Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/ZzKeKFnkyYHVYzD_pBU_7j7GG50.roa
File: ZzKeKFnkyYHVYzD_pBU_7j7GG50.roa (raw, json)
Hash identifier: eOvLaalF9JX35YbTIgyHeogUDwT0C/FDn0Iw2feFdmo=
Subject key identifier: 67:32:9E:28:59:E4:C9:81:D5:63:30:FF:A4:15:3F:EE:3E:C6:1B:9D
Certificate issuer: /CN=ce00e112c03f695f9f25d3b72bb23a4c34ed2138
Certificate serial: 0197A09622FE02F98854465C27DB24BE5B4E
Authority key identifier: CE:00:E1:12:C0:3F:69:5F:9F:25:D3:B7:2B:B2:3A:4C:34:ED:21:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zgDhEsA_aV-fJdO3K7I6TDTtITg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/ZzKeKFnkyYHVYzD_pBU_7j7GG50.roa
Signing time: Tue 24 Jun 2025 06:18:03 +0000
ROA not before: Tue 24 Jun 2025 06:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9021
IP address blocks: 185.237.68.0/22 maxlen: 22
185.237.68.0/23 maxlen: 23
185.237.70.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/zgDhEsA_aV-fJdO3K7I6TDTtITg.crl
rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/zgDhEsA_aV-fJdO3K7I6TDTtITg.mft
rsync://rpki.ripe.net/repository/DEFAULT/zgDhEsA_aV-fJdO3K7I6TDTtITg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 04 Jul 2025 05:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a0:96:22:fe:02:f9:88:54:46:5c:27:db:24:be:5b:4e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ce00e112c03f695f9f25d3b72bb23a4c34ed2138
Validity
Not Before: Jun 24 06:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67329e2859e4c981d56330ffa4153fee3ec61b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:ca:20:95:ab:fc:e5:a1:0e:d4:a1:5f:ff:ba:
91:d7:12:2f:e0:18:8a:94:d3:2b:e0:cc:87:45:2e:
99:e3:da:f5:84:dd:03:7d:54:80:a5:25:3a:b4:51:
1d:9b:17:56:e9:24:92:9e:c5:a6:a4:9f:65:77:31:
f0:44:80:a7:ba:d5:dc:32:f3:6d:1f:f7:04:55:71:
3a:6c:05:8a:50:86:15:ef:d2:f0:91:81:3e:bb:93:
df:ba:b0:88:6c:a1:77:a2:87:ba:8d:bc:1d:df:0d:
b2:62:94:c9:ff:b4:7c:9e:e3:ea:c2:8b:44:56:3a:
ee:a2:c9:5f:f0:c5:54:a3:7c:f8:63:02:0f:58:14:
ef:3e:66:74:4b:fb:2a:73:00:1f:c7:9c:18:68:57:
38:ed:e5:ab:4e:ac:3c:db:fd:b0:42:30:fe:ce:58:
0c:5f:0d:d6:fc:36:d4:55:1a:5d:1b:f2:3a:41:69:
18:be:33:4a:42:88:20:33:8d:ad:15:bb:ac:41:94:
47:56:08:f5:f0:97:92:e2:ef:c3:4f:5d:31:25:16:
4b:cc:46:9f:a6:bf:53:76:d2:12:a7:2e:d7:c3:9f:
99:37:1d:78:e5:d3:1e:69:4d:cd:c1:17:11:80:38:
bf:72:94:55:9c:36:3c:20:01:ba:b1:57:75:63:03:
4b:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:32:9E:28:59:E4:C9:81:D5:63:30:FF:A4:15:3F:EE:3E:C6:1B:9D
X509v3 Authority Key Identifier:
keyid:CE:00:E1:12:C0:3F:69:5F:9F:25:D3:B7:2B:B2:3A:4C:34:ED:21:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zgDhEsA_aV-fJdO3K7I6TDTtITg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/ZzKeKFnkyYHVYzD_pBU_7j7GG50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/19/100c25-e025-45ef-90a9-f3463fc72cb5/1/zgDhEsA_aV-fJdO3K7I6TDTtITg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.237.68.0/22
Signature Algorithm: sha256WithRSAEncryption
a7:56:51:0d:97:28:7a:21:7d:0a:85:70:10:86:10:9d:d3:8e:
88:4f:7b:e0:55:e1:ac:16:bd:08:30:fc:fe:ea:0a:b1:d0:36:
5d:bf:ff:49:55:b5:d8:25:ee:4e:f7:56:15:8a:88:82:04:c8:
c5:8c:e5:f1:8b:d5:38:a1:c6:f1:0a:16:5f:22:8c:f2:b0:18:
1f:aa:6f:af:e2:02:80:1f:e3:e9:a8:46:fb:9d:a2:6d:15:f1:
ae:c8:95:7c:a4:a2:e7:29:31:4e:bc:71:b6:6d:e6:fd:fa:9f:
64:16:08:81:87:3b:b1:60:1c:04:00:db:09:03:e7:dc:f6:27:
5a:dd:79:ec:71:07:f0:35:9d:74:19:4c:23:08:5c:49:8a:f2:
25:96:27:0f:c5:d8:4b:52:7a:69:d0:d7:a2:d6:d4:ff:20:4a:
10:87:5b:ea:14:39:35:5b:60:fe:ab:f1:c4:82:b7:03:4e:08:
62:cd:4a:0f:c2:82:8b:e8:bf:0a:68:84:28:0d:b8:77:70:68:
1b:0e:db:d5:ec:74:2f:f4:f0:d9:39:b9:45:96:27:de:ef:3c:
e5:07:14:11:af:b7:70:ed:33:92:45:52:6f:c6:3e:69:b9:7f:
65:78:ed:c1:b4:84:45:a1:0a:ab:67:c3:9c:5a:a2:89:db:0f:
b6:db:42:ff
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZegliL+AvmIVEZcJ9skvltOMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlMDBlMTEyYzAzZjY5NWY5ZjI1ZDNiNzJiYjIzYTRjMzRl
ZDIxMzgwHhcNMjUwNjI0MDYxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzMyOWUyODU5ZTRjOTgxZDU2MzMwZmZhNDE1M2ZlZTNlYzYxYjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA08oglav85aEO1KFf/7qR1xIv4BiK
lNMr4MyHRS6Z49r1hN0DfVSApSU6tFEdmxdW6SSSnsWmpJ9ldzHwRICnutXcMvNt
H/cEVXE6bAWKUIYV79LwkYE+u5PfurCIbKF3ooe6jbwd3w2yYpTJ/7R8nuPqwotE
Vjruoslf8MVUo3z4YwIPWBTvPmZ0S/sqcwAfx5wYaFc47eWrTqw82/2wQjD+zlgM
Xw3W/DbUVRpdG/I6QWkYvjNKQoggM42tFbusQZRHVgj18JeS4u/DT10xJRZLzEaf
pr9TdtISpy7Xw5+ZNx145dMeaU3NwRcRgDi/cpRVnDY8IAG6sVd1YwNLvQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcynihZ5MmB1WMw/6QVP+4+xhudMB8GA1UdIwQY
MBaAFM4A4RLAP2lfnyXTtyuyOkw07SE4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemdEaEVzQV9hVi1mSmRPM0s3STZURFR0SVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xOS8xMDBjMjUtZTAyNS00NWVmLTkwYTkt
ZjM0NjNmYzcyY2I1LzEvWnpLZUtGbmt5WUhWWXpEX3BCVV83ajdHRzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xOS8xMDBjMjUtZTAyNS00NWVmLTkwYTktZjM0NjNmYzcyY2I1
LzEvemdEaEVzQV9hVi1mSmRPM0s3STZURFR0SVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQCue1EMA0G
CSqGSIb3DQEBCwUAA4IBAQCnVlENlyh6IX0KhXAQhhCd046IT3vgVeGsFr0IMPz+
6gqx0DZdv/9JVbXYJe5O91YVioiCBMjFjOXxi9U4ocbxChZfIozysBgfqm+v4gKA
H+PpqEb7naJtFfGuyJV8pKLnKTFOvHG2beb9+p9kFgiBhzuxYBwEANsJA+fc9ida
3XnscQfwNZ10GUwjCFxJivIllicPxdhLUnpp0Nei1tT/IEoQh1vqFDk1W2D+q/HE
grcDTghizUoPwoKL6L8KaIQoDbh3cGgbDtvV7HQv9PDZOblFlife7zzlBxQRr7dw
7TOSRVJvxj5puX9leO3BtIRFoQqrZ8OcWqKJ2w+220L/
-----END CERTIFICATE-----
Generated at Thu Jul 3 13:17:08 2025 by rpki-client