Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/Z2kf7ln5mON3RHAZZX2xlotTAOE.roa
File: Z2kf7ln5mON3RHAZZX2xlotTAOE.roa (raw, json)
Hash identifier: /p6n62hmOZyxXSovbXHriP4ZXMHiDPYL78NiQIEPOF4=
Subject key identifier: 67:69:1F:EE:59:F9:98:E3:77:44:70:19:65:7D:B1:96:8B:53:00:E1
Certificate issuer: /CN=16241dd83d8ac080b66504bf937459ffcec4ccc4
Certificate serial: 019836E21CDF11599C9CAF97A11546315BD2
Authority key identifier: 16:24:1D:D8:3D:8A:C0:80:B6:65:04:BF:93:74:59:FF:CE:C4:CC:C4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/Z2kf7ln5mON3RHAZZX2xlotTAOE.roa
Signing time: Wed 23 Jul 2025 10:44:04 +0000
ROA not before: Wed 23 Jul 2025 10:44:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16154
IP address blocks: 80.95.28.0/22 maxlen: 24
80.95.29.0/24 maxlen: 24
80.95.30.0/24 maxlen: 24
88.213.194.0/23 maxlen: 24
88.213.195.0/24 maxlen: 24
88.213.204.0/22 maxlen: 24
217.79.64.0/22 maxlen: 24
217.79.72.0/24 maxlen: 24
217.79.76.0/22 maxlen: 24
217.79.82.0/23 maxlen: 24
217.79.86.0/24 maxlen: 24
217.79.87.0/24 maxlen: 24
217.79.88.0/24 maxlen: 24
217.79.90.0/24 maxlen: 24
217.79.92.0/24 maxlen: 24
217.79.95.0/24 maxlen: 24
2a02:7900::/32 maxlen: 48
2a02:7900:100::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 09 Aug 2025 04:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:36:e2:1c:df:11:59:9c:9c:af:97:a1:15:46:31:5b:d2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16241dd83d8ac080b66504bf937459ffcec4ccc4
Validity
Not Before: Jul 23 10:44:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67691fee59f998e377447019657db1968b5300e1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:e1:d3:4e:cc:a5:03:26:39:59:c1:50:85:bd:
e7:83:1a:59:99:5b:22:a9:2e:95:66:5b:53:bc:b3:
de:8a:53:b8:90:6f:42:15:18:a3:5d:db:a0:86:d4:
c4:0c:f8:5e:c5:3a:24:56:1f:75:8f:d3:7d:a5:8c:
05:2d:f7:f9:15:8a:b3:e1:72:f7:f6:67:ff:b0:cb:
42:10:8c:ec:a8:e2:3a:6e:cd:c6:39:91:6c:21:92:
bd:3a:c3:0d:fb:c8:68:59:54:c5:fb:e5:85:4e:f0:
37:60:fc:e3:37:65:22:e8:47:e3:b7:6f:d3:eb:e2:
3b:61:7a:cd:3d:e6:9c:fc:27:7f:0c:92:0e:12:27:
16:dc:53:5d:71:73:a2:fb:94:a6:fa:7f:c5:e0:da:
28:c4:fc:90:5b:bd:e6:cb:fb:39:bc:8b:30:2f:d8:
73:40:4c:d1:dd:38:b9:dd:1a:e2:c0:68:4e:f7:c5:
d8:03:ca:39:c0:3d:50:ff:88:c5:91:1e:2a:6a:63:
50:b2:43:44:f0:ca:b4:5b:c6:30:28:fa:c8:3a:53:
5a:c3:2b:61:d1:fe:20:4e:3f:f2:f9:06:4b:9f:60:
c3:5d:ba:6f:4e:d3:22:f5:33:46:45:0a:09:6f:c8:
d3:6a:7e:58:84:34:66:9b:b7:06:e1:7a:63:56:24:
74:9d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:69:1F:EE:59:F9:98:E3:77:44:70:19:65:7D:B1:96:8B:53:00:E1
X509v3 Authority Key Identifier:
keyid:16:24:1D:D8:3D:8A:C0:80:B6:65:04:BF:93:74:59:FF:CE:C4:CC:C4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/Z2kf7ln5mON3RHAZZX2xlotTAOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/b90060-5aaa-43ea-bceb-5e749f4341a4/1/FiQd2D2KwIC2ZQS_k3RZ_87EzMQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.95.28.0/22
88.213.194.0/23
88.213.204.0/22
217.79.64.0/22
217.79.72.0/24
217.79.76.0/22
217.79.82.0/23
217.79.86.0-217.79.88.255
217.79.90.0/24
217.79.92.0/24
217.79.95.0/24
IPv6:
2a02:7900::/32
Signature Algorithm: sha256WithRSAEncryption
31:84:51:ae:be:10:00:e3:f8:b7:f2:e1:61:5a:e2:dd:4a:50:
ec:f4:d8:44:08:07:3b:b5:52:58:18:9c:a2:fe:74:a0:e8:2c:
fd:14:de:9b:a2:34:01:c2:51:43:16:a8:bb:9a:a9:69:3e:72:
db:85:b8:17:c6:bb:c8:6d:38:a0:4c:ee:f4:49:eb:55:ae:25:
41:52:47:66:09:c2:89:4c:20:5d:37:a2:62:5c:25:50:90:4a:
46:7b:72:30:e7:9c:d6:c0:a0:ca:a8:2c:3a:ae:e4:59:cd:72:
b4:d7:b2:ff:06:07:04:89:07:bf:df:4f:e6:0c:99:f5:89:f3:
c1:20:50:4c:3f:2c:3e:2f:f0:7f:c4:a2:48:db:ef:a3:cc:2b:
1a:8c:7b:8f:53:f3:1f:11:e5:94:07:e1:a7:7d:7a:99:34:cc:
d5:69:cc:d3:92:5c:1c:f4:4f:31:62:1b:ee:d1:60:e5:30:5c:
58:df:b4:ce:fd:33:da:30:7d:b7:a1:8a:da:0f:e7:4f:3d:99:
ad:0b:23:5b:55:e6:46:ad:cd:57:77:28:1e:af:7f:c1:12:6d:
2e:87:12:a0:ff:91:24:f0:8c:73:78:8c:a7:96:0f:87:d6:d8:
73:0f:61:d0:7e:61:3b:7b:30:cd:72:79:b5:1e:b9:75:32:35:
dd:33:92:ec
-----BEGIN CERTIFICATE-----
MIIFUDCCBDigAwIBAgISAZg24hzfEVmcnK+XoRVGMVvSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MjQxZGQ4M2Q4YWMwODBiNjY1MDRiZjkzNzQ1OWZmY2Vj
NGNjYzQwHhcNMjUwNzIzMTA0NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzY5MWZlZTU5Zjk5OGUzNzc0NDcwMTk2NTdkYjE5NjhiNTMwMGUxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn+HTTsylAyY5WcFQhb3ngxpZmVsi
qS6VZltTvLPeilO4kG9CFRijXdughtTEDPhexTokVh91j9N9pYwFLff5FYqz4XL3
9mf/sMtCEIzsqOI6bs3GOZFsIZK9OsMN+8hoWVTF++WFTvA3YPzjN2Ui6Efjt2/T
6+I7YXrNPeac/Cd/DJIOEicW3FNdcXOi+5Sm+n/F4NooxPyQW73my/s5vIswL9hz
QEzR3Ti53RriwGhO98XYA8o5wD1Q/4jFkR4qamNQskNE8Mq0W8YwKPrIOlNawyth
0f4gTj/y+QZLn2DDXbpvTtMi9TNGRQoJb8jTan5YhDRmm7cG4XpjViR0nQIDAQAB
o4ICXDCCAlgwHQYDVR0OBBYEFGdpH+5Z+Zjjd0RwGWV9sZaLUwDhMB8GA1UdIwQY
MBaAFBYkHdg9isCAtmUEv5N0Wf/OxMzEMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmlRZDJEMkt3SUMyWlFTX2szUlpfODdFek1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni9iOTAwNjAtNWFhYS00M2VhLWJjZWIt
NWU3NDlmNDM0MWE0LzEvWjJrZjdsbjVtT04zUkhBWlpYMnhsb3RUQU9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni9iOTAwNjAtNWFhYS00M2VhLWJjZWItNWU3NDlmNDM0MWE0
LzEvRmlRZDJEMkt3SUMyWlFTX2szUlpfODdFek1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHIGCCsGAQUFBwEHAQH/BGMwYTBQBAIAATBKAwQCUF8cAwQB
WNXCAwQCWNXMAwQC2U9AAwQA2U9IAwQC2U9MAwQB2U9SMAwDBAHZT1YDBADZT1gD
BADZT1oDBADZT1wDBADZT18wDQQCAAIwBwMFACoCeQAwDQYJKoZIhvcNAQELBQAD
ggEBADGEUa6+EADj+Lfy4WFa4t1KUOz02EQIBzu1UlgYnKL+dKDoLP0U3puiNAHC
UUMWqLuaqWk+ctuFuBfGu8htOKBM7vRJ61WuJUFSR2YJwolMIF03omJcJVCQSkZ7
cjDnnNbAoMqoLDqu5FnNcrTXsv8GBwSJB7/fT+YMmfWJ88EgUEw/LD4v8H/Eokjb
76PMKxqMe49T8x8R5ZQH4ad9epk0zNVpzNOSXBz0TzFiG+7RYOUwXFjftM79M9ow
fbehitoP5089ma0LI1tV5katzVd3KB6vf8ESbS6HEqD/kSTwjHN4jKeWD4fW2HMP
YdB+YTt7MM1yebUeuXUyNd0zkuw=
-----END CERTIFICATE-----
Generated at Fri Aug 8 12:51:24 2025 by rpki-client