Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/ZGrcpUqsEOsf7o6fu8OWpNq4gNY.roa
File: ZGrcpUqsEOsf7o6fu8OWpNq4gNY.roa (raw, json)
Hash identifier: wpQNPwvek3Rp2M6cV1DD/Iu66bw6RcokC6IaW3yHq/w=
Subject key identifier: 64:6A:DC:A5:4A:AC:10:EB:1F:EE:8E:9F:BB:C3:96:A4:DA:B8:80:D6
Certificate issuer: /CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Certificate serial: 01975FBE0504588B956B91BDFD79E27852FD
Authority key identifier: 72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/ZGrcpUqsEOsf7o6fu8OWpNq4gNY.roa
Signing time: Wed 11 Jun 2025 16:06:17 +0000
ROA not before: Wed 11 Jun 2025 16:06:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34863
IP address blocks: 46.226.128.0/21 maxlen: 24
62.106.77.0/24 maxlen: 24
81.23.32.0/20 maxlen: 24
81.23.33.0/24 maxlen: 24
81.23.34.0/24 maxlen: 24
85.204.20.0/23 maxlen: 24
85.204.21.0/24 maxlen: 24
85.204.24.0/23 maxlen: 24
85.204.25.0/24 maxlen: 24
89.35.96.0/20 maxlen: 24
176.116.26.0/24 maxlen: 24
185.2.252.0/22 maxlen: 24
185.63.48.0/22 maxlen: 24
185.252.195.0/24 maxlen: 24
188.94.200.0/21 maxlen: 24
188.94.200.0/24 maxlen: 24
188.94.201.0/24 maxlen: 24
188.94.202.0/23 maxlen: 23
188.94.204.0/22 maxlen: 22
188.94.206.0/24 maxlen: 24
194.30.173.0/24 maxlen: 24
2a00:fc8::/32 maxlen: 32
2a00:7820::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.mft
rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 19 Jun 2025 19:01:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5f:be:05:04:58:8b:95:6b:91:bd:fd:79:e2:78:52:fd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=72633388a7a5cfe9a7ca19fd74c922dcb12569d3
Validity
Not Before: Jun 11 16:06:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=646adca54aac10eb1fee8e9fbbc396a4dab880d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:81:f4:7f:00:f9:61:a4:ec:9b:eb:c4:0f:c5:
7a:13:ab:9e:17:b4:54:eb:67:be:57:d4:07:b1:83:
9d:64:d0:32:48:90:55:67:11:d9:80:39:3e:17:26:
59:3b:85:55:bc:60:32:ed:3f:30:23:f2:cc:46:cc:
b8:74:db:cc:f2:ad:f6:fb:6a:1d:c3:b7:aa:86:a0:
29:92:92:02:f5:3d:ef:ac:35:0a:2b:ae:ba:b7:e5:
02:1d:e9:ac:08:4b:17:5c:c1:7b:3d:2c:f9:5e:27:
0e:f2:a9:fc:39:75:c4:fa:fa:44:51:b0:2f:25:d1:
c7:63:e2:c4:11:e3:2d:fb:86:1a:42:2c:dc:9d:0b:
01:43:1d:2c:e1:9c:5e:23:15:83:fe:54:32:83:76:
ae:46:6b:54:88:79:d9:2e:11:df:60:af:3f:4a:d2:
ea:f5:6e:8a:46:3c:74:3a:27:4b:66:58:5c:f9:2d:
1a:dd:d2:91:49:a1:ea:3f:d6:bc:d6:50:7a:fd:a1:
2d:ff:01:07:47:b9:82:e6:40:57:3c:84:e3:b1:33:
79:5f:8d:25:d3:17:c7:de:37:80:27:2f:d3:8d:64:
64:10:e5:35:65:8b:cf:96:db:52:81:2d:f0:23:86:
57:df:70:95:fa:ac:dc:9d:df:4c:95:8f:ca:cd:03:
f7:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:6A:DC:A5:4A:AC:10:EB:1F:EE:8E:9F:BB:C3:96:A4:DA:B8:80:D6
X509v3 Authority Key Identifier:
keyid:72:63:33:88:A7:A5:CF:E9:A7:CA:19:FD:74:C9:22:DC:B1:25:69:D3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/cmMziKelz-mnyhn9dMki3LEladM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/ZGrcpUqsEOsf7o6fu8OWpNq4gNY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/8233f2-d3c0-4501-a9c7-138c8417ae93/1/cmMziKelz-mnyhn9dMki3LEladM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.226.128.0/21
62.106.77.0/24
81.23.32.0/20
85.204.20.0/23
85.204.24.0/23
89.35.96.0/20
176.116.26.0/24
185.2.252.0/22
185.63.48.0/22
185.252.195.0/24
188.94.200.0/21
194.30.173.0/24
IPv6:
2a00:fc8::/32
2a00:7820::/32
Signature Algorithm: sha256WithRSAEncryption
87:80:d0:df:c7:ca:17:71:b8:07:47:1a:db:5f:d0:2a:ba:e3:
63:ad:7c:fa:5d:d2:67:7d:c5:12:03:68:29:0d:15:5e:65:06:
6f:ab:a9:0b:92:63:46:d3:a9:8b:d4:2c:72:f7:44:2c:db:16:
ad:f8:92:12:51:4d:b1:45:94:63:bc:93:ce:4b:c1:a1:4b:8d:
90:4c:8b:ef:a6:f2:df:04:7d:0e:96:37:1e:1b:8f:88:5c:eb:
77:df:b2:00:a7:d8:a9:9e:32:d2:59:d3:9c:69:f1:de:f3:02:
0e:c1:c3:83:9f:e9:95:04:5c:14:3d:32:da:78:b7:86:92:f0:
3a:6d:76:3f:93:9b:9b:c0:fe:c5:35:25:43:e7:b3:ab:34:3e:
a4:18:ff:f8:1b:93:07:95:99:12:2f:bc:c2:36:d1:64:bd:e2:
6f:63:7a:23:64:ab:d1:fa:24:eb:bb:9c:d6:8b:44:ae:42:f7:
99:84:4b:35:8e:01:00:1f:17:37:dd:ea:a9:fc:5a:78:47:2c:
a4:b8:86:11:5d:fd:96:ad:4b:f2:68:4b:6d:d6:ba:43:fe:7b:
df:10:7e:32:6e:9e:31:9c:8f:25:c2:f3:36:ae:b2:19:5d:33:
0e:0c:30:f5:24:d6:83:1a:50:4a:cc:86:4a:70:d7:19:54:53:
91:7d:aa:a8
-----BEGIN CERTIFICATE-----
MIIFVTCCBD2gAwIBAgISAZdfvgUEWIuVa5G9/XnieFL9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDcyNjMzMzg4YTdhNWNmZTlhN2NhMTlmZDc0YzkyMmRjYjEy
NTY5ZDMwHhcNMjUwNjExMTYwNjE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDZhZGNhNTRhYWMxMGViMWZlZThlOWZiYmMzOTZhNGRhYjg4MGQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAu4H0fwD5YaTsm+vED8V6E6ueF7RU
62e+V9QHsYOdZNAySJBVZxHZgDk+FyZZO4VVvGAy7T8wI/LMRsy4dNvM8q32+2od
w7eqhqApkpIC9T3vrDUKK666t+UCHemsCEsXXMF7PSz5XicO8qn8OXXE+vpEUbAv
JdHHY+LEEeMt+4YaQizcnQsBQx0s4ZxeIxWD/lQyg3auRmtUiHnZLhHfYK8/StLq
9W6KRjx0OidLZlhc+S0a3dKRSaHqP9a81lB6/aEt/wEHR7mC5kBXPITjsTN5X40l
0xfH3jeAJy/TjWRkEOU1ZYvPlttSgS3wI4ZX33CV+qzcnd9MlY/KzQP3NQIDAQAB
o4ICYTCCAl0wHQYDVR0OBBYEFGRq3KVKrBDrH+6On7vDlqTauIDWMB8GA1UdIwQY
MBaAFHJjM4inpc/pp8oZ/XTJItyxJWnTMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5Yzct
MTM4Yzg0MTdhZTkzLzEvWkdyY3BVcXNFT3NmN282ZnU4T1dwTnE0Z05ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS84MjMzZjItZDNjMC00NTAxLWE5YzctMTM4Yzg0MTdhZTkz
LzEvY21NemlLZWx6LW1ueWhuOWRNa2kzTEVsYWRNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHcGCCsGAQUFBwEHAQH/BGgwZjBOBAIAATBIAwQDLuKAAwQA
PmpNAwQEURcgAwQBVcwUAwQBVcwYAwQEWSNgAwQAsHQaAwQCuQL8AwQCuT8wAwQA
ufzDAwQDvF7IAwQAwh6tMBQEAgACMA4DBQAqAA/IAwUAKgB4IDANBgkqhkiG9w0B
AQsFAAOCAQEAh4DQ38fKF3G4B0ca21/QKrrjY618+l3SZ33FEgNoKQ0VXmUGb6up
C5JjRtOpi9QscvdELNsWrfiSElFNsUWUY7yTzkvBoUuNkEyL76by3wR9DpY3HhuP
iFzrd9+yAKfYqZ4y0lnTnGnx3vMCDsHDg5/plQRcFD0y2ni3hpLwOm12P5Obm8D+
xTUlQ+ezqzQ+pBj/+BuTB5WZEi+8wjbRZL3ib2N6I2Sr0fok67uc1otErkL3mYRL
NY4BAB8XN93qqfxaeEcspLiGEV39lq1L8mhLbda6Q/573xB+Mm6eMZyPJcLzNq6y
GV0zDgww9STWgxpQSsyGSnDXGVRTkX2qqA==
-----END CERTIFICATE-----
Generated at Thu Jun 19 06:30:24 2025 by rpki-client