Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zl_FIWsQsU9TjHfL29rvbfo1pm8.roa
File: zl_FIWsQsU9TjHfL29rvbfo1pm8.roa (raw, json)
Hash identifier: plWBBKMU1eDxoN+f9JQHw2+baxWKk/tH9YtUnkFUaOw=
Subject key identifier: CE:5F:C5:21:6B:10:B1:4F:53:8C:77:CB:DB:DA:EF:6D:FA:35:A6:6F
Certificate issuer: /CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Certificate serial: 0199499797999B6ECC460F9E8C6A0EACDA52
Authority key identifier: 18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zl_FIWsQsU9TjHfL29rvbfo1pm8.roa
Signing time: Sun 14 Sep 2025 18:58:15 +0000
ROA not before: Sun 14 Sep 2025 18:58:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205987
IP address blocks: 2a06:b441::/32 maxlen: 32
2a11:3b40::/32 maxlen: 32
2a12:6640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.mft
rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:49:97:97:99:9b:6e:cc:46:0f:9e:8c:6a:0e:ac:da:52
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=189d6b55d6a688ee5e3381883bb5af68433276e3
Validity
Not Before: Sep 14 18:58:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce5fc5216b10b14f538c77cbdbdaef6dfa35a66f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:da:13:31:99:5d:7f:88:a8:59:cf:ee:39:29:11:
4a:ae:f8:97:f4:20:50:7b:c1:8c:0e:cc:ad:b1:6d:
e6:29:5f:9a:d0:a0:62:8d:19:77:3b:87:e6:e9:32:
e2:35:37:e7:dc:50:99:a1:4f:db:70:b4:38:dd:18:
2a:cc:4a:c5:34:56:d1:a9:8b:26:f2:6c:97:0c:47:
0b:0b:f6:1a:81:22:82:3a:e4:97:88:0f:84:f8:60:
1a:b1:b8:1e:ca:d7:bd:a3:0d:bf:b1:7d:02:6b:cb:
bb:ab:97:bc:d4:9c:7c:7c:16:76:d3:33:28:4b:70:
53:66:7e:45:81:41:58:ec:5a:bc:9c:1f:c6:49:da:
ce:93:35:b4:4e:8f:7c:9d:96:ee:f1:56:40:6b:95:
cf:3f:83:72:be:8b:bd:02:df:ed:65:44:b6:2b:3d:
cf:54:67:37:37:0e:7a:84:d8:63:84:64:d1:26:b8:
fb:b1:8b:4d:b2:9e:77:1f:bb:9f:cb:22:64:1c:cf:
1f:22:26:63:8b:0e:53:33:13:5a:6b:aa:df:31:5b:
c6:2b:f7:f6:5b:7b:6e:45:0a:92:5e:37:cf:08:9b:
77:e4:93:33:e5:89:59:cf:30:90:6d:f2:c0:3a:72:
62:ce:a0:d4:17:e6:1b:be:7b:40:9a:6a:da:d3:34:
e2:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:5F:C5:21:6B:10:B1:4F:53:8C:77:CB:DB:DA:EF:6D:FA:35:A6:6F
X509v3 Authority Key Identifier:
keyid:18:9D:6B:55:D6:A6:88:EE:5E:33:81:88:3B:B5:AF:68:43:32:76:E3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/GJ1rVdamiO5eM4GIO7WvaEMyduM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/zl_FIWsQsU9TjHfL29rvbfo1pm8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/757b56-7b57-48a0-9a75-a2a4c6a621cd/1/GJ1rVdamiO5eM4GIO7WvaEMyduM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a06:b441::/32
2a11:3b40::/32
2a12:6640::/32
Signature Algorithm: sha256WithRSAEncryption
53:14:f4:ca:91:16:23:65:b7:fc:29:ce:f3:a0:d5:58:6f:17:
07:eb:c8:29:12:a1:32:db:24:86:46:86:cc:9b:63:3a:fe:6b:
5b:55:0f:8f:c5:bf:13:fe:af:e8:74:db:a2:aa:c0:bf:cd:5a:
a9:73:f4:ed:50:fa:e9:bf:55:49:a5:d1:e7:c0:5e:a8:b6:f6:
b3:64:ab:44:8d:43:41:06:dc:d9:34:2c:49:c7:4a:ed:7a:47:
80:bc:86:98:d5:c9:02:14:00:00:5f:ee:a9:b7:fd:96:90:b4:
e0:f6:84:9a:fb:d8:86:29:fa:7f:f4:92:7f:ad:18:8e:a7:e7:
83:03:77:6f:96:d9:7b:05:d8:d9:2d:a6:92:c4:95:43:c8:ea:
46:fe:4b:c1:b3:fd:aa:51:ca:ea:84:97:0f:4a:31:dc:35:c0:
2a:09:d4:49:44:83:5a:eb:56:19:55:58:06:2a:2a:29:a9:db:
fb:19:ba:77:bf:27:cd:a3:be:52:75:1f:0a:9f:40:10:5b:e5:
02:ca:c6:06:1f:e9:32:cd:67:bb:51:78:39:6c:af:8a:cc:16:
0b:46:e8:36:ec:c0:bb:6e:fb:b0:eb:43:81:28:a1:b5:44:9c:
56:3a:06:b1:2c:e2:f9:f3:f1:87:28:eb:0e:d7:b8:e4:1b:07:
b6:f1:ca:68
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZlJl5eZm27MRg+ejGoOrNpSMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE4OWQ2YjU1ZDZhNjg4ZWU1ZTMzODE4ODNiYjVhZjY4NDMz
Mjc2ZTMwHhcNMjUwOTE0MTg1ODE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTVmYzUyMTZiMTBiMTRmNTM4Yzc3Y2JkYmRhZWY2ZGZhMzVhNjZmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2hMxmV1/iKhZz+45KRFKrviX9CBQ
e8GMDsytsW3mKV+a0KBijRl3O4fm6TLiNTfn3FCZoU/bcLQ43RgqzErFNFbRqYsm
8myXDEcLC/YagSKCOuSXiA+E+GAasbgeyte9ow2/sX0Ca8u7q5e81Jx8fBZ20zMo
S3BTZn5FgUFY7Fq8nB/GSdrOkzW0To98nZbu8VZAa5XPP4Nyvou9At/tZUS2Kz3P
VGc3Nw56hNhjhGTRJrj7sYtNsp53H7ufyyJkHM8fIiZjiw5TMxNaa6rfMVvGK/f2
W3tuRQqSXjfPCJt35JMz5YlZzzCQbfLAOnJizqDUF+YbvntAmmra0zTi2QIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFM5fxSFrELFPU4x3y9va7236NaZvMB8GA1UdIwQY
MBaAFBida1XWpojuXjOBiDu1r2hDMnbjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUt
YTJhNGM2YTYyMWNkLzEvemxfRklXc1FzVTlUakhmTDI5cnZiZm8xcG04LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS83NTdiNTYtN2I1Ny00OGEwLTlhNzUtYTJhNGM2YTYyMWNk
LzEvR0oxclZkYW1pTzVlTTRHSU83V3ZhRU15ZHVNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKga0QQMF
ACoRO0ADBQAqEmZAMA0GCSqGSIb3DQEBCwUAA4IBAQBTFPTKkRYjZbf8Kc7zoNVY
bxcH68gpEqEy2ySGRobMm2M6/mtbVQ+Pxb8T/q/odNuiqsC/zVqpc/TtUPrpv1VJ
pdHnwF6otvazZKtEjUNBBtzZNCxJx0rtekeAvIaY1ckCFAAAX+6pt/2WkLTg9oSa
+9iGKfp/9JJ/rRiOp+eDA3dvltl7BdjZLaaSxJVDyOpG/kvBs/2qUcrqhJcPSjHc
NcAqCdRJRINa61YZVVgGKiopqdv7Gbp3vyfNo75SdR8Kn0AQW+UCysYGH+kyzWe7
UXg5bK+KzBYLRug27MC7bvuw60OBKKG1RJxWOgaxLOL58/GHKOsO17jkGwe28cpo
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:03 2025 by rpki-client