDAzMDgzOTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjJmMDdkNTVlMDNjMGIxYjNhNzAzMmUwYTg1YjUyMzYwMThiZThhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmif6Y2L1RqU+PDYG+qCrBGNtgBa8
B5VgjurF6f7ZHB3agQHsh1mXuotGFIeIluxhcqtLxat+55C6mJKxOicW8O2Vii+y
fdBHbIZhfAmtjmLX6JB3GhCi69dwQl2zilZl8LkAOMiXZBec3q2hd3r8A149FLWE
IXObYxUDd9nEWPGpuMfzzutDwdclv0WeigI5e5vHKXT0QXxoA1f0SNdV2UJHSW2M
kJaP/kDKnF9OolWtj+giOsPvlHr0ag8nnR/P/wtPheTM2nzjq+BLRDNCTKy80iix
zTjr0ftWq6RwzfEwkkv6rckV3x0DcLesarxIKEBLv1mxtP5zJwKnyaknTQIDAQAB
o4ICOTCCAjUwHQYDVR0OBBYEFGYvB9VeA8Cxs6cDLgqFtSNgGL6KMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvWmk4SDFWNER3TEd6cHdNdUNvVzFJMkFZdm9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME8GCCsGAQUFBwEHAQH/BEAwPjA8BAIAATA2AwQDwyg4AwQE
wyiAAwQA1IYuAwQA1IY0AwQA1IY2AwQC1IZ8AwQC1IakAwQC1IbQAwQC1IbgMA0G
CSqGSIb3DQEBCwUAA4IBAQBBURCJq7BvvpNe99caCXzkiClc6pOt+OkxZkH7JC1+
6zgtv44+utQwJU6iCEpbk16+KaKQuGWTK/4xo7Kk0PhtWpED7Z1uJ0B+OiWRck5o
mVffoD27fceiTcPfillp/NMm0OVRYEMCLOhqGmuD/lMMpefXt2BjLUsTthYOT/iA
7WJghTB7APTPAbY2vUFrAQawmRzALSJ6CL5goL8XIAJBK2ZhducClOctdX6wmTof
J49R9T8HH0f4slCoCtpVCJggL+x65Wn8mTQgsgc+DFZ2bvfMoEo0ioSHM79fY0Ut
wlEZAjnkjlvIuRnLfQeVog60ANtvqGHg13QQLqpiIUqy
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:25 2025 by rpki-client