Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/zur33qNv6XwH9gwxAmRygdNBFXU.roa
File: zur33qNv6XwH9gwxAmRygdNBFXU.roa (raw, json)
Hash identifier: suR6pkraJQaEhtc+PO49vbp7ePOftrNhoOVU9pARJro=
Subject key identifier: CE:EA:F7:DE:A3:6F:E9:7C:07:F6:0C:31:02:64:72:81:D3:41:15:75
Certificate issuer: /CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Certificate serial: 019E9334C73F4BACA8BB065426B6FFCBDA37
Authority key identifier: 9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/zur33qNv6XwH9gwxAmRygdNBFXU.roa
Signing time: Thu 04 Jun 2026 15:16:10 +0000
ROA not before: Thu 04 Jun 2026 15:16:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 56478
IP address blocks: 31.14.248.0/22 maxlen: 22
37.156.72.0/22 maxlen: 22
68.168.32.0/19 maxlen: 19
68.168.32.0/22 maxlen: 22
68.168.40.0/22 maxlen: 22
68.168.44.0/22 maxlen: 22
88.98.192.0/18 maxlen: 18
88.98.200.0/22 maxlen: 22
88.98.204.0/22 maxlen: 22
88.98.216.0/23 maxlen: 23
88.98.218.0/23 maxlen: 23
88.98.240.0/20 maxlen: 20
88.98.240.0/22 maxlen: 22
89.32.120.0/22 maxlen: 22
89.34.164.0/22 maxlen: 22
89.35.196.0/22 maxlen: 22
89.36.64.0/21 maxlen: 21
89.39.136.0/21 maxlen: 21
89.44.40.0/22 maxlen: 22
93.115.192.0/22 maxlen: 22
137.220.64.0/18 maxlen: 18
137.220.68.0/22 maxlen: 22
137.220.72.0/21 maxlen: 21
137.220.80.0/22 maxlen: 22
137.220.84.0/22 maxlen: 22
137.220.88.0/22 maxlen: 22
137.220.92.0/22 maxlen: 22
137.220.96.0/22 maxlen: 22
137.220.100.0/22 maxlen: 22
137.220.104.0/22 maxlen: 22
137.220.108.0/22 maxlen: 22
137.220.112.0/23 maxlen: 23
137.220.114.0/23 maxlen: 23
137.220.116.0/23 maxlen: 23
137.220.118.0/23 maxlen: 23
137.220.120.0/23 maxlen: 23
137.220.122.0/23 maxlen: 23
137.220.124.0/22 maxlen: 22
140.228.32.0/19 maxlen: 19
140.228.40.0/22 maxlen: 22
140.228.44.0/22 maxlen: 22
140.228.48.0/22 maxlen: 22
140.228.52.0/22 maxlen: 22
140.228.56.0/22 maxlen: 22
140.228.64.0/19 maxlen: 19
140.228.80.0/21 maxlen: 21
140.228.88.0/22 maxlen: 22
140.228.92.0/22 maxlen: 22
141.0.144.0/21 maxlen: 21
141.0.152.0/21 maxlen: 21
143.58.128.0/18 maxlen: 18
143.58.128.0/21 maxlen: 21
143.58.136.0/21 maxlen: 21
143.58.144.0/22 maxlen: 22
143.58.148.0/22 maxlen: 22
143.58.152.0/21 maxlen: 21
143.58.160.0/21 maxlen: 21
143.58.168.0/21 maxlen: 21
143.58.176.0/21 maxlen: 21
143.58.184.0/21 maxlen: 21
143.58.192.0/18 maxlen: 18
143.58.192.0/21 maxlen: 21
143.58.200.0/21 maxlen: 21
143.58.212.0/22 maxlen: 22
143.58.216.0/21 maxlen: 21
143.58.216.0/22 maxlen: 22
143.58.220.0/22 maxlen: 22
143.58.224.0/21 maxlen: 21
143.58.224.0/22 maxlen: 22
143.58.228.0/22 maxlen: 22
143.58.232.0/22 maxlen: 22
143.58.236.0/22 maxlen: 22
143.58.240.0/21 maxlen: 21
143.58.248.0/21 maxlen: 21
152.37.64.0/18 maxlen: 18
152.37.64.0/22 maxlen: 22
152.37.68.0/22 maxlen: 22
152.37.72.0/22 maxlen: 22
152.37.76.0/22 maxlen: 22
152.37.80.0/22 maxlen: 22
152.37.84.0/22 maxlen: 22
152.37.88.0/22 maxlen: 22
152.37.92.0/22 maxlen: 22
152.37.96.0/22 maxlen: 22
152.37.100.0/23 maxlen: 23
152.37.102.0/23 maxlen: 23
152.37.104.0/22 maxlen: 22
152.37.108.0/22 maxlen: 22
152.37.114.0/23 maxlen: 23
152.37.116.0/22 maxlen: 22
152.37.120.0/22 maxlen: 22
152.37.124.0/23 maxlen: 23
152.37.126.0/23 maxlen: 23
185.24.120.0/22 maxlen: 22
188.172.144.0/20 maxlen: 20
188.210.208.0/21 maxlen: 21
188.210.208.0/22 maxlen: 22
188.210.212.0/22 maxlen: 22
188.210.212.0/23 maxlen: 23
188.210.214.0/23 maxlen: 23
188.211.160.0/22 maxlen: 22
188.213.136.0/22 maxlen: 22
188.214.8.0/21 maxlen: 21
209.35.64.0/19 maxlen: 19
209.35.64.0/21 maxlen: 21
209.35.72.0/22 maxlen: 22
209.35.76.0/22 maxlen: 22
209.35.78.0/23 maxlen: 23
209.35.80.0/21 maxlen: 21
209.35.80.0/22 maxlen: 22
209.35.84.0/22 maxlen: 22
209.35.88.0/21 maxlen: 21
209.35.88.0/22 maxlen: 22
209.35.92.0/22 maxlen: 22
2a01:4b00::/32 maxlen: 32
2a01:4b00:d000::/36 maxlen: 36
2a01:4b00:e000::/35 maxlen: 35
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 15:00:41 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:93:34:c7:3f:4b:ac:a8:bb:06:54:26:b6:ff:cb:da:37
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a119d9c1a5d6e3f3e21f6fa863d87a2e4b0d
Validity
Not Before: Jun 4 15:16:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ceeaf7dea36fe97c07f60c3102647281d3411575
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:f9:6d:2b:fe:d7:15:65:96:13:50:2f:0e:0d:
91:13:09:06:55:d7:fd:be:4a:4b:e2:40:04:5e:fa:
87:4c:b5:dd:7d:0d:ca:60:c0:8c:a4:78:82:21:9e:
cf:9d:2b:cf:77:76:a4:64:45:a1:ad:57:be:a3:2b:
2f:17:90:99:2c:cf:0f:bd:97:99:05:db:7c:30:50:
63:f9:72:cd:63:26:11:07:b0:64:22:48:31:1c:c4:
21:34:60:55:ae:e0:a8:c1:60:15:22:06:56:6f:f8:
06:2f:9d:56:ab:85:f1:52:2a:54:43:a5:90:b4:20:
d5:73:e7:27:b7:48:a1:e4:a4:24:4b:ee:ad:c9:0a:
9e:83:6c:30:6a:81:9a:99:9b:47:27:4e:cf:0a:09:
14:50:79:3a:0d:15:1c:21:48:ac:7b:d0:21:7c:12:
b4:af:e0:ac:f4:5f:0f:4f:03:10:65:a6:9c:94:3d:
73:ca:f7:d4:e0:0e:6d:00:69:fa:b6:44:b2:8f:33:
90:46:37:f9:25:51:6e:a7:87:e4:b8:ba:f7:16:c9:
a2:af:01:a6:14:53:6f:1c:cf:67:f9:79:e7:d7:47:
f1:75:45:fe:b4:89:74:12:d8:b2:2f:59:2d:63:d4:
5c:90:df:f8:72:16:98:67:84:a8:c2:af:4a:02:89:
d1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:EA:F7:DE:A3:6F:E9:7C:07:F6:0C:31:02:64:72:81:D3:41:15:75
X509v3 Authority Key Identifier:
keyid:9E:95:A1:19:D9:C1:A5:D6:E3:F3:E2:1F:6F:A8:63:D8:7A:2E:4B:0D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWhGdnBpdbj8-Ifb6hj2HouSw0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/zur33qNv6XwH9gwxAmRygdNBFXU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/74/a9352e-9a3a-49aa-ad77-7be6eb6bce87/1/npWhGdnBpdbj8-Ifb6hj2HouSw0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.14.248.0/22
37.156.72.0/22
68.168.32.0/19
88.98.192.0/18
89.32.120.0/22
89.34.164.0/22
89.35.196.0/22
89.36.64.0/21
89.39.136.0/21
89.44.40.0/22
93.115.192.0/22
137.220.64.0/18
140.228.32.0-140.228.95.255
141.0.144.0/20
143.58.128.0/17
152.37.64.0/18
185.24.120.0/22
188.172.144.0/20
188.210.208.0/21
188.211.160.0/22
188.213.136.0/22
188.214.8.0/21
209.35.64.0/19
IPv6:
2a01:4b00::/32
Signature Algorithm: sha256WithRSAEncryption
82:80:80:05:8c:d2:16:f4:a9:d6:cb:b8:55:04:89:14:7f:cf:
d4:c6:fa:85:40:05:ba:a6:d3:f5:d9:9e:2a:aa:0b:65:6b:e5:
57:30:77:86:58:ff:7b:2a:3d:85:e3:7b:b3:62:0d:17:a3:23:
a1:66:4b:c2:1e:96:1e:3d:a3:32:0e:f3:a5:44:1f:b2:07:77:
b9:55:cb:7c:99:24:e8:12:47:43:90:83:30:88:0e:25:bd:8a:
2d:ae:3b:c3:16:2c:53:1c:1f:0d:e0:76:17:ee:58:64:41:37:
da:2d:3b:3b:d3:ac:7a:ad:2c:61:5f:dd:94:bd:5e:db:44:ee:
0f:bc:a2:92:d8:5e:06:ab:c4:e4:fa:74:f3:1b:2a:fd:bd:25:
1b:f4:f9:f5:60:47:99:85:fd:dc:bb:7b:b2:17:a0:cf:08:68:
84:99:59:f8:ce:57:ec:44:95:22:b8:4b:d8:ad:28:79:a7:fa:
b6:0b:db:11:8c:b4:ee:ab:ae:45:7a:c0:0d:82:55:3e:67:47:
cd:1e:8d:34:ae:83:02:59:ab:60:6b:f5:e8:46:e6:49:a9:c8:
8a:50:3d:55:b9:4d:0f:55:86:ea:f8:76:64:34:67:fd:8a:33:
7b:79:c2:e0:20:f4:ff:8a:a2:11:bf:ca:94:3c:34:49:3a:5e:
70:8f:6e:10
-----BEGIN CERTIFICATE-----
MIIFnTCCBIWgAwIBAgISAZ6TNMc/S6youwZUJrb/y9o3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMTE5ZDljMWE1ZDZlM2YzZTIxZjZmYTg2M2Q4N2Ey
ZTRiMGQwHhcNMjYwNjA0MTUxNjEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWVhZjdkZWEzNmZlOTdjMDdmNjBjMzEwMjY0NzI4MWQzNDExNTc1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtfltK/7XFWWWE1AvDg2REwkGVdf9
vkpL4kAEXvqHTLXdfQ3KYMCMpHiCIZ7PnSvPd3akZEWhrVe+oysvF5CZLM8PvZeZ
Bdt8MFBj+XLNYyYRB7BkIkgxHMQhNGBVruCowWAVIgZWb/gGL51Wq4XxUipUQ6WQ
tCDVc+cnt0ih5KQkS+6tyQqeg2wwaoGamZtHJ07PCgkUUHk6DRUcIUise9AhfBK0
r+Cs9F8PTwMQZaaclD1zyvfU4A5tAGn6tkSyjzOQRjf5JVFup4fkuLr3FsmirwGm
FFNvHM9n+Xnn10fxdUX+tIl0EtiyL1ktY9RckN/4chaYZ4Sowq9KAonRIwIDAQAB
o4ICqTCCAqUwHQYDVR0OBBYEFM7q996jb+l8B/YMMQJkcoHTQRV1MB8GA1UdIwQY
MBaAFJ6VoRnZwaXW4/PiH2+oY9h6LksNMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzct
N2JlNmViNmJjZTg3LzEvenVyMzNxTnY2WHdIOWd3eEFtUnlnZE5CRlhVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NC9hOTM1MmUtOWEzYS00OWFhLWFkNzctN2JlNmViNmJjZTg3
LzEvbnBXaEdkbkJwZGJqOC1JZmI2aGoySG91U3cwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMIG+BggrBgEFBQcBBwEB/wSBrjCBqzCBmQQCAAEwgZIDBAIf
DvgDBAIlnEgDBAVEqCADBAZYYsADBAJZIHgDBAJZIqQDBAJZI8QDBANZJEADBANZ
J4gDBAJZLCgDBAJdc8ADBAaJ3EAwDAMEBYzkIAMEBYzkQAMEBI0AkAMEB486gAME
BpglQAMEArkYeAMEBLyskAMEA7zS0AMEArzToAMEArzViAMEA7zWCAMEBdEjQDAN
BAIAAjAHAwUAKgFLADANBgkqhkiG9w0BAQsFAAOCAQEAgoCABYzSFvSp1su4VQSJ
FH/P1Mb6hUAFuqbT9dmeKqoLZWvlVzB3hlj/eyo9heN7s2INF6MjoWZLwh6WHj2j
Mg7zpUQfsgd3uVXLfJkk6BJHQ5CDMIgOJb2KLa47wxYsUxwfDeB2F+5YZEE32i07
O9Oseq0sYV/dlL1e20TuD7yiktheBqvE5Pp08xsq/b0lG/T59WBHmYX93Lt7sheg
zwhohJlZ+M5X7ESVIrhL2K0oeaf6tgvbEYy07quuRXrADYJVPmdHzR6NNK6DAlmr
YGv16EbmSanIilA9VblND1WG6vh2ZDRn/Yoze3nC4CD0/4qiEb/KlDw0STpecI9u
EA==
-----END CERTIFICATE-----
Generated at Sat Jun 13 22:06:04 2026 by rpki-client