Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Z1Ock9m-Q_Xe050sJsCdRlWzur8.roa
File: Z1Ock9m-Q_Xe050sJsCdRlWzur8.roa (raw, json)
Hash identifier: R9jUdjYo59CfyIvLONxZS26hQTWpSjHSiWLK1ZuX0Ik=
Subject key identifier: 67:53:9C:93:D9:BE:43:F5:DE:D3:9D:2C:26:C0:9D:46:55:B3:BA:BF
Certificate issuer: /CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Certificate serial: 019813929F78A312FD9E931C2749839C7A9B
Authority key identifier: B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Z1Ock9m-Q_Xe050sJsCdRlWzur8.roa
Signing time: Wed 16 Jul 2025 14:10:32 +0000
ROA not before: Wed 16 Jul 2025 14:10:32 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 397368
IP address blocks: 45.3.32.0/20 maxlen: 20
45.3.48.0/21 maxlen: 21
65.111.0.0/19 maxlen: 19
104.167.25.0/24 maxlen: 24
104.207.32.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.mft
rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 28 Jul 2025 05:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:13:92:9f:78:a3:12:fd:9e:93:1c:27:49:83:9c:7a:9b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=b404cc0e038eb0e697ec6e7ae49d0286146e0c1a
Validity
Not Before: Jul 16 14:10:32 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=67539c93d9be43f5ded39d2c26c09d4655b3babf
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:13:70:e6:56:6e:39:91:b3:ce:47:c2:23:63:
31:ad:09:1f:8b:d2:82:83:11:7b:c2:e0:77:29:ca:
9d:c2:d7:16:6c:62:f8:d8:a7:7d:66:30:7e:7e:a0:
1e:72:82:d3:ee:c4:2a:fd:ad:92:73:63:a3:97:0b:
db:db:fc:c6:e7:a4:58:7a:51:fd:21:8d:af:b1:cc:
bc:7f:9d:aa:7f:66:2a:22:b7:8c:39:3b:a5:61:6c:
6a:1f:59:e2:2f:0f:26:4e:0a:69:94:18:5a:e3:ca:
3a:63:c3:7e:61:81:bc:5f:55:cd:53:c9:bf:6a:f5:
e3:91:0c:0c:d0:ed:b3:bf:80:42:76:92:41:c2:97:
11:3a:a6:c7:ce:29:ac:16:cf:9a:cf:26:90:bb:33:
b9:41:4c:06:34:33:21:03:40:da:df:21:7f:02:10:
66:b1:82:4e:14:f9:d7:10:89:f4:37:f0:79:88:e4:
27:63:8a:46:d2:d9:e8:db:af:3a:40:96:ef:8d:c3:
2c:66:32:9a:51:7e:9f:16:64:61:dd:9e:96:10:7e:
3c:72:5b:99:63:53:8a:51:69:1a:a9:ec:da:08:08:
b3:61:21:f0:d5:cb:36:65:82:fc:6f:ac:71:6b:48:
e8:b3:74:ee:12:27:81:16:54:d4:05:59:36:93:58:
ea:bd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:53:9C:93:D9:BE:43:F5:DE:D3:9D:2C:26:C0:9D:46:55:B3:BA:BF
X509v3 Authority Key Identifier:
keyid:B4:04:CC:0E:03:8E:B0:E6:97:EC:6E:7A:E4:9D:02:86:14:6E:0C:1A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/tATMDgOOsOaX7G565J0ChhRuDBo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/Z1Ock9m-Q_Xe050sJsCdRlWzur8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/88/abe16b-92cc-48e3-b5b9-86a2f067b4e8/1/tATMDgOOsOaX7G565J0ChhRuDBo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.3.32.0-45.3.55.255
65.111.0.0/19
104.167.25.0/24
104.207.32.0/19
Signature Algorithm: sha256WithRSAEncryption
4c:03:0e:e1:b3:de:4a:82:3b:c1:77:7c:4d:81:3d:44:17:37:
29:7a:13:2f:a4:1b:17:dc:96:cc:79:b4:97:96:0c:a5:06:5d:
04:c5:bb:e6:eb:b0:ec:cf:a7:cf:14:68:01:97:5e:c7:a6:7b:
fe:62:9c:45:c6:9f:b8:f4:f6:97:3a:1e:0f:5f:8d:50:92:93:
ce:1c:3f:58:9c:03:aa:1d:96:18:c0:51:eb:4f:54:19:9b:2e:
07:95:92:e5:bc:9b:e5:cb:96:de:06:fe:0e:cb:00:2b:51:9e:
ef:4f:10:90:09:eb:04:bc:53:b8:da:71:3d:25:a6:a3:3f:b7:
2c:36:e2:9b:a8:20:8c:52:13:26:ca:04:ba:be:f8:4c:d6:b0:
33:6a:44:4e:56:f3:d8:fa:1f:22:d9:f6:a7:8c:17:d3:ca:b9:
bc:0c:01:a6:bd:69:27:9d:95:7d:a3:e6:51:9f:f6:ed:d7:af:
d3:e7:6c:01:ee:a6:88:99:d3:01:3a:0a:79:bf:3a:9a:71:c4:
0d:66:ca:ef:f7:fb:c3:63:cd:d1:e2:75:11:27:4e:2c:e7:7c:
5e:8d:a9:8f:d9:3d:8c:4b:9c:e4:df:41:ce:34:b9:f4:b5:66:
f6:d9:aa:60:4a:26:64:52:40:eb:a6:8f:c8:e0:42:10:a3:bd:
f4:ef:f5:14
-----BEGIN CERTIFICATE-----
MIIFFzCCA/+gAwIBAgISAZgTkp94oxL9npMcJ0mDnHqbMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGI0MDRjYzBlMDM4ZWIwZTY5N2VjNmU3YWU0OWQwMjg2MTQ2
ZTBjMWEwHhcNMjUwNzE2MTQxMDMyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzUzOWM5M2Q5YmU0M2Y1ZGVkMzlkMmMyNmMwOWQ0NjU1YjNiYWJmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArRNw5lZuOZGzzkfCI2MxrQkfi9KC
gxF7wuB3KcqdwtcWbGL42Kd9ZjB+fqAecoLT7sQq/a2Sc2Ojlwvb2/zG56RYelH9
IY2vscy8f52qf2YqIreMOTulYWxqH1niLw8mTgpplBha48o6Y8N+YYG8X1XNU8m/
avXjkQwM0O2zv4BCdpJBwpcROqbHzimsFs+azyaQuzO5QUwGNDMhA0Da3yF/AhBm
sYJOFPnXEIn0N/B5iOQnY4pG0tno2686QJbvjcMsZjKaUX6fFmRh3Z6WEH48cluZ
Y1OKUWkaqezaCAizYSHw1cs2ZYL8b6xxa0jos3TuEieBFlTUBVk2k1jqvQIDAQAB
o4ICIzCCAh8wHQYDVR0OBBYEFGdTnJPZvkP13tOdLCbAnUZVs7q/MB8GA1UdIwQY
MBaAFLQEzA4DjrDml+xueuSdAoYUbgwaMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1Yjkt
ODZhMmYwNjdiNGU4LzEvWjFPY2s5bS1RX1hlMDUwc0pzQ2RSbFd6dXI4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84OC9hYmUxNmItOTJjYy00OGUzLWI1YjktODZhMmYwNjdiNGU4
LzEvdEFUTURnT09zT2FYN0c1NjVKMENoaFJ1REJvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDkGCCsGAQUFBwEHAQH/BCowKDAmBAIAATAgMAwDBAUtAyAD
BAMtAzADBAVBbwADBABopxkDBAVozyAwDQYJKoZIhvcNAQELBQADggEBAEwDDuGz
3kqCO8F3fE2BPUQXNyl6Ey+kGxfclsx5tJeWDKUGXQTFu+brsOzPp88UaAGXXsem
e/5inEXGn7j09pc6Hg9fjVCSk84cP1icA6odlhjAUetPVBmbLgeVkuW8m+XLlt4G
/g7LACtRnu9PEJAJ6wS8U7jacT0lpqM/tyw24puoIIxSEybKBLq++EzWsDNqRE5W
89j6HyLZ9qeMF9PKubwMAaa9aSedlX2j5lGf9u3Xr9PnbAHupoiZ0wE6Cnm/Oppx
xA1myu/3+8NjzdHidREnTiznfF6NqY/ZPYxLnOTfQc40ufS1ZvbZqmBKJmRSQOum
j8jgQhCjvfTv9RQ=
-----END CERTIFICATE-----
Generated at Sun Jul 27 13:08:21 2025 by rpki-client