Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/zEzHWCJriZKeuyYdBpl4VovFYcI.roa
File: zEzHWCJriZKeuyYdBpl4VovFYcI.roa (raw, json)
Hash identifier: EKtQ2jHsCQ+lmT20oOt4vBuFgcYh84fbdOE/3vv/6ds=
Subject key identifier: CC:4C:C7:58:22:6B:89:92:9E:BB:26:1D:06:99:78:56:8B:C5:61:C2
Certificate issuer: /CN=618cc46d71e7848978488961d7b51aba1541f3c4
Certificate serial: 0198952C4B5365C70B1D6E12D1DCAE22034E
Authority key identifier: 61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/zEzHWCJriZKeuyYdBpl4VovFYcI.roa
Signing time: Sun 10 Aug 2025 18:09:24 +0000
ROA not before: Sun 10 Aug 2025 18:09:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213541
IP address blocks: 89.184.0.0/21 maxlen: 24
89.184.8.0/23 maxlen: 23
89.184.10.0/23 maxlen: 23
89.184.12.0/23 maxlen: 23
89.184.14.0/23 maxlen: 23
89.184.16.0/21 maxlen: 24
89.184.16.0/22 maxlen: 24
89.184.24.0/21 maxlen: 24
89.184.30.0/24 maxlen: 24
89.184.31.0/24 maxlen: 24
193.222.251.0/24 maxlen: 24
193.223.69.0/24 maxlen: 24
193.223.103.0/24 maxlen: 24
193.223.108.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 12:01:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:95:2c:4b:53:65:c7:0b:1d:6e:12:d1:dc:ae:22:03:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=618cc46d71e7848978488961d7b51aba1541f3c4
Validity
Not Before: Aug 10 18:09:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc4cc758226b89929ebb261d069978568bc561c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:dc:67:19:fa:4d:ae:c7:ae:25:0f:c8:44:55:61:
92:6e:37:ba:18:33:fc:b2:b0:fa:64:c5:9b:7b:63:
87:45:36:32:85:1a:27:7b:b2:bc:61:ff:3c:df:c8:
28:ca:a4:7c:7d:6a:43:b2:c0:6c:c5:d4:93:88:ce:
ac:40:6e:64:e2:fa:7c:80:20:08:83:80:02:26:ad:
71:d1:b5:4f:b5:90:03:70:e8:b1:bf:6c:37:bc:97:
22:ec:4e:1c:b5:d2:e7:5a:0e:c2:8d:be:20:f9:e7:
ed:02:88:2a:ff:60:ca:78:3a:21:7e:26:dd:f7:b2:
a7:02:5b:a1:b8:03:fd:22:bb:27:ee:39:1d:7c:c4:
16:fc:9a:8b:89:58:30:c5:ec:61:86:9a:7b:cb:2f:
cb:52:04:53:40:5e:b4:45:b2:6f:62:0a:62:55:bb:
c5:87:74:a8:1c:dd:62:bf:1d:77:90:4c:6c:22:86:
0a:b2:1a:f9:e7:5f:46:8c:33:36:6e:6f:cf:15:dc:
78:b6:3d:c8:5f:f9:02:9c:9f:54:9d:1c:82:81:8b:
cd:03:dd:f3:94:4e:a9:b8:75:d8:43:23:77:10:5c:
09:73:09:ac:94:f1:f7:be:3f:17:a3:23:6e:5e:87:
d0:e4:26:9a:7a:56:c1:fa:6e:24:69:11:f8:16:1d:
3f:ed
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4C:C7:58:22:6B:89:92:9E:BB:26:1D:06:99:78:56:8B:C5:61:C2
X509v3 Authority Key Identifier:
keyid:61:8C:C4:6D:71:E7:84:89:78:48:89:61:D7:B5:1A:BA:15:41:F3:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/YYzEbXHnhIl4SIlh17UauhVB88Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/zEzHWCJriZKeuyYdBpl4VovFYcI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f1/127430-d4e8-4da3-bea2-4ef19ccc57d0/1/YYzEbXHnhIl4SIlh17UauhVB88Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.184.0.0/19
193.222.251.0/24
193.223.69.0/24
193.223.103.0/24
193.223.108.0/24
Signature Algorithm: sha256WithRSAEncryption
48:af:7d:c2:fc:1e:9e:2a:37:ea:30:6f:27:a0:77:a0:1d:1c:
06:07:b7:8b:9e:ce:d2:f9:1e:71:dc:c2:a7:ce:08:da:5d:a5:
3b:2f:10:fc:ed:bb:a9:4d:d7:75:ae:b9:08:54:de:5a:c8:b0:
ca:dc:1f:c2:5f:1b:60:80:9e:9c:f0:1c:47:e0:5b:e0:58:40:
9d:ba:e7:38:3e:f4:cb:c3:04:ef:ff:00:c1:16:2a:4e:af:40:
72:55:0f:f4:33:b2:f4:bc:dd:9b:81:38:00:6d:4e:90:3e:54:
36:a4:76:05:17:b6:d2:a2:90:dc:6c:3f:a9:5d:f0:cd:91:a5:
fb:62:b8:69:0e:0c:93:e8:c7:87:13:43:01:fa:f9:2d:4a:71:
81:52:52:ad:14:70:86:63:09:f0:c8:60:25:6d:37:9d:e5:01:
52:3e:ef:43:ed:0e:72:7c:8f:0b:42:34:5d:2f:67:ae:14:7a:
87:e2:7a:ee:06:e1:94:f3:c9:7b:dd:07:6b:8f:ee:3e:ab:04:
14:3b:44:d9:b8:2b:4d:9d:86:b8:0c:1a:d3:43:d2:37:d9:06:
8b:bf:8f:81:6f:a5:d9:58:8f:cb:28:4c:15:69:76:cb:19:10:
ed:84:00:19:2d:4f:1d:c6:37:71:b7:de:f4:bb:b2:63:a4:7a:
54:a8:ed:27
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZiVLEtTZccLHW4S0dyuIgNOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYxOGNjNDZkNzFlNzg0ODk3ODQ4ODk2MWQ3YjUxYWJhMTU0
MWYzYzQwHhcNMjUwODEwMTgwOTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzRjYzc1ODIyNmI4OTkyOWViYjI2MWQwNjk5Nzg1NjhiYzU2MWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA3GcZ+k2ux64lD8hEVWGSbje6GDP8
srD6ZMWbe2OHRTYyhRone7K8Yf8838goyqR8fWpDssBsxdSTiM6sQG5k4vp8gCAI
g4ACJq1x0bVPtZADcOixv2w3vJci7E4ctdLnWg7Cjb4g+eftAogq/2DKeDohfibd
97KnAluhuAP9Irsn7jkdfMQW/JqLiVgwxexhhpp7yy/LUgRTQF60RbJvYgpiVbvF
h3SoHN1ivx13kExsIoYKshr5519GjDM2bm/PFdx4tj3IX/kCnJ9UnRyCgYvNA93z
lE6puHXYQyN3EFwJcwmslPH3vj8XoyNuXofQ5CaaelbB+m4kaRH4Fh0/7QIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFMxMx1gia4mSnrsmHQaZeFaLxWHCMB8GA1UdIwQY
MBaAFGGMxG1x54SJeEiJYde1GroVQfPEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTIt
NGVmMTljY2M1N2QwLzEvekV6SFdDSnJpWktldXlZZEJwbDRWb3ZGWWNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMS8xMjc0MzAtZDRlOC00ZGEzLWJlYTItNGVmMTljY2M1N2Qw
LzEvWVl6RWJYSG5oSWw0U0lsaDE3VWF1aFZCODhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQFWbgAAwQA
wd77AwQAwd9FAwQAwd9nAwQAwd9sMA0GCSqGSIb3DQEBCwUAA4IBAQBIr33C/B6e
KjfqMG8noHegHRwGB7eLns7S+R5x3MKnzgjaXaU7LxD87bupTdd1rrkIVN5ayLDK
3B/CXxtggJ6c8BxH4FvgWECduuc4PvTLwwTv/wDBFipOr0ByVQ/0M7L0vN2bgTgA
bU6QPlQ2pHYFF7bSopDcbD+pXfDNkaX7YrhpDgyT6MeHE0MB+vktSnGBUlKtFHCG
YwnwyGAlbTed5QFSPu9D7Q5yfI8LQjRdL2euFHqH4nruBuGU88l73Qdrj+4+qwQU
O0TZuCtNnYa4DBrTQ9I32QaLv4+Bb6XZWI/LKEwVaXbLGRDthAAZLU8dxjdxt970
u7JjpHpUqO0n
-----END CERTIFICATE-----
Generated at Sat Aug 23 18:35:29 2025 by rpki-client