Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rZtxD4mJN7bbXdi8-nuns5jo9qc.roa
File: rZtxD4mJN7bbXdi8-nuns5jo9qc.roa (raw, json)
Hash identifier: qo49O00qF+mUr+rWLiRIPLqNTMLUFMhcbmJO0Z/h+lk=
Subject key identifier: AD:9B:71:0F:89:89:37:B6:DB:5D:D8:BC:FA:7B:A7:B3:98:E8:F6:A7
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 01985B377FD787559C9B1172A29D6E05245C
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rZtxD4mJN7bbXdi8-nuns5jo9qc.roa
Signing time: Wed 30 Jul 2025 12:03:40 +0000
ROA not before: Wed 30 Jul 2025 12:03:40 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215439
IP address blocks: 31.13.208.0/24 maxlen: 24
45.8.93.0/24 maxlen: 24
45.66.228.0/24 maxlen: 24
45.133.251.0/24 maxlen: 24
83.143.112.0/24 maxlen: 24
84.21.173.0/24 maxlen: 24
87.120.84.0/24 maxlen: 24
87.120.165.0/24 maxlen: 24
87.120.166.0/24 maxlen: 24
87.120.186.0/24 maxlen: 24
87.120.187.0/24 maxlen: 24
87.121.82.0/24 maxlen: 32
87.121.89.0/24 maxlen: 24
87.121.105.0/24 maxlen: 24
93.123.84.0/24 maxlen: 24
94.156.102.0/24 maxlen: 24
94.156.106.0/24 maxlen: 24
94.156.112.0/24 maxlen: 24
94.156.114.0/24 maxlen: 24
94.156.115.0/24 maxlen: 24
94.156.159.0/24 maxlen: 32
94.156.170.0/24 maxlen: 24
94.156.179.0/24 maxlen: 24
94.156.237.0/24 maxlen: 24
141.98.7.0/24 maxlen: 24
171.22.31.0/24 maxlen: 24
178.215.236.0/24 maxlen: 24
178.215.238.0/24 maxlen: 24
185.216.71.0/24 maxlen: 24
185.246.223.0/24 maxlen: 24
193.25.216.0/24 maxlen: 24
193.35.17.0/24 maxlen: 24
193.58.121.0/24 maxlen: 24
193.58.122.0/24 maxlen: 24
193.222.99.0/24 maxlen: 24
194.31.223.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 19:00:54 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5b:37:7f:d7:87:55:9c:9b:11:72:a2:9d:6e:05:24:5c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Jul 30 12:03:40 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ad9b710f898937b6db5dd8bcfa7ba7b398e8f6a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:69:68:58:28:c9:ef:57:ca:0d:d6:9f:35:d1:
44:62:97:b9:8c:f3:37:b3:67:55:d8:49:67:2b:c4:
3d:f0:4d:ed:c4:97:3c:26:ac:8b:0e:82:f8:4b:80:
87:f9:8e:67:89:b3:04:78:c9:56:85:ba:cf:f6:32:
7a:6f:09:75:a2:c0:dc:7b:da:1a:74:e2:0e:73:e3:
33:8f:db:d3:24:75:7b:89:74:16:65:80:43:6c:53:
6c:96:c2:59:95:41:51:98:e5:99:8d:b4:01:b8:91:
95:ec:b6:ba:7d:b0:e1:08:10:fc:92:02:b1:ad:79:
56:fe:2a:da:68:a6:c7:c6:06:60:2f:be:fc:0b:53:
fb:a5:cb:29:a0:40:f9:5f:72:af:7e:2f:a4:ee:ab:
04:65:58:75:0a:0a:0e:79:a1:a3:40:62:72:eb:aa:
c3:72:b1:90:dd:05:12:7f:aa:a1:74:16:e0:e7:99:
6e:cd:51:c5:05:1e:85:8c:80:50:ce:ac:00:06:a4:
83:89:0b:6d:36:86:fe:78:85:39:03:d9:73:2a:21:
83:a1:89:62:70:95:b5:21:5b:16:36:db:00:4e:80:
32:1f:f7:35:78:56:9f:2e:2c:df:3b:c1:ec:a8:37:
0a:0c:f2:39:d1:72:76:80:2a:96:8f:c7:1c:ac:ef:
16:8b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AD:9B:71:0F:89:89:37:B6:DB:5D:D8:BC:FA:7B:A7:B3:98:E8:F6:A7
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/rZtxD4mJN7bbXdi8-nuns5jo9qc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.13.208.0/24
45.8.93.0/24
45.66.228.0/24
45.133.251.0/24
83.143.112.0/24
84.21.173.0/24
87.120.84.0/24
87.120.165.0-87.120.166.255
87.120.186.0/23
87.121.82.0/24
87.121.89.0/24
87.121.105.0/24
93.123.84.0/24
94.156.102.0/24
94.156.106.0/24
94.156.112.0/24
94.156.114.0/23
94.156.159.0/24
94.156.170.0/24
94.156.179.0/24
94.156.237.0/24
141.98.7.0/24
171.22.31.0/24
178.215.236.0/24
178.215.238.0/24
185.216.71.0/24
185.246.223.0/24
193.25.216.0/24
193.35.17.0/24
193.58.121.0-193.58.122.255
193.222.99.0/24
194.31.223.0/24
Signature Algorithm: sha256WithRSAEncryption
3d:6f:db:3b:b9:1d:79:38:ee:f4:39:39:86:47:43:c7:bd:86:
8e:1f:a8:a1:a9:d0:66:c6:98:5f:2c:f6:76:5d:1b:4f:00:e5:
c1:03:27:17:4c:26:e7:25:d2:07:19:f9:c6:f7:0e:10:91:cb:
4b:b0:78:cb:d1:4d:c6:3f:c8:e6:d0:a5:83:14:a8:31:c3:f0:
bd:62:cc:84:f8:6c:be:0d:cd:19:7f:c6:22:e3:c6:fc:ea:89:
b5:f8:4f:89:36:86:e0:17:51:6a:96:ae:f3:ae:31:bb:ea:af:
9c:02:1a:7d:82:c4:90:51:a4:45:88:81:71:d9:71:fd:fb:b5:
c6:59:0c:6a:be:f1:ee:d2:c7:49:3e:9f:e4:58:64:34:97:45:
6a:18:b0:a8:0e:39:ec:bf:aa:98:fa:e4:77:83:69:1c:7f:6f:
73:31:c6:bb:cb:89:f1:93:ef:2c:87:6b:52:93:d7:ea:83:a8:
71:1d:57:f5:1d:c2:c7:81:22:95:41:62:b1:d4:84:af:b6:9b:
38:d1:db:64:18:6b:d3:72:33:da:72:22:28:cc:bc:b2:5d:55:
f8:f5:43:14:40:12:a9:96:b4:ea:6d:d8:f8:bc:90:5f:e0:78:
d4:c3:54:88:bc:01:87:15:02:ec:65:6b:aa:31:de:54:be:47:
ca:07:29:29
-----BEGIN CERTIFICATE-----
MIIFzDCCBLSgAwIBAgISAZhbN3/Xh1WcmxFyop1uBSRcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUwNzMwMTIwMzQwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZDliNzEwZjg5ODkzN2I2ZGI1ZGQ4YmNmYTdiYTdiMzk4ZThmNmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw2loWCjJ71fKDdafNdFEYpe5jPM3
s2dV2ElnK8Q98E3txJc8JqyLDoL4S4CH+Y5nibMEeMlWhbrP9jJ6bwl1osDce9oa
dOIOc+Mzj9vTJHV7iXQWZYBDbFNslsJZlUFRmOWZjbQBuJGV7La6fbDhCBD8kgKx
rXlW/iraaKbHxgZgL778C1P7pcspoED5X3Kvfi+k7qsEZVh1CgoOeaGjQGJy66rD
crGQ3QUSf6qhdBbg55luzVHFBR6FjIBQzqwABqSDiQttNob+eIU5A9lzKiGDoYli
cJW1IVsWNtsAToAyH/c1eFafLizfO8HsqDcKDPI50XJ2gCqWj8ccrO8WiwIDAQAB
o4IC2DCCAtQwHQYDVR0OBBYEFK2bcQ+JiTe2213YvPp7p7OY6PanMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEvclp0eEQ0bUpON2JiWGRpOC1udW5zNWpvOXFjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIHtBggrBgEFBQcBBwEB/wSB3TCB2jCB1wQCAAEwgdADBAAf
DdADBAAtCF0DBAAtQuQDBAAthfsDBABTj3ADBABUFa0DBABXeFQwDAMEAFd4pQME
AFd4pgMEAVd4ugMEAFd5UgMEAFd5WQMEAFd5aQMEAF17VAMEAF6cZgMEAF6cagME
AF6ccAMEAV6ccgMEAF6cnwMEAF6cqgMEAF6cswMEAF6c7QMEAI1iBwMEAKsWHwME
ALLX7AMEALLX7gMEALnYRwMEALn23wMEAMEZ2AMEAMEjETAMAwQAwTp5AwQAwTp6
AwQAwd5jAwQAwh/fMA0GCSqGSIb3DQEBCwUAA4IBAQA9b9s7uR15OO70OTmGR0PH
vYaOH6ihqdBmxphfLPZ2XRtPAOXBAycXTCbnJdIHGfnG9w4QkctLsHjL0U3GP8jm
0KWDFKgxw/C9YsyE+Gy+Dc0Zf8Yi48b86om1+E+JNobgF1Fqlq7zrjG76q+cAhp9
gsSQUaRFiIFx2XH9+7XGWQxqvvHu0sdJPp/kWGQ0l0VqGLCoDjnsv6qY+uR3g2kc
f29zMca7y4nxk+8sh2tSk9fqg6hxHVf1HcLHgSKVQWKx1ISvtps40dtkGGvTcjPa
ciIozLyyXVX49UMUQBKplrTqbdj4vJBf4HjUw1SIvAGHFQLsZWuqMd5UvkfKBykp
-----END CERTIFICATE-----
Generated at Thu Aug 7 03:56:48 2025 by rpki-client