Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Z2wUduBacPPn24EXsqlot_meu2w.roa
File: Z2wUduBacPPn24EXsqlot_meu2w.roa (raw, json)
Hash identifier: AEMqV7i2lS/tTsR42US266Qk+OTUkbe36ZW2IKlEfq8=
Subject key identifier: 67:6C:14:76:E0:5A:70:F3:E7:DB:81:17:B2:A9:68:B7:F9:9E:BB:6C
Certificate issuer: /CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Certificate serial: 0199B8593F0A77980AA49C91BB725EAC30F1
Authority key identifier: 6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Z2wUduBacPPn24EXsqlot_meu2w.roa
Signing time: Mon 06 Oct 2025 07:08:00 +0000
ROA not before: Mon 06 Oct 2025 07:08:00 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214515
IP address blocks: 109.122.244.0/24 maxlen: 24
109.122.253.0/24 maxlen: 24
185.3.200.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.mft
rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 00:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:b8:59:3f:0a:77:98:0a:a4:9c:91:bb:72:5e:ac:30:f1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6ddb38b343da2d119309edaa19c7a78870327ebe
Validity
Not Before: Oct 6 07:08:00 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=676c1476e05a70f3e7db8117b2a968b7f99ebb6c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:a8:7a:5e:bb:93:1a:2d:d4:cf:4e:a3:e1:eb:
11:74:26:b4:92:8d:13:d0:c4:68:26:55:4d:dd:bf:
eb:e8:e8:d3:43:51:47:b5:9e:e8:97:31:d0:83:09:
19:cd:5c:4b:b8:bb:57:09:8d:29:f0:8f:d2:58:42:
80:fc:a9:4f:1b:42:77:08:2f:f8:d0:ca:15:50:f4:
e0:70:4b:18:5f:42:8c:78:7a:26:89:a4:dd:d5:06:
f6:51:91:9c:23:2d:f2:d7:de:aa:a6:78:f1:bf:07:
42:fc:05:cd:bf:1c:bc:45:b5:83:eb:02:b8:0e:19:
de:e3:fc:4f:ad:d3:9b:ba:2f:3f:0e:4e:21:ef:2a:
82:35:28:8c:d4:5e:e6:ad:58:21:72:4a:17:b0:be:
f5:c3:64:1c:c6:b3:38:a3:6f:75:6e:8c:03:b6:5a:
f6:ad:52:17:a2:ca:e9:d9:57:f8:ef:1f:8a:72:45:
cd:e9:6a:91:62:b8:7a:4a:55:95:c7:65:f6:94:c2:
51:d6:83:66:b0:eb:82:67:52:86:0a:9d:36:2c:df:
1a:27:f3:78:00:2a:04:21:15:74:df:5a:b4:66:8a:
60:b9:9a:80:36:cc:9e:a9:5d:7d:a6:86:d3:ad:a8:
0a:67:1f:28:93:32:47:da:79:1a:e6:9c:68:2e:4b:
0c:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:6C:14:76:E0:5A:70:F3:E7:DB:81:17:B2:A9:68:B7:F9:9E:BB:6C
X509v3 Authority Key Identifier:
keyid:6D:DB:38:B3:43:DA:2D:11:93:09:ED:AA:19:C7:A7:88:70:32:7E:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bds4s0PaLRGTCe2qGceniHAyfr4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/Z2wUduBacPPn24EXsqlot_meu2w.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/52/c961a0-4f53-422a-b7dd-3dfa510d6b16/1/bds4s0PaLRGTCe2qGceniHAyfr4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
109.122.244.0/24
109.122.253.0/24
185.3.200.0/24
Signature Algorithm: sha256WithRSAEncryption
7f:90:b4:b7:9e:71:7a:43:02:de:75:49:36:14:93:84:1d:1f:
7b:ee:7c:70:00:e8:97:de:6a:b5:dc:d2:16:a4:ce:c5:8b:25:
95:5c:92:7a:68:d2:50:10:77:48:0b:33:da:fb:d0:71:61:40:
b7:b4:f0:62:73:fe:89:16:49:14:d6:53:2c:a3:c9:d0:ff:38:
ca:f8:4f:dc:61:f1:b5:c2:51:12:a5:4e:65:18:e2:c8:a1:d6:
e8:93:42:44:c4:5c:b1:8c:9e:53:03:0a:83:6d:1a:c5:7e:39:
c3:e7:9f:c3:9d:57:b0:3e:87:5e:26:c3:a3:f0:85:cf:0e:ba:
a0:fc:15:15:a4:06:68:d1:91:59:13:b9:71:0e:37:7c:c9:bd:
77:ff:1f:a4:f6:48:80:6e:f1:82:56:fe:e9:88:55:37:f5:96:
8e:dc:a2:2d:26:50:5f:99:5d:ae:6b:5b:17:a9:63:7d:1b:14:
d4:75:51:a9:79:a5:d4:7a:e1:07:24:55:88:98:d9:3a:36:90:
eb:c1:06:6e:0b:6f:fe:2e:f4:8b:7a:5b:3b:16:7e:25:13:fa:
27:89:22:8c:61:d4:08:d9:af:61:e5:ed:b4:00:2c:42:0c:a9:
8c:79:32:d1:20:52:07:b7:06:01:09:3f:bf:6c:83:ce:2b:0a:
1d:92:97:31
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZm4WT8Kd5gKpJyRu3JerDDxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkZGIzOGIzNDNkYTJkMTE5MzA5ZWRhYTE5YzdhNzg4NzAz
MjdlYmUwHhcNMjUxMDA2MDcwODAwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzZjMTQ3NmUwNWE3MGYzZTdkYjgxMTdiMmE5NjhiN2Y5OWViYjZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvKh6XruTGi3Uz06j4esRdCa0ko0T
0MRoJlVN3b/r6OjTQ1FHtZ7olzHQgwkZzVxLuLtXCY0p8I/SWEKA/KlPG0J3CC/4
0MoVUPTgcEsYX0KMeHomiaTd1Qb2UZGcIy3y196qpnjxvwdC/AXNvxy8RbWD6wK4
Dhne4/xPrdObui8/Dk4h7yqCNSiM1F7mrVghckoXsL71w2QcxrM4o291bowDtlr2
rVIXosrp2Vf47x+KckXN6WqRYrh6SlWVx2X2lMJR1oNmsOuCZ1KGCp02LN8aJ/N4
ACoEIRV031q0ZopguZqANsyeqV19pobTragKZx8okzJH2nka5pxoLksMIQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGdsFHbgWnDz59uBF7KpaLf5nrtsMB8GA1UdIwQY
MBaAFG3bOLND2i0RkwntqhnHp4hwMn6+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQt
M2RmYTUxMGQ2YjE2LzEvWjJ3VWR1QmFjUFBuMjRFWHNxbG90X21ldTJ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81Mi9jOTYxYTAtNGY1My00MjJhLWI3ZGQtM2RmYTUxMGQ2YjE2
LzEvYmRzNHMwUGFMUkdUQ2UycUdjZW5pSEF5ZnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAbXr0AwQA
bXr9AwQAuQPIMA0GCSqGSIb3DQEBCwUAA4IBAQB/kLS3nnF6QwLedUk2FJOEHR97
7nxwAOiX3mq13NIWpM7FiyWVXJJ6aNJQEHdICzPa+9BxYUC3tPBic/6JFkkU1lMs
o8nQ/zjK+E/cYfG1wlESpU5lGOLIodbok0JExFyxjJ5TAwqDbRrFfjnD55/DnVew
PodeJsOj8IXPDrqg/BUVpAZo0ZFZE7lxDjd8yb13/x+k9kiAbvGCVv7piFU39ZaO
3KItJlBfmV2ua1sXqWN9GxTUdVGpeaXUeuEHJFWImNk6NpDrwQZuC2/+LvSLels7
Fn4lE/oniSKMYdQI2a9h5e20ACxCDKmMeTLRIFIHtwYBCT+/bIPOKwodkpcx
-----END CERTIFICATE-----
Generated at Mon Oct 20 10:00:25 2025 by rpki-client