Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/nzJ1VVo_PG7VRYK1qXbMx1rFS50.roa
File: nzJ1VVo_PG7VRYK1qXbMx1rFS50.roa (raw, json)
Hash identifier: /GaOWlamFjP2Dj79UI9A1USxEJfBxcpOsY5WVrDbQNw=
Subject key identifier: 9F:32:75:55:5A:3F:3C:6E:D5:45:82:B5:A9:76:CC:C7:5A:C5:4B:9D
Certificate issuer: /CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Certificate serial: 0197EDB1E7DCB839C5C6C80F13C4287A5C1E
Authority key identifier: 63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/nzJ1VVo_PG7VRYK1qXbMx1rFS50.roa
Signing time: Wed 09 Jul 2025 05:39:08 +0000
ROA not before: Wed 09 Jul 2025 05:39:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213896
IP address blocks: 91.221.116.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.mft
rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 07:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ed:b1:e7:dc:b8:39:c5:c6:c8:0f:13:c4:28:7a:5c:1e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6363bb65895f3a54a4b324a10c79ac98efe2a1ca
Validity
Not Before: Jul 9 05:39:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f3275555a3f3c6ed54582b5a976ccc75ac54b9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:5b:df:5e:d9:11:42:44:7b:fa:b8:f1:bb:48:
06:58:ab:bf:5c:7e:a9:75:c5:4b:03:f7:93:89:df:
47:c7:20:33:b2:50:c8:6a:e1:a0:51:c1:7d:5b:be:
1d:8c:f4:94:c3:97:52:c6:58:4f:58:68:e4:32:0a:
57:9d:70:a3:c5:16:8a:82:c4:c4:62:d9:7d:bd:5f:
3f:6b:62:c9:aa:8f:ac:e2:45:d9:77:c9:f2:1b:4d:
f3:ea:37:23:e5:ff:c7:26:92:63:b4:f9:25:ea:b8:
0e:ae:05:31:2b:e6:cd:aa:60:cb:46:80:7c:2d:a4:
4c:ef:83:4c:1e:5c:33:a3:14:4b:90:a0:7e:6c:2e:
14:ff:55:b5:f1:5b:47:c9:51:34:cd:5c:10:e9:13:
45:f2:2a:6f:72:04:02:d3:67:95:4e:09:58:78:e7:
8a:ba:d0:7e:66:d9:69:b0:f5:27:66:bd:6f:5a:94:
7b:4c:1e:e0:8c:a1:3a:e4:92:4c:1b:a9:78:3b:b7:
a0:c4:fe:56:d4:96:a2:5c:57:d7:18:a1:a7:e0:12:
7f:9a:9c:9b:f4:94:b9:03:2d:3f:93:30:ed:00:2b:
36:56:62:c3:43:ca:8c:1e:31:9c:c8:a7:00:06:31:
6f:52:dc:54:19:8f:b9:b0:6a:a5:9c:ec:e4:8e:d2:
01:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:32:75:55:5A:3F:3C:6E:D5:45:82:B5:A9:76:CC:C7:5A:C5:4B:9D
X509v3 Authority Key Identifier:
keyid:63:63:BB:65:89:5F:3A:54:A4:B3:24:A1:0C:79:AC:98:EF:E2:A1:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Y2O7ZYlfOlSksyShDHmsmO_ioco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/nzJ1VVo_PG7VRYK1qXbMx1rFS50.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/db9bf1-e019-45a4-8663-a6ca454db2d7/1/Y2O7ZYlfOlSksyShDHmsmO_ioco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.221.116.0/24
Signature Algorithm: sha256WithRSAEncryption
8b:20:f7:1c:c0:5c:4d:79:d4:13:6a:69:0c:29:41:ec:48:68:
34:05:62:7c:28:15:40:52:b8:be:d4:c2:54:b1:fb:44:be:a4:
61:0f:b1:86:c0:97:61:60:0c:8b:a8:20:58:f5:eb:d3:e0:06:
c8:8c:0f:58:ec:0b:0b:ef:b5:45:32:f3:a9:13:28:0d:e0:91:
d7:32:15:94:5b:7c:4e:91:5e:3c:09:bf:47:be:96:ad:2b:11:
ce:45:06:a7:ad:0f:4b:36:5a:44:46:96:c3:9b:2a:c1:88:e9:
ba:51:23:c4:63:ec:75:f4:39:3e:46:ff:f5:44:90:84:f3:8d:
4c:2d:5c:da:bc:79:d3:24:45:32:7d:a0:2f:19:c4:4b:5e:25:
ff:2b:7f:04:1a:70:47:0d:6c:a4:7a:41:f3:af:d9:05:cf:21:
05:ad:aa:93:8e:fd:89:fe:e1:5d:57:f9:9c:c5:38:2f:dd:1b:
b7:ab:81:22:0e:bb:3e:06:22:00:01:88:9b:69:f7:3a:aa:d5:
b7:83:58:11:fc:b1:a1:a8:62:4f:20:bc:a4:ee:97:e7:64:23:
6c:0c:70:5e:47:5b:3d:8f:ae:86:27:3f:f8:ae:64:37:68:20:
76:43:48:74:19:1f:1b:0c:81:a9:f1:55:7c:de:0b:db:b8:ee:
6e:60:b5:d0
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZftsefcuDnFxsgPE8QoelweMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDYzNjNiYjY1ODk1ZjNhNTRhNGIzMjRhMTBjNzlhYzk4ZWZl
MmExY2EwHhcNMjUwNzA5MDUzOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjMyNzU1NTVhM2YzYzZlZDU0NTgyYjVhOTc2Y2NjNzVhYzU0YjlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsVvfXtkRQkR7+rjxu0gGWKu/XH6p
dcVLA/eTid9HxyAzslDIauGgUcF9W74djPSUw5dSxlhPWGjkMgpXnXCjxRaKgsTE
Ytl9vV8/a2LJqo+s4kXZd8nyG03z6jcj5f/HJpJjtPkl6rgOrgUxK+bNqmDLRoB8
LaRM74NMHlwzoxRLkKB+bC4U/1W18VtHyVE0zVwQ6RNF8ipvcgQC02eVTglYeOeK
utB+ZtlpsPUnZr1vWpR7TB7gjKE65JJMG6l4O7egxP5W1JaiXFfXGKGn4BJ/mpyb
9JS5Ay0/kzDtACs2VmLDQ8qMHjGcyKcABjFvUtxUGY+5sGqlnOzkjtIBFQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ8ydVVaPzxu1UWCtal2zMdaxUudMB8GA1UdIwQY
MBaAFGNju2WJXzpUpLMkoQx5rJjv4qHKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMt
YTZjYTQ1NGRiMmQ3LzEvbnpKMVZWb19QRzdWUllLMXFYYk14MXJGUzUwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy9kYjliZjEtZTAxOS00NWE0LTg2NjMtYTZjYTQ1NGRiMmQ3
LzEvWTJPN1pZbGZPbFNrc3lTaERIbXNtT19pb2NvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAW910MA0G
CSqGSIb3DQEBCwUAA4IBAQCLIPccwFxNedQTamkMKUHsSGg0BWJ8KBVAUri+1MJU
sftEvqRhD7GGwJdhYAyLqCBY9evT4AbIjA9Y7AsL77VFMvOpEygN4JHXMhWUW3xO
kV48Cb9HvpatKxHORQanrQ9LNlpERpbDmyrBiOm6USPEY+x19Dk+Rv/1RJCE841M
LVzavHnTJEUyfaAvGcRLXiX/K38EGnBHDWykekHzr9kFzyEFraqTjv2J/uFdV/mc
xTgv3Ru3q4EiDrs+BiIAAYibafc6qtW3g1gR/LGhqGJPILyk7pfnZCNsDHBeR1s9
j66GJz/4rmQ3aCB2Q0h0GR8bDIGp8VV83gvbuO5uYLXQ
-----END CERTIFICATE-----
Generated at Wed Jul 23 12:16:18 2025 by rpki-client