Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/s_zMcXxflRh9gHR1FIZttGtTjGE.roa
File: s_zMcXxflRh9gHR1FIZttGtTjGE.roa (raw, json)
Hash identifier: g61ySbj8E0IaX2KE/SgM0wXcbhaZ44LqHEYTKp0t9w0=
Subject key identifier: B3:FC:CC:71:7C:5F:95:18:7D:80:74:75:14:86:6D:B4:6B:53:8C:61
Certificate issuer: /CN=44e888a76e99851b01fb86cec537d4d8e610de16
Certificate serial: 019889C4E3425280CFB25B2223DC7A752A3B
Authority key identifier: 44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/s_zMcXxflRh9gHR1FIZttGtTjGE.roa
Signing time: Fri 08 Aug 2025 13:00:38 +0000
ROA not before: Fri 08 Aug 2025 13:00:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 48955
IP address blocks: 89.35.80.0/23 maxlen: 23
89.40.222.0/23 maxlen: 23
89.45.124.0/23 maxlen: 23
91.193.24.0/24 maxlen: 24
91.235.207.0/24 maxlen: 24
92.42.0.0/24 maxlen: 24
185.98.158.0/24 maxlen: 24
193.33.105.0/24 maxlen: 24
193.176.99.0/24 maxlen: 24
193.239.176.0/24 maxlen: 24
194.32.82.0/24 maxlen: 24
194.106.206.0/24 maxlen: 24
194.169.202.0/24 maxlen: 24
195.35.100.0/24 maxlen: 24
195.189.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.mft
rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:89:c4:e3:42:52:80:cf:b2:5b:22:23:dc:7a:75:2a:3b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=44e888a76e99851b01fb86cec537d4d8e610de16
Validity
Not Before: Aug 8 13:00:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=b3fccc717c5f95187d80747514866db46b538c61
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:3c:a8:b3:37:da:0d:0c:c2:cb:f7:87:d6:96:
b3:ff:61:22:49:68:3a:1a:69:af:ba:9e:1b:ef:06:
17:48:68:bb:8f:ca:7c:75:c3:a4:43:a1:81:8a:34:
23:a7:3d:ee:4c:d9:5f:93:93:41:32:6c:52:bf:0d:
3f:7e:49:58:da:5e:f7:42:2b:41:7b:39:42:92:9d:
a9:df:8b:df:0f:e0:e8:d9:87:90:4c:3d:34:c9:e1:
1c:94:d0:85:c9:b9:4b:6c:8f:2a:69:b4:40:42:ed:
19:79:1a:af:8c:46:11:88:2e:4e:4c:76:ba:a1:49:
4e:c6:d0:8e:c5:af:19:92:1c:c2:5c:63:56:22:71:
0c:b2:06:b9:87:e0:99:cd:95:15:6c:01:64:bf:b6:
21:a2:1b:8c:08:9b:18:6f:2f:04:ad:a8:6d:41:0a:
f1:8d:24:c0:31:9f:50:cb:4d:25:42:f1:ba:f9:f2:
6b:9e:d5:57:8e:56:aa:4f:cd:ff:bd:81:4a:8e:f0:
f6:de:64:9e:2a:1a:55:d5:eb:be:6a:fe:fb:68:5f:
52:88:97:1f:aa:32:5d:c8:4b:f5:d2:cc:bf:ec:28:
5a:5e:5a:34:f0:09:69:68:88:de:48:9b:3a:9a:e1:
5f:74:70:7b:df:8a:d5:34:10:e5:f2:22:7d:96:1a:
68:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
B3:FC:CC:71:7C:5F:95:18:7D:80:74:75:14:86:6D:B4:6B:53:8C:61
X509v3 Authority Key Identifier:
keyid:44:E8:88:A7:6E:99:85:1B:01:FB:86:CE:C5:37:D4:D8:E6:10:DE:16
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/s_zMcXxflRh9gHR1FIZttGtTjGE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c1/82e2ba-442c-42b0-9315-bc0dba932b35/1/ROiIp26ZhRsB-4bOxTfU2OYQ3hY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.35.80.0/23
89.40.222.0/23
89.45.124.0/23
91.193.24.0/24
91.235.207.0/24
92.42.0.0/24
185.98.158.0/24
193.33.105.0/24
193.176.99.0/24
193.239.176.0/24
194.32.82.0/24
194.106.206.0/24
194.169.202.0/24
195.35.100.0/24
195.189.156.0/24
Signature Algorithm: sha256WithRSAEncryption
46:0d:d0:e7:f7:18:16:40:41:c4:fc:b2:86:60:9a:03:10:38:
7e:43:4e:5e:09:84:eb:94:00:00:0d:2b:27:90:9d:52:b8:05:
54:32:f9:b0:63:65:97:e3:0f:8d:dc:a3:39:fa:d4:4e:85:12:
9d:9f:e5:bc:f2:1e:4d:2a:92:2d:55:55:d0:da:ae:c3:6e:b1:
de:a6:d0:21:ab:3a:e8:59:65:3e:4b:ee:87:f3:47:5e:e3:93:
ad:8a:96:9a:ed:f0:8b:2d:aa:0f:a5:98:03:2b:d2:e2:55:ce:
4f:66:22:ee:12:a1:86:a8:0e:c4:c8:06:43:61:60:22:98:fd:
d0:70:8f:19:ad:4d:0d:27:0f:79:b8:5b:08:6f:21:7b:19:bd:
7a:d3:13:54:f8:0c:5c:ae:8f:cf:02:e3:70:8e:e6:a0:6b:b8:
b6:62:f8:7a:f3:04:25:2c:5f:d2:c7:29:95:3c:ed:96:69:cf:
85:d1:31:05:49:9d:9d:66:36:0c:30:3f:7d:e0:9c:bf:9a:21:
95:6b:b2:d8:0c:09:85:1b:a1:c7:c2:5c:c8:2f:a6:9b:8b:e2:
62:83:06:01:cc:c5:4b:2a:fa:47:60:24:92:ad:09:d6:6e:53:
e1:fa:30:8f:c2:aa:ce:a3:3d:48:fc:02:3c:4e:53:e4:ac:d9:
8a:a7:19:af
-----BEGIN CERTIFICATE-----
MIIFUTCCBDmgAwIBAgISAZiJxONCUoDPslsiI9x6dSo7MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDQ0ZTg4OGE3NmU5OTg1MWIwMWZiODZjZWM1MzdkNGQ4ZTYx
MGRlMTYwHhcNMjUwODA4MTMwMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiM2ZjY2M3MTdjNWY5NTE4N2Q4MDc0NzUxNDg2NmRiNDZiNTM4YzYxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvzyoszfaDQzCy/eH1paz/2EiSWg6
Gmmvup4b7wYXSGi7j8p8dcOkQ6GBijQjpz3uTNlfk5NBMmxSvw0/fklY2l73QitB
ezlCkp2p34vfD+Do2YeQTD00yeEclNCFyblLbI8qabRAQu0ZeRqvjEYRiC5OTHa6
oUlOxtCOxa8ZkhzCXGNWInEMsga5h+CZzZUVbAFkv7YhohuMCJsYby8ErahtQQrx
jSTAMZ9Qy00lQvG6+fJrntVXjlaqT83/vYFKjvD23mSeKhpV1eu+av77aF9SiJcf
qjJdyEv10sy/7ChaXlo08AlpaIjeSJs6muFfdHB734rVNBDl8iJ9lhpojQIDAQAB
o4ICXTCCAlkwHQYDVR0OBBYEFLP8zHF8X5UYfYB0dRSGbbRrU4xhMB8GA1UdIwQY
MBaAFEToiKdumYUbAfuGzsU31NjmEN4WMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUt
YmMwZGJhOTMyYjM1LzEvc196TWNYeGZsUmg5Z0hSMUZJWnR0R3RUakdFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jMS84MmUyYmEtNDQyYy00MmIwLTkzMTUtYmMwZGJhOTMyYjM1
LzEvUk9pSXAyNlpoUnNCLTRiT3hUZlUyT1lRM2hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHMGCCsGAQUFBwEHAQH/BGQwYjBgBAIAATBaAwQBWSNQAwQB
WSjeAwQBWS18AwQAW8EYAwQAW+vPAwQAXCoAAwQAuWKeAwQAwSFpAwQAwbBjAwQA
we+wAwQAwiBSAwQAwmrOAwQAwqnKAwQAwyNkAwQAw72cMA0GCSqGSIb3DQEBCwUA
A4IBAQBGDdDn9xgWQEHE/LKGYJoDEDh+Q05eCYTrlAAADSsnkJ1SuAVUMvmwY2WX
4w+N3KM5+tROhRKdn+W88h5NKpItVVXQ2q7DbrHeptAhqzroWWU+S+6H80de45Ot
ipaa7fCLLaoPpZgDK9LiVc5PZiLuEqGGqA7EyAZDYWAimP3QcI8ZrU0NJw95uFsI
byF7Gb160xNU+Axcro/PAuNwjuaga7i2Yvh68wQlLF/SxymVPO2Wac+F0TEFSZ2d
ZjYMMD994Jy/miGVa7LYDAmFG6HHwlzIL6abi+JigwYBzMVLKvpHYCSSrQnWblPh
+jCPwqrOoz1I/AI8TlPkrNmKpxmv
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:47:18 2025 by rpki-client