Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zLZPib2q4N-wxUBLghJm8S0LpmI.roa
File: zLZPib2q4N-wxUBLghJm8S0LpmI.roa (raw, json)
Hash identifier: zwKUjOOpiqrym9HQMr4/mJ1TtSF5ArH6j4HJ3LWd0ZI=
Subject key identifier: CC:B6:4F:89:BD:AA:E0:DF:B0:C5:40:4B:82:12:66:F1:2D:0B:A6:62
Certificate issuer: /CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Certificate serial: 01997CBD97D9BF35B0ACB0973C9C9AF9AB5F
Authority key identifier: 72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zLZPib2q4N-wxUBLghJm8S0LpmI.roa
Signing time: Wed 24 Sep 2025 17:20:23 +0000
ROA not before: Wed 24 Sep 2025 17:20:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7015
IP address blocks: 5.182.187.0/24 maxlen: 24
5.182.192.0/24 maxlen: 24
5.182.198.0/24 maxlen: 24
31.132.52.0/24 maxlen: 24
31.132.53.0/24 maxlen: 24
36.255.213.0/24 maxlen: 24
36.255.214.0/24 maxlen: 24
45.248.52.0/24 maxlen: 24
63.246.130.0/24 maxlen: 24
63.246.131.0/24 maxlen: 24
63.246.132.0/24 maxlen: 24
63.246.133.0/24 maxlen: 24
63.246.137.0/24 maxlen: 24
63.246.151.0/24 maxlen: 24
63.246.158.0/24 maxlen: 24
78.31.204.0/24 maxlen: 24
92.249.31.0/24 maxlen: 24
94.154.170.0/24 maxlen: 24
94.154.182.0/24 maxlen: 24
103.130.178.0/24 maxlen: 24
103.210.12.0/24 maxlen: 24
147.78.205.0/24 maxlen: 24
147.78.206.0/24 maxlen: 24
162.218.90.0/24 maxlen: 24
185.52.137.0/24 maxlen: 24
185.187.212.0/24 maxlen: 24
185.201.40.0/24 maxlen: 24
185.205.205.0/24 maxlen: 24
212.60.15.0/24 maxlen: 24
217.197.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.mft
rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 10:02:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:7c:bd:97:d9:bf:35:b0:ac:b0:97:3c:9c:9a:f9:ab:5f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72b78f6682fc39c55b41d48f80b8838d5d2dbf07
Validity
Not Before: Sep 24 17:20:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccb64f89bdaae0dfb0c5404b821266f12d0ba662
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:fd:7b:a6:fd:f9:3d:39:a7:61:fb:15:c1:aa:
4a:74:63:e2:6c:92:7d:00:54:9d:1c:ef:0b:3a:c4:
ad:1b:26:a3:30:96:96:67:e2:12:57:da:94:27:d6:
61:17:dc:12:f8:14:50:58:03:55:73:75:fd:84:bb:
d7:4d:57:bb:b1:89:d6:30:2e:af:33:f3:da:a4:44:
df:b7:fa:69:24:0b:83:0e:9c:24:3b:73:91:0c:01:
fb:95:ec:54:8d:fb:b8:4e:8a:41:db:f8:f0:23:4f:
fd:62:c5:37:80:bd:8b:a0:8f:54:3b:ac:a2:b3:ea:
d3:c2:0d:a2:d0:7d:90:c3:39:53:31:34:09:9c:10:
e9:28:ab:fb:90:e7:e2:b4:34:96:ac:3b:8f:fa:08:
ca:b6:67:9c:0d:c0:d8:b9:8f:45:ae:c9:8d:71:10:
cd:ff:27:2a:f6:ae:58:8f:3b:ab:cf:9b:66:4f:86:
71:c0:34:f4:d2:ed:2d:3a:36:a3:8d:58:86:31:0a:
2f:59:36:08:a7:98:ed:1b:bd:59:94:f6:2d:43:0f:
26:02:4a:43:e6:e6:9d:31:e8:7b:36:0b:40:49:29:
ef:87:cf:77:4e:2c:1a:aa:d9:ba:b7:17:6d:df:89:
7c:aa:2f:bd:65:d1:d0:80:86:94:01:37:bc:a3:aa:
51:b1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:B6:4F:89:BD:AA:E0:DF:B0:C5:40:4B:82:12:66:F1:2D:0B:A6:62
X509v3 Authority Key Identifier:
keyid:72:B7:8F:66:82:FC:39:C5:5B:41:D4:8F:80:B8:83:8D:5D:2D:BF:07
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/crePZoL8OcVbQdSPgLiDjV0tvwc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/zLZPib2q4N-wxUBLghJm8S0LpmI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ca/3c4b8a-bfc7-41e9-99e1-f3e506aeaa01/1/crePZoL8OcVbQdSPgLiDjV0tvwc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.182.187.0/24
5.182.192.0/24
5.182.198.0/24
31.132.52.0/23
36.255.213.0-36.255.214.255
45.248.52.0/24
63.246.130.0-63.246.133.255
63.246.137.0/24
63.246.151.0/24
63.246.158.0/24
78.31.204.0/24
92.249.31.0/24
94.154.170.0/24
94.154.182.0/24
103.130.178.0/24
103.210.12.0/24
147.78.205.0-147.78.206.255
162.218.90.0/24
185.52.137.0/24
185.187.212.0/24
185.201.40.0/24
185.205.205.0/24
212.60.15.0/24
217.197.169.0/24
Signature Algorithm: sha256WithRSAEncryption
61:40:55:94:ad:b2:98:00:aa:f5:7c:0a:42:d4:94:4d:35:63:
42:84:55:fe:6d:41:80:e5:53:2f:b2:23:49:62:9a:15:65:7e:
bc:47:e3:27:d9:0f:8d:8f:09:d6:e5:51:2c:70:30:c3:ad:30:
25:e7:5d:83:7b:15:74:64:e4:10:b3:3f:9b:a0:89:42:ff:c4:
c7:7e:2c:35:28:36:d5:27:89:3b:df:44:6a:4d:50:0e:94:c2:
b1:f4:c4:e6:44:bf:38:05:91:5b:22:6c:94:81:4b:5b:b1:36:
e1:5e:a6:e0:ab:a9:c8:d8:c5:bc:c1:31:ab:7e:be:52:c0:ce:
fe:55:e4:c1:10:b7:75:fc:13:30:8e:ff:63:2f:90:a4:7c:c5:
c4:72:30:7b:0f:03:46:c7:8c:b3:a0:9a:9b:3c:63:4f:d5:ec:
81:c4:d3:40:b0:c3:7d:bc:c5:65:ac:7a:fe:49:88:11:f1:77:
4c:74:c2:23:d5:78:45:a6:26:ff:bb:9a:f4:08:57:b7:ad:d8:
de:aa:1f:57:b0:1d:b0:c9:ff:cc:6a:8b:95:d0:9a:d7:34:af:
a1:1d:06:08:e7:0c:61:a0:8d:bd:f0:fd:8b:eb:a0:93:c1:6d:
ac:eb:20:7b:83:32:68:37:3e:dd:15:b4:46:76:87:62:6d:29:
e9:c8:76:cb
-----BEGIN CERTIFICATE-----
MIIFpDCCBIygAwIBAgISAZl8vZfZvzWwrLCXPJya+atfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyYjc4ZjY2ODJmYzM5YzU1YjQxZDQ4ZjgwYjg4MzhkNWQy
ZGJmMDcwHhcNMjUwOTI0MTcyMDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2I2NGY4OWJkYWFlMGRmYjBjNTQwNGI4MjEyNjZmMTJkMGJhNjYyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsP17pv35PTmnYfsVwapKdGPibJJ9
AFSdHO8LOsStGyajMJaWZ+ISV9qUJ9ZhF9wS+BRQWANVc3X9hLvXTVe7sYnWMC6v
M/PapETft/ppJAuDDpwkO3ORDAH7lexUjfu4TopB2/jwI0/9YsU3gL2LoI9UO6yi
s+rTwg2i0H2QwzlTMTQJnBDpKKv7kOfitDSWrDuP+gjKtmecDcDYuY9FrsmNcRDN
/ycq9q5Yjzurz5tmT4ZxwDT00u0tOjajjViGMQovWTYIp5jtG71ZlPYtQw8mAkpD
5uadMeh7NgtASSnvh893Tiwaqtm6txdt34l8qi+9ZdHQgIaUATe8o6pRsQIDAQAB
o4ICsDCCAqwwHQYDVR0OBBYEFMy2T4m9quDfsMVAS4ISZvEtC6ZiMB8GA1UdIwQY
MBaAFHK3j2aC/DnFW0HUj4C4g41dLb8HMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEt
ZjNlNTA2YWVhYTAxLzEvekxaUGliMnE0Ti13eFVCTGdoSm04UzBMcG1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jYS8zYzRiOGEtYmZjNy00MWU5LTk5ZTEtZjNlNTA2YWVhYTAx
LzEvY3JlUFpvTDhPY1ZiUWRTUGdMaURqVjB0dndjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHFBggrBgEFBQcBBwEB/wSBtTCBsjCBrwQCAAEwgagDBAAF
trsDBAAFtsADBAAFtsYDBAEfhDQwDAMEACT/1QMEACT/1gMEAC34NDAMAwQBP/aC
AwQBP/aEAwQAP/aJAwQAP/aXAwQAP/aeAwQATh/MAwQAXPkfAwQAXpqqAwQAXpq2
AwQAZ4KyAwQAZ9IMMAwDBACTTs0DBACTTs4DBACi2loDBAC5NIkDBAC5u9QDBAC5
ySgDBAC5zc0DBADUPA8DBADZxakwDQYJKoZIhvcNAQELBQADggEBAGFAVZStspgA
qvV8CkLUlE01Y0KEVf5tQYDlUy+yI0limhVlfrxH4yfZD42PCdblUSxwMMOtMCXn
XYN7FXRk5BCzP5ugiUL/xMd+LDUoNtUniTvfRGpNUA6UwrH0xOZEvzgFkVsibJSB
S1uxNuFepuCrqcjYxbzBMat+vlLAzv5V5MEQt3X8EzCO/2MvkKR8xcRyMHsPA0bH
jLOgmps8Y0/V7IHE00Cww328xWWsev5JiBHxd0x0wiPVeEWmJv+7mvQIV7et2N6q
H1ewHbDJ/8xqi5XQmtc0r6EdBgjnDGGgjb3w/YvroJPBbazrIHuDMmg3Pt0VtEZ2
h2JtKenIdss=
-----END CERTIFICATE-----
Generated at Sun Oct 19 18:09:05 2025 by rpki-client