Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ZdV0txVyTT9K9c9V-Uz9-mSp5vc.roa
File: ZdV0txVyTT9K9c9V-Uz9-mSp5vc.roa (raw, json)
Hash identifier: IV8GI0efEcjJ0LaAN/BhI9jZYt+CUyOOkR9hLXa4GqA=
Subject key identifier: 65:D5:74:B7:15:72:4D:3F:4A:F5:CF:55:F9:4C:FD:FA:64:A9:E6:F7
Certificate issuer: /CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Certificate serial: 01979358DE1B0832AA572A6348B84323C68A
Authority key identifier: 5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ZdV0txVyTT9K9c9V-Uz9-mSp5vc.roa
Signing time: Sat 21 Jun 2025 16:36:04 +0000
ROA not before: Sat 21 Jun 2025 16:36:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 15759
IP address blocks: 213.210.64.0/19 maxlen: 19
213.210.112.0/20 maxlen: 20
217.18.128.0/20 maxlen: 20
217.18.144.0/20 maxlen: 20
217.18.152.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.mft
rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 02 Jul 2025 16:57:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:93:58:de:1b:08:32:aa:57:2a:63:48:b8:43:23:c6:8a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=5ee531b9ac2990d69a8a5c3023e72e6d841e6c09
Validity
Not Before: Jun 21 16:36:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=65d574b715724d3f4af5cf55f94cfdfa64a9e6f7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a0:9b:fa:e6:be:94:af:e4:c1:ca:5a:4c:54:87:
c0:74:91:4d:81:2a:7b:8d:11:24:eb:a0:94:9c:47:
1f:f0:9f:33:f0:7a:5d:f6:88:8e:84:09:ac:90:8b:
ed:f5:41:d2:2e:df:a6:c4:6e:cf:ec:fe:7d:dc:42:
2a:d1:ba:76:a4:87:cc:24:8b:d7:ec:95:0f:2d:0c:
79:91:f0:4c:33:67:d4:cd:47:89:e8:27:67:75:e3:
e6:29:03:92:08:55:05:15:7e:94:f6:c0:4e:41:3d:
98:e0:15:1b:e3:20:eb:00:82:f5:ee:34:9f:5f:b9:
df:88:3d:bb:58:14:05:96:31:90:4f:e6:05:cb:d8:
cc:10:1a:ae:8b:83:3e:5f:6a:4f:a4:3e:84:de:36:
b1:73:5a:ee:0a:6b:ff:f9:9c:80:af:14:92:1a:ab:
34:fb:0e:b4:b9:23:3d:26:c6:91:e0:51:17:16:1c:
cc:ca:ed:cc:6c:be:68:05:27:ff:fd:dc:a9:f4:4a:
3a:a7:91:7c:d1:f1:d3:bb:d7:8d:17:ff:3d:42:53:
3d:bb:35:ae:8c:06:2f:bb:56:07:3e:f8:c1:43:f0:
c7:cb:76:0e:10:80:dd:26:8f:e3:88:26:ab:69:ad:
86:18:f2:e2:8f:a7:ea:73:39:09:86:0c:0b:c8:2f:
57:f5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:D5:74:B7:15:72:4D:3F:4A:F5:CF:55:F9:4C:FD:FA:64:A9:E6:F7
X509v3 Authority Key Identifier:
keyid:5E:E5:31:B9:AC:29:90:D6:9A:8A:5C:30:23:E7:2E:6D:84:1E:6C:09
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/XuUxuawpkNaailwwI-cubYQebAk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/ZdV0txVyTT9K9c9V-Uz9-mSp5vc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/fd/9a1d44-8609-4e5e-ba94-5a86c2757c1e/1/XuUxuawpkNaailwwI-cubYQebAk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
213.210.64.0/19
213.210.112.0/20
217.18.128.0/19
Signature Algorithm: sha256WithRSAEncryption
09:02:d8:65:83:52:b1:3a:f2:49:2c:48:ab:54:84:96:a6:dc:
b4:9c:4c:48:40:d3:d4:4f:20:0a:ec:41:e0:40:fa:cc:20:5e:
d4:dd:28:ca:4e:ba:a9:7a:32:47:c4:78:5e:86:ea:67:3f:2d:
23:30:58:92:ce:44:2b:72:73:db:7c:98:86:fe:09:e7:3b:da:
d7:59:e3:9c:56:8b:b9:13:d0:23:c4:9e:9e:07:30:14:66:16:
5c:46:2d:b0:9c:fd:9c:de:83:09:a2:2d:12:da:ce:9b:82:3e:
14:f2:02:51:90:99:77:18:a9:61:0a:07:b1:8c:98:96:bf:0b:
3d:b2:88:ac:dc:76:e5:ad:67:44:3e:17:e1:5b:9c:d3:04:5c:
0a:48:3a:bd:d1:35:2e:33:5d:4f:96:8d:4b:03:ea:f5:e1:c1:
46:c1:e3:1b:80:93:7a:cc:c9:13:8d:b7:b3:9a:3d:56:42:1f:
1d:b3:76:a0:0d:9c:9b:b8:f9:d3:90:0e:05:df:3a:b7:ac:93:
37:09:27:d7:14:93:40:ff:d0:ea:c1:f9:87:5c:97:c9:29:03:
b1:1f:d2:db:84:13:c6:82:17:5e:08:59:5c:42:6f:c9:03:aa:
37:e4:f9:91:17:c0:16:f6:25:35:5e:4b:b1:63:a2:a1:ab:30:
90:8b:3a:d4
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZeTWN4bCDKqVypjSLhDI8aKMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDVlZTUzMWI5YWMyOTkwZDY5YThhNWMzMDIzZTcyZTZkODQx
ZTZjMDkwHhcNMjUwNjIxMTYzNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NWQ1NzRiNzE1NzI0ZDNmNGFmNWNmNTVmOTRjZmRmYTY0YTllNmY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoJv65r6Ur+TBylpMVIfAdJFNgSp7
jREk66CUnEcf8J8z8Hpd9oiOhAmskIvt9UHSLt+mxG7P7P593EIq0bp2pIfMJIvX
7JUPLQx5kfBMM2fUzUeJ6CdndePmKQOSCFUFFX6U9sBOQT2Y4BUb4yDrAIL17jSf
X7nfiD27WBQFljGQT+YFy9jMEBqui4M+X2pPpD6E3jaxc1ruCmv/+ZyArxSSGqs0
+w60uSM9JsaR4FEXFhzMyu3MbL5oBSf//dyp9Eo6p5F80fHTu9eNF/89QlM9uzWu
jAYvu1YHPvjBQ/DHy3YOEIDdJo/jiCaraa2GGPLij6fqczkJhgwLyC9X9QIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFGXVdLcVck0/SvXPVflM/fpkqeb3MB8GA1UdIwQY
MBaAFF7lMbmsKZDWmopcMCPnLm2EHmwJMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQt
NWE4NmMyNzU3YzFlLzEvWmRWMHR4VnlUVDlLOWM5Vi1VejktbVNwNXZjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mZC85YTFkNDQtODYwOS00ZTVlLWJhOTQtNWE4NmMyNzU3YzFl
LzEvWHVVeHVhd3BrTmFhaWx3d0ktY3ViWVFlYkFrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQF1dJAAwQE
1dJwAwQF2RKAMA0GCSqGSIb3DQEBCwUAA4IBAQAJAthlg1KxOvJJLEirVISWpty0
nExIQNPUTyAK7EHgQPrMIF7U3SjKTrqpejJHxHhehupnPy0jMFiSzkQrcnPbfJiG
/gnnO9rXWeOcVou5E9AjxJ6eBzAUZhZcRi2wnP2c3oMJoi0S2s6bgj4U8gJRkJl3
GKlhCgexjJiWvws9sois3HblrWdEPhfhW5zTBFwKSDq90TUuM11Plo1LA+r14cFG
weMbgJN6zMkTjbezmj1WQh8ds3agDZybuPnTkA4F3zq3rJM3CSfXFJNA/9DqwfmH
XJfJKQOxH9LbhBPGghdeCFlcQm/JA6o35PmRF8AW9iU1XkuxY6KhqzCQizrU
-----END CERTIFICATE-----
Generated at Wed Jul 2 00:51:07 2025 by rpki-client