Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/zBWvnTJJG91hNtA-4u23qWsF3BI.roa
File: zBWvnTJJG91hNtA-4u23qWsF3BI.roa (raw, json)
Hash identifier: NhshWBAjIbZ4LBplav+eEzVugjI1bdqZCHT9O9pa43Y=
Subject key identifier: CC:15:AF:9D:32:49:1B:DD:61:36:D0:3E:E2:ED:B7:A9:6B:05:DC:12
Certificate issuer: /CN=c98adafb1f31f9889aa4735792b6e3db46931bb9
Certificate serial: 0199C908C08942CC311F12D5BDEDADD2F18F
Authority key identifier: C9:8A:DA:FB:1F:31:F9:88:9A:A4:73:57:92:B6:E3:DB:46:93:1B:B9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/zBWvnTJJG91hNtA-4u23qWsF3BI.roa
Signing time: Thu 09 Oct 2025 12:53:37 +0000
ROA not before: Thu 09 Oct 2025 12:53:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 11972
IP address blocks: 141.138.72.0/24 maxlen: 24
141.138.73.0/24 maxlen: 24
141.138.75.0/24 maxlen: 24
141.138.76.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/yYra-x8x-YiapHNXkrbj20aTG7k.crl
rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/yYra-x8x-YiapHNXkrbj20aTG7k.mft
rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c9:08:c0:89:42:cc:31:1f:12:d5:bd:ed:ad:d2:f1:8f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c98adafb1f31f9889aa4735792b6e3db46931bb9
Validity
Not Before: Oct 9 12:53:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc15af9d32491bdd6136d03ee2edb7a96b05dc12
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c9:5d:35:11:4d:61:54:dd:8b:58:df:e1:00:
00:28:09:ae:8d:89:e3:9c:6d:25:31:1f:b0:4d:fe:
a6:d5:e5:be:2b:55:8a:91:f7:e6:e5:59:ba:e3:b1:
7a:47:4d:c3:4c:4e:ab:be:c7:36:d2:c9:c0:c8:1a:
d1:a0:7d:aa:03:eb:dc:7d:64:35:a5:7d:ea:6d:ab:
d2:26:c7:b6:91:92:86:dd:b6:b5:47:5f:c3:01:44:
fc:9a:94:5a:d9:f3:f2:fb:3d:01:55:6b:d8:f9:b8:
85:0c:2a:8a:41:b8:ba:95:cc:5c:bc:ef:08:a8:7d:
d4:7f:c8:e1:c1:33:0c:ea:96:4e:ff:4e:64:fe:0c:
98:ad:76:bc:67:48:c5:9f:01:f5:84:43:e6:d5:a3:
ed:e9:eb:95:ff:b7:b5:93:c0:0e:a1:1b:5a:1e:87:
3b:3c:a5:36:e0:10:10:88:b3:48:ae:28:c6:73:fa:
39:9f:f9:79:11:aa:2a:9e:f2:d0:48:76:d4:7a:c1:
69:be:81:c6:e1:eb:09:a7:6e:ba:00:46:be:3e:ca:
66:52:6d:6c:e5:23:75:0d:03:fc:f3:ae:71:4e:ce:
a9:e6:ef:79:fc:8b:c0:48:79:22:0e:0d:82:6d:fc:
de:6f:7f:06:c3:ad:a3:ef:b2:86:4e:ce:9c:46:f5:
53:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:15:AF:9D:32:49:1B:DD:61:36:D0:3E:E2:ED:B7:A9:6B:05:DC:12
X509v3 Authority Key Identifier:
keyid:C9:8A:DA:FB:1F:31:F9:88:9A:A4:73:57:92:B6:E3:DB:46:93:1B:B9
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/yYra-x8x-YiapHNXkrbj20aTG7k.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/zBWvnTJJG91hNtA-4u23qWsF3BI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e5/cd39be-3e25-4dbc-860f-3b103d5a690a/1/yYra-x8x-YiapHNXkrbj20aTG7k.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
141.138.72.0/23
141.138.75.0-141.138.76.255
Signature Algorithm: sha256WithRSAEncryption
33:a9:f7:73:9c:4b:7f:fd:69:1a:47:1c:cd:35:27:38:13:33:
c9:32:ad:b5:c5:57:bf:8b:e2:32:9d:c7:7e:73:aa:03:cf:13:
4a:1b:0f:49:21:bc:0d:c7:fb:21:8d:41:d6:ff:9e:1d:00:2c:
9c:00:9b:40:f5:d1:aa:f2:8b:e3:1a:88:3f:16:5f:40:db:a9:
f3:c3:da:52:6c:c0:c6:7e:a9:c3:ac:af:7a:ec:b9:68:20:c9:
35:a1:45:a6:02:c3:eb:b7:32:9c:37:9b:39:36:bb:43:86:46:
04:d6:14:76:1c:ac:d4:d3:c6:9f:ff:6d:8f:31:07:e0:a9:e7:
72:ec:c8:f2:08:1c:d1:1e:b9:61:38:9d:bf:0d:57:b8:67:43:
cf:58:6c:fb:b7:37:6e:b2:71:12:9c:d7:79:fe:31:d4:f0:3d:
9c:ee:db:40:e8:13:55:6e:5d:f5:61:e5:73:11:9c:fb:30:e5:
85:a6:97:69:68:aa:0a:a1:15:af:3b:61:b2:70:be:bd:7a:b5:
7a:ea:32:a1:db:f9:dc:08:1c:80:eb:b4:04:a7:42:8f:26:23:
b7:77:1e:7e:48:a1:ac:86:91:fc:20:21:84:c0:53:69:a5:bd:
a2:3a:fa:74:0c:b6:f9:ee:fd:52:52:5f:dd:e6:93:30:f8:1c:
53:7d:30:a3
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZnJCMCJQswxHxLVve2t0vGPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5OGFkYWZiMWYzMWY5ODg5YWE0NzM1NzkyYjZlM2RiNDY5
MzFiYjkwHhcNMjUxMDA5MTI1MzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzE1YWY5ZDMyNDkxYmRkNjEzNmQwM2VlMmVkYjdhOTZiMDVkYzEyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcldNRFNYVTdi1jf4QAAKAmujYnj
nG0lMR+wTf6m1eW+K1WKkffm5Vm647F6R03DTE6rvsc20snAyBrRoH2qA+vcfWQ1
pX3qbavSJse2kZKG3ba1R1/DAUT8mpRa2fPy+z0BVWvY+biFDCqKQbi6lcxcvO8I
qH3Uf8jhwTMM6pZO/05k/gyYrXa8Z0jFnwH1hEPm1aPt6euV/7e1k8AOoRtaHoc7
PKU24BAQiLNIrijGc/o5n/l5EaoqnvLQSHbUesFpvoHG4esJp266AEa+PspmUm1s
5SN1DQP8865xTs6p5u95/IvASHkiDg2Cbfzeb38Gw62j77KGTs6cRvVTewIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFMwVr50ySRvdYTbQPuLtt6lrBdwSMB8GA1UdIwQY
MBaAFMmK2vsfMfmImqRzV5K249tGkxu5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveVlyYS14OHgtWWlhcEhOWGtyYmoyMGFURzdrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNS9jZDM5YmUtM2UyNS00ZGJjLTg2MGYt
M2IxMDNkNWE2OTBhLzEvekJXdm5USkpHOTFoTnRBLTR1MjNxV3NGM0JJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNS9jZDM5YmUtM2UyNS00ZGJjLTg2MGYtM2IxMDNkNWE2OTBh
LzEveVlyYS14OHgtWWlhcEhOWGtyYmoyMGFURzdrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUAwQBjYpIMAwD
BACNiksDBACNikwwDQYJKoZIhvcNAQELBQADggEBADOp93OcS3/9aRpHHM01JzgT
M8kyrbXFV7+L4jKdx35zqgPPE0obD0khvA3H+yGNQdb/nh0ALJwAm0D10aryi+Ma
iD8WX0DbqfPD2lJswMZ+qcOsr3rsuWggyTWhRaYCw+u3Mpw3mzk2u0OGRgTWFHYc
rNTTxp//bY8xB+Cp53LsyPIIHNEeuWE4nb8NV7hnQ89YbPu3N26ycRKc13n+MdTw
PZzu20DoE1VuXfVh5XMRnPsw5YWml2loqgqhFa87YbJwvr16tXrqMqHb+dwIHIDr
tASnQo8mI7d3Hn5IoayGkfwgIYTAU2mlvaI6+nQMtvnu/VJSX93mkzD4HFN9MKM=
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:39:46 2025 by rpki-client