Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/zMycwWf9Tpp5xSB6-C5UFRiyMQU.roa
File: zMycwWf9Tpp5xSB6-C5UFRiyMQU.roa (raw, json)
Hash identifier: oLzSeqmsbJ/B++9sA71n/u3LkcCkqvS26sSAP1tYoR0=
Subject key identifier: CC:CC:9C:C1:67:FD:4E:9A:79:C5:20:7A:F8:2E:54:15:18:B2:31:05
Certificate issuer: /CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Certificate serial: 0197A0EA5DA01C7B5270DCB36CCE0DEE3314
Authority key identifier: 6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/zMycwWf9Tpp5xSB6-C5UFRiyMQU.roa
Signing time: Tue 24 Jun 2025 07:50:03 +0000
ROA not before: Tue 24 Jun 2025 07:50:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20001
IP address blocks: 109.121.40.0/24 maxlen: 24
109.121.43.0/24 maxlen: 24
109.233.184.0/24 maxlen: 24
109.233.185.0/24 maxlen: 24
178.253.237.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.mft
rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 29 Jun 2025 19:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:a0:ea:5d:a0:1c:7b:52:70:dc:b3:6c:ce:0d:ee:33:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6f84e4738a70ea39c08cef210432ae399ec7e915
Validity
Not Before: Jun 24 07:50:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cccc9cc167fd4e9a79c5207af82e541518b23105
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ee:31:99:c2:71:74:c6:3b:6d:4a:b9:02:62:18:
fa:45:22:24:b8:78:bf:ea:4b:ac:8e:7d:c9:1e:41:
42:af:f7:45:58:01:39:19:23:a8:a0:52:00:d5:1b:
d7:ab:c8:8a:c4:45:35:8b:74:94:a1:2a:5f:df:6a:
f3:4f:f4:2a:1d:e9:de:6b:e4:c7:81:85:42:1d:4a:
9f:58:1f:fb:31:7e:7d:be:85:66:67:f9:cc:35:0c:
c5:30:ba:2f:7e:ef:18:79:58:0b:04:79:1d:3d:59:
65:e6:4b:3f:7b:76:7d:97:a1:5a:0b:b9:7e:e6:d2:
d1:df:56:40:ee:b8:9d:96:17:46:60:a6:e8:37:6e:
e9:79:95:37:61:98:b0:6c:67:d2:9c:86:9f:82:ff:
0b:7c:61:cd:96:3a:87:d6:fa:f8:df:db:93:6c:8c:
c2:59:b4:3c:bb:97:c8:c1:0d:60:72:40:3a:31:07:
f6:fb:aa:70:7a:75:5f:40:b2:cb:18:ef:e0:57:d9:
a7:51:63:21:f1:c2:3e:b8:8a:65:d7:d8:2b:59:6a:
bd:ef:86:97:af:9c:0d:01:0a:c1:13:62:18:db:54:
a5:5c:1b:4f:39:eb:38:01:56:23:26:2d:8d:58:ea:
9d:4c:95:97:52:0a:71:9b:5c:cd:4d:4a:2a:25:e9:
bd:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:CC:9C:C1:67:FD:4E:9A:79:C5:20:7A:F8:2E:54:15:18:B2:31:05
X509v3 Authority Key Identifier:
keyid:6F:84:E4:73:8A:70:EA:39:C0:8C:EF:21:04:32:AE:39:9E:C7:E9:15
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/zMycwWf9Tpp5xSB6-C5UFRiyMQU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/36/ddf8b3-1c08-495c-8ddf-fae5dbed3b1b/1/b4Tkc4pw6jnAjO8hBDKuOZ7H6RU.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.121.40.0/24
109.121.43.0/24
109.233.184.0/23
178.253.237.0/24
Signature Algorithm: sha256WithRSAEncryption
a6:6a:c7:9f:0c:a4:fa:56:9d:d9:69:8b:64:77:91:84:73:94:
ca:62:a8:85:fe:cc:00:34:a3:29:b5:ef:70:58:c5:00:04:a2:
db:f2:32:36:a0:ac:88:e3:74:95:33:4a:ee:ca:2b:b8:e1:89:
56:e6:0e:01:ac:59:b4:54:ae:9a:bb:d6:85:c3:7b:86:05:cf:
3a:d5:a7:0b:49:c2:10:f5:3a:e8:67:4d:c7:9c:06:f4:01:a8:
f2:4b:c5:3b:0d:d8:0f:7c:90:cf:4f:86:51:07:3e:63:be:f6:
63:4b:c2:33:d0:d0:13:79:e2:6d:da:75:aa:d8:7a:7b:cb:f6:
e2:d4:03:c4:9f:25:7a:7c:21:eb:04:59:15:b9:5a:00:6a:0c:
40:89:70:a8:c2:a9:c3:c0:5c:d7:a8:5f:69:f3:cb:0f:7e:57:
a1:9c:43:36:22:9c:a9:7f:d4:4c:1b:30:fe:1b:35:2c:51:e9:
a5:f2:89:7e:64:b1:9a:bb:8b:2f:fa:8c:f2:28:5a:ec:c0:61:
2e:85:5d:37:f4:7b:b7:82:4c:64:c6:52:84:5a:b8:58:97:10:
9a:64:b3:3e:24:f1:1e:ce:55:cc:5b:33:af:35:7d:6b:80:1b:
aa:e8:e9:68:56:d7:ec:16:7a:f8:82:9e:32:08:5d:f1:2e:9a:
70:98:c9:70
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZeg6l2gHHtScNyzbM4N7jMUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZmODRlNDczOGE3MGVhMzljMDhjZWYyMTA0MzJhZTM5OWVj
N2U5MTUwHhcNMjUwNjI0MDc1MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2NjOWNjMTY3ZmQ0ZTlhNzljNTIwN2FmODJlNTQxNTE4YjIzMTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA7jGZwnF0xjttSrkCYhj6RSIkuHi/
6kusjn3JHkFCr/dFWAE5GSOooFIA1RvXq8iKxEU1i3SUoSpf32rzT/QqHenea+TH
gYVCHUqfWB/7MX59voVmZ/nMNQzFMLovfu8YeVgLBHkdPVll5ks/e3Z9l6FaC7l+
5tLR31ZA7ridlhdGYKboN27peZU3YZiwbGfSnIafgv8LfGHNljqH1vr439uTbIzC
WbQ8u5fIwQ1gckA6MQf2+6pwenVfQLLLGO/gV9mnUWMh8cI+uIpl19grWWq974aX
r5wNAQrBE2IY21SlXBtPOes4AVYjJi2NWOqdTJWXUgpxm1zNTUoqJem9/wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFMzMnMFn/U6aecUgevguVBUYsjEFMB8GA1UdIwQY
MBaAFG+E5HOKcOo5wIzvIQQyrjmex+kVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYt
ZmFlNWRiZWQzYjFiLzEvek15Y3dXZjlUcHA1eFNCNi1DNVVGUml5TVFVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNi9kZGY4YjMtMWMwOC00OTVjLThkZGYtZmFlNWRiZWQzYjFi
LzEvYjRUa2M0cHc2am5Bak84aEJES3VPWjdINlJVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAbXkoAwQA
bXkrAwQBbem4AwQAsv3tMA0GCSqGSIb3DQEBCwUAA4IBAQCmasefDKT6Vp3ZaYtk
d5GEc5TKYqiF/swANKMpte9wWMUABKLb8jI2oKyI43SVM0ruyiu44YlW5g4BrFm0
VK6au9aFw3uGBc861acLScIQ9TroZ03HnAb0AajyS8U7DdgPfJDPT4ZRBz5jvvZj
S8Iz0NATeeJt2nWq2Hp7y/bi1APEnyV6fCHrBFkVuVoAagxAiXCowqnDwFzXqF9p
88sPflehnEM2Ipypf9RMGzD+GzUsUeml8ol+ZLGau4sv+ozyKFrswGEuhV039Hu3
gkxkxlKEWrhYlxCaZLM+JPEezlXMWzOvNX1rgBuq6OloVtfsFnr4gp4yCF3xLppw
mMlw
-----END CERTIFICATE-----
Generated at Sun Jun 29 04:26:20 2025 by rpki-client