Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ZThUYrwMCDZfTFYp3Ri7lcKPOro.roa
File: ZThUYrwMCDZfTFYp3Ri7lcKPOro.roa (raw, json)
Hash identifier: FEk8cGHByCyLj274nF9Kg+0l3EjC+xBhTb0TEAuhoKc=
Subject key identifier: 65:38:54:62:BC:0C:08:36:5F:4C:56:29:DD:18:BB:95:C2:8F:3A:BA
Certificate issuer: /CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Certificate serial: 019890AE642EDF8F427DDC8BF285D35E369A
Authority key identifier: B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ZThUYrwMCDZfTFYp3Ri7lcKPOro.roa
Signing time: Sat 09 Aug 2025 21:13:24 +0000
ROA not before: Sat 09 Aug 2025 21:13:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205634
IP address blocks: 2a0a:79c0:f00::/44 maxlen: 44
2a0a:79c0:f00::/48 maxlen: 48
2a0a:79c0:f01::/48 maxlen: 48
2a0a:79c0:f02::/48 maxlen: 48
2a0a:79c0:f03::/48 maxlen: 48
2a0a:79c0:f04::/48 maxlen: 48
2a0a:79c0:f05::/48 maxlen: 48
2a0a:79c0:f06::/48 maxlen: 48
2a0a:79c0:f07::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:90:ae:64:2e:df:8f:42:7d:dc:8b:f2:85:d3:5e:36:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b8074b419ead4cefea2f2ad2c259d978c5ed7954
Validity
Not Before: Aug 9 21:13:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65385462bc0c08365f4c5629dd18bb95c28f3aba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:e6:14:d9:58:13:5b:70:76:51:60:72:74:73:
bb:f7:37:cb:88:f0:5b:7b:a5:91:91:3b:08:e8:65:
20:3d:85:b2:1b:d4:95:c4:aa:19:1b:c2:ee:0f:89:
d7:b5:85:7e:ae:2e:0b:7a:71:75:98:b4:da:3e:e4:
f3:8b:ac:49:5f:dc:82:a7:d0:74:b6:a6:43:91:40:
fd:23:29:1f:6c:45:58:7b:99:a3:ee:b2:0b:ca:bf:
88:4f:31:11:13:4e:ea:67:62:e7:d3:fe:bd:e2:ee:
3d:fc:f0:c0:9b:f1:f4:d5:ff:15:a3:ff:a2:0f:42:
1e:b8:68:46:ad:fd:41:94:87:13:ca:1e:1b:bb:e7:
e2:2c:ae:4b:10:b5:23:9f:f0:2b:6e:0e:74:1b:bc:
df:50:95:44:95:3b:52:89:90:d3:77:ab:d2:5f:a8:
3b:77:aa:ba:d4:6c:0b:26:bd:85:79:f3:a7:06:bf:
2c:86:1f:04:2b:62:8b:e6:e4:ee:7e:2e:b0:1a:f7:
b3:6c:bd:59:bd:d7:aa:9a:81:22:66:15:d9:39:01:
48:35:71:e3:b6:d4:78:bd:79:5d:28:32:7c:e4:1d:
60:c5:68:aa:23:a2:34:9d:82:07:be:94:51:1a:06:
0c:4a:25:29:01:9f:af:b7:cb:60:5e:8c:1b:0f:15:
0f:d7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:38:54:62:BC:0C:08:36:5F:4C:56:29:DD:18:BB:95:C2:8F:3A:BA
X509v3 Authority Key Identifier:
keyid:B8:07:4B:41:9E:AD:4C:EF:EA:2F:2A:D2:C2:59:D9:78:C5:ED:79:54
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/ZThUYrwMCDZfTFYp3Ri7lcKPOro.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/9b/1e43e4-d06e-4a55-bdb6-3d91ede5b2b1/1/uAdLQZ6tTO_qLyrSwlnZeMXteVQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0a:79c0:f00::/44
Signature Algorithm: sha256WithRSAEncryption
3d:8f:e6:e9:e8:e6:3f:93:cd:62:65:76:54:c5:23:88:24:09:
32:38:0b:9a:e8:75:50:f3:45:09:f3:ba:27:d0:46:2d:f5:8a:
58:aa:7c:8a:11:ca:e4:94:f7:ef:42:16:e7:af:2a:ec:1c:87:
fd:f1:e6:3b:ee:7a:72:83:21:4c:03:cd:79:77:a1:ef:bc:7d:
4f:4f:56:47:2b:8d:2b:39:b2:33:83:5c:e8:93:2a:17:b1:94:
ae:12:85:04:36:fe:42:e0:ea:91:83:eb:75:b3:e0:0d:1d:6d:
36:a2:70:4c:3b:c9:6a:74:7d:3c:bb:bb:be:7d:31:b9:6d:b0:
db:00:57:fd:cd:f2:ad:97:81:50:b1:68:9f:1e:04:e0:45:9e:
65:19:96:b6:eb:fe:1b:dc:9a:23:a4:a0:f4:d5:58:45:a3:d9:
ef:a8:2e:5b:cc:43:47:6a:62:ce:c9:32:24:d7:60:b4:25:8d:
45:7b:1a:22:87:8c:e1:6c:b2:2d:6c:57:c2:4d:b1:0f:51:2f:
74:5e:b7:e3:12:fe:f0:db:a8:17:28:96:7c:d0:dd:b7:42:8f:
17:2d:10:27:66:5c:9e:3b:29:d0:08:31:c7:ba:6c:e6:27:2d:
29:c7:b4:f8:63:c2:ef:8e:30:54:4d:49:27:39:91:52:0c:d5:
e8:24:f1:d6
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZiQrmQu349CfdyL8oXTXjaaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI4MDc0YjQxOWVhZDRjZWZlYTJmMmFkMmMyNTlkOTc4YzVl
ZDc5NTQwHhcNMjUwODA5MjExMzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM4NTQ2MmJjMGMwODM2NWY0YzU2MjlkZDE4YmI5NWMyOGYzYWJhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAueYU2VgTW3B2UWBydHO79zfLiPBb
e6WRkTsI6GUgPYWyG9SVxKoZG8LuD4nXtYV+ri4LenF1mLTaPuTzi6xJX9yCp9B0
tqZDkUD9IykfbEVYe5mj7rILyr+ITzERE07qZ2Ln0/694u49/PDAm/H01f8Vo/+i
D0IeuGhGrf1BlIcTyh4bu+fiLK5LELUjn/Arbg50G7zfUJVElTtSiZDTd6vSX6g7
d6q61GwLJr2FefOnBr8shh8EK2KL5uTufi6wGvezbL1ZvdeqmoEiZhXZOQFINXHj
ttR4vXldKDJ85B1gxWiqI6I0nYIHvpRRGgYMSiUpAZ+vt8tgXowbDxUP1wIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFGU4VGK8DAg2X0xWKd0Yu5XCjzq6MB8GA1UdIwQY
MBaAFLgHS0GerUzv6i8q0sJZ2XjF7XlUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYt
M2Q5MWVkZTViMmIxLzEvWlRoVVlyd01DRFpmVEZZcDNSaTdsY0tQT3JvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85Yi8xZTQzZTQtZDA2ZS00YTU1LWJkYjYtM2Q5MWVkZTViMmIx
LzEvdUFkTFFaNnRUT19xTHlyU3dsblplTVh0ZVZRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcEKgp5wA8A
MA0GCSqGSIb3DQEBCwUAA4IBAQA9j+bp6OY/k81iZXZUxSOIJAkyOAua6HVQ80UJ
87on0EYt9YpYqnyKEcrklPfvQhbnryrsHIf98eY77npygyFMA815d6HvvH1PT1ZH
K40rObIzg1zokyoXsZSuEoUENv5C4OqRg+t1s+ANHW02onBMO8lqdH08u7u+fTG5
bbDbAFf9zfKtl4FQsWifHgTgRZ5lGZa26/4b3JojpKD01VhFo9nvqC5bzENHamLO
yTIk12C0JY1Fexoih4zhbLItbFfCTbEPUS90XrfjEv7w26gXKJZ80N23Qo8XLRAn
ZlyeOynQCDHHumzmJy0px7T4Y8LvjjBUTUknOZFSDNXoJPHW
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:59:13 2025 by rpki-client