Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/92/7beb9e-0141-4825-9a18-cbe475d32c63/1/ziCwa1ZpRucLQqC8RsqB-EGT_f8.roa
File: ziCwa1ZpRucLQqC8RsqB-EGT_f8.roa (raw, json)
Hash identifier: LDs5gDGAS/QA8OuoaiSZeVmSdeDBB4mdwdOvMRTKuLw=
Subject key identifier: CE:20:B0:6B:56:69:46:E7:0B:42:A0:BC:46:CA:81:F8:41:93:FD:FF
Certificate issuer: /CN=8f8f7747b7aa06a7542516620ede399d01e5c7e4
Certificate serial: 0199C2DD77FC3DB12D55F5EBD6161BFA0145
Authority key identifier: 8F:8F:77:47:B7:AA:06:A7:54:25:16:62:0E:DE:39:9D:01:E5:C7:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/j493R7eqBqdUJRZiDt45nQHlx-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/92/7beb9e-0141-4825-9a18-cbe475d32c63/1/ziCwa1ZpRucLQqC8RsqB-EGT_f8.roa
Signing time: Wed 08 Oct 2025 08:08:37 +0000
ROA not before: Wed 08 Oct 2025 08:08:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 197013
IP address blocks: 85.93.160.0/19 maxlen: 19
178.22.112.0/21 maxlen: 24
185.57.228.0/23 maxlen: 23
185.63.24.0/22 maxlen: 22
185.184.252.0/23 maxlen: 24
2a02:5480::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/92/7beb9e-0141-4825-9a18-cbe475d32c63/1/j493R7eqBqdUJRZiDt45nQHlx-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/92/7beb9e-0141-4825-9a18-cbe475d32c63/1/j493R7eqBqdUJRZiDt45nQHlx-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/j493R7eqBqdUJRZiDt45nQHlx-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c2:dd:77:fc:3d:b1:2d:55:f5:eb:d6:16:1b:fa:01:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8f8f7747b7aa06a7542516620ede399d01e5c7e4
Validity
Not Before: Oct 8 08:08:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce20b06b566946e70b42a0bc46ca81f84193fdff
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:a8:34:b2:39:ea:c0:15:15:25:5d:3e:e5:6f:
ba:70:a1:b9:ad:48:57:18:b7:70:95:6b:f7:19:19:
90:f6:08:60:6a:60:46:26:17:c8:1d:a2:6a:e5:23:
80:9b:c5:ea:5d:ec:83:94:63:aa:14:c6:9f:ab:d4:
83:c4:05:84:c8:85:9a:b1:d1:de:99:b0:00:84:00:
ec:ee:66:49:f6:43:30:4f:ab:22:8d:ce:30:f7:88:
fc:68:0e:06:ee:7f:69:d2:0e:b4:0b:59:f0:ec:bc:
fe:31:6f:81:01:3f:9a:12:7f:fb:8e:94:83:4a:04:
76:df:31:29:3d:c4:39:be:5e:e3:be:5a:0b:62:bc:
12:58:56:6b:10:83:83:5e:12:be:01:ae:c2:f2:95:
de:92:1d:dd:96:f7:b2:8a:64:43:67:a5:f8:74:20:
3f:65:c5:1a:e1:f4:f0:e0:5f:38:6a:95:f2:5a:72:
dd:f3:40:f1:07:63:6a:71:8e:c0:17:57:fa:27:17:
22:c7:cc:92:4d:c3:7c:51:d5:d0:ed:e3:95:9a:43:
61:c4:14:83:fd:e2:f8:fd:bf:dc:2e:b3:00:38:bc:
7d:f3:80:7b:c9:c0:2d:32:5d:5e:7f:97:67:40:df:
be:4e:0c:8a:5a:1d:3c:6e:62:9f:56:5f:52:42:d1:
75:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:20:B0:6B:56:69:46:E7:0B:42:A0:BC:46:CA:81:F8:41:93:FD:FF
X509v3 Authority Key Identifier:
keyid:8F:8F:77:47:B7:AA:06:A7:54:25:16:62:0E:DE:39:9D:01:E5:C7:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/j493R7eqBqdUJRZiDt45nQHlx-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7beb9e-0141-4825-9a18-cbe475d32c63/1/ziCwa1ZpRucLQqC8RsqB-EGT_f8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/92/7beb9e-0141-4825-9a18-cbe475d32c63/1/j493R7eqBqdUJRZiDt45nQHlx-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
85.93.160.0/19
178.22.112.0/21
185.57.228.0/23
185.63.24.0/22
185.184.252.0/23
IPv6:
2a02:5480::/32
Signature Algorithm: sha256WithRSAEncryption
8a:da:8a:64:56:88:f9:5d:f8:80:93:d7:a8:ec:97:58:63:48:
81:05:f7:ca:2c:ed:ef:51:a4:d6:fe:5e:9d:b3:66:ef:c1:db:
ff:7b:b9:9d:8c:d7:4c:14:a0:81:08:0c:8d:9a:cb:eb:65:79:
25:7b:02:f7:22:a1:b2:8c:d7:e2:25:f9:20:5d:5a:f3:02:e7:
16:81:e4:3c:9f:42:1e:e0:c6:df:b6:03:61:c9:ff:06:93:a3:
fc:09:0e:c4:c8:ee:70:8a:c4:a7:a5:ed:6e:4d:b4:7a:5f:c6:
03:49:a8:3b:3f:aa:5d:7b:2c:12:37:ce:92:2c:34:e5:a4:cc:
65:14:ad:7e:a6:6d:03:72:19:06:6f:4f:fa:10:19:d5:67:e4:
34:93:ac:9a:16:49:01:7b:97:97:a8:85:d7:32:bb:8c:1a:cc:
97:dc:b3:56:86:aa:c3:1c:1a:3c:c6:08:14:fa:41:15:fe:ab:
72:9d:8e:82:82:24:08:7e:3c:43:a3:a7:d3:92:4c:26:0c:13:
09:1b:eb:16:b9:6a:9d:e8:cc:bb:84:6c:dc:7d:fd:a4:53:72:
12:9e:2e:83:40:4e:13:56:04:bd:6b:5f:80:17:e1:7e:af:64:
2d:4a:cf:68:dc:d7:30:db:34:6f:0a:0d:b6:f9:07:26:cb:a0:
9e:6c:5e:57
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZnC3Xf8PbEtVfXr1hYb+gFFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDhmOGY3NzQ3YjdhYTA2YTc1NDI1MTY2MjBlZGUzOTlkMDFl
NWM3ZTQwHhcNMjUxMDA4MDgwODM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTIwYjA2YjU2Njk0NmU3MGI0MmEwYmM0NmNhODFmODQxOTNmZGZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsqg0sjnqwBUVJV0+5W+6cKG5rUhX
GLdwlWv3GRmQ9ghgamBGJhfIHaJq5SOAm8XqXeyDlGOqFMafq9SDxAWEyIWasdHe
mbAAhADs7mZJ9kMwT6sijc4w94j8aA4G7n9p0g60C1nw7Lz+MW+BAT+aEn/7jpSD
SgR23zEpPcQ5vl7jvloLYrwSWFZrEIODXhK+Aa7C8pXekh3dlveyimRDZ6X4dCA/
ZcUa4fTw4F84apXyWnLd80DxB2NqcY7AF1f6Jxcix8ySTcN8UdXQ7eOVmkNhxBSD
/eL4/b/cLrMAOLx984B7ycAtMl1ef5dnQN++TgyKWh08bmKfVl9SQtF1jwIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFM4gsGtWaUbnC0KgvEbKgfhBk/3/MB8GA1UdIwQY
MBaAFI+Pd0e3qganVCUWYg7eOZ0B5cfkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvajQ5M1I3ZXFCcWRVSlJaaUR0NDVuUUhseC1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Mi83YmViOWUtMDE0MS00ODI1LTlhMTgt
Y2JlNDc1ZDMyYzYzLzEvemlDd2ExWnBSdWNMUXFDOFJzcUItRUdUX2Y4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Mi83YmViOWUtMDE0MS00ODI1LTlhMTgtY2JlNDc1ZDMyYzYz
LzEvajQ5M1I3ZXFCcWRVSlJaaUR0NDVuUUhseC1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQFVV2gAwQD
shZwAwQBuTnkAwQCuT8YAwQBubj8MA0EAgACMAcDBQAqAlSAMA0GCSqGSIb3DQEB
CwUAA4IBAQCK2opkVoj5XfiAk9eo7JdYY0iBBffKLO3vUaTW/l6ds2bvwdv/e7md
jNdMFKCBCAyNmsvrZXklewL3IqGyjNfiJfkgXVrzAucWgeQ8n0Ie4MbftgNhyf8G
k6P8CQ7EyO5wisSnpe1uTbR6X8YDSag7P6pdeywSN86SLDTlpMxlFK1+pm0DchkG
b0/6EBnVZ+Q0k6yaFkkBe5eXqIXXMruMGsyX3LNWhqrDHBo8xggU+kEV/qtynY6C
giQIfjxDo6fTkkwmDBMJG+sWuWqd6My7hGzcff2kU3ISni6DQE4TVgS9a1+AF+F+
r2QtSs9o3Ncw2zRvCg22+Qcmy6CebF5X
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:36:05 2025 by rpki-client