Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/Z-qhy45K2zlM7WIh7yxwKFBjWYI.roa
File: Z-qhy45K2zlM7WIh7yxwKFBjWYI.roa (raw, json)
Hash identifier: 23XRpBYe78gwQGj8rW9uI1A0myazk2hz/zj+cGkCS8s=
Subject key identifier: 67:EA:A1:CB:8E:4A:DB:39:4C:ED:62:21:EF:2C:70:28:50:63:59:82
Certificate issuer: /CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Certificate serial: 01980E3D348E058E31E4FB2C51F92067E9EF
Authority key identifier: 98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/Z-qhy45K2zlM7WIh7yxwKFBjWYI.roa
Signing time: Tue 15 Jul 2025 13:19:08 +0000
ROA not before: Tue 15 Jul 2025 13:19:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212774
IP address blocks: 193.46.58.0/24 maxlen: 24
193.46.59.0/24 maxlen: 24
2001:678:10c8::/48 maxlen: 48
2001:67c:478::/48 maxlen: 48
2001:67c:960::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 00:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:3d:34:8e:05:8e:31:e4:fb:2c:51:f9:20:67:e9:ef
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9854bd8a863a31895cc6cb922f3008b3f08aadae
Validity
Not Before: Jul 15 13:19:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67eaa1cb8e4adb394ced6221ef2c702850635982
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:35:da:05:d6:37:94:1b:1d:dc:9b:81:12:05:
f2:6b:81:44:fe:00:12:b8:7e:79:e4:57:6e:c7:80:
c4:01:37:22:79:c4:32:e8:d7:32:19:e8:38:25:6c:
eb:4c:c3:06:bc:17:6b:60:8a:9f:a3:a2:38:c3:05:
07:89:e6:87:72:dc:2d:6d:1e:03:2f:b9:0a:ff:5a:
d9:19:41:05:bb:78:ff:b3:14:fc:54:76:c1:85:f3:
3e:b2:0b:4a:c6:d7:07:d2:3c:e0:54:48:d7:d1:e0:
1b:08:e0:64:74:7c:2c:8f:74:6b:ee:03:23:99:23:
34:98:bc:0a:f2:0c:9d:4d:7a:85:23:b6:23:1c:f6:
6b:ef:ea:1d:1b:c8:8d:5f:8b:73:f0:7a:41:ab:3e:
01:b8:32:09:d9:ab:e4:bb:b6:1a:74:c1:cb:0d:82:
77:c6:8d:24:71:a4:93:8c:6a:79:6b:9e:ab:9a:8b:
f7:e5:94:03:52:60:1d:46:92:32:2f:3f:d5:db:f3:
29:b3:62:cd:bc:bb:8c:2e:43:00:3f:44:c7:08:2c:
79:c9:72:5a:84:7f:0e:d8:4b:ad:0c:33:65:45:4c:
33:ea:ee:4e:71:54:5e:f0:9a:5c:0e:9f:d5:fe:c2:
ee:1f:2c:d7:a0:82:28:ff:8e:f6:02:17:e7:ae:f1:
11:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:EA:A1:CB:8E:4A:DB:39:4C:ED:62:21:EF:2C:70:28:50:63:59:82
X509v3 Authority Key Identifier:
keyid:98:54:BD:8A:86:3A:31:89:5C:C6:CB:92:2F:30:08:B3:F0:8A:AD:AE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mFS9ioY6MYlcxsuSLzAIs_CKra4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/Z-qhy45K2zlM7WIh7yxwKFBjWYI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1d/2ed10c-04b0-4866-9b82-c522b74ddcfd/1/mFS9ioY6MYlcxsuSLzAIs_CKra4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.46.58.0/23
IPv6:
2001:678:10c8::/48
2001:67c:478::/48
2001:67c:960::/48
Signature Algorithm: sha256WithRSAEncryption
58:54:35:a8:44:f7:f9:72:87:c2:a8:9f:ac:d7:c9:b6:5c:00:
0d:a1:26:26:7a:44:ed:7b:0f:3c:d0:38:39:4f:27:0f:04:60:
89:81:d3:5b:af:c5:dc:c9:57:5d:e0:e2:80:df:41:38:b4:45:
88:61:90:f4:dc:4a:76:86:ce:ba:a1:4a:e2:45:96:96:49:b3:
b7:5d:8e:fb:57:a5:74:7a:c3:8e:f7:1b:d3:a3:54:61:d4:2f:
76:90:28:73:b0:66:01:aa:5f:d4:6e:af:0a:ca:13:65:c9:ae:
19:d1:20:12:19:c0:63:f7:3f:c6:de:1b:64:b1:9e:9e:b9:15:
ef:45:3a:5d:b1:cf:03:00:68:d3:97:73:7b:5a:09:0f:06:c7:
f8:ec:bc:9d:03:74:51:65:a2:74:f5:19:7c:1e:be:a8:52:78:
f5:90:e6:c2:b7:50:9a:3a:dc:5d:ce:79:d5:fc:7a:13:ff:b9:
61:af:8c:9c:79:01:ff:c5:68:71:78:b7:7b:aa:95:a0:b8:92:
a2:fe:b9:50:81:bc:22:1d:e4:15:aa:56:68:9d:0d:6f:a0:bd:
61:35:97:f1:2e:a7:45:44:c1:a5:b7:71:64:53:8a:7d:d4:bf:
e6:05:cd:6f:08:58:b5:95:f9:61:dd:af:70:f2:30:2b:6e:d1:
80:af:93:06
-----BEGIN CERTIFICATE-----
MIIFIDCCBAigAwIBAgISAZgOPTSOBY4x5PssUfkgZ+nvMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4NTRiZDhhODYzYTMxODk1Y2M2Y2I5MjJmMzAwOGIzZjA4
YWFkYWUwHhcNMjUwNzE1MTMxOTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2N2VhYTFjYjhlNGFkYjM5NGNlZDYyMjFlZjJjNzAyODUwNjM1OTgyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0TXaBdY3lBsd3JuBEgXya4FE/gAS
uH555Fdux4DEATciecQy6NcyGeg4JWzrTMMGvBdrYIqfo6I4wwUHieaHctwtbR4D
L7kK/1rZGUEFu3j/sxT8VHbBhfM+sgtKxtcH0jzgVEjX0eAbCOBkdHwsj3Rr7gMj
mSM0mLwK8gydTXqFI7YjHPZr7+odG8iNX4tz8HpBqz4BuDIJ2avku7YadMHLDYJ3
xo0kcaSTjGp5a56rmov35ZQDUmAdRpIyLz/V2/Mps2LNvLuMLkMAP0THCCx5yXJa
hH8O2EutDDNlRUwz6u5OcVRe8JpcDp/V/sLuHyzXoIIo/472AhfnrvERvQIDAQAB
o4ICLDCCAigwHQYDVR0OBBYEFGfqocuOSts5TO1iIe8scChQY1mCMB8GA1UdIwQY
MBaAFJhUvYqGOjGJXMbLki8wCLPwiq2uMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODIt
YzUyMmI3NGRkY2ZkLzEvWi1xaHk0NUsyemxNN1dJaDd5eHdLRkJqV1lJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZC8yZWQxMGMtMDRiMC00ODY2LTliODItYzUyMmI3NGRkY2Zk
LzEvbUZTOWlvWTZNWWxjeHN1U0x6QUlzX0NLcmE0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEIGCCsGAQUFBwEHAQH/BDMwMTAMBAIAATAGAwQBwS46MCEE
AgACMBsDBwAgAQZ4EMgDBwAgAQZ8BHgDBwAgAQZ8CWAwDQYJKoZIhvcNAQELBQAD
ggEBAFhUNahE9/lyh8Kon6zXybZcAA2hJiZ6RO17DzzQODlPJw8EYImB01uvxdzJ
V13g4oDfQTi0RYhhkPTcSnaGzrqhSuJFlpZJs7ddjvtXpXR6w473G9OjVGHUL3aQ
KHOwZgGqX9RurwrKE2XJrhnRIBIZwGP3P8beG2Sxnp65Fe9FOl2xzwMAaNOXc3ta
CQ8Gx/jsvJ0DdFFlonT1GXwevqhSePWQ5sK3UJo63F3OedX8ehP/uWGvjJx5Af/F
aHF4t3uqlaC4kqL+uVCBvCId5BWqVmidDW+gvWE1l/Eup0VEwaW3cWRTin3Uv+YF
zW8IWLWV+WHdr3DyMCtu0YCvkwY=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:12:55 2025 by rpki-client