Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ZaiMwzcGGnlOX7VCckUCRe2aoeg.roa
File: ZaiMwzcGGnlOX7VCckUCRe2aoeg.roa (raw, json)
Hash identifier: BMX/w49Otk7OXGBq6Wah+reou3l0Xwz3nCkRtZ68UpQ=
Subject key identifier: 65:A8:8C:C3:37:06:1A:79:4E:5F:B5:42:72:45:02:45:ED:9A:A1:E8
Certificate issuer: /CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Certificate serial: 019790DD7A8B2F5049358AAA4F59A1020175
Authority key identifier: 2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ZaiMwzcGGnlOX7VCckUCRe2aoeg.roa
Signing time: Sat 21 Jun 2025 05:02:03 +0000
ROA not before: Sat 21 Jun 2025 05:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25211
IP address blocks: 45.141.232.0/24 maxlen: 24
45.141.234.0/24 maxlen: 24
45.141.235.0/24 maxlen: 24
78.159.128.0/24 maxlen: 24
78.159.129.0/24 maxlen: 24
78.159.130.0/24 maxlen: 24
78.159.131.0/24 maxlen: 24
78.159.136.0/24 maxlen: 24
78.159.137.0/24 maxlen: 24
78.159.138.0/24 maxlen: 24
78.159.139.0/24 maxlen: 24
78.159.149.0/24 maxlen: 24
78.159.150.0/24 maxlen: 24
78.159.152.0/22 maxlen: 22
78.159.153.0/24 maxlen: 24
78.159.154.0/24 maxlen: 24
78.159.155.0/24 maxlen: 24
78.159.156.0/24 maxlen: 24
78.159.157.0/24 maxlen: 24
78.159.158.0/24 maxlen: 24
78.159.159.0/24 maxlen: 24
91.92.33.0/24 maxlen: 24
91.92.35.0/24 maxlen: 24
91.92.40.0/24 maxlen: 24
91.92.41.0/24 maxlen: 24
91.92.42.0/24 maxlen: 24
91.92.43.0/24 maxlen: 24
91.92.44.0/24 maxlen: 24
91.92.45.0/24 maxlen: 24
91.92.46.0/24 maxlen: 24
91.92.49.0/24 maxlen: 24
91.92.50.0/24 maxlen: 24
91.92.51.0/24 maxlen: 24
91.92.52.0/24 maxlen: 24
91.92.53.0/24 maxlen: 24
93.152.206.0/24 maxlen: 24
93.152.207.0/24 maxlen: 24
93.152.209.0/24 maxlen: 24
93.152.210.0/24 maxlen: 24
93.152.211.0/24 maxlen: 24
93.152.213.0/24 maxlen: 24
93.152.214.0/24 maxlen: 24
93.152.215.0/24 maxlen: 24
93.152.216.0/24 maxlen: 24
93.152.218.0/24 maxlen: 24
93.152.220.0/24 maxlen: 24
93.152.221.0/24 maxlen: 24
93.152.222.0/24 maxlen: 24
93.152.223.0/24 maxlen: 24
93.152.224.0/24 maxlen: 24
93.152.226.0/24 maxlen: 24
93.152.227.0/24 maxlen: 24
93.152.233.0/24 maxlen: 24
94.26.28.0/24 maxlen: 24
94.26.29.0/24 maxlen: 24
94.26.76.0/22 maxlen: 22
94.26.76.0/24 maxlen: 24
94.26.77.0/24 maxlen: 24
94.26.78.0/24 maxlen: 24
94.26.79.0/24 maxlen: 24
94.26.89.0/24 maxlen: 24
94.26.90.0/24 maxlen: 24
94.190.195.0/24 maxlen: 24
185.96.252.0/24 maxlen: 24
185.96.253.0/24 maxlen: 24
185.96.255.0/24 maxlen: 24
212.102.105.0/24 maxlen: 24
212.102.107.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.mft
rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:90:dd:7a:8b:2f:50:49:35:8a:aa:4f:59:a1:02:01:75
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d1caa69358f8c98f7a719f2597d5daddbd0018c
Validity
Not Before: Jun 21 05:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65a88cc337061a794e5fb54272450245ed9aa1e8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:66:2d:da:aa:ca:7f:4e:a2:c7:25:d7:ee:b3:
10:07:74:95:cb:62:33:60:71:88:a6:cd:0c:33:78:
3f:65:f0:fc:eb:de:a6:fa:44:50:db:aa:16:8e:5d:
65:7b:61:6b:b9:ef:93:f0:11:2c:c4:86:c8:ee:b4:
a7:11:10:6f:0a:0e:1a:f3:59:d5:4e:b4:41:9e:1a:
97:d0:a9:2b:fb:cc:85:7d:5c:0b:3f:c1:e3:96:3f:
be:ec:b8:8c:37:c3:db:0f:68:b7:51:11:2d:bf:0a:
a1:63:0c:13:0b:16:5c:c7:15:e9:5f:82:84:de:4c:
f6:09:ba:88:e6:6c:01:94:f2:01:66:59:53:8d:d1:
75:d9:6a:6a:6a:34:44:95:0e:ab:28:1e:e2:19:5a:
52:63:1a:e3:1b:34:a1:5c:db:c0:5f:c9:8c:4b:5f:
b3:ac:cd:34:28:86:80:0f:9e:08:bb:ef:5c:85:24:
ac:55:14:d5:93:71:33:17:48:8f:1b:6e:55:97:58:
c7:83:29:d0:28:38:be:56:a7:c5:ea:e6:78:1e:cb:
53:ad:5e:2c:8f:3d:ac:9b:23:15:00:62:20:f0:27:
a1:2e:df:33:21:4c:6f:ab:c3:0c:3b:99:2a:62:5e:
20:71:c8:c2:d8:ab:6d:24:c6:df:32:2b:f5:47:4b:
ef:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:A8:8C:C3:37:06:1A:79:4E:5F:B5:42:72:45:02:45:ED:9A:A1:E8
X509v3 Authority Key Identifier:
keyid:2D:1C:AA:69:35:8F:8C:98:F7:A7:19:F2:59:7D:5D:AD:DB:D0:01:8C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LRyqaTWPjJj3pxnyWX1drdvQAYw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/ZaiMwzcGGnlOX7VCckUCRe2aoeg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/df/a93699-188b-470a-96b7-29b085dd23ad/1/LRyqaTWPjJj3pxnyWX1drdvQAYw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.141.232.0/24
45.141.234.0/23
78.159.128.0/22
78.159.136.0/22
78.159.149.0-78.159.150.255
78.159.152.0/21
91.92.33.0/24
91.92.35.0/24
91.92.40.0-91.92.46.255
91.92.49.0-91.92.53.255
93.152.206.0/23
93.152.209.0-93.152.211.255
93.152.213.0-93.152.216.255
93.152.218.0/24
93.152.220.0-93.152.224.255
93.152.226.0/23
93.152.233.0/24
94.26.28.0/23
94.26.76.0/22
94.26.89.0-94.26.90.255
94.190.195.0/24
185.96.252.0/23
185.96.255.0/24
212.102.105.0/24
212.102.107.0/24
Signature Algorithm: sha256WithRSAEncryption
17:f8:db:c7:07:ce:9f:1c:b0:6f:f0:3c:fc:8b:21:0b:b3:81:
29:63:8a:d5:74:f9:1f:f6:85:23:a4:82:11:a9:95:76:4f:3c:
23:2b:f5:9b:cc:06:8d:31:71:a8:b5:11:b5:9e:8b:ee:2f:46:
11:b6:e9:44:70:39:a1:3c:95:b9:5d:be:15:f9:65:d5:43:a8:
6e:ef:ed:81:da:28:16:31:45:50:9b:2b:8d:45:d1:e8:ba:7d:
73:e7:fc:b8:2d:bc:f0:8a:5c:33:3d:d2:a0:57:6c:6b:29:bf:
e3:de:0c:df:3f:36:c0:f2:1d:fe:2b:86:5a:2c:65:11:21:b6:
98:e1:2d:45:76:06:e5:b9:70:01:0e:dc:63:88:29:24:34:d3:
26:05:ec:67:f1:2b:e3:6c:24:a7:05:32:bb:9a:bb:2e:9f:59:
9b:ff:8e:41:2c:de:58:df:4a:f6:23:67:85:41:11:c1:50:9b:
66:3b:77:fb:2d:15:3a:05:34:ac:a1:e8:ad:ef:fe:21:d0:d3:
d2:b1:a5:d7:7a:3d:cf:cf:ad:7e:30:ae:f2:42:db:95:cc:51:
33:2e:e0:8c:83:e4:52:61:ad:65:a1:01:e1:8a:f4:be:6e:bd:
7f:61:18:a8:98:d0:38:ce:86:75:96:e4:5f:a5:de:db:73:66:
ad:ea:20:0d
-----BEGIN CERTIFICATE-----
MIIFyjCCBLKgAwIBAgISAZeQ3XqLL1BJNYqqT1mhAgF1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMWNhYTY5MzU4ZjhjOThmN2E3MTlmMjU5N2Q1ZGFkZGJk
MDAxOGMwHhcNMjUwNjIxMDUwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWE4OGNjMzM3MDYxYTc5NGU1ZmI1NDI3MjQ1MDI0NWVkOWFhMWU4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApWYt2qrKf06ixyXX7rMQB3SVy2Iz
YHGIps0MM3g/ZfD8696m+kRQ26oWjl1le2Frue+T8BEsxIbI7rSnERBvCg4a81nV
TrRBnhqX0Kkr+8yFfVwLP8Hjlj++7LiMN8PbD2i3UREtvwqhYwwTCxZcxxXpX4KE
3kz2CbqI5mwBlPIBZllTjdF12WpqajRElQ6rKB7iGVpSYxrjGzShXNvAX8mMS1+z
rM00KIaAD54Iu+9chSSsVRTVk3EzF0iPG25Vl1jHgynQKDi+VqfF6uZ4HstTrV4s
jz2smyMVAGIg8CehLt8zIUxvq8MMO5kqYl4gccjC2KttJMbfMiv1R0vvHwIDAQAB
o4IC1jCCAtIwHQYDVR0OBBYEFGWojMM3Bhp5Tl+1QnJFAkXtmqHoMB8GA1UdIwQY
MBaAFC0cqmk1j4yY96cZ8ll9Xa3b0AGMMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2Yjct
MjliMDg1ZGQyM2FkLzEvWmFpTXd6Y0dHbmxPWDdWQ2NrVUNSZTJhb2VnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZi9hOTM2OTktMTg4Yi00NzBhLTk2YjctMjliMDg1ZGQyM2Fk
LzEvTFJ5cWFUV1BqSmozcHhueVdYMWRyZHZRQVl3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHrBggrBgEFBQcBBwEB/wSB2zCB2DCB1QQCAAEwgc4DBAAt
jegDBAEtjeoDBAJOn4ADBAJOn4gwDAMEAE6flQMEAE6flgMEA06fmAMEAFtcIQME
AFtcIzAMAwQDW1woAwQAW1wuMAwDBABbXDEDBAFbXDQDBAFdmM4wDAMEAF2Y0QME
Al2Y0DAMAwQAXZjVAwQAXZjYAwQAXZjaMAwDBAJdmNwDBABdmOADBAFdmOIDBABd
mOkDBAFeGhwDBAJeGkwwDAMEAF4aWQMEAF4aWgMEAF6+wwMEAblg/AMEALlg/wME
ANRmaQMEANRmazANBgkqhkiG9w0BAQsFAAOCAQEAF/jbxwfOnxywb/A8/IshC7OB
KWOK1XT5H/aFI6SCEamVdk88Iyv1m8wGjTFxqLURtZ6L7i9GEbbpRHA5oTyVuV2+
Ffll1UOobu/tgdooFjFFUJsrjUXR6Lp9c+f8uC288IpcMz3SoFdsaym/494M3z82
wPId/iuGWixlESG2mOEtRXYG5blwAQ7cY4gpJDTTJgXsZ/Er42wkpwUyu5q7Lp9Z
m/+OQSzeWN9K9iNnhUERwVCbZjt3+y0VOgU0rKHore/+IdDT0rGl13o9z8+tfjCu
8kLblcxRMy7gjIPkUmGtZaEB4Yr0vm69f2EYqJjQOM6GdZbkX6Xe23NmreogDQ==
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:27:27 2025 by rpki-client