
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/0KTmbSRfcRK8-n1qcmKR418DNUs.roa
File: 0KTmbSRfcRK8-n1qcmKR418DNUs.roa (raw, json)
Hash identifier: P50v6XitnoLdzzBD57fVGVtkTs/as999tNUAveVrHNg=
Subject key identifier: D0:A4:E6:6D:24:5F:71:12:BC:FA:7D:6A:72:62:91:E3:5F:03:35:4B
Certificate issuer: /CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Certificate serial: 019855917725509A879062B6D93C2E190FDA
Authority key identifier: CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/0KTmbSRfcRK8-n1qcmKR418DNUs.roa
Signing time: Tue 29 Jul 2025 09:44:13 +0000
ROA not before: Tue 29 Jul 2025 09:44:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 185.124.148.0/24 maxlen: 24
185.124.149.0/24 maxlen: 24
185.124.150.0/24 maxlen: 24
185.124.151.0/24 maxlen: 24
193.58.117.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 07 Aug 2025 06:01:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:91:77:25:50:9a:87:90:62:b6:d9:3c:2e:19:0f:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce7cacfa735ceeafdd2a214c09ee72469425250e
Validity
Not Before: Jul 29 09:44:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d0a4e66d245f7112bcfa7d6a726291e35f03354b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c7:0c:e7:5b:dc:42:08:4f:b9:24:41:bb:9f:00:
00:24:40:51:3b:8e:38:97:99:8a:cb:90:38:3b:0c:
75:7a:b8:c6:99:41:5f:bd:ce:4b:e2:65:f1:57:e5:
07:be:77:1d:6f:92:7b:45:0b:67:74:4d:9e:7d:60:
ee:be:09:58:a0:1e:0a:ba:24:f4:25:6d:1b:d5:1e:
6f:cb:ec:89:00:38:29:9a:e5:73:40:a0:6c:35:43:
84:8f:36:bb:2e:32:c7:9b:85:14:a6:fc:54:35:e8:
57:14:09:86:2a:7a:34:7d:70:0b:7f:b8:cf:3d:81:
d3:94:cc:c9:f2:36:06:47:e1:02:72:14:a1:06:57:
85:2d:86:75:13:17:4a:46:7f:59:33:ca:c4:ee:7a:
4a:60:f5:ed:76:c4:e9:bc:60:82:c3:29:1d:60:57:
c6:90:ed:15:92:8e:c0:7b:92:71:cf:ba:1c:1b:94:
af:de:86:3d:f9:cf:00:6d:fd:b1:25:7a:90:91:c8:
1c:88:bb:95:8c:e2:2b:5a:3b:4f:79:d3:07:65:89:
92:b5:1d:68:5d:1c:4e:de:3f:16:c4:b4:38:e2:f3:
24:06:35:2b:a0:b0:fa:9c:3a:fa:48:d9:24:0b:a2:
24:bc:68:f7:20:54:75:9e:30:ef:19:b2:ea:99:73:
3d:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D0:A4:E6:6D:24:5F:71:12:BC:FA:7D:6A:72:62:91:E3:5F:03:35:4B
X509v3 Authority Key Identifier:
keyid:CE:7C:AC:FA:73:5C:EE:AF:DD:2A:21:4C:09:EE:72:46:94:25:25:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/znys-nNc7q_dKiFMCe5yRpQlJQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/0KTmbSRfcRK8-n1qcmKR418DNUs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/16/a636ed-d20f-4802-9286-b84eda2e846a/1/znys-nNc7q_dKiFMCe5yRpQlJQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.124.148.0/22
193.58.117.0/24
Signature Algorithm: sha256WithRSAEncryption
57:57:8b:f7:88:15:db:e7:d4:21:84:a2:ed:bd:7b:1d:cf:a2:
50:f8:e1:c4:58:9b:2c:29:82:27:de:89:d4:f8:c4:82:5a:1d:
25:46:b0:08:e6:fa:2c:04:64:13:4a:bf:30:1c:24:c6:c0:cf:
95:49:d8:5f:68:b2:b2:af:ad:64:81:cd:10:fe:97:e1:af:73:
4b:a6:ae:48:ad:28:b1:59:73:b5:b5:ce:35:cb:0b:a8:e2:d4:
cf:08:04:5d:38:3c:11:2d:95:b8:fa:66:43:8a:2a:75:75:30:
8e:a5:1b:5d:8c:f6:de:14:66:6e:d8:a8:15:d5:5b:ac:0f:7b:
5f:aa:b1:8e:63:ab:1b:5c:53:a4:c7:bf:46:1b:e8:f7:83:30:
fc:6f:66:43:c5:c8:8f:17:74:d3:e6:4c:7a:19:f6:8b:9e:22:
25:4d:62:5f:60:99:0f:74:05:a3:e5:2c:87:f1:f1:79:e9:c3:
39:95:78:77:76:c5:d5:d5:d5:4a:c7:47:97:4d:3c:36:8b:c5:
97:6b:b9:6c:47:a6:e3:8f:07:4a:a2:03:de:61:fd:e2:60:7e:
85:a2:45:24:a6:6a:4b:6b:3f:04:f1:9b:c5:1f:eb:5c:d6:ce:
ee:38:47:2d:29:c8:8b:84:f5:99:da:6e:17:2c:42:50:4d:06:
2d:ec:62:b3
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhVkXclUJqHkGK22TwuGQ/aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlN2NhY2ZhNzM1Y2VlYWZkZDJhMjE0YzA5ZWU3MjQ2OTQy
NTI1MGUwHhcNMjUwNzI5MDk0NDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMGE0ZTY2ZDI0NWY3MTEyYmNmYTdkNmE3MjYyOTFlMzVmMDMzNTRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxwznW9xCCE+5JEG7nwAAJEBRO444
l5mKy5A4Owx1erjGmUFfvc5L4mXxV+UHvncdb5J7RQtndE2efWDuvglYoB4KuiT0
JW0b1R5vy+yJADgpmuVzQKBsNUOEjza7LjLHm4UUpvxUNehXFAmGKno0fXALf7jP
PYHTlMzJ8jYGR+ECchShBleFLYZ1ExdKRn9ZM8rE7npKYPXtdsTpvGCCwykdYFfG
kO0Vko7Ae5Jxz7ocG5Sv3oY9+c8Abf2xJXqQkcgciLuVjOIrWjtPedMHZYmStR1o
XRxO3j8WxLQ44vMkBjUroLD6nDr6SNkkC6IkvGj3IFR1njDvGbLqmXM9NwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFNCk5m0kX3ESvPp9anJikeNfAzVLMB8GA1UdIwQY
MBaAFM58rPpzXO6v3SohTAnuckaUJSUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYt
Yjg0ZWRhMmU4NDZhLzEvMEtUbWJTUmZjUks4LW4xcWNtS1I0MThETlVzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNi9hNjM2ZWQtZDIwZi00ODAyLTkyODYtYjg0ZWRhMmU4NDZh
LzEvem55cy1uTmM3cV9kS2lGTUNlNXlScFFsSlE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCuXyUAwQA
wTp1MA0GCSqGSIb3DQEBCwUAA4IBAQBXV4v3iBXb59QhhKLtvXsdz6JQ+OHEWJss
KYIn3onU+MSCWh0lRrAI5vosBGQTSr8wHCTGwM+VSdhfaLKyr61kgc0Q/pfhr3NL
pq5IrSixWXO1tc41ywuo4tTPCARdODwRLZW4+mZDiip1dTCOpRtdjPbeFGZu2KgV
1VusD3tfqrGOY6sbXFOkx79GG+j3gzD8b2ZDxciPF3TT5kx6GfaLniIlTWJfYJkP
dAWj5SyH8fF56cM5lXh3dsXV1dVKx0eXTTw2i8WXa7lsR6bjjwdKogPeYf3iYH6F
okUkpmpLaz8E8ZvFH+tc1s7uOEctKciLhPWZ2m4XLEJQTQYt7GKz
-----END CERTIFICATE-----
Generated at Wed Aug 6 13:05:42 2025 by rpki-client