Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/zImDYSLcloov9WzDzhBWGXc0A7I.roa
File: zImDYSLcloov9WzDzhBWGXc0A7I.roa (raw, json)
Hash identifier: veTCbJ+PnIb/PrMHjVaZ1OLBsy65AdbQAzVQVe/0HZE=
Subject key identifier: CC:89:83:61:22:DC:96:8A:2F:F5:6C:C3:CE:10:56:19:77:34:03:B2
Certificate issuer: /CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Certificate serial: 0197C637EA511E60BAB43BC4999179BFCCD4
Authority key identifier: 4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/zImDYSLcloov9WzDzhBWGXc0A7I.roa
Signing time: Tue 01 Jul 2025 13:40:42 +0000
ROA not before: Tue 01 Jul 2025 13:40:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 29535
IP address blocks: 79.191.255.0/24 maxlen: 24
80.54.110.0/23 maxlen: 24
83.2.0.0/20 maxlen: 20
83.2.8.0/22 maxlen: 22
83.2.56.0/22 maxlen: 22
178.42.9.0/24 maxlen: 24
178.42.22.0/24 maxlen: 24
193.110.120.0/22 maxlen: 22
195.149.235.0/24 maxlen: 24
195.149.236.0/22 maxlen: 22
213.25.164.0/24 maxlen: 24
2001:7f8:27::/48 maxlen: 48
2a01:1101:5::/48 maxlen: 48
2a01:11f0::/28 maxlen: 28
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 06 Jul 2025 02:00:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:c6:37:ea:51:1e:60:ba:b4:3b:c4:99:91:79:bf:cc:d4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ecf53007c79cc5e2f2d7356ba9121a78c0c7714
Validity
Not Before: Jul 1 13:40:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc89836122dc968a2ff56cc3ce105619773403b2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b9:f2:5b:a2:c7:f8:67:03:09:e7:fe:e7:27:52:
b2:f9:b3:ab:34:7b:62:4e:01:75:24:6c:7d:12:87:
ca:a4:49:f6:2e:c5:61:7c:86:e7:da:ff:7b:7c:0b:
94:99:48:88:40:c3:2a:70:c8:31:f5:75:d7:87:39:
93:2f:bf:07:ad:47:99:e7:53:65:b0:77:bd:31:7f:
11:f2:ed:5d:61:51:41:e8:dd:35:1a:83:fc:37:29:
cb:21:f6:b3:45:9f:f4:d6:d7:90:ad:40:c1:0c:8b:
5e:c6:eb:85:da:7f:ea:25:7f:9b:2f:5b:0e:a4:0f:
06:02:89:ae:0a:c8:5e:d8:9e:47:13:13:94:65:3c:
6b:d9:44:f6:f9:a7:38:b6:1d:61:14:ef:48:67:82:
c3:21:43:f7:a5:d9:1b:bb:a7:ca:26:12:e8:92:de:
74:43:7e:8e:0e:59:30:e9:fc:9c:ed:a2:a7:1e:c2:
5e:05:e5:82:06:4a:0e:c1:12:13:2c:b3:98:55:fb:
94:24:e5:91:ef:05:b6:63:af:37:c3:2f:38:f9:60:
de:b9:c4:9a:37:b2:d9:67:4c:f6:14:bb:0a:fc:f8:
46:33:b6:68:9d:29:f7:ed:47:52:28:99:c2:da:55:
03:1d:d9:db:e4:45:f4:a4:b5:6c:95:a9:bc:47:f8:
20:75
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:89:83:61:22:DC:96:8A:2F:F5:6C:C3:CE:10:56:19:77:34:03:B2
X509v3 Authority Key Identifier:
keyid:4E:CF:53:00:7C:79:CC:5E:2F:2D:73:56:BA:91:21:A7:8C:0C:77:14
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/zImDYSLcloov9WzDzhBWGXc0A7I.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f2/648c75-2be8-4bfd-a1b1-cb8b3a094209/1/Ts9TAHx5zF4vLXNWupEhp4wMdxQ.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
79.191.255.0/24
80.54.110.0/23
83.2.0.0/20
83.2.56.0/22
178.42.9.0/24
178.42.22.0/24
193.110.120.0/22
195.149.235.0-195.149.239.255
213.25.164.0/24
IPv6:
2001:7f8:27::/48
2a01:1101:5::/48
2a01:11f0::/28
Signature Algorithm: sha256WithRSAEncryption
35:66:9f:c8:b1:80:4f:16:6e:c9:7a:b8:0d:3e:b2:3c:11:40:
e3:a1:d9:96:34:7a:c8:47:54:2c:58:7e:19:81:0d:55:9c:db:
5b:49:46:69:78:98:6d:dc:da:0f:6d:e1:c6:b9:3d:96:05:e4:
c4:bd:1e:1f:a5:2d:4f:05:57:c1:33:1f:49:0c:27:03:00:0b:
6a:a7:30:e6:40:c6:39:a2:91:0c:8d:91:4b:4a:43:77:d9:b2:
a2:3b:92:91:25:78:3e:1b:d6:97:3c:aa:32:0b:0b:5f:9d:01:
c8:31:55:c8:72:e0:94:a5:24:2e:fc:3d:67:61:1c:06:d9:e5:
54:ec:f8:aa:a1:e6:6f:e6:a0:0d:e4:73:24:ac:b9:cf:c5:fb:
9e:16:4f:5b:0a:ef:56:17:54:23:83:d3:60:5d:64:33:a6:fb:
d2:39:7f:09:43:a3:b5:6e:3a:9c:a5:8f:3f:fe:91:6d:f2:e4:
7c:79:b4:9a:b5:37:f1:b1:62:63:9f:3f:fd:ba:39:77:93:0a:
19:38:cc:3d:7b:c0:4a:e1:89:bd:7f:ea:20:a4:65:bb:46:39:
35:84:88:56:ef:63:85:27:9c:65:4e:1a:fa:c0:9e:3a:ca:e5:
6b:88:a7:33:ae:64:ed:42:1e:57:8c:c9:b9:0b:0b:56:f1:be:
88:33:e9:54
-----BEGIN CERTIFICATE-----
MIIFVjCCBD6gAwIBAgISAZfGN+pRHmC6tDvEmZF5v8zUMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlY2Y1MzAwN2M3OWNjNWUyZjJkNzM1NmJhOTEyMWE3OGMw
Yzc3MTQwHhcNMjUwNzAxMTM0MDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzg5ODM2MTIyZGM5NjhhMmZmNTZjYzNjZTEwNTYxOTc3MzQwM2IyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAufJbosf4ZwMJ5/7nJ1Ky+bOrNHti
TgF1JGx9EofKpEn2LsVhfIbn2v97fAuUmUiIQMMqcMgx9XXXhzmTL78HrUeZ51Nl
sHe9MX8R8u1dYVFB6N01GoP8NynLIfazRZ/01teQrUDBDItexuuF2n/qJX+bL1sO
pA8GAomuCshe2J5HExOUZTxr2UT2+ac4th1hFO9IZ4LDIUP3pdkbu6fKJhLokt50
Q36ODlkw6fyc7aKnHsJeBeWCBkoOwRITLLOYVfuUJOWR7wW2Y683wy84+WDeucSa
N7LZZ0z2FLsK/PhGM7ZonSn37UdSKJnC2lUDHdnb5EX0pLVslam8R/ggdQIDAQAB
o4ICYjCCAl4wHQYDVR0OBBYEFMyJg2Ei3JaKL/Vsw84QVhl3NAOyMB8GA1UdIwQY
MBaAFE7PUwB8ecxeLy1zVrqRIaeMDHcUMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEt
Y2I4YjNhMDk0MjA5LzEvekltRFlTTGNsb292OVd6RHpoQldHWGMwQTdJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mMi82NDhjNzUtMmJlOC00YmZkLWExYjEtY2I4YjNhMDk0MjA5
LzEvVHM5VEFIeDV6RjR2TFhOV3VwRWhwNHdNZHhRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMHgGCCsGAQUFBwEHAQH/BGkwZzBEBAIAATA+AwQAT7//AwQB
UDZuAwQEUwIAAwQCUwI4AwQAsioJAwQAsioWAwQCwW54MAwDBADDlesDBATDleAD
BADVGaQwHwQCAAIwGQMHACABB/gAJwMHACoBEQEABQMFBCoBEfAwDQYJKoZIhvcN
AQELBQADggEBADVmn8ixgE8Wbsl6uA0+sjwRQOOh2ZY0eshHVCxYfhmBDVWc21tJ
Rml4mG3c2g9t4ca5PZYF5MS9Hh+lLU8FV8EzH0kMJwMAC2qnMOZAxjmikQyNkUtK
Q3fZsqI7kpEleD4b1pc8qjILC1+dAcgxVchy4JSlJC78PWdhHAbZ5VTs+Kqh5m/m
oA3kcySsuc/F+54WT1sK71YXVCOD02BdZDOm+9I5fwlDo7VuOpyljz/+kW3y5Hx5
tJq1N/GxYmOfP/26OXeTChk4zD17wErhib1/6iCkZbtGOTWEiFbvY4UnnGVOGvrA
njrK5WuIpzOuZO1CHleMybkLC1bxvogz6VQ=
-----END CERTIFICATE-----
Generated at Sat Jul 5 11:08:41 2025 by rpki-client