Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/ZJprrbhKMAT5LtByVt0jo1FSWOs.roa
File: ZJprrbhKMAT5LtByVt0jo1FSWOs.roa (raw, json)
Hash identifier: nZtkV2GPrU6rUiWBvWUJ+IXzV+B3ZnqxZo9hlzMGkqE=
Subject key identifier: 64:9A:6B:AD:B8:4A:30:04:F9:2E:D0:72:56:DD:23:A3:51:52:58:EB
Certificate issuer: /CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Certificate serial: 0199A0031E121A16C8ADB5D7CD4041F63AE7
Authority key identifier: E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/ZJprrbhKMAT5LtByVt0jo1FSWOs.roa
Signing time: Wed 01 Oct 2025 13:43:02 +0000
ROA not before: Wed 01 Oct 2025 13:43:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50319
IP address blocks: 5.180.140.0/22 maxlen: 22
185.84.196.0/22 maxlen: 22
185.144.196.0/22 maxlen: 22
185.156.208.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/5jGwgNTqb9Bham5wHHyBXW_4fAA.crl
rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/5jGwgNTqb9Bham5wHHyBXW_4fAA.mft
rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:a0:03:1e:12:1a:16:c8:ad:b5:d7:cd:40:41:f6:3a:e7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e631b080d4ea6fd0616a6e701c7c815d6ff87c00
Validity
Not Before: Oct 1 13:43:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=649a6badb84a3004f92ed07256dd23a3515258eb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:74:b7:6d:99:92:44:ac:7a:5a:28:d5:5d:2f:
cc:dc:73:06:72:35:fa:53:2c:01:b3:d6:36:6f:7a:
2a:98:d8:53:e5:0e:f5:a8:f0:26:45:a5:b1:e1:e1:
a0:10:4d:16:7c:91:1c:63:c7:55:30:27:c5:8c:c2:
b7:4b:ca:59:16:dc:79:3b:59:69:b3:3a:c9:f0:52:
5e:3e:58:36:4d:2a:18:7c:e6:89:f8:69:99:33:45:
64:d5:b4:a3:5f:a7:7c:77:d8:e0:45:b0:ee:27:33:
1d:ea:38:38:2f:e1:d2:05:6b:a9:39:6b:a4:c4:17:
f7:4a:b0:19:1f:1e:37:cf:6c:0e:4a:54:f3:09:bf:
53:9e:34:92:9f:3a:c3:df:aa:97:bd:f9:a1:d8:f9:
8d:d0:fb:c5:b0:4f:06:49:3a:04:bb:a4:ee:4f:24:
9c:e9:b9:bc:cc:75:4b:b0:3b:af:d7:77:4a:40:a1:
1a:d4:2e:70:cf:a7:15:3b:96:7d:3f:4a:17:ed:56:
58:e6:2c:a2:fe:66:00:9d:7c:ad:fb:c2:d7:5a:df:
cc:81:6d:69:1d:40:18:ae:34:95:2d:ca:27:67:b9:
79:4c:0f:d4:ca:a1:81:1d:0f:0e:18:d7:15:32:63:
07:d3:3f:9b:76:29:bc:3f:43:8a:8f:e7:1a:15:c1:
e6:a9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:9A:6B:AD:B8:4A:30:04:F9:2E:D0:72:56:DD:23:A3:51:52:58:EB
X509v3 Authority Key Identifier:
keyid:E6:31:B0:80:D4:EA:6F:D0:61:6A:6E:70:1C:7C:81:5D:6F:F8:7C:00
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/5jGwgNTqb9Bham5wHHyBXW_4fAA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/ZJprrbhKMAT5LtByVt0jo1FSWOs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/a4/dcdae6-d695-4266-ba9b-93b3a3696d96/1/5jGwgNTqb9Bham5wHHyBXW_4fAA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.180.140.0/22
185.84.196.0/22
185.144.196.0/22
185.156.208.0/22
Signature Algorithm: sha256WithRSAEncryption
a1:37:9a:8b:de:f4:fb:4a:a7:df:28:3d:45:c7:53:72:f3:0e:
cb:3b:9f:13:f4:11:0d:1a:60:3b:e8:dc:19:17:fe:2c:3a:9a:
ce:77:19:bf:78:60:a6:ba:2b:16:1c:bf:89:9a:a2:72:c8:b5:
78:ee:e4:e1:b9:2d:f6:d4:2e:e1:83:c4:76:a0:cf:a2:5f:ea:
88:60:71:3a:3a:70:c7:c2:85:a6:e3:5e:0d:77:3a:dc:4b:ee:
36:5a:92:f9:af:1a:f8:a5:d3:6a:8e:c9:b6:70:a0:01:0a:d1:
f6:7f:e2:c1:c1:b0:c3:0a:41:2a:a3:17:f0:c4:22:30:5b:3c:
b3:df:f9:2e:0b:c1:96:1a:1b:e9:25:99:76:54:67:9c:22:6d:
7b:12:8d:0d:05:82:e2:3f:b9:ea:1d:85:5a:eb:5e:ed:b6:de:
f3:b9:0a:92:e6:e1:b7:76:a6:5b:30:ba:00:55:eb:03:b7:23:
62:77:c6:12:90:8c:08:3f:f5:02:e5:94:2d:63:db:f9:29:4f:
a9:28:ee:a2:10:18:b2:46:d2:a8:d1:eb:72:03:60:46:59:db:
bf:0c:74:ba:da:f4:a2:43:80:4c:f3:ef:36:ac:0d:36:e9:5c:
73:68:fd:c1:6f:4a:44:e1:88:3c:9d:de:52:d2:ca:ca:00:d0:
36:94:b6:e1
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZmgAx4SGhbIrbXXzUBB9jrnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU2MzFiMDgwZDRlYTZmZDA2MTZhNmU3MDFjN2M4MTVkNmZm
ODdjMDAwHhcNMjUxMDAxMTM0MzAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDlhNmJhZGI4NGEzMDA0ZjkyZWQwNzI1NmRkMjNhMzUxNTI1OGViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2nS3bZmSRKx6WijVXS/M3HMGcjX6
UywBs9Y2b3oqmNhT5Q71qPAmRaWx4eGgEE0WfJEcY8dVMCfFjMK3S8pZFtx5O1lp
szrJ8FJePlg2TSoYfOaJ+GmZM0Vk1bSjX6d8d9jgRbDuJzMd6jg4L+HSBWupOWuk
xBf3SrAZHx43z2wOSlTzCb9TnjSSnzrD36qXvfmh2PmN0PvFsE8GSToEu6TuTySc
6bm8zHVLsDuv13dKQKEa1C5wz6cVO5Z9P0oX7VZY5iyi/mYAnXyt+8LXWt/MgW1p
HUAYrjSVLconZ7l5TA/UyqGBHQ8OGNcVMmMH0z+bdim8P0OKj+caFcHmqQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGSaa624SjAE+S7QclbdI6NRUljrMB8GA1UdIwQY
MBaAFOYxsIDU6m/QYWpucBx8gV1v+HwAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWIt
OTNiM2EzNjk2ZDk2LzEvWkpwcnJiaEtNQVQ1THRCeVZ0MGpvMUZTV09zLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hNC9kY2RhZTYtZDY5NS00MjY2LWJhOWItOTNiM2EzNjk2ZDk2
LzEvNWpHd2dOVHFiOUJoYW01d0hIeUJYV180ZkFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQCBbSMAwQC
uVTEAwQCuZDEAwQCuZzQMA0GCSqGSIb3DQEBCwUAA4IBAQChN5qL3vT7SqffKD1F
x1Ny8w7LO58T9BENGmA76NwZF/4sOprOdxm/eGCmuisWHL+JmqJyyLV47uThuS32
1C7hg8R2oM+iX+qIYHE6OnDHwoWm414NdzrcS+42WpL5rxr4pdNqjsm2cKABCtH2
f+LBwbDDCkEqoxfwxCIwWzyz3/kuC8GWGhvpJZl2VGecIm17Eo0NBYLiP7nqHYVa
617ttt7zuQqS5uG3dqZbMLoAVesDtyNid8YSkIwIP/UC5ZQtY9v5KU+pKO6iEBiy
RtKo0etyA2BGWdu/DHS62vSiQ4BM8+82rA026VxzaP3Bb0pE4Yg8nd5S0srKANA2
lLbh
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:35:34 2025 by rpki-client