Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/gzbOkCdGwLED0XFRIYh5p604-UI.roa
File: gzbOkCdGwLED0XFRIYh5p604-UI.roa (raw, json)
Hash identifier: YNGAsbQU1ewbbcs9LMcXP2uigJ104WIhdg4Nv9329KE=
Subject key identifier: 83:36:CE:90:27:46:C0:B1:03:D1:71:51:21:88:79:A7:AD:38:F9:42
Certificate issuer: /CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Certificate serial: 0198CBD6BB52DB76C9C81822317CA47D5308
Authority key identifier: 92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/gzbOkCdGwLED0XFRIYh5p604-UI.roa
Signing time: Thu 21 Aug 2025 08:55:04 +0000
ROA not before: Thu 21 Aug 2025 08:55:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203020
IP address blocks: 5.154.174.0/24 maxlen: 24
45.10.192.0/24 maxlen: 32
45.10.193.0/24 maxlen: 32
45.95.24.0/22 maxlen: 32
45.144.88.0/22 maxlen: 24
45.149.28.0/22 maxlen: 24
45.153.157.0/24 maxlen: 24
45.153.158.0/23 maxlen: 32
45.156.224.0/22 maxlen: 32
80.246.30.0/24 maxlen: 32
81.21.232.0/22 maxlen: 22
86.105.183.0/24 maxlen: 32
87.239.255.0/24 maxlen: 32
89.35.249.0/24 maxlen: 32
89.40.24.0/24 maxlen: 32
89.44.205.0/24 maxlen: 32
91.228.216.0/24 maxlen: 24
94.46.206.0/24 maxlen: 32
103.21.52.0/24 maxlen: 32
103.24.232.0/22 maxlen: 22
103.71.60.0/24 maxlen: 32
103.76.255.0/24 maxlen: 32
103.81.230.0/23 maxlen: 23
103.204.222.0/23 maxlen: 32
103.221.52.0/22 maxlen: 32
103.251.26.0/23 maxlen: 23
104.36.50.0/24 maxlen: 32
137.59.60.0/22 maxlen: 22
185.36.254.0/24 maxlen: 32
185.96.162.0/24 maxlen: 32
185.108.104.0/24 maxlen: 32
185.108.105.0/24 maxlen: 32
185.147.140.0/22 maxlen: 32
185.152.36.0/22 maxlen: 32
185.152.248.0/22 maxlen: 32
185.153.151.0/24 maxlen: 32
185.160.44.0/22 maxlen: 32
185.166.84.0/24 maxlen: 32
185.184.228.0/24 maxlen: 32
185.188.61.0/24 maxlen: 24
185.201.188.0/24 maxlen: 24
185.217.64.0/22 maxlen: 22
185.242.217.0/24 maxlen: 24
188.119.154.0/24 maxlen: 32
193.36.89.0/24 maxlen: 32
195.47.194.0/24 maxlen: 32
199.249.223.0/24 maxlen: 32
2a01:4740::/32 maxlen: 48
2a05:28c0::/29 maxlen: 32
2a05:f4c0::/29 maxlen: 29
2a06:3040::/29 maxlen: 48
2a06:46c0::/29 maxlen: 32
2a06:4a00::/29 maxlen: 32
2a06:5000::/29 maxlen: 32
2a06:5700::/29 maxlen: 32
2a06:df80::/29 maxlen: 29
2a06:e480::/29 maxlen: 29
2a07:4780::/29 maxlen: 29
2a07:9c80::/29 maxlen: 29
2a07:f2c0::/29 maxlen: 29
2a0a:3080::/29 maxlen: 29
2a0b:3f40::/29 maxlen: 29
2a0c:d8c0::/29 maxlen: 29
2a0c:ec40::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.mft
rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:cb:d6:bb:52:db:76:c9:c8:18:22:31:7c:a4:7d:53:08
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=922208b47b6a864d9d1ff33e06aa81d13819a74e
Validity
Not Before: Aug 21 08:55:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8336ce902746c0b103d17151218879a7ad38f942
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:08:84:0a:df:4b:22:ef:87:14:54:e4:46:07:
74:70:a9:83:11:4c:2f:3a:89:38:5f:5b:29:78:31:
db:a6:b4:d5:26:6a:05:9f:62:f4:22:4d:4e:67:29:
6c:e2:41:0e:3c:79:9d:bf:77:08:11:f1:af:4f:bb:
ab:04:1d:8d:02:65:53:c1:bc:c7:16:59:d0:a3:2a:
db:93:a7:31:cb:3b:9e:80:6b:31:eb:c0:5b:e8:66:
ab:e2:9c:db:fa:65:96:46:b7:04:38:39:f4:4f:3b:
f7:78:37:d1:77:0f:d2:56:c9:8f:cc:b1:57:a9:32:
45:9e:be:c0:d1:76:63:f4:76:d6:d6:63:21:1f:78:
0c:66:ab:f1:5e:36:90:2d:f8:f2:5e:ec:5f:6f:03:
2f:f6:2e:71:2e:dc:87:60:78:b3:7e:bc:4c:7c:fe:
55:40:13:72:0e:05:15:b9:5a:cf:e6:d8:0e:e3:4a:
59:08:84:58:1e:1a:e2:cc:3c:b5:d0:38:81:00:f5:
d3:ad:55:80:58:fa:ae:9e:1a:9f:54:15:d1:fd:54:
e7:af:cf:d3:1e:b4:4a:e4:bd:f3:71:5c:0d:7f:31:
2b:20:51:7c:2b:31:46:b3:21:08:37:f0:71:c7:0e:
7d:6e:18:8d:6b:af:df:7c:5a:18:9f:63:21:07:97:
85:83
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
83:36:CE:90:27:46:C0:B1:03:D1:71:51:21:88:79:A7:AD:38:F9:42
X509v3 Authority Key Identifier:
keyid:92:22:08:B4:7B:6A:86:4D:9D:1F:F3:3E:06:AA:81:D1:38:19:A7:4E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/kiIItHtqhk2dH_M-BqqB0TgZp04.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/gzbOkCdGwLED0XFRIYh5p604-UI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/6990e9-c3c0-478a-9997-95b08e3660cf/1/kiIItHtqhk2dH_M-BqqB0TgZp04.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.154.174.0/24
45.10.192.0/23
45.95.24.0/22
45.144.88.0/22
45.149.28.0/22
45.153.157.0-45.153.159.255
45.156.224.0/22
80.246.30.0/24
81.21.232.0/22
86.105.183.0/24
87.239.255.0/24
89.35.249.0/24
89.40.24.0/24
89.44.205.0/24
91.228.216.0/24
94.46.206.0/24
103.21.52.0/24
103.24.232.0/22
103.71.60.0/24
103.76.255.0/24
103.81.230.0/23
103.204.222.0/23
103.221.52.0/22
103.251.26.0/23
104.36.50.0/24
137.59.60.0/22
185.36.254.0/24
185.96.162.0/24
185.108.104.0/23
185.147.140.0/22
185.152.36.0/22
185.152.248.0/22
185.153.151.0/24
185.160.44.0/22
185.166.84.0/24
185.184.228.0/24
185.188.61.0/24
185.201.188.0/24
185.217.64.0/22
185.242.217.0/24
188.119.154.0/24
193.36.89.0/24
195.47.194.0/24
199.249.223.0/24
IPv6:
2a01:4740::/32
2a05:28c0::/29
2a05:f4c0::/29
2a06:3040::/29
2a06:46c0::/29
2a06:4a00::/29
2a06:5000::/29
2a06:5700::/29
2a06:df80::/29
2a06:e480::/29
2a07:4780::/29
2a07:9c80::/29
2a07:f2c0::/29
2a0a:3080::/29
2a0b:3f40::/29
2a0c:d8c0::/29
2a0c:ec40::/29
Signature Algorithm: sha256WithRSAEncryption
99:79:7c:60:05:c7:23:86:44:e7:c7:de:2e:2d:bb:a7:4e:1e:
60:23:a4:ef:ce:1f:47:ce:2f:ec:bd:b0:e2:bc:7a:c9:41:48:
ce:d9:ff:dd:0f:a4:7f:8b:f5:24:b2:7f:3b:1d:ae:77:f7:74:
b0:2d:6d:44:b7:47:f1:41:07:72:eb:d9:44:f1:b6:68:82:9f:
10:53:d8:83:ea:52:22:6e:65:92:67:1f:84:54:0c:3d:36:93:
52:f6:35:f4:9c:f9:ec:46:b0:aa:56:75:80:36:88:3b:95:4b:
94:73:60:cf:b3:18:2f:63:67:12:a8:19:4d:9a:3e:78:cd:7f:
9b:07:f8:99:7e:f1:ac:86:a2:1a:3f:10:85:6e:8a:4f:e2:ab:
f2:14:02:25:e3:4e:45:2f:5f:22:56:31:84:fa:2c:e6:6c:32:
dc:f6:b5:09:69:c6:58:e0:86:18:9f:42:38:73:75:cc:9a:0a:
44:7a:9a:b3:72:a4:14:88:be:b9:82:ce:e4:58:21:44:54:6f:
b8:3c:3c:59:e9:68:14:d8:62:8e:0b:9d:7d:ba:64:3b:17:69:
fc:7a:35:03:ea:e2:07:0f:00:d6:1b:55:15:d3:9e:8f:ce:24:
18:5a:cf:1e:52:59:41:92:05:ac:16:31:93:70:cc:86:b3:ac:
be:b6:cb:7d
-----BEGIN CERTIFICATE-----
MIIGkDCCBXigAwIBAgISAZjL1rtS23bJyBgiMXykfVMIMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDkyMjIwOGI0N2I2YTg2NGQ5ZDFmZjMzZTA2YWE4MWQxMzgx
OWE3NGUwHhcNMjUwODIxMDg1NTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4MzM2Y2U5MDI3NDZjMGIxMDNkMTcxNTEyMTg4NzlhN2FkMzhmOTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlwiECt9LIu+HFFTkRgd0cKmDEUwv
Ook4X1speDHbprTVJmoFn2L0Ik1OZyls4kEOPHmdv3cIEfGvT7urBB2NAmVTwbzH
FlnQoyrbk6cxyzuegGsx68Bb6Gar4pzb+mWWRrcEODn0Tzv3eDfRdw/SVsmPzLFX
qTJFnr7A0XZj9HbW1mMhH3gMZqvxXjaQLfjyXuxfbwMv9i5xLtyHYHizfrxMfP5V
QBNyDgUVuVrP5tgO40pZCIRYHhrizDy10DiBAPXTrVWAWPqunhqfVBXR/VTnr8/T
HrRK5L3zcVwNfzErIFF8KzFGsyEIN/Bxxw59bhiNa6/ffFoYn2MhB5eFgwIDAQAB
o4IDnDCCA5gwHQYDVR0OBBYEFIM2zpAnRsCxA9FxUSGIeaetOPlCMB8GA1UdIwQY
MBaAFJIiCLR7aoZNnR/zPgaqgdE4GadOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTct
OTViMDhlMzY2MGNmLzEvZ3piT2tDZEd3TEVEMFhGUklZaDVwNjA0LVVJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNS82OTkwZTktYzNjMC00NzhhLTk5OTctOTViMDhlMzY2MGNm
LzEva2lJSXRIdHFoazJkSF9NLUJxcUIwVGdacDA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIIBsAYIKwYBBQUHAQcBAf8EggGfMIIBmzCCARgEAgABMIIB
EAMEAAWargMEAS0KwAMEAi1fGAMEAi2QWAMEAi2VHDAMAwQALZmdAwQFLZmAAwQC
LZzgAwQAUPYeAwQCURXoAwQAVmm3AwQAV+//AwQAWSP5AwQAWSgYAwQAWSzNAwQA
W+TYAwQAXi7OAwQAZxU0AwQCZxjoAwQAZ0c8AwQAZ0z/AwQBZ1HmAwQBZ8zeAwQC
Z900AwQBZ/saAwQAaCQyAwQCiTs8AwQAuST+AwQAuWCiAwQBuWxoAwQCuZOMAwQC
uZgkAwQCuZj4AwQAuZmXAwQCuaAsAwQAuaZUAwQAubjkAwQAubw9AwQAucm8AwQC
udlAAwQAufLZAwQAvHeaAwQAwSRZAwQAwy/CAwQAx/nfMH0EAgACMHcDBQAqAUdA
AwUDKgUowAMFAyoF9MADBQMqBjBAAwUDKgZGwAMFAyoGSgADBQMqBlAAAwUDKgZX
AAMFAyoG34ADBQMqBuSAAwUDKgdHgAMFAyoHnIADBQMqB/LAAwUDKgowgAMFAyoL
P0ADBQMqDNjAAwUDKgzsQDANBgkqhkiG9w0BAQsFAAOCAQEAmXl8YAXHI4ZE58fe
Li27p04eYCOk784fR84v7L2w4rx6yUFIztn/3Q+kf4v1JLJ/Ox2ud/d0sC1tRLdH
8UEHcuvZRPG2aIKfEFPYg+pSIm5lkmcfhFQMPTaTUvY19Jz57EawqlZ1gDaIO5VL
lHNgz7MYL2NnEqgZTZo+eM1/mwf4mX7xrIaiGj8QhW6KT+Kr8hQCJeNORS9fIlYx
hPos5mwy3Pa1CWnGWOCGGJ9COHN1zJoKRHqas3KkFIi+uYLO5FghRFRvuDw8Welo
FNhijgudfbpkOxdp/Ho1A+riBw8A1htVFdOej84kGFrPHlJZQZIFrBYxk3DMhrOs
vrbLfQ==
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:47:30 2025 by rpki-client