Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/z4O62mSdPKZ1k9q692ubnjE6vOo.roa
File: z4O62mSdPKZ1k9q692ubnjE6vOo.roa (raw, json)
Hash identifier: c3RiSBEOzTB9FABzAdHhtFOE9zFx7ajtwqIReSWuF8Q=
Subject key identifier: CF:83:BA:DA:64:9D:3C:A6:75:93:DA:BA:F7:6B:9B:9E:31:3A:BC:EA
Certificate issuer: /CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Certificate serial: 01979C78924015F94656A1C4E8BFB69767F2
Authority key identifier: 0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/z4O62mSdPKZ1k9q692ubnjE6vOo.roa
Signing time: Mon 23 Jun 2025 11:07:16 +0000
ROA not before: Mon 23 Jun 2025 11:07:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9009
IP address blocks: 5.61.60.0/23 maxlen: 23
5.61.62.0/23 maxlen: 23
45.136.196.0/24 maxlen: 24
45.136.197.0/24 maxlen: 24
45.136.198.0/24 maxlen: 24
45.136.199.0/24 maxlen: 24
176.97.64.0/23 maxlen: 23
176.97.66.0/23 maxlen: 23
176.97.68.0/23 maxlen: 23
176.97.70.0/23 maxlen: 23
176.97.72.0/24 maxlen: 24
176.97.73.0/24 maxlen: 24
176.97.75.0/24 maxlen: 24
176.97.76.0/24 maxlen: 24
176.97.77.0/24 maxlen: 24
176.97.78.0/24 maxlen: 24
185.87.148.0/23 maxlen: 23
185.87.150.0/23 maxlen: 23
185.132.125.0/24 maxlen: 24
188.116.22.0/24 maxlen: 24
195.54.170.0/24 maxlen: 24
195.54.171.0/24 maxlen: 24
2a02:c6c1:4::/48 maxlen: 48
2a02:c6c1:5::/48 maxlen: 48
2a02:c6c1:6::/48 maxlen: 48
2a02:c6c1:7::/48 maxlen: 48
2a02:c6c1:8::/48 maxlen: 48
2a02:c6c1:9::/48 maxlen: 48
2a02:c6c1:a::/48 maxlen: 48
2a02:c6c1:b::/48 maxlen: 48
2a02:c6c1:143::/48 maxlen: 48
2a0c:6742::/48 maxlen: 48
2a0e:a7c1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 10:53:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:9c:78:92:40:15:f9:46:56:a1:c4:e8:bf:b6:97:67:f2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ef5cb2f590d041654f4dfdb60a28f9a1544f444
Validity
Not Before: Jun 23 11:07:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf83bada649d3ca67593dabaf76b9b9e313abcea
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:93:a8:25:6a:f1:f1:cb:be:a0:59:ae:fd:37:
dc:18:48:6e:29:b3:77:84:1f:ac:53:2c:a4:93:92:
f6:32:a9:e9:b2:e1:91:ad:71:6d:ba:0d:d4:b6:52:
ec:a1:3c:44:f4:42:07:9b:82:31:de:60:27:2e:09:
fe:a8:13:1c:5d:08:a5:c6:47:7a:81:25:12:b0:a0:
80:72:7c:59:9f:19:6e:46:d7:ee:03:89:53:85:56:
87:77:aa:b1:86:73:a4:2c:0c:ee:51:39:70:39:03:
ac:32:e6:38:f1:10:83:aa:9f:a7:df:76:14:84:61:
50:23:9e:a4:c3:b7:bb:a7:98:5e:32:86:4e:00:80:
18:58:48:e9:ed:8f:61:ef:25:1a:4a:f4:fe:97:13:
40:f7:ad:85:64:63:bc:28:fc:69:57:ee:2b:ac:34:
fc:f0:7d:eb:75:e6:7c:af:57:d7:cc:1b:35:9f:1e:
5a:19:5d:75:38:7c:ac:1b:ff:34:a6:f3:6b:65:b3:
92:76:6e:ec:4a:7f:fa:50:8e:43:29:b1:02:54:b4:
65:fb:63:58:97:42:1f:4e:2a:f3:e8:a6:3f:2c:0e:
99:a3:1e:54:a5:14:de:eb:87:33:c9:5a:1f:75:f1:
cb:b5:61:9e:56:28:36:0c:4f:e1:2c:f1:dc:05:20:
cd:2f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:83:BA:DA:64:9D:3C:A6:75:93:DA:BA:F7:6B:9B:9E:31:3A:BC:EA
X509v3 Authority Key Identifier:
keyid:0E:F5:CB:2F:59:0D:04:16:54:F4:DF:DB:60:A2:8F:9A:15:44:F4:44
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/z4O62mSdPKZ1k9q692ubnjE6vOo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/226f04-f7db-491a-bafb-ee435d3cd585/1/DvXLL1kNBBZU9N_bYKKPmhVE9EQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.61.60.0/22
45.136.196.0/22
176.97.64.0-176.97.73.255
176.97.75.0-176.97.78.255
185.87.148.0/22
185.132.125.0/24
188.116.22.0/24
195.54.170.0/23
IPv6:
2a02:c6c1:4::-2a02:c6c1:b:ffff:ffff:ffff:ffff:ffff
2a02:c6c1:143::/48
2a0c:6742::/48
2a0e:a7c1::/48
Signature Algorithm: sha256WithRSAEncryption
c6:6e:b0:80:5d:57:03:9d:4c:95:f5:b0:78:9d:8b:b9:1e:89:
9e:df:b0:ac:40:67:b1:ce:9c:87:61:cf:35:8d:09:bb:37:f4:
e4:71:43:e9:8b:b7:df:4b:12:8f:78:0b:98:78:bb:53:4e:5a:
b5:bb:36:0a:8b:cb:fd:f9:1e:da:39:af:75:42:4b:e5:09:0d:
a3:81:69:28:66:51:90:5a:88:fd:ca:c2:26:09:74:f1:9d:c8:
c4:8f:3f:b2:de:17:fb:96:1f:f2:92:98:96:6c:92:c0:0e:e3:
e1:2e:3a:44:86:51:f5:f6:f9:e8:6d:c9:a0:66:74:dd:4e:df:
b1:ce:f4:b6:c9:dc:51:ce:97:b6:25:94:2c:1f:0e:2f:5b:13:
99:6a:00:09:48:8a:36:e3:bc:cd:86:c1:21:05:c1:2f:54:85:
5c:7b:4a:b4:63:54:0b:40:64:7c:d3:3e:a0:be:9e:90:f7:50:
8f:17:32:c4:4c:5b:26:e5:c1:2a:3d:45:8f:0d:8b:3a:77:59:
49:97:29:8c:b6:ac:7d:62:bc:bf:71:80:01:b0:aa:a8:58:14:
06:94:f5:b2:bb:38:9a:43:b2:75:70:7f:3f:2b:31:d8:b4:6d:
a0:35:a6:fa:19:aa:02:0d:ab:ac:ac:3d:f2:d1:40:31:83:b3:
42:c4:e3:4b
-----BEGIN CERTIFICATE-----
MIIFcDCCBFigAwIBAgISAZeceJJAFflGVqHE6L+2l2fyMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlZjVjYjJmNTkwZDA0MTY1NGY0ZGZkYjYwYTI4ZjlhMTU0
NGY0NDQwHhcNMjUwNjIzMTEwNzE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjgzYmFkYTY0OWQzY2E2NzU5M2RhYmFmNzZiOWI5ZTMxM2FiY2VhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJOoJWrx8cu+oFmu/TfcGEhuKbN3
hB+sUyykk5L2MqnpsuGRrXFtug3UtlLsoTxE9EIHm4Ix3mAnLgn+qBMcXQilxkd6
gSUSsKCAcnxZnxluRtfuA4lThVaHd6qxhnOkLAzuUTlwOQOsMuY48RCDqp+n33YU
hGFQI56kw7e7p5heMoZOAIAYWEjp7Y9h7yUaSvT+lxNA962FZGO8KPxpV+4rrDT8
8H3rdeZ8r1fXzBs1nx5aGV11OHysG/80pvNrZbOSdm7sSn/6UI5DKbECVLRl+2NY
l0IfTirz6KY/LA6Zox5UpRTe64czyVofdfHLtWGeVig2DE/hLPHcBSDNLwIDAQAB
o4ICfDCCAngwHQYDVR0OBBYEFM+DutpknTymdZPauvdrm54xOrzqMB8GA1UdIwQY
MBaAFA71yy9ZDQQWVPTf22Cij5oVRPREMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmIt
ZWU0MzVkM2NkNTg1LzEvejRPNjJtU2RQS1oxazlxNjkydWJuakU2dk9vLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny8yMjZmMDQtZjdkYi00OTFhLWJhZmItZWU0MzVkM2NkNTg1
LzEvRHZYTEwxa05CQlpVOU5fYllLS1BtaFZFOUVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIGRBggrBgEFBQcBBwEB/wSBgTB/MEYEAgABMEADBAIFPTwD
BAItiMQwDAMEBrBhQAMEAbBhSDAMAwQAsGFLAwQAsGFOAwQCuVeUAwQAuYR9AwQA
vHQWAwQBwzaqMDUEAgACMC8wEgMHAioCxsEABAMHAioCxsEACAMHACoCxsEBQwMH
ACoMZ0IAAAMHACoOp8EAADANBgkqhkiG9w0BAQsFAAOCAQEAxm6wgF1XA51MlfWw
eJ2LuR6Jnt+wrEBnsc6ch2HPNY0Juzf05HFD6Yu330sSj3gLmHi7U05atbs2CovL
/fke2jmvdUJL5QkNo4FpKGZRkFqI/crCJgl08Z3IxI8/st4X+5Yf8pKYlmySwA7j
4S46RIZR9fb56G3JoGZ03U7fsc70tsncUc6XtiWULB8OL1sTmWoACUiKNuO8zYbB
IQXBL1SFXHtKtGNUC0BkfNM+oL6ekPdQjxcyxExbJuXBKj1Fjw2LOndZSZcpjLas
fWK8v3GAAbCqqFgUBpT1srs4mkOydXB/Pysx2LRtoDWm+hmqAg2rrKw98tFAMYOz
QsTjSw==
-----END CERTIFICATE-----
Generated at Wed Jul 2 12:35:37 2025 by rpki-client