Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/zbLb6V2msPLlJ2wj3a08eMqWNX8.roa
File: zbLb6V2msPLlJ2wj3a08eMqWNX8.roa (raw, json)
Hash identifier: rsMnMJGficXOTixQcjNnqlofIjEsJ0amK5sDmhVfoBY=
Subject key identifier: CD:B2:DB:E9:5D:A6:B0:F2:E5:27:6C:23:DD:AD:3C:78:CA:96:35:7F
Certificate issuer: /CN=58ad60da52671e9083cf39864eca2aa23241be9e
Certificate serial: 01996D93C0BC15B98F13CED65E5FD988F47A
Authority key identifier: 58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/zbLb6V2msPLlJ2wj3a08eMqWNX8.roa
Signing time: Sun 21 Sep 2025 18:40:23 +0000
ROA not before: Sun 21 Sep 2025 18:40:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214411
IP address blocks: 2a0b:b480::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.mft
rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 13:01:32 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:6d:93:c0:bc:15:b9:8f:13:ce:d6:5e:5f:d9:88:f4:7a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=58ad60da52671e9083cf39864eca2aa23241be9e
Validity
Not Before: Sep 21 18:40:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdb2dbe95da6b0f2e5276c23ddad3c78ca96357f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:91:21:fd:ee:7d:ee:d9:7f:7c:25:0b:33:1a:
47:28:b3:ea:24:5f:f5:d6:af:56:28:54:c1:82:70:
5d:5b:bf:7e:1c:a7:dd:75:c3:14:72:62:87:db:42:
ae:4b:d3:48:a3:69:95:e7:c1:a6:0a:8d:ed:02:4a:
4d:15:8e:d5:c7:2f:f0:c6:14:a7:a2:b4:b3:94:64:
9e:7b:cb:b9:06:51:43:88:da:41:4f:32:e4:03:b4:
8e:f0:09:e9:95:3c:4c:af:39:26:12:2e:b4:32:3b:
8e:f7:3f:bb:db:87:ea:62:07:62:47:7f:06:ee:b6:
2c:91:ea:7f:41:03:e1:61:6a:c6:f0:ea:43:98:25:
06:aa:68:cc:66:68:f0:6c:75:eb:fd:be:d9:0e:71:
6c:8e:bc:e5:f5:4f:3d:4e:92:a4:30:4b:ac:a9:0c:
6d:46:8a:d7:79:cf:c4:e9:78:83:0a:2b:b7:d0:44:
e3:b7:47:12:bd:7f:74:44:93:60:8d:ad:01:dd:7b:
f8:a5:04:ee:4f:1b:ce:5b:d5:65:01:ea:b2:34:14:
06:48:e7:71:1b:51:b9:02:ba:bf:c5:1e:8a:8b:89:
4a:b7:27:ec:40:c1:da:76:03:03:0b:de:09:a8:dc:
1d:26:95:46:a0:bf:5a:01:7e:ad:be:56:83:7a:ef:
d4:73
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:B2:DB:E9:5D:A6:B0:F2:E5:27:6C:23:DD:AD:3C:78:CA:96:35:7F
X509v3 Authority Key Identifier:
keyid:58:AD:60:DA:52:67:1E:90:83:CF:39:86:4E:CA:2A:A2:32:41:BE:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/WK1g2lJnHpCDzzmGTsoqojJBvp4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/zbLb6V2msPLlJ2wj3a08eMqWNX8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/bc/7a1988-2736-49dc-a907-11b3cf3fd4e1/1/WK1g2lJnHpCDzzmGTsoqojJBvp4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0b:b480::/29
Signature Algorithm: sha256WithRSAEncryption
9f:5b:74:17:cc:80:49:33:ee:6f:87:24:18:18:bd:c6:12:3a:
e8:12:3b:bb:36:60:ff:24:f5:d4:4a:b9:60:be:b7:3b:54:bc:
44:f9:ae:8c:07:d2:13:38:1b:c1:5d:6a:42:12:95:2d:1b:fc:
49:59:4c:0e:c4:a7:63:d5:ae:f0:62:a5:a4:51:37:72:e4:ab:
a3:8c:e3:08:a1:7e:89:74:5a:74:2d:9a:59:c9:b3:4e:2d:b8:
4d:7f:cd:ae:95:06:9e:1a:1b:33:bf:10:9c:df:ee:1b:52:a0:
99:47:cf:28:56:aa:04:ee:0a:2e:01:42:d0:03:1b:5b:91:e9:
f7:a3:97:d4:4c:6c:2b:32:3f:f5:49:d6:16:85:5a:4e:ce:9f:
ac:68:32:a6:0d:4c:4f:c4:b0:8c:bd:16:c6:83:10:bc:4a:c8:
21:e5:a1:d1:b9:66:a5:44:59:85:28:cc:0b:ba:39:c9:56:95:
fe:2b:eb:19:07:8a:e8:2d:f4:2f:f9:66:1f:36:55:cf:92:c9:
91:ce:4f:4b:f7:18:60:3d:bc:29:4f:f5:0e:78:4d:9f:e5:bd:
65:16:c7:37:09:ec:76:f3:c7:69:cb:7f:f9:54:14:42:81:3d:
62:46:80:fe:8f:5e:ee:3b:56:b9:92:4d:db:3c:2b:d4:72:53:
0b:1d:e5:25
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZltk8C8FbmPE87WXl/ZiPR6MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU4YWQ2MGRhNTI2NzFlOTA4M2NmMzk4NjRlY2EyYWEyMzI0
MWJlOWUwHhcNMjUwOTIxMTg0MDIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGIyZGJlOTVkYTZiMGYyZTUyNzZjMjNkZGFkM2M3OGNhOTYzNTdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAn5Eh/e597tl/fCULMxpHKLPqJF/1
1q9WKFTBgnBdW79+HKfddcMUcmKH20KuS9NIo2mV58GmCo3tAkpNFY7Vxy/wxhSn
orSzlGSee8u5BlFDiNpBTzLkA7SO8AnplTxMrzkmEi60MjuO9z+724fqYgdiR38G
7rYskep/QQPhYWrG8OpDmCUGqmjMZmjwbHXr/b7ZDnFsjrzl9U89TpKkMEusqQxt
RorXec/E6XiDCiu30ETjt0cSvX90RJNgja0B3Xv4pQTuTxvOW9VlAeqyNBQGSOdx
G1G5Arq/xR6Ki4lKtyfsQMHadgMDC94JqNwdJpVGoL9aAX6tvlaDeu/UcwIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFM2y2+ldprDy5SdsI92tPHjKljV/MB8GA1UdIwQY
MBaAFFitYNpSZx6Qg885hk7KKqIyQb6eMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDct
MTFiM2NmM2ZkNGUxLzEvemJMYjZWMm1zUExsSjJ3ajNhMDhlTXFXTlg4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iYy83YTE5ODgtMjczNi00OWRjLWE5MDctMTFiM2NmM2ZkNGUx
LzEvV0sxZzJsSm5IcENEenptR1Rzb3FvakpCdnA0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUDKgu0gDAN
BgkqhkiG9w0BAQsFAAOCAQEAn1t0F8yASTPub4ckGBi9xhI66BI7uzZg/yT11Eq5
YL63O1S8RPmujAfSEzgbwV1qQhKVLRv8SVlMDsSnY9Wu8GKlpFE3cuSro4zjCKF+
iXRadC2aWcmzTi24TX/NrpUGnhobM78QnN/uG1KgmUfPKFaqBO4KLgFC0AMbW5Hp
96OX1ExsKzI/9UnWFoVaTs6frGgypg1MT8SwjL0WxoMQvErIIeWh0blmpURZhSjM
C7o5yVaV/ivrGQeK6C30L/lmHzZVz5LJkc5PS/cYYD28KU/1DnhNn+W9ZRbHNwns
dvPHact/+VQUQoE9YkaA/o9e7jtWuZJN2zwr1HJTCx3lJQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:35:30 2025 by rpki-client