Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2f/9000e0-69d8-413e-b2a3-aa52c00de9c1/1/ZoHlTSWf4EeqC9A5k-qHnjmwKF4.roa
File: ZoHlTSWf4EeqC9A5k-qHnjmwKF4.roa (raw, json)
Hash identifier: 7rMi4KUfYRyetPUm0wFZARhPbAH2Hhf04z4uA0idTbQ=
Subject key identifier: 66:81:E5:4D:25:9F:E0:47:AA:0B:D0:39:93:EA:87:9E:39:B0:28:5E
Certificate issuer: /CN=2f5fab5c9a4e138032e5b300ea3edd9e4d2b6901
Certificate serial: 019905486BF54C998CBA62C993E3EAB80147
Authority key identifier: 2F:5F:AB:5C:9A:4E:13:80:32:E5:B3:00:EA:3E:DD:9E:4D:2B:69:01
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/L1-rXJpOE4Ay5bMA6j7dnk0raQE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2f/9000e0-69d8-413e-b2a3-aa52c00de9c1/1/ZoHlTSWf4EeqC9A5k-qHnjmwKF4.roa
Signing time: Mon 01 Sep 2025 12:37:36 +0000
ROA not before: Mon 01 Sep 2025 12:37:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41356
IP address blocks: 89.238.0.0/18 maxlen: 18
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2f/9000e0-69d8-413e-b2a3-aa52c00de9c1/1/L1-rXJpOE4Ay5bMA6j7dnk0raQE.crl
rsync://rpki.ripe.net/repository/DEFAULT/2f/9000e0-69d8-413e-b2a3-aa52c00de9c1/1/L1-rXJpOE4Ay5bMA6j7dnk0raQE.mft
rsync://rpki.ripe.net/repository/DEFAULT/L1-rXJpOE4Ay5bMA6j7dnk0raQE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:05:48:6b:f5:4c:99:8c:ba:62:c9:93:e3:ea:b8:01:47
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f5fab5c9a4e138032e5b300ea3edd9e4d2b6901
Validity
Not Before: Sep 1 12:37:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6681e54d259fe047aa0bd03993ea879e39b0285e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:aa:a2:c8:c0:8d:3c:99:ce:01:db:7b:26:5e:79:
27:2e:7f:9e:fa:3b:56:8b:0e:54:aa:fb:ae:21:98:
02:92:dd:f4:53:44:90:25:5c:3c:5c:bd:69:34:1c:
48:81:46:3b:c7:1a:d0:9c:75:c6:ed:3f:8a:a3:2e:
35:43:30:f4:29:3b:39:ac:34:81:9f:ce:cb:83:c4:
45:be:2b:6f:7e:79:7f:31:d1:0e:ef:f5:7a:36:51:
ed:7d:0f:97:35:78:30:96:b9:62:78:d3:46:7e:05:
78:3a:1b:5e:36:59:75:8e:96:bc:bc:90:ce:c9:99:
e4:5b:f0:29:f3:79:1c:fc:d7:39:53:c9:06:3f:33:
46:e8:da:ea:27:d2:53:68:27:be:27:3a:4e:7f:68:
a4:bc:26:71:56:7f:84:a2:54:ea:c5:ea:1c:99:f6:
6b:76:48:52:2a:9c:bf:35:2e:30:66:ce:45:dd:d2:
2b:f3:8b:c8:fb:ac:41:4e:6f:87:63:22:76:3c:c4:
b3:0d:a6:2f:c5:8d:2b:33:40:2d:c3:39:a6:6d:76:
74:e9:e7:55:3a:bd:15:40:29:85:65:f7:f6:32:78:
a9:ef:23:29:32:de:00:e4:c1:fd:14:56:ca:d4:c2:
96:ea:dc:d0:32:2e:88:89:99:67:38:97:cf:17:61:
84:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:81:E5:4D:25:9F:E0:47:AA:0B:D0:39:93:EA:87:9E:39:B0:28:5E
X509v3 Authority Key Identifier:
keyid:2F:5F:AB:5C:9A:4E:13:80:32:E5:B3:00:EA:3E:DD:9E:4D:2B:69:01
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/L1-rXJpOE4Ay5bMA6j7dnk0raQE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/9000e0-69d8-413e-b2a3-aa52c00de9c1/1/ZoHlTSWf4EeqC9A5k-qHnjmwKF4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2f/9000e0-69d8-413e-b2a3-aa52c00de9c1/1/L1-rXJpOE4Ay5bMA6j7dnk0raQE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.238.0.0/18
Signature Algorithm: sha256WithRSAEncryption
90:ce:06:8c:0b:ac:ff:1d:4c:ea:36:df:5f:e5:34:35:c2:ba:
fe:e1:00:10:7f:53:1c:f7:36:3f:8f:7f:04:c8:19:47:66:94:
0c:08:86:c6:d9:ea:ce:0a:17:de:e3:8d:1d:e7:1e:e0:74:2c:
bb:37:18:82:57:5e:a9:94:7a:af:6a:6d:ee:0f:49:c1:38:f3:
eb:18:f7:ee:90:15:fb:16:55:94:89:6c:b1:fd:94:3c:99:2d:
4a:30:e2:93:bf:8f:a4:1c:7e:5d:30:0b:5f:25:a3:bc:59:91:
62:e2:fe:e1:36:19:ee:f3:6f:83:0a:da:6c:e2:d6:9e:8c:1c:
23:d5:0e:53:ff:33:d7:3d:fa:97:45:a1:90:47:88:c4:05:bc:
d7:2f:90:14:b2:ea:23:e9:0c:20:5a:fb:63:63:78:dc:de:f1:
8f:83:9b:d3:1e:5d:bd:91:72:43:29:f3:9d:60:27:70:e0:a0:
f5:a9:75:ce:1d:87:d2:23:8c:96:e3:e0:4b:64:75:83:83:15:
56:a0:0f:69:c6:e6:4b:ac:9b:be:88:be:3e:c8:6c:1a:7f:eb:
52:57:61:d3:e2:87:ad:1b:03:c5:40:3a:84:4f:f2:47:0c:30:
2f:37:78:08:f4:9e:18:69:6c:3e:8b:f8:a4:d4:a2:07:28:cc:
c0:99:38:57
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZkFSGv1TJmMumLJk+PquAFHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmNWZhYjVjOWE0ZTEzODAzMmU1YjMwMGVhM2VkZDllNGQy
YjY5MDEwHhcNMjUwOTAxMTIzNzM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjgxZTU0ZDI1OWZlMDQ3YWEwYmQwMzk5M2VhODc5ZTM5YjAyODVlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqqLIwI08mc4B23smXnknLn+e+jtW
iw5UqvuuIZgCkt30U0SQJVw8XL1pNBxIgUY7xxrQnHXG7T+Koy41QzD0KTs5rDSB
n87Lg8RFvitvfnl/MdEO7/V6NlHtfQ+XNXgwlrlieNNGfgV4OhteNll1jpa8vJDO
yZnkW/Ap83kc/Nc5U8kGPzNG6NrqJ9JTaCe+JzpOf2ikvCZxVn+EolTqxeocmfZr
dkhSKpy/NS4wZs5F3dIr84vI+6xBTm+HYyJ2PMSzDaYvxY0rM0AtwzmmbXZ06edV
Or0VQCmFZff2Mnip7yMpMt4A5MH9FFbK1MKW6tzQMi6IiZlnOJfPF2GE8wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGaB5U0ln+BHqgvQOZPqh545sCheMB8GA1UdIwQY
MBaAFC9fq1yaThOAMuWzAOo+3Z5NK2kBMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTDEtclhKcE9FNEF5NWJNQTZqN2RuazByYVFFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZi85MDAwZTAtNjlkOC00MTNlLWIyYTMt
YWE1MmMwMGRlOWMxLzEvWm9IbFRTV2Y0RWVxQzlBNWstcUhuam13S0Y0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZi85MDAwZTAtNjlkOC00MTNlLWIyYTMtYWE1MmMwMGRlOWMx
LzEvTDEtclhKcE9FNEF5NWJNQTZqN2RuazByYVFFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQGWe4AMA0G
CSqGSIb3DQEBCwUAA4IBAQCQzgaMC6z/HUzqNt9f5TQ1wrr+4QAQf1Mc9zY/j38E
yBlHZpQMCIbG2erOChfe440d5x7gdCy7NxiCV16plHqvam3uD0nBOPPrGPfukBX7
FlWUiWyx/ZQ8mS1KMOKTv4+kHH5dMAtfJaO8WZFi4v7hNhnu82+DCtps4taejBwj
1Q5T/zPXPfqXRaGQR4jEBbzXL5AUsuoj6QwgWvtjY3jc3vGPg5vTHl29kXJDKfOd
YCdw4KD1qXXOHYfSI4yW4+BLZHWDgxVWoA9pxuZLrJu+iL4+yGwaf+tSV2HT4oet
GwPFQDqET/JHDDAvN3gI9J4YaWw+i/ik1KIHKMzAmThX
-----END CERTIFICATE-----
Generated at Mon Oct 20 06:41:06 2025 by rpki-client