Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/zgFGGOqQFh5xtRXcBfPoxqz5VaQ.roa
File: zgFGGOqQFh5xtRXcBfPoxqz5VaQ.roa (raw, json)
Hash identifier: GjAk4Qb08QfgVdjO27V8IaKKzGxM6wap2VtG33amh3c=
Subject key identifier: CE:01:46:18:EA:90:16:1E:71:B5:15:DC:05:F3:E8:C6:AC:F9:55:A4
Certificate issuer: /CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Certificate serial: 01985CB08643580C2B9236449F67BC914351
Authority key identifier: EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/zgFGGOqQFh5xtRXcBfPoxqz5VaQ.roa
Signing time: Wed 30 Jul 2025 18:55:29 +0000
ROA not before: Wed 30 Jul 2025 18:55:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9123
IP address blocks: 2.59.40.0/24 maxlen: 24
2.59.41.0/24 maxlen: 24
2.59.42.0/24 maxlen: 24
2.59.43.0/24 maxlen: 24
45.93.201.0/24 maxlen: 24
45.153.70.0/24 maxlen: 24
45.153.71.0/24 maxlen: 24
80.76.60.0/24 maxlen: 24
91.198.220.0/24 maxlen: 24
93.93.207.0/24 maxlen: 24
176.53.160.0/24 maxlen: 24
176.53.161.0/24 maxlen: 24
176.53.162.0/24 maxlen: 24
176.53.163.0/24 maxlen: 24
185.192.247.0/24 maxlen: 24
185.251.20.0/24 maxlen: 24
193.160.208.0/24 maxlen: 24
193.160.209.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.mft
rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 18:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:5c:b0:86:43:58:0c:2b:92:36:44:9f:67:bc:91:43:51
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=eebbf317e5faf5ef02c9cce79527d5e74b8abcc5
Validity
Not Before: Jul 30 18:55:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce014618ea90161e71b515dc05f3e8c6acf955a4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a4:28:88:1a:46:9c:0d:62:4a:96:fd:9a:d9:a4:
c0:3c:53:df:ee:8a:6c:4b:8e:b4:fe:ab:8f:18:92:
fd:58:4f:0d:f7:02:4e:b4:89:4a:c1:27:e9:da:e9:
66:32:40:18:fc:8a:02:d9:09:09:4c:77:58:e4:b7:
d5:63:69:c3:af:86:30:41:04:e1:7b:f9:21:d6:07:
88:8a:4f:7b:e5:f0:e2:23:96:59:70:26:ae:42:a8:
c8:b7:21:8e:cf:cb:a3:0b:42:e1:cb:29:95:b4:13:
70:72:c1:4b:5e:26:b1:a4:0e:99:31:40:8b:2e:d5:
8c:92:97:85:03:8d:60:92:b6:47:17:2a:07:c0:fc:
2b:d9:49:cf:af:2d:9f:56:f7:c8:62:2f:9c:51:ef:
82:95:57:25:e6:d7:5c:e2:f8:e0:cc:f5:13:6f:d4:
34:9d:60:88:5b:7b:d6:5b:3e:f4:cd:89:d7:68:4d:
eb:de:ac:10:bf:48:9f:86:fe:10:3d:da:fa:20:d1:
cf:d0:fd:f2:d3:df:03:96:6a:7b:64:72:81:a7:bd:
8d:10:cb:fe:62:36:6c:20:cb:49:2e:8f:23:33:3a:
8e:cb:8d:01:32:1c:d5:6a:20:95:9a:c4:7c:3f:45:
51:a9:49:ad:b6:f7:4d:d1:f9:32:6b:77:a1:1c:f3:
85:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:01:46:18:EA:90:16:1E:71:B5:15:DC:05:F3:E8:C6:AC:F9:55:A4
X509v3 Authority Key Identifier:
keyid:EE:BB:F3:17:E5:FA:F5:EF:02:C9:CC:E7:95:27:D5:E7:4B:8A:BC:C5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/7rvzF-X69e8CycznlSfV50uKvMU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/zgFGGOqQFh5xtRXcBfPoxqz5VaQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bf/6dec63-b9d9-480b-aeb3-6fe9bf60561c/1/7rvzF-X69e8CycznlSfV50uKvMU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.59.40.0/22
45.93.201.0/24
45.153.70.0/23
80.76.60.0/24
91.198.220.0/24
93.93.207.0/24
176.53.160.0/22
185.192.247.0/24
185.251.20.0/24
193.160.208.0/23
Signature Algorithm: sha256WithRSAEncryption
94:61:2d:5e:fb:e6:6e:3f:58:d5:d7:eb:9a:41:01:59:79:60:
e8:0d:c2:a8:e0:8f:61:99:1d:48:0f:5f:e0:6e:dc:19:40:58:
2e:f1:4f:a4:e4:e3:25:fe:d7:df:79:14:cf:d8:9a:59:3f:8b:
17:2c:01:0f:8c:4b:21:f4:c8:62:1a:90:84:d0:93:3f:90:c3:
8f:28:bb:5d:7b:ec:70:b4:eb:82:61:da:72:7f:5e:8c:4a:23:
81:5c:67:a3:9c:6e:66:c2:6d:e0:64:34:ef:b9:84:41:4d:84:
7e:8e:b9:db:96:55:a0:2e:74:95:0c:65:1e:97:bd:60:8f:d8:
7d:f2:0a:21:af:32:2a:46:9e:c1:10:8b:2d:43:ee:34:ee:49:
72:c5:ca:ba:03:e1:78:b7:12:9d:81:33:7f:26:f0:39:d5:2f:
45:09:74:97:51:56:db:e7:2c:d1:a0:6e:08:9d:9a:50:65:b9:
e8:d4:f1:af:d7:24:b5:0d:30:0f:19:b9:f1:37:92:f5:68:89:
ca:41:67:64:d4:32:85:93:0b:49:53:34:14:a6:bd:8c:50:bb:
27:d6:1f:95:9f:1b:9b:89:79:d8:70:3c:6b:8d:be:d2:76:0d:
f2:c3:d2:09:42:73:1e:ca:c0:dc:9b:4f:1f:29:94:4d:cf:eb:
f8:18:b1:94
-----BEGIN CERTIFICATE-----
MIIFMzCCBBugAwIBAgISAZhcsIZDWAwrkjZEn2e8kUNRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGVlYmJmMzE3ZTVmYWY1ZWYwMmM5Y2NlNzk1MjdkNWU3NGI4
YWJjYzUwHhcNMjUwNzMwMTg1NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTAxNDYxOGVhOTAxNjFlNzFiNTE1ZGMwNWYzZThjNmFjZjk1NWE0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApCiIGkacDWJKlv2a2aTAPFPf7ops
S460/quPGJL9WE8N9wJOtIlKwSfp2ulmMkAY/IoC2QkJTHdY5LfVY2nDr4YwQQTh
e/kh1geIik975fDiI5ZZcCauQqjItyGOz8ujC0LhyymVtBNwcsFLXiaxpA6ZMUCL
LtWMkpeFA41gkrZHFyoHwPwr2UnPry2fVvfIYi+cUe+ClVcl5tdc4vjgzPUTb9Q0
nWCIW3vWWz70zYnXaE3r3qwQv0ifhv4QPdr6INHP0P3y098Dlmp7ZHKBp72NEMv+
YjZsIMtJLo8jMzqOy40BMhzVaiCVmsR8P0VRqUmttvdN0fkya3ehHPOF/wIDAQAB
o4ICPzCCAjswHQYDVR0OBBYEFM4BRhjqkBYecbUV3AXz6Mas+VWkMB8GA1UdIwQY
MBaAFO678xfl+vXvAsnM55Un1edLirzFMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMt
NmZlOWJmNjA1NjFjLzEvemdGR0dPcVFGaDV4dFJYY0JmUG94cXo1VmFRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iZi82ZGVjNjMtYjlkOS00ODBiLWFlYjMtNmZlOWJmNjA1NjFj
LzEvN3J2ekYtWDY5ZThDeWN6bmxTZlY1MHVLdk1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFUGCCsGAQUFBwEHAQH/BEYwRDBCBAIAATA8AwQCAjsoAwQA
LV3JAwQBLZlGAwQAUEw8AwQAW8bcAwQAXV3PAwQCsDWgAwQAucD3AwQAufsUAwQB
waDQMA0GCSqGSIb3DQEBCwUAA4IBAQCUYS1e++ZuP1jV1+uaQQFZeWDoDcKo4I9h
mR1ID1/gbtwZQFgu8U+k5OMl/tffeRTP2JpZP4sXLAEPjEsh9MhiGpCE0JM/kMOP
KLtde+xwtOuCYdpyf16MSiOBXGejnG5mwm3gZDTvuYRBTYR+jrnbllWgLnSVDGUe
l71gj9h98gohrzIqRp7BEIstQ+407klyxcq6A+F4txKdgTN/JvA51S9FCXSXUVbb
5yzRoG4InZpQZbno1PGv1yS1DTAPGbnxN5L1aInKQWdk1DKFkwtJUzQUpr2MULsn
1h+VnxubiXnYcDxrjb7Sdg3yw9IJQnMeysDcm08fKZRNz+v4GLGU
-----END CERTIFICATE-----
Generated at Sun Aug 10 04:27:48 2025 by rpki-client