
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/xZI_bvE6JftjTV0B3dxc_5kYW0g.roa
File: xZI_bvE6JftjTV0B3dxc_5kYW0g.roa (raw, json)
Hash identifier: AB1DpoviLX3AxgItOuLbSEQmOM0xIHXrb99sosPXy80=
Subject key identifier: C5:92:3F:6E:F1:3A:25:FB:63:4D:5D:01:DD:DC:5C:FF:99:18:5B:48
Certificate issuer: /CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Certificate serial: 01987C61EC73D2282A39AC213C1062D01063
Authority key identifier: 64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/xZI_bvE6JftjTV0B3dxc_5kYW0g.roa
Signing time: Tue 05 Aug 2025 22:37:28 +0000
ROA not before: Tue 05 Aug 2025 22:37:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 47962
IP address blocks: 37.122.152.0/22 maxlen: 22
37.122.152.0/23 maxlen: 23
37.122.153.0/24 maxlen: 24
37.122.154.0/23 maxlen: 23
37.122.154.0/24 maxlen: 24
37.122.155.0/24 maxlen: 24
37.122.156.0/23 maxlen: 23
37.122.156.0/24 maxlen: 24
37.122.157.0/24 maxlen: 24
176.106.224.0/22 maxlen: 24
176.106.230.0/23 maxlen: 23
176.106.230.0/24 maxlen: 24
176.106.231.0/24 maxlen: 24
2a0f:6a80::/29 maxlen: 29
2a0f:6a80:1::/48 maxlen: 48
2a0f:6a80:888::/48 maxlen: 48
2a0f:6a80:999::/48 maxlen: 48
2a0f:6a80:1001::/48 maxlen: 48
2a0f:6a80:1002::/48 maxlen: 48
2a0f:6a80:1003::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 14:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7c:61:ec:73:d2:28:2a:39:ac:21:3c:10:62:d0:10:63
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d171f93cc1ca716fc806e36a55852cdf4f1c1c
Validity
Not Before: Aug 5 22:37:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=c5923f6ef13a25fb634d5d01dddc5cff99185b48
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bd:6d:ed:18:bc:eb:d3:c9:3f:7b:54:d2:02:f7:
20:9f:5e:9a:21:4b:b5:18:c4:f5:19:87:67:14:a9:
78:70:e6:20:22:ce:65:f0:c3:3a:21:13:67:fe:7b:
fb:9a:b2:4c:f8:9e:b9:09:78:48:60:a1:31:ee:bd:
d4:90:70:76:89:1a:68:66:6a:72:2b:88:b9:c4:e0:
c4:fe:6a:76:c8:79:a5:04:cc:d2:ad:46:dd:19:ca:
cd:59:2c:2d:c9:93:77:00:dc:9d:5f:b7:00:ea:d1:
1e:42:24:67:b0:b8:7c:67:ce:df:9a:ac:5d:91:95:
b2:70:f9:2f:f1:bb:3c:2a:ec:8a:78:16:53:76:2c:
c0:3d:8a:a2:01:b7:e2:0a:b0:7f:01:db:69:13:50:
cd:85:06:b9:58:06:df:d6:bc:43:2a:5e:05:ba:00:
65:f1:03:04:81:a1:91:49:8e:23:fa:c3:53:75:04:
b5:1e:70:2e:c4:9c:52:22:f2:b9:c0:ec:95:a3:2f:
e5:e8:8a:29:6c:a7:8f:7f:f0:19:55:48:92:1a:fb:
94:49:bb:73:c0:52:c1:f6:4b:d8:d2:0c:be:1f:12:
8a:8a:eb:cb:8b:c8:0e:ce:2d:79:4f:03:86:8c:32:
ac:36:9d:da:de:4e:d6:c6:45:88:b1:ea:cf:05:9e:
f6:2d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
C5:92:3F:6E:F1:3A:25:FB:63:4D:5D:01:DD:DC:5C:FF:99:18:5B:48
X509v3 Authority Key Identifier:
keyid:64:D1:71:F9:3C:C1:CA:71:6F:C8:06:E3:6A:55:85:2C:DF:4F:1C:1C
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNFx-TzBynFvyAbjalWFLN9PHBw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/xZI_bvE6JftjTV0B3dxc_5kYW0g.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f7/f2d9df-16eb-449e-83f0-a4635df47d70/1/ZNFx-TzBynFvyAbjalWFLN9PHBw.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.122.152.0-37.122.157.255
176.106.224.0/22
176.106.230.0/23
IPv6:
2a0f:6a80::/29
Signature Algorithm: sha256WithRSAEncryption
02:47:2d:40:f3:46:bc:4f:21:4f:0b:6c:d7:c6:79:15:16:a2:
6a:c0:64:02:f6:b2:f4:07:40:55:8c:d9:a7:42:2e:a3:6a:7e:
86:d2:f4:bb:ca:96:b7:a0:96:fb:1f:e7:3c:59:7b:03:e6:43:
b0:2b:e3:af:20:23:a7:ee:c2:5f:83:bb:e4:57:54:b8:40:be:
06:80:ca:ad:d8:45:0a:b0:5b:69:2f:bd:cc:2f:c4:bc:2f:f0:
ec:3e:cc:18:ac:b0:15:5a:8d:75:86:72:1c:82:76:f4:36:d5:
0a:eb:73:5f:1d:fe:0b:bb:d2:dd:42:c4:12:78:2e:be:d0:eb:
a3:b4:c8:73:5b:47:02:29:2e:55:04:d0:d5:c1:df:2c:85:98:
ff:5e:c4:92:4a:61:0a:4a:ea:48:2d:a1:17:5f:9c:2d:51:7a:
58:39:ec:31:03:62:ad:68:0b:a5:c0:8b:e9:dd:49:ee:3e:82:
cc:3b:0c:4f:2b:5c:f4:8b:be:7c:c4:7f:0b:1b:56:30:03:45:
cc:84:5c:86:68:e8:fe:92:9f:f1:98:38:57:36:89:13:86:94:
3b:fe:de:d5:c2:ad:11:85:80:45:06:f7:e6:87:8a:54:26:b9:
c4:d7:21:9c:84:c1:81:6c:7a:3b:5a:9b:61:3c:8a:07:c7:40:
f8:ad:7b:98
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZh8Yexz0igqOawhPBBi0BBjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDE3MWY5M2NjMWNhNzE2ZmM4MDZlMzZhNTU4NTJjZGY0
ZjFjMWMwHhcNMjUwODA1MjIzNzI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjNTkyM2Y2ZWYxM2EyNWZiNjM0ZDVkMDFkZGRjNWNmZjk5MTg1YjQ4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvW3tGLzr08k/e1TSAvcgn16aIUu1
GMT1GYdnFKl4cOYgIs5l8MM6IRNn/nv7mrJM+J65CXhIYKEx7r3UkHB2iRpoZmpy
K4i5xODE/mp2yHmlBMzSrUbdGcrNWSwtyZN3ANydX7cA6tEeQiRnsLh8Z87fmqxd
kZWycPkv8bs8KuyKeBZTdizAPYqiAbfiCrB/AdtpE1DNhQa5WAbf1rxDKl4FugBl
8QMEgaGRSY4j+sNTdQS1HnAuxJxSIvK5wOyVoy/l6IopbKePf/AZVUiSGvuUSbtz
wFLB9kvY0gy+HxKKiuvLi8gOzi15TwOGjDKsNp3a3k7WxkWIserPBZ72LQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFMWSP27xOiX7Y01dAd3cXP+ZGFtIMB8GA1UdIwQY
MBaAFGTRcfk8wcpxb8gG42pVhSzfTxwcMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAt
YTQ2MzVkZjQ3ZDcwLzEveFpJX2J2RTZKZnRqVFYwQjNkeGNfNWtZVzBnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNy9mMmQ5ZGYtMTZlYi00NDllLTgzZjAtYTQ2MzVkZjQ3ZDcw
LzEvWk5GeC1UekJ5bkZ2eUFiamFsV0ZMTjlQSEJ3LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAgBAIAATAaMAwDBAMlepgD
BAElepwDBAKwauADBAGwauYwDQQCAAIwBwMFAyoPaoAwDQYJKoZIhvcNAQELBQAD
ggEBAAJHLUDzRrxPIU8LbNfGeRUWomrAZAL2svQHQFWM2adCLqNqfobS9LvKlreg
lvsf5zxZewPmQ7Ar468gI6fuwl+Du+RXVLhAvgaAyq3YRQqwW2kvvcwvxLwv8Ow+
zBissBVajXWGchyCdvQ21Qrrc18d/gu70t1CxBJ4Lr7Q66O0yHNbRwIpLlUE0NXB
3yyFmP9exJJKYQpK6kgtoRdfnC1Relg57DEDYq1oC6XAi+ndSe4+gsw7DE8rXPSL
vnzEfwsbVjADRcyEXIZo6P6Sn/GYOFc2iROGlDv+3tXCrRGFgEUG9+aHilQmucTX
IZyEwYFsejtam2E8igfHQPite5g=
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:37:09 2025 by rpki-client