Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zVmWAWgKyx4eeMir-1Xzz5QBscI.roa
File: zVmWAWgKyx4eeMir-1Xzz5QBscI.roa (raw, json)
Hash identifier: l61zAP2yjNHffK4hBUy/wZEnThG4T0vWtxK+N6Tomow=
Subject key identifier: CD:59:96:01:68:0A:CB:1E:1E:78:C8:AB:FB:55:F3:CF:94:01:B1:C2
Certificate issuer: /CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Certificate serial: 0198AD03E6ABF671839ABFE5FFD7E51F7367
Authority key identifier: 0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zVmWAWgKyx4eeMir-1Xzz5QBscI.roa
Signing time: Fri 15 Aug 2025 09:16:10 +0000
ROA not before: Fri 15 Aug 2025 09:16:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 185.210.168.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 00:37:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ad:03:e6:ab:f6:71:83:9a:bf:e5:ff:d7:e5:1f:73:67
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0ff80cbdfe18354a3cfdba2fe079aa2ebc58dcd4
Validity
Not Before: Aug 15 09:16:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd599601680acb1e1e78c8abfb55f3cf9401b1c2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:0c:c0:a6:e0:a7:b9:98:a0:dd:06:55:8f:68:
ce:64:7c:ee:9d:9c:42:ed:70:df:c6:da:9d:d1:ad:
53:74:b3:c9:34:4a:fe:4d:79:42:51:32:7b:9d:1b:
52:0b:c4:f2:84:36:48:90:13:47:24:22:21:64:f6:
31:5f:63:1f:16:14:be:e2:0b:25:67:42:28:2d:05:
87:4d:88:e1:92:32:d4:6b:c8:bb:a7:3f:fc:7b:1d:
e5:7f:32:a5:45:2d:50:6a:50:9e:59:5b:a7:fb:e3:
2c:0f:8d:ba:fe:83:4c:49:0c:6a:79:61:b5:9a:05:
47:91:ae:95:54:fb:60:53:85:1e:6b:0e:35:03:05:
f3:91:02:27:16:4f:42:7e:8e:ed:62:3d:2e:40:d3:
47:90:52:e6:15:7d:c2:15:c8:47:f6:b7:19:36:c6:
6f:e2:de:fc:08:35:98:5d:68:1f:49:c7:62:07:f2:
fc:44:7e:fd:41:c0:bc:ea:78:14:46:7c:c3:e2:61:
69:4f:d3:f2:d7:57:a6:2d:a2:1e:89:37:a7:9a:56:
d7:2b:0a:07:56:29:84:64:9e:91:81:c5:f4:ea:ed:
d2:87:dd:be:c6:f3:7a:f7:c7:a5:89:9f:28:65:4e:
7a:43:4f:50:fe:0c:40:85:1f:8c:11:32:83:21:78:
79:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:59:96:01:68:0A:CB:1E:1E:78:C8:AB:FB:55:F3:CF:94:01:B1:C2
X509v3 Authority Key Identifier:
keyid:0F:F8:0C:BD:FE:18:35:4A:3C:FD:BA:2F:E0:79:AA:2E:BC:58:DC:D4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/D_gMvf4YNUo8_bov4HmqLrxY3NQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/zVmWAWgKyx4eeMir-1Xzz5QBscI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e9/129564-f1db-4dc5-8906-6fcdcd5ab660/1/D_gMvf4YNUo8_bov4HmqLrxY3NQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.210.168.0/23
Signature Algorithm: sha256WithRSAEncryption
7e:b6:90:d3:63:d1:c8:ec:ad:f9:2b:d6:95:f6:0b:98:2d:77:
2d:36:93:b4:18:25:75:7d:52:c0:ae:f9:96:5a:f9:7b:91:d3:
d4:fc:39:0d:cc:22:a4:40:35:2d:41:e9:3b:a5:a3:34:a5:92:
10:a9:ba:a0:76:5e:75:3c:ec:30:d6:fa:c1:85:36:11:4b:5e:
71:92:b8:d4:45:82:9b:e6:72:16:9d:43:f9:aa:3a:40:13:b7:
06:cc:c9:20:4b:54:62:c5:18:51:66:19:12:02:ab:0d:f7:55:
81:9e:5d:30:61:d7:e4:a9:f0:58:0c:37:33:9f:25:48:10:d7:
58:0b:1f:96:44:c0:0a:9c:f4:6a:b5:8b:e6:88:84:02:55:b9:
ad:f9:9d:c2:cc:03:c8:39:41:48:5c:f4:cd:30:ea:e8:99:db:
e7:28:75:30:09:c6:fb:f2:52:93:83:1b:92:ef:42:c6:de:8a:
b3:6c:05:98:74:0f:b1:68:b0:ac:eb:50:c5:e9:60:95:7f:f8:
d4:30:1e:d8:30:b0:f3:4c:3d:5a:45:16:87:b5:4d:e8:08:e8:
9d:b0:12:c3:53:63:3b:b0:d1:a5:1c:3f:38:df:90:e9:51:15:
e7:b9:47:7a:a9:78:a6:1c:97:44:36:0b:e4:97:79:10:5e:6d:
91:fc:18:c7
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZitA+ar9nGDmr/l/9flH3NnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmZjgwY2JkZmUxODM1NGEzY2ZkYmEyZmUwNzlhYTJlYmM1
OGRjZDQwHhcNMjUwODE1MDkxNjEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDU5OTYwMTY4MGFjYjFlMWU3OGM4YWJmYjU1ZjNjZjk0MDFiMWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsgzApuCnuZig3QZVj2jOZHzunZxC
7XDfxtqd0a1TdLPJNEr+TXlCUTJ7nRtSC8TyhDZIkBNHJCIhZPYxX2MfFhS+4gsl
Z0IoLQWHTYjhkjLUa8i7pz/8ex3lfzKlRS1QalCeWVun++MsD426/oNMSQxqeWG1
mgVHka6VVPtgU4Ueaw41AwXzkQInFk9Cfo7tYj0uQNNHkFLmFX3CFchH9rcZNsZv
4t78CDWYXWgfScdiB/L8RH79QcC86ngURnzD4mFpT9Py11emLaIeiTenmlbXKwoH
VimEZJ6RgcX06u3Sh92+xvN698eliZ8oZU56Q09Q/gxAhR+METKDIXh5tQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFM1ZlgFoCsseHnjIq/tV88+UAbHCMB8GA1UdIwQY
MBaAFA/4DL3+GDVKPP26L+B5qi68WNzUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYt
NmZjZGNkNWFiNjYwLzEvelZtV0FXZ0t5eDRlZU1pci0xWHp6NVFCc2NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOS8xMjk1NjQtZjFkYi00ZGM1LTg5MDYtNmZjZGNkNWFiNjYw
LzEvRF9nTXZmNFlOVW84X2JvdjRIbXFMcnhZM05RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBudKoMA0G
CSqGSIb3DQEBCwUAA4IBAQB+tpDTY9HI7K35K9aV9guYLXctNpO0GCV1fVLArvmW
Wvl7kdPU/DkNzCKkQDUtQek7paM0pZIQqbqgdl51POww1vrBhTYRS15xkrjURYKb
5nIWnUP5qjpAE7cGzMkgS1RixRhRZhkSAqsN91WBnl0wYdfkqfBYDDcznyVIENdY
Cx+WRMAKnPRqtYvmiIQCVbmt+Z3CzAPIOUFIXPTNMOromdvnKHUwCcb78lKTgxuS
70LG3oqzbAWYdA+xaLCs61DF6WCVf/jUMB7YMLDzTD1aRRaHtU3oCOidsBLDU2M7
sNGlHD8435DpURXnuUd6qXimHJdENgvkl3kQXm2R/BjH
-----END CERTIFICATE-----
Generated at Sat Aug 23 10:13:28 2025 by rpki-client