Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Zn1uERCyM9lEjvRsAPSyamVWLyg.roa
File: Zn1uERCyM9lEjvRsAPSyamVWLyg.roa (raw, json)
Hash identifier: 0KLALM14jtrwTWxpwmZgqY8sGpxJvCuiB3E1GnJX2PA=
Subject key identifier: 66:7D:6E:11:10:B2:33:D9:44:8E:F4:6C:00:F4:B2:6A:65:56:2F:28
Certificate issuer: /CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Certificate serial: 01984AE91181EAFEC51F19A2E91101F4625B
Authority key identifier: 12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Zn1uERCyM9lEjvRsAPSyamVWLyg.roa
Signing time: Sun 27 Jul 2025 08:04:04 +0000
ROA not before: Sun 27 Jul 2025 08:04:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41457
IP address blocks: 89.36.33.0/24 maxlen: 24
95.175.150.0/24 maxlen: 24
185.79.19.0/24 maxlen: 24
192.40.69.0/24 maxlen: 24
2a14:6780::/32 maxlen: 32
2a14:6780:2::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.mft
rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:4a:e9:11:81:ea:fe:c5:1f:19:a2:e9:11:01:f4:62:5b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=12be29c956894c49c6d4be0ed98882b90d1bc77f
Validity
Not Before: Jul 27 08:04:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=667d6e1110b233d9448ef46c00f4b26a65562f28
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d0:60:8f:45:4c:2f:e8:6e:7b:5d:17:11:04:29:
08:0f:f8:58:ac:04:59:37:3f:fa:d2:39:c0:01:cc:
5d:6e:b9:04:34:c6:22:29:ce:da:b4:ec:12:44:ad:
0a:d7:1a:4c:c2:2a:2e:d3:51:22:84:f0:de:86:cf:
7f:60:67:ae:b7:f7:6d:1a:9d:c0:16:b9:1d:72:09:
f9:9a:86:1a:14:0a:58:87:b3:c9:ce:e2:6b:8c:80:
c5:92:88:4d:aa:3c:27:c7:1f:ad:e6:d1:b6:2b:68:
9f:b9:f8:66:72:06:a5:2b:7e:f0:35:e1:79:32:d1:
9f:fd:a0:61:39:32:35:fb:9f:d2:d3:bc:e9:64:d2:
ec:1d:1a:1f:b0:66:19:ac:9a:a5:b2:02:00:eb:c8:
3d:d7:15:3d:84:22:2a:b4:d1:f4:d6:cf:cb:93:89:
12:95:98:3a:d4:b9:8f:4d:2f:fe:3d:32:cb:98:6e:
8a:34:72:19:72:0e:ea:9b:a6:d3:d8:b4:22:f5:76:
be:3c:ea:0a:20:57:d1:94:b1:93:95:fb:dd:c2:1f:
5a:4b:68:81:60:8f:5b:d9:cf:d9:a4:8e:2b:01:ca:
4e:06:ad:55:43:6c:08:67:1e:e2:11:cf:54:b8:ef:
97:1e:6f:92:83:27:bf:fa:ce:6d:81:e6:78:6a:69:
b7:8f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:7D:6E:11:10:B2:33:D9:44:8E:F4:6C:00:F4:B2:6A:65:56:2F:28
X509v3 Authority Key Identifier:
keyid:12:BE:29:C9:56:89:4C:49:C6:D4:BE:0E:D9:88:82:B9:0D:1B:C7:7F
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Er4pyVaJTEnG1L4O2YiCuQ0bx38.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Zn1uERCyM9lEjvRsAPSyamVWLyg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/c2788f-8c8c-47bb-b922-aa6ed4dafb3b/1/Er4pyVaJTEnG1L4O2YiCuQ0bx38.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.36.33.0/24
95.175.150.0/24
185.79.19.0/24
192.40.69.0/24
IPv6:
2a14:6780::/32
Signature Algorithm: sha256WithRSAEncryption
95:c5:96:dc:44:f0:03:f9:fe:91:02:99:89:1f:02:fa:46:bc:
48:e1:c4:b4:03:aa:17:ce:34:ad:20:f1:4c:b0:d8:25:a1:f5:
55:ce:a3:59:e5:78:12:aa:fa:a7:22:39:6e:4e:fd:72:50:d0:
50:f7:69:70:42:ad:94:e1:87:89:1c:88:49:c4:03:a6:00:19:
ae:a9:6d:b2:42:85:63:1a:63:20:f0:40:c7:3f:46:6d:a1:4c:
ec:ab:c8:ec:25:8c:b6:20:4c:5d:d4:f2:6f:d8:c3:c0:7e:12:
35:4b:c2:0f:3a:e7:84:e8:70:f4:f7:fb:fb:cb:02:9e:55:5d:
68:f1:78:e2:c2:84:b0:95:5d:70:f8:1d:cb:b3:b8:dc:c2:a4:
09:6d:26:2d:45:6c:98:c2:f5:36:5b:5e:c5:cc:bb:c0:4b:b8:
46:ed:03:d7:17:81:cf:7a:9c:19:dc:ce:09:6a:71:f3:ad:44:
4f:43:bb:73:34:21:35:03:74:f3:66:f8:0e:fe:60:34:ad:fc:
53:3f:d8:e2:3d:c0:8c:5d:d0:aa:c7:2b:ea:4e:15:c7:56:a2:
88:9f:28:b6:12:48:b7:28:2d:44:d2:30:0c:81:84:c3:55:8a:
16:02:a3:95:21:19:7a:da:3e:ae:c7:1f:93:93:e8:e2:67:b4:
83:62:f5:ad
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZhK6RGB6v7FHxmi6REB9GJbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDEyYmUyOWM5NTY4OTRjNDljNmQ0YmUwZWQ5ODg4MmI5MGQx
YmM3N2YwHhcNMjUwNzI3MDgwNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NjdkNmUxMTEwYjIzM2Q5NDQ4ZWY0NmMwMGY0YjI2YTY1NTYyZjI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0GCPRUwv6G57XRcRBCkID/hYrARZ
Nz/60jnAAcxdbrkENMYiKc7atOwSRK0K1xpMwiou01EihPDehs9/YGeut/dtGp3A
Frkdcgn5moYaFApYh7PJzuJrjIDFkohNqjwnxx+t5tG2K2ifufhmcgalK37wNeF5
MtGf/aBhOTI1+5/S07zpZNLsHRofsGYZrJqlsgIA68g91xU9hCIqtNH01s/Lk4kS
lZg61LmPTS/+PTLLmG6KNHIZcg7qm6bT2LQi9Xa+POoKIFfRlLGTlfvdwh9aS2iB
YI9b2c/ZpI4rAcpOBq1VQ2wIZx7iEc9UuO+XHm+Sgye/+s5tgeZ4amm3jwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGZ9bhEQsjPZRI70bAD0smplVi8oMB8GA1UdIwQY
MBaAFBK+KclWiUxJxtS+DtmIgrkNG8d/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjIt
YWE2ZWQ0ZGFmYjNiLzEvWm4xdUVSQ3lNOWxFanZSc0FQU3lhbVZXTHlnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9jMjc4OGYtOGM4Yy00N2JiLWI5MjItYWE2ZWQ0ZGFmYjNi
LzEvRXI0cHlWYUpURW5HMUw0TzJZaUN1UTBieDM4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQAWSQhAwQA
X6+WAwQAuU8TAwQAwChFMA0EAgACMAcDBQAqFGeAMA0GCSqGSIb3DQEBCwUAA4IB
AQCVxZbcRPAD+f6RApmJHwL6RrxI4cS0A6oXzjStIPFMsNglofVVzqNZ5XgSqvqn
IjluTv1yUNBQ92lwQq2U4YeJHIhJxAOmABmuqW2yQoVjGmMg8EDHP0ZtoUzsq8js
JYy2IExd1PJv2MPAfhI1S8IPOueE6HD09/v7ywKeVV1o8XjiwoSwlV1w+B3Ls7jc
wqQJbSYtRWyYwvU2W17FzLvAS7hG7QPXF4HPepwZ3M4JanHzrURPQ7tzNCE1A3Tz
ZvgO/mA0rfxTP9jiPcCMXdCqxyvqThXHVqKInyi2Eki3KC1E0jAMgYTDVYoWAqOV
IRl62j6uxx+Tk+jiZ7SDYvWt
-----END CERTIFICATE-----
Generated at Sun Jul 27 12:03:00 2025 by rpki-client