Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/zNuctijeVzLk5p8IDcjupj3mV8s.roa
File: zNuctijeVzLk5p8IDcjupj3mV8s.roa (raw, json)
Hash identifier: 6Yb9EZQFJQK5m5ZsEBxRUGfAKHk3l4sByqg3QG8lwu0=
Subject key identifier: CC:DB:9C:B6:28:DE:57:32:E4:E6:9F:08:0D:C8:EE:A6:3D:E6:57:CB
Certificate issuer: /CN=d37969f5d253210b0abe8e07a086f608d6f2a0af
Certificate serial: 01999B38325E2CB049EF76834C0EBB672371
Authority key identifier: D3:79:69:F5:D2:53:21:0B:0A:BE:8E:07:A0:86:F6:08:D6:F2:A0:AF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/03lp9dJTIQsKvo4HoIb2CNbyoK8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/zNuctijeVzLk5p8IDcjupj3mV8s.roa
Signing time: Tue 30 Sep 2025 15:22:55 +0000
ROA not before: Tue 30 Sep 2025 15:22:55 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43030
IP address blocks: 77.95.0.0/21 maxlen: 21
185.194.196.0/23 maxlen: 23
185.194.196.0/24 maxlen: 24
185.194.197.0/24 maxlen: 24
185.194.198.0/24 maxlen: 24
2a0b:ae80::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/03lp9dJTIQsKvo4HoIb2CNbyoK8.crl
rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/03lp9dJTIQsKvo4HoIb2CNbyoK8.mft
rsync://rpki.ripe.net/repository/DEFAULT/03lp9dJTIQsKvo4HoIb2CNbyoK8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 18:01:00 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9b:38:32:5e:2c:b0:49:ef:76:83:4c:0e:bb:67:23:71
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d37969f5d253210b0abe8e07a086f608d6f2a0af
Validity
Not Before: Sep 30 15:22:55 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ccdb9cb628de5732e4e69f080dc8eea63de657cb
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:2d:93:a7:92:ce:a0:61:91:8a:eb:af:f6:f6:
d7:b7:89:26:63:a5:5f:29:1b:db:50:f7:ac:17:4e:
95:1f:13:e6:c2:85:08:88:50:a8:e0:ea:67:14:f6:
a4:80:d6:98:1b:24:7b:56:ff:54:2c:cc:8e:c7:41:
c1:42:1d:bf:8a:34:6c:50:5c:be:0a:1e:f7:13:5f:
e0:d9:03:c2:99:91:94:89:56:e8:2e:7c:86:a2:40:
ac:aa:ee:69:6f:90:27:0a:79:4a:a6:23:c7:7b:ed:
76:0a:4c:af:b0:df:11:22:18:90:d6:29:ad:e8:45:
c0:bd:9d:77:04:ad:c3:0a:23:36:64:29:a4:7b:36:
ec:96:33:a2:c0:21:75:9d:24:6c:b0:ba:13:5f:99:
98:d5:d3:ef:06:5d:21:80:c8:be:a3:ad:1e:f9:c8:
87:fd:c4:59:30:8f:2b:23:a8:ad:73:dd:5d:5c:cd:
e5:a0:5b:35:0e:4b:89:12:52:8b:7c:f7:94:de:8d:
be:1c:f9:0f:1d:d8:d6:73:e7:67:e1:9f:5f:e7:ba:
29:8e:2d:5b:80:7e:49:2c:12:c8:87:aa:3b:11:47:
5d:e5:4b:81:7e:44:63:43:6e:8d:ec:cb:4f:ae:27:
ec:9d:11:73:30:13:77:03:fd:40:67:ee:b0:76:e4:
45:f3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:DB:9C:B6:28:DE:57:32:E4:E6:9F:08:0D:C8:EE:A6:3D:E6:57:CB
X509v3 Authority Key Identifier:
keyid:D3:79:69:F5:D2:53:21:0B:0A:BE:8E:07:A0:86:F6:08:D6:F2:A0:AF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/03lp9dJTIQsKvo4HoIb2CNbyoK8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/zNuctijeVzLk5p8IDcjupj3mV8s.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/58/5240a6-cd61-4e0c-88b6-f59d20ef27b4/1/03lp9dJTIQsKvo4HoIb2CNbyoK8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.95.0.0/21
185.194.196.0-185.194.198.255
IPv6:
2a0b:ae80::/32
Signature Algorithm: sha256WithRSAEncryption
4a:a5:59:07:58:8d:1e:4d:33:50:0d:bb:f1:4b:10:30:2f:fc:
bd:74:2f:a8:cf:6e:ec:e9:f2:21:59:15:80:4d:60:8f:5a:00:
ba:dc:7b:5b:ba:f4:f3:7e:33:a7:88:76:39:d7:57:86:12:4e:
4d:5b:a6:a5:91:54:7a:32:bb:e5:7f:5b:4c:31:ad:15:f9:1d:
f4:31:49:b5:14:6e:a5:9f:01:ea:5e:b0:61:56:9e:2c:47:4f:
ec:76:7c:ed:42:38:85:52:33:ef:06:90:e8:6e:99:d0:03:01:
27:51:ca:1e:c1:e8:73:cf:1d:f4:9d:cc:ad:1a:36:dc:17:a1:
a9:20:7a:94:e3:1a:47:0b:47:10:77:4e:af:5b:98:88:6a:31:
76:3a:fa:27:da:5b:51:45:0e:00:bf:0a:bb:bb:6d:66:b5:88:
bf:db:5a:73:d0:5a:2f:07:83:fa:06:27:0f:fd:2b:ab:b6:8a:
23:3a:4c:12:a2:bb:f7:c6:02:e2:c3:fb:52:7d:aa:8f:44:ad:
e4:7a:8e:0c:65:ef:aa:85:7c:39:ff:6c:c3:c4:ec:03:cd:4e:
02:35:14:ea:dd:3f:1b:2f:0f:ec:43:30:72:ed:a1:6c:cc:50:
c7:a8:ab:7f:3f:0e:f9:4b:ae:bf:2d:d3:d1:f7:20:b8:0d:b8:
f0:5b:12:3f
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZmbODJeLLBJ73aDTA67ZyNxMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzNzk2OWY1ZDI1MzIxMGIwYWJlOGUwN2EwODZmNjA4ZDZm
MmEwYWYwHhcNMjUwOTMwMTUyMjU1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjY2RiOWNiNjI4ZGU1NzMyZTRlNjlmMDgwZGM4ZWVhNjNkZTY1N2NiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1S2Tp5LOoGGRiuuv9vbXt4kmY6Vf
KRvbUPesF06VHxPmwoUIiFCo4OpnFPakgNaYGyR7Vv9ULMyOx0HBQh2/ijRsUFy+
Ch73E1/g2QPCmZGUiVboLnyGokCsqu5pb5AnCnlKpiPHe+12CkyvsN8RIhiQ1imt
6EXAvZ13BK3DCiM2ZCmkezbsljOiwCF1nSRssLoTX5mY1dPvBl0hgMi+o60e+ciH
/cRZMI8rI6itc91dXM3loFs1DkuJElKLfPeU3o2+HPkPHdjWc+dn4Z9f57opji1b
gH5JLBLIh6o7EUdd5UuBfkRjQ26N7MtPrifsnRFzMBN3A/1AZ+6wduRF8wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFMzbnLYo3lcy5OafCA3I7qY95lfLMB8GA1UdIwQY
MBaAFNN5afXSUyELCr6OB6CG9gjW8qCvMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDNscDlkSlRJUXNLdm80SG9JYjJDTmJ5b0s4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81OC81MjQwYTYtY2Q2MS00ZTBjLTg4YjYt
ZjU5ZDIwZWYyN2I0LzEvek51Y3RpamVWekxrNXA4SURjanVwajNtVjhzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81OC81MjQwYTYtY2Q2MS00ZTBjLTg4YjYtZjU5ZDIwZWYyN2I0
LzEvMDNscDlkSlRJUXNLdm80SG9JYjJDTmJ5b0s4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQDTV8AMAwD
BAK5wsQDBAC5wsYwDQQCAAIwBwMFACoLroAwDQYJKoZIhvcNAQELBQADggEBAEql
WQdYjR5NM1ANu/FLEDAv/L10L6jPbuzp8iFZFYBNYI9aALrce1u69PN+M6eIdjnX
V4YSTk1bpqWRVHoyu+V/W0wxrRX5HfQxSbUUbqWfAepesGFWnixHT+x2fO1COIVS
M+8GkOhumdADASdRyh7B6HPPHfSdzK0aNtwXoakgepTjGkcLRxB3Tq9bmIhqMXY6
+ifaW1FFDgC/Cru7bWa1iL/bWnPQWi8Hg/oGJw/9K6u2iiM6TBKiu/fGAuLD+1J9
qo9EreR6jgxl76qFfDn/bMPE7APNTgI1FOrdPxsvD+xDMHLtoWzMUMeoq38/DvlL
rr8t09H3ILgNuPBbEj8=
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:50:45 2025 by rpki-client