Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ZcoCLAuMS0FD4SRSBrl4rRHwFtI.roa
File: ZcoCLAuMS0FD4SRSBrl4rRHwFtI.roa (raw, json)
Hash identifier: g9p+MnHrqDz1zdwz25+f7URDMFu0+pb3qO13uPcQ0yI=
Subject key identifier: 65:CA:02:2C:0B:8C:4B:41:43:E1:24:52:06:B9:78:AD:11:F0:16:D2
Certificate issuer: /CN=adf491488a7cd8448a420945871c0b99672dc66e
Certificate serial: 0198B1D15B19866EBD0EE5C3BBB2FB0F8D19
Authority key identifier: AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ZcoCLAuMS0FD4SRSBrl4rRHwFtI.roa
Signing time: Sat 16 Aug 2025 07:39:04 +0000
ROA not before: Sat 16 Aug 2025 07:39:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214957
IP address blocks: 94.182.228.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.mft
rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:b1:d1:5b:19:86:6e:bd:0e:e5:c3:bb:b2:fb:0f:8d:19
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=adf491488a7cd8448a420945871c0b99672dc66e
Validity
Not Before: Aug 16 07:39:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65ca022c0b8c4b4143e1245206b978ad11f016d2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:a4:f4:28:25:26:37:f6:e4:33:54:36:86:f6:
b6:a5:b2:fe:a0:80:8a:4f:a4:be:b7:33:62:d1:fa:
03:36:94:5e:13:83:b4:28:77:bb:9c:50:f8:7d:2f:
c4:c9:67:c8:69:b9:5d:3f:73:39:85:f0:47:68:a2:
89:d3:c5:2c:14:73:a8:71:20:78:d9:c3:98:57:e3:
a5:6a:67:a8:c6:73:7d:0f:4f:c8:1e:96:80:88:80:
8b:10:4f:a8:d2:a1:34:c3:bc:42:c1:19:0e:aa:5e:
af:a2:ee:c2:3d:f3:8a:4d:f9:f0:a9:97:21:b2:bc:
8f:d3:2b:bc:a7:09:65:96:51:fb:33:ef:bb:d7:61:
f3:13:11:f2:e0:42:05:9d:96:28:5d:d5:d0:66:a7:
23:cf:01:54:37:1b:9d:a4:2e:74:ba:0d:b5:5c:50:
c2:3a:a9:6a:86:9b:5c:2b:3f:01:cd:8b:1d:1a:9e:
2e:74:f1:38:0e:a9:58:41:85:71:f5:e0:2b:27:fc:
1c:08:92:3c:a6:36:cf:78:2c:6f:e9:8f:a1:0d:23:
0c:78:36:82:90:13:36:a5:16:d3:97:dd:5a:85:e0:
dd:2d:1f:a0:74:84:29:1e:8d:92:5d:74:a6:59:3b:
fe:2d:9b:07:00:62:88:0d:d0:dc:4f:24:62:26:54:
d3:71
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:CA:02:2C:0B:8C:4B:41:43:E1:24:52:06:B9:78:AD:11:F0:16:D2
X509v3 Authority Key Identifier:
keyid:AD:F4:91:48:8A:7C:D8:44:8A:42:09:45:87:1C:0B:99:67:2D:C6:6E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/rfSRSIp82ESKQglFhxwLmWctxm4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/ZcoCLAuMS0FD4SRSBrl4rRHwFtI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/72/715d15-2810-4827-8dbd-0bee06126b1a/1/rfSRSIp82ESKQglFhxwLmWctxm4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.182.228.0/24
Signature Algorithm: sha256WithRSAEncryption
3b:56:64:22:1b:e2:c4:47:2d:48:d3:8c:a1:10:b0:54:ae:2f:
dc:0d:ad:9b:03:52:73:14:e2:ff:59:69:2c:07:1e:a0:0d:11:
e9:9a:ae:cf:31:f4:36:8a:1f:de:8f:21:96:19:c4:1d:1e:c2:
6a:16:8c:44:62:f6:51:1a:1f:1d:86:61:84:b1:8c:b2:54:c4:
0b:f7:78:d6:c2:a1:62:3f:e2:d4:96:4d:c5:9d:a4:de:56:d9:
95:17:55:5f:eb:fe:4d:e6:2d:23:03:b5:13:03:dd:d4:cc:33:
ec:3c:9f:ce:6a:c2:ce:56:bb:57:29:71:d0:74:ea:f9:a7:16:
c3:84:c3:21:f0:74:2b:44:04:f3:cc:dc:37:ef:9d:f8:4f:72:
66:86:18:f6:7d:96:52:fd:f5:3d:d3:a7:7c:0a:87:f2:a0:f6:
cf:5a:bc:32:2b:98:78:60:28:c0:8f:ae:b3:38:bf:bf:9c:1a:
e1:ad:50:62:95:59:bd:bd:8f:3b:54:05:47:14:0c:a3:5f:60:
1a:61:ad:b9:31:32:98:64:07:28:90:7c:91:76:5f:8e:fa:6a:
f5:ba:e7:39:f1:f5:6a:15:4c:0b:fc:f5:79:1c:15:30:78:4b:
23:f3:05:21:2a:aa:94:ef:84:cf:4f:73:33:b1:60:49:9f:00:
69:d4:1e:3b
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZix0VsZhm69DuXDu7L7D40ZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGFkZjQ5MTQ4OGE3Y2Q4NDQ4YTQyMDk0NTg3MWMwYjk5Njcy
ZGM2NmUwHhcNMjUwODE2MDczOTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWNhMDIyYzBiOGM0YjQxNDNlMTI0NTIwNmI5NzhhZDExZjAxNmQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA06T0KCUmN/bkM1Q2hva2pbL+oICK
T6S+tzNi0foDNpReE4O0KHe7nFD4fS/EyWfIabldP3M5hfBHaKKJ08UsFHOocSB4
2cOYV+OlameoxnN9D0/IHpaAiICLEE+o0qE0w7xCwRkOql6vou7CPfOKTfnwqZch
sryP0yu8pwllllH7M++712HzExHy4EIFnZYoXdXQZqcjzwFUNxudpC50ug21XFDC
OqlqhptcKz8BzYsdGp4udPE4DqlYQYVx9eArJ/wcCJI8pjbPeCxv6Y+hDSMMeDaC
kBM2pRbTl91aheDdLR+gdIQpHo2SXXSmWTv+LZsHAGKIDdDcTyRiJlTTcQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGXKAiwLjEtBQ+EkUga5eK0R8BbSMB8GA1UdIwQY
MBaAFK30kUiKfNhEikIJRYccC5lnLcZuMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQt
MGJlZTA2MTI2YjFhLzEvWmNvQ0xBdU1TMEZENFNSU0JybDRyUkh3RnRJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83Mi83MTVkMTUtMjgxMC00ODI3LThkYmQtMGJlZTA2MTI2YjFh
LzEvcmZTUlNJcDgyRVNLUWdsRmh4d0xtV2N0eG00LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAXrbkMA0G
CSqGSIb3DQEBCwUAA4IBAQA7VmQiG+LERy1I04yhELBUri/cDa2bA1JzFOL/WWks
Bx6gDRHpmq7PMfQ2ih/ejyGWGcQdHsJqFoxEYvZRGh8dhmGEsYyyVMQL93jWwqFi
P+LUlk3FnaTeVtmVF1Vf6/5N5i0jA7UTA93UzDPsPJ/OasLOVrtXKXHQdOr5pxbD
hMMh8HQrRATzzNw37534T3Jmhhj2fZZS/fU906d8CofyoPbPWrwyK5h4YCjAj66z
OL+/nBrhrVBilVm9vY87VAVHFAyjX2AaYa25MTKYZAcokHyRdl+O+mr1uuc58fVq
FUwL/PV5HBUweEsj8wUhKqqU74TPT3MzsWBJnwBp1B47
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:51:22 2025 by rpki-client