Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/ZjSa9XDSjffXmQp4LO321TvyNKE.roa
File: ZjSa9XDSjffXmQp4LO321TvyNKE.roa (raw, json)
Hash identifier: gFU9BNGnbxYibEU00nXYmqcJuk7i+Kf70GrZ4tDKFbA=
Subject key identifier: 66:34:9A:F5:70:D2:8D:F7:D7:99:0A:78:2C:ED:F6:D5:3B:F2:34:A1
Certificate issuer: /CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Certificate serial: 0197B25769A05BB1CDAC915D6329716CF2F4
Authority key identifier: AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/ZjSa9XDSjffXmQp4LO321TvyNKE.roa
Signing time: Fri 27 Jun 2025 17:02:42 +0000
ROA not before: Fri 27 Jun 2025 17:02:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60490
IP address blocks: 62.113.66.0/24 maxlen: 24
62.113.67.0/24 maxlen: 24
91.185.95.0/24 maxlen: 24
176.109.64.0/23 maxlen: 23
176.109.64.0/24 maxlen: 24
176.109.65.0/24 maxlen: 24
176.109.67.0/24 maxlen: 24
176.109.70.0/24 maxlen: 24
178.236.25.0/24 maxlen: 24
194.150.88.0/24 maxlen: 24
194.150.89.0/24 maxlen: 24
194.150.90.0/24 maxlen: 24
194.150.91.0/24 maxlen: 24
2a02:28:7::/48 maxlen: 48
2a02:2a:1000::/36 maxlen: 48
2a02:2a:1000::/41 maxlen: 41
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.mft
rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 04:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:b2:57:69:a0:5b:b1:cd:ac:91:5d:63:29:71:6c:f2:f4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=aefe1c859409ac5de7414c48f86739913be6b7e5
Validity
Not Before: Jun 27 17:02:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66349af570d28df7d7990a782cedf6d53bf234a1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d2:eb:44:25:fd:7b:54:a3:94:73:e4:a6:e5:c6:
8c:e0:38:49:2d:ec:64:47:69:df:e4:59:3d:54:7a:
b0:6b:d7:15:06:ec:31:4f:79:c1:b8:57:47:41:30:
f1:66:58:9f:3d:4c:9f:a6:18:0c:9f:8d:2a:3e:67:
38:23:a7:cf:f4:bd:35:1a:17:61:d8:ab:58:c3:c5:
b9:9f:cc:6c:ee:46:77:c6:67:7e:08:3b:d2:96:fd:
b5:4f:ce:1f:d6:e8:d6:14:db:05:30:87:02:a0:5d:
39:77:00:cf:0b:0e:58:08:39:c6:6c:cd:db:61:ca:
7f:f6:33:29:76:5d:2d:da:ad:2d:d4:d8:83:a9:88:
9d:80:32:98:48:16:7a:78:72:d7:73:c6:27:83:d1:
dd:bd:d9:7d:b8:78:31:90:a5:ff:48:7f:06:eb:cc:
fe:aa:6d:b3:f4:e3:98:53:53:4e:42:ba:dd:16:6c:
83:ba:78:c1:56:45:76:3a:34:33:d5:39:ad:81:86:
61:33:81:de:59:6c:4b:c0:d5:68:3e:7a:76:d7:4f:
86:15:1f:7e:55:cf:aa:53:d3:88:a0:bb:af:ec:96:
59:cb:d9:28:17:3d:16:5d:58:cd:23:0e:65:53:2b:
0d:30:d2:fd:a8:b2:8e:41:83:de:20:23:ca:bf:63:
8b:77
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:34:9A:F5:70:D2:8D:F7:D7:99:0A:78:2C:ED:F6:D5:3B:F2:34:A1
X509v3 Authority Key Identifier:
keyid:AE:FE:1C:85:94:09:AC:5D:E7:41:4C:48:F8:67:39:91:3B:E6:B7:E5
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rv4chZQJrF3nQUxI-Gc5kTvmt-U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/ZjSa9XDSjffXmQp4LO321TvyNKE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/39/451f04-e3c9-44ea-a6a1-428458679ce4/1/rv4chZQJrF3nQUxI-Gc5kTvmt-U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.113.66.0/23
91.185.95.0/24
176.109.64.0/23
176.109.67.0/24
176.109.70.0/24
178.236.25.0/24
194.150.88.0/22
IPv6:
2a02:28:7::/48
2a02:2a:1000::/36
Signature Algorithm: sha256WithRSAEncryption
19:62:41:18:a4:e4:f4:59:8d:e7:18:8f:0d:e6:21:f4:07:ef:
2e:9f:24:4a:be:9e:7a:da:d5:03:70:a6:1b:c4:6a:75:a5:44:
51:ae:ca:11:17:4d:7a:46:47:ac:6b:91:ea:a6:cf:2c:63:28:
6b:d7:c0:d3:e9:53:05:2c:de:fe:f7:85:90:52:8a:cf:d6:8e:
21:9c:33:6a:29:89:14:d3:eb:71:b9:6a:9e:53:8f:b8:64:2a:
2a:f4:9a:48:95:31:49:57:7f:f2:29:78:a1:41:40:45:f0:9d:
a8:36:aa:1f:3f:cc:4e:2c:db:93:66:83:90:f5:d1:f2:58:0c:
28:89:38:c1:26:98:37:f3:3b:20:58:3f:03:9d:77:4f:e6:6d:
ca:31:72:90:e4:22:48:bb:37:0d:c9:29:e9:2e:ef:d3:a3:71:
15:61:6f:c3:8c:52:44:26:89:30:b5:e2:c8:79:3c:45:42:51:
19:07:95:f2:18:c8:77:1a:7b:55:08:5f:7e:f3:a4:d7:97:0d:
06:12:6b:f5:72:67:ad:10:d2:6b:92:3e:9b:21:33:92:82:65:
94:62:98:71:cc:d0:28:b6:2c:24:96:4d:63:df:39:1c:ff:25:
e8:f0:e5:bc:b8:d2:99:00:a4:45:b6:18:e4:ca:c5:b1:6c:31:
3f:c0:19:63
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZeyV2mgW7HNrJFdYylxbPL0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFlZmUxYzg1OTQwOWFjNWRlNzQxNGM0OGY4NjczOTkxM2Jl
NmI3ZTUwHhcNMjUwNjI3MTcwMjQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjM0OWFmNTcwZDI4ZGY3ZDc5OTBhNzgyY2VkZjZkNTNiZjIzNGExMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0utEJf17VKOUc+Sm5caM4DhJLexk
R2nf5Fk9VHqwa9cVBuwxT3nBuFdHQTDxZlifPUyfphgMn40qPmc4I6fP9L01Ghdh
2KtYw8W5n8xs7kZ3xmd+CDvSlv21T84f1ujWFNsFMIcCoF05dwDPCw5YCDnGbM3b
Ycp/9jMpdl0t2q0t1NiDqYidgDKYSBZ6eHLXc8Yng9Hdvdl9uHgxkKX/SH8G68z+
qm2z9OOYU1NOQrrdFmyDunjBVkV2OjQz1TmtgYZhM4HeWWxLwNVoPnp210+GFR9+
Vc+qU9OIoLuv7JZZy9koFz0WXVjNIw5lUysNMNL9qLKOQYPeICPKv2OLdwIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFGY0mvVw0o3315kKeCzt9tU78jShMB8GA1UdIwQY
MBaAFK7+HIWUCaxd50FMSPhnOZE75rflMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEt
NDI4NDU4Njc5Y2U0LzEvWmpTYTlYRFNqZmZYbVFwNExPMzIxVHZ5TktFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zOS80NTFmMDQtZTNjOS00NGVhLWE2YTEtNDI4NDU4Njc5Y2U0
LzEvcnY0Y2haUUpyRjNuUVV4SS1HYzVrVHZtdC1VLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAwBAIAATAqAwQBPnFCAwQA
W7lfAwQBsG1AAwQAsG1DAwQAsG1GAwQAsuwZAwQCwpZYMBcEAgACMBEDBwAqAgAo
AAcDBgQqAgAqEDANBgkqhkiG9w0BAQsFAAOCAQEAGWJBGKTk9FmN5xiPDeYh9Afv
Lp8kSr6eetrVA3CmG8RqdaVEUa7KERdNekZHrGuR6qbPLGMoa9fA0+lTBSze/veF
kFKKz9aOIZwzaimJFNPrcblqnlOPuGQqKvSaSJUxSVd/8il4oUFARfCdqDaqHz/M
Tizbk2aDkPXR8lgMKIk4wSaYN/M7IFg/A513T+ZtyjFykOQiSLs3Dckp6S7v06Nx
FWFvw4xSRCaJMLXiyHk8RUJRGQeV8hjIdxp7VQhffvOk15cNBhJr9XJnrRDSa5I+
myEzkoJllGKYcczQKLYsJJZNY985HP8l6PDlvLjSmQCkRbYY5MrFsWwxP8AZYw==
-----END CERTIFICATE-----
Generated at Sun Jun 29 09:20:24 2025 by rpki-client