Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/ZF1SC7MrVuGK4fd5ZmYRiHDlL3I.roa
File: ZF1SC7MrVuGK4fd5ZmYRiHDlL3I.roa (raw, json)
Hash identifier: KgxBB1nnxX0nfT2Gm3/SgLbCQQuHnTl1fS9TiWSDHoI=
Subject key identifier: 64:5D:52:0B:B3:2B:56:E1:8A:E1:F7:79:66:66:11:88:70:E5:2F:72
Certificate issuer: /CN=a3f1b22b2054502bfd3889138291103d83b6a50e
Certificate serial: 0197792995FB9BBA3C2E79CE6EE49F3F6CEE
Authority key identifier: A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/ZF1SC7MrVuGK4fd5ZmYRiHDlL3I.roa
Signing time: Mon 16 Jun 2025 14:34:17 +0000
ROA not before: Mon 16 Jun 2025 14:34:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9121
IP address blocks: 46.235.14.0/24 maxlen: 24
178.210.180.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 30 Jun 2025 07:42:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:79:29:95:fb:9b:ba:3c:2e:79:ce:6e:e4:9f:3f:6c:ee
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a3f1b22b2054502bfd3889138291103d83b6a50e
Validity
Not Before: Jun 16 14:34:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=645d520bb32b56e18ae1f7796666118870e52f72
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:c8:01:6a:61:80:ad:35:a1:2c:07:b9:85:84:
89:5a:d9:95:70:55:bd:79:76:54:ea:5c:38:e3:bf:
ab:0b:0e:29:16:ab:ed:de:bb:31:5c:0e:cb:f5:5b:
4a:d1:d2:9a:96:91:9d:29:bd:dd:6e:42:a6:bc:9f:
47:f2:c5:03:65:00:84:6f:7d:a8:00:71:b4:3a:aa:
1e:83:63:f1:b1:39:53:31:c4:2f:8d:94:46:c7:a3:
ff:5d:c5:9e:fb:5e:e4:29:25:36:84:94:18:bf:90:
b4:29:67:17:70:c2:6b:fe:50:04:cc:06:be:bf:c0:
b4:4a:92:65:9f:c9:45:57:a0:9b:c5:e7:0a:2a:3e:
41:9c:db:e9:8c:4f:22:b1:bd:5c:88:1b:73:90:27:
54:14:8a:79:1c:4a:64:ee:f3:51:01:09:46:6c:84:
88:93:b4:09:5c:89:bd:71:f4:83:2d:1f:a6:34:da:
63:4d:f9:b7:55:1c:a3:a8:eb:fb:cb:f6:59:0f:e3:
df:fd:99:ac:05:39:53:31:ee:af:35:2c:de:a9:c4:
34:47:43:9f:60:da:2c:56:9c:6b:3a:76:70:38:c5:
59:73:0c:6c:a3:f5:20:35:39:e1:62:0f:58:61:df:
4d:54:8c:33:65:a1:10:1a:39:89:7b:0d:3f:c7:8e:
40:3b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:5D:52:0B:B3:2B:56:E1:8A:E1:F7:79:66:66:11:88:70:E5:2F:72
X509v3 Authority Key Identifier:
keyid:A3:F1:B2:2B:20:54:50:2B:FD:38:89:13:82:91:10:3D:83:B6:A5:0E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/ZF1SC7MrVuGK4fd5ZmYRiHDlL3I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/7a/a8aaff-12a1-4641-8b9d-24d272ce11e3/1/o_GyKyBUUCv9OIkTgpEQPYO2pQ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.235.14.0/24
178.210.180.0/24
Signature Algorithm: sha256WithRSAEncryption
96:84:ae:24:b7:5d:1b:e3:ab:0e:10:f4:91:01:7e:9b:be:48:
29:a8:38:2a:4c:58:e8:ab:cd:39:fa:ec:51:5f:22:88:b9:56:
6a:df:39:d2:65:2b:14:9a:1d:1e:43:ba:8f:23:ec:1f:b4:47:
f5:f8:80:b6:5b:75:91:3e:dd:37:b2:8c:5b:8e:f8:1a:e2:27:
e9:c2:64:e9:fa:4f:f1:28:14:61:43:af:de:1c:f5:f3:6f:d0:
99:10:c5:15:39:85:0e:b5:5f:89:36:36:92:68:87:af:e4:6d:
ba:ba:f3:ec:f9:db:b9:bd:f1:7c:57:e5:1a:19:11:d2:b0:dd:
52:5f:8c:86:41:fb:14:34:ac:df:83:60:84:c9:7c:9e:b0:49:
33:26:a2:99:63:04:06:47:d1:8b:24:64:ff:83:f1:3a:75:ec:
4f:cf:b3:e3:83:8a:89:62:b9:8f:21:3e:99:f2:06:83:ef:c4:
1f:cf:17:fa:91:4c:ef:79:58:5a:70:cd:ea:1d:7e:4b:e0:34:
d1:26:4b:91:23:5e:52:a8:af:30:15:f4:19:8a:8c:bb:51:98:
ee:83:22:29:2d:1b:82:85:6e:07:49:8e:9b:31:69:a8:eb:52:
41:d3:59:02:26:fd:41:66:58:ea:85:d3:0a:db:18:64:e3:c6:
de:84:72:5f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZd5KZX7m7o8LnnObuSfP2zuMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGEzZjFiMjJiMjA1NDUwMmJmZDM4ODkxMzgyOTExMDNkODNi
NmE1MGUwHhcNMjUwNjE2MTQzNDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDVkNTIwYmIzMmI1NmUxOGFlMWY3Nzk2NjY2MTE4ODcwZTUyZjcyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsMgBamGArTWhLAe5hYSJWtmVcFW9
eXZU6lw447+rCw4pFqvt3rsxXA7L9VtK0dKalpGdKb3dbkKmvJ9H8sUDZQCEb32o
AHG0Oqoeg2PxsTlTMcQvjZRGx6P/XcWe+17kKSU2hJQYv5C0KWcXcMJr/lAEzAa+
v8C0SpJln8lFV6CbxecKKj5BnNvpjE8isb1ciBtzkCdUFIp5HEpk7vNRAQlGbISI
k7QJXIm9cfSDLR+mNNpjTfm3VRyjqOv7y/ZZD+Pf/ZmsBTlTMe6vNSzeqcQ0R0Of
YNosVpxrOnZwOMVZcwxso/UgNTnhYg9YYd9NVIwzZaEQGjmJew0/x45AOwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGRdUguzK1bhiuH3eWZmEYhw5S9yMB8GA1UdIwQY
MBaAFKPxsisgVFAr/TiJE4KRED2DtqUOMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQt
MjRkMjcyY2UxMWUzLzEvWkYxU0M3TXJWdUdLNGZkNVptWVJpSERsTDNJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83YS9hOGFhZmYtMTJhMS00NjQxLThiOWQtMjRkMjcyY2UxMWUz
LzEvb19HeUt5QlVVQ3Y5T0lrVGdwRVFQWU8ycFE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALusOAwQA
stK0MA0GCSqGSIb3DQEBCwUAA4IBAQCWhK4kt10b46sOEPSRAX6bvkgpqDgqTFjo
q805+uxRXyKIuVZq3znSZSsUmh0eQ7qPI+wftEf1+IC2W3WRPt03soxbjvga4ifp
wmTp+k/xKBRhQ6/eHPXzb9CZEMUVOYUOtV+JNjaSaIev5G26uvPs+du5vfF8V+Ua
GRHSsN1SX4yGQfsUNKzfg2CEyXyesEkzJqKZYwQGR9GLJGT/g/E6dexPz7Pjg4qJ
YrmPIT6Z8gaD78Qfzxf6kUzveVhacM3qHX5L4DTRJkuRI15SqK8wFfQZioy7UZju
gyIpLRuChW4HSY6bMWmo61JB01kCJv1BZljqhdMK2xhk48behHJf
-----END CERTIFICATE-----
Generated at Sun Jun 29 16:30:06 2025 by rpki-client