Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/zdibE4mfiVHqDnLS5mxuRDmzbOI.roa
File: zdibE4mfiVHqDnLS5mxuRDmzbOI.roa (raw, json)
Hash identifier: q4d+a6c/rVwNf3UQ3czhyXkx9uCjPFlGcRlNWfDqzEE=
Subject key identifier: CD:D8:9B:13:89:9F:89:51:EA:0E:72:D2:E6:6C:6E:44:39:B3:6C:E2
Certificate issuer: /CN=f04a58047f37bbc057944bbf8cad8742879592da
Certificate serial: 019934D4F5418BEBEFAF4E07985A75EE3B3E
Authority key identifier: F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/zdibE4mfiVHqDnLS5mxuRDmzbOI.roa
Signing time: Wed 10 Sep 2025 18:13:15 +0000
ROA not before: Wed 10 Sep 2025 18:13:15 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 12844
IP address blocks: 124.198.146.0/23 maxlen: 24
158.173.148.0/22 maxlen: 24
158.173.248.0/21 maxlen: 24
185.102.170.0/24 maxlen: 24
212.32.74.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.mft
rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:34:d4:f5:41:8b:eb:ef:af:4e:07:98:5a:75:ee:3b:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=f04a58047f37bbc057944bbf8cad8742879592da
Validity
Not Before: Sep 10 18:13:15 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdd89b13899f8951ea0e72d2e66c6e4439b36ce2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:96:33:ef:d4:ec:f9:cb:da:81:a6:1e:5f:60:94:
e3:fb:f9:c5:6f:49:1a:72:e9:06:ad:32:8d:62:e9:
af:07:0d:00:12:6f:64:57:2d:e0:6c:8f:cb:04:03:
ed:f4:a4:93:7c:3f:74:ca:cd:88:17:78:a3:7f:c2:
03:c1:df:a3:6f:92:c9:88:ba:06:db:aa:bc:3a:0e:
9c:a3:96:61:19:20:8e:0c:9f:11:a2:44:a3:59:74:
2b:f1:57:db:7b:78:13:76:b3:6a:b1:bc:e6:e2:94:
e0:77:54:50:75:04:fe:b7:33:27:87:be:2c:e3:97:
63:0d:99:63:17:d6:04:58:8a:1c:ca:94:0f:29:fc:
bf:b5:7d:c3:79:df:23:ee:06:74:a7:b1:5f:65:33:
82:e4:aa:25:d6:0f:54:4d:7a:f1:68:5b:22:51:24:
87:38:39:91:aa:e9:2d:b4:db:5a:97:bb:b1:db:7f:
a7:db:b6:1d:8b:3d:a9:42:8c:34:d8:9d:73:66:f5:
c7:3b:8a:99:31:dd:20:fe:e5:7f:fb:f5:b8:75:46:
84:52:14:16:52:3c:7d:35:fc:c8:09:cd:6d:29:fb:
e1:f3:f6:28:81:3d:fd:02:a4:a9:8e:87:79:2b:c3:
24:dd:ac:85:1f:60:ba:07:c0:05:71:d5:ae:0b:95:
db:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:D8:9B:13:89:9F:89:51:EA:0E:72:D2:E6:6C:6E:44:39:B3:6C:E2
X509v3 Authority Key Identifier:
keyid:F0:4A:58:04:7F:37:BB:C0:57:94:4B:BF:8C:AD:87:42:87:95:92:DA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/8EpYBH83u8BXlEu_jK2HQoeVkto.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/zdibE4mfiVHqDnLS5mxuRDmzbOI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/66/2ba97e-598b-48dd-8d56-f5fb71b9a51f/1/8EpYBH83u8BXlEu_jK2HQoeVkto.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
124.198.146.0/23
158.173.148.0/22
158.173.248.0/21
185.102.170.0/24
212.32.74.0/24
Signature Algorithm: sha256WithRSAEncryption
4a:f2:74:9a:33:4a:bb:8a:04:f0:ba:5a:bb:8d:2e:49:0a:02:
2c:4f:15:04:21:8b:2e:ee:fe:c3:66:a0:c9:ca:04:43:11:dd:
6a:71:85:ca:31:e8:a9:db:be:0a:7b:6c:07:5f:53:07:ad:64:
2e:71:5f:f8:aa:43:89:52:ec:b1:eb:b9:35:6c:9e:eb:10:91:
b3:48:df:1d:12:25:b2:8d:dc:fe:05:19:2e:69:fe:9f:4e:72:
dd:3d:ea:65:5c:bf:2f:09:19:eb:f8:64:c2:af:05:a2:c6:1c:
f9:18:67:0d:3d:4c:57:bf:88:14:da:15:aa:e7:f9:34:28:56:
9e:10:91:03:2a:25:3b:61:8a:c6:04:9d:ff:f8:e6:31:38:35:
a5:9c:e4:fa:16:e4:5d:3d:e3:ba:77:f8:ea:78:6f:de:51:2e:
53:e2:2c:d8:ab:1a:29:92:9a:9d:a5:d7:b0:ad:33:da:b4:7e:
00:98:c0:2d:fc:8c:a7:b6:96:b9:14:5c:9d:23:d4:b5:b7:a0:
90:aa:fd:33:0c:97:6f:e8:ac:85:6c:9e:37:44:45:45:af:1f:
a6:e4:4c:bb:52:26:f7:cf:b3:dd:93:12:97:27:3e:73:11:69:
a8:0d:0c:a4:f1:0b:0c:dc:58:d6:f9:bc:5f:14:a6:ff:b0:7a:
33:b6:d8:99
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZk01PVBi+vvr04HmFp17js+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGYwNGE1ODA0N2YzN2JiYzA1Nzk0NGJiZjhjYWQ4NzQyODc5
NTkyZGEwHhcNMjUwOTEwMTgxMzE1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGQ4OWIxMzg5OWY4OTUxZWEwZTcyZDJlNjZjNmU0NDM5YjM2Y2UyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAljPv1Oz5y9qBph5fYJTj+/nFb0ka
cukGrTKNYumvBw0AEm9kVy3gbI/LBAPt9KSTfD90ys2IF3ijf8IDwd+jb5LJiLoG
26q8Og6co5ZhGSCODJ8RokSjWXQr8Vfbe3gTdrNqsbzm4pTgd1RQdQT+tzMnh74s
45djDZljF9YEWIocypQPKfy/tX3Ded8j7gZ0p7FfZTOC5Kol1g9UTXrxaFsiUSSH
ODmRqukttNtal7ux23+n27Ydiz2pQow02J1zZvXHO4qZMd0g/uV/+/W4dUaEUhQW
Ujx9NfzICc1tKfvh8/YogT39AqSpjod5K8Mk3ayFH2C6B8AFcdWuC5XbTwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFM3YmxOJn4lR6g5y0uZsbkQ5s2ziMB8GA1UdIwQY
MBaAFPBKWAR/N7vAV5RLv4yth0KHlZLaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYt
ZjVmYjcxYjlhNTFmLzEvemRpYkU0bWZpVkhxRG5MUzVteHVSRG16Yk9JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82Ni8yYmE5N2UtNTk4Yi00OGRkLThkNTYtZjVmYjcxYjlhNTFm
LzEvOEVwWUJIODN1OEJYbEV1X2pLMkhRb2VWa3RvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQBfMaSAwQC
nq2UAwQDnq34AwQAuWaqAwQA1CBKMA0GCSqGSIb3DQEBCwUAA4IBAQBK8nSaM0q7
igTwulq7jS5JCgIsTxUEIYsu7v7DZqDJygRDEd1qcYXKMeip274Ke2wHX1MHrWQu
cV/4qkOJUuyx67k1bJ7rEJGzSN8dEiWyjdz+BRkuaf6fTnLdPeplXL8vCRnr+GTC
rwWixhz5GGcNPUxXv4gU2hWq5/k0KFaeEJEDKiU7YYrGBJ3/+OYxODWlnOT6FuRd
PeO6d/jqeG/eUS5T4izYqxopkpqdpdewrTPatH4AmMAt/Iyntpa5FFydI9S1t6CQ
qv0zDJdv6KyFbJ43REVFrx+m5Ey7Uib3z7PdkxKXJz5zEWmoDQyk8QsM3FjW+bxf
FKb/sHozttiZ
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:57 2025 by rpki-client