Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZTe6bzBNEmXhpSJCGVgmsmNwvQ0.roa
File: ZTe6bzBNEmXhpSJCGVgmsmNwvQ0.roa (raw, json)
Hash identifier: z50CWntK5/N44Sq0tMBLsr1ayw/opEaxiZtuFmRD/Ew=
Subject key identifier: 65:37:BA:6F:30:4D:12:65:E1:A5:22:42:19:58:26:B2:63:70:BD:0D
Certificate issuer: /CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Certificate serial: 019952ED21A50474AE3A1F48D11BBF99CB99
Authority key identifier: 3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZTe6bzBNEmXhpSJCGVgmsmNwvQ0.roa
Signing time: Tue 16 Sep 2025 14:28:16 +0000
ROA not before: Tue 16 Sep 2025 14:28:16 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 20473
IP address blocks: 82.153.80.0/24 maxlen: 24
89.213.147.0/24 maxlen: 24
109.176.244.0/24 maxlen: 24
217.144.156.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.mft
rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 16:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:52:ed:21:a5:04:74:ae:3a:1f:48:d1:1b:bf:99:cb:99
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3fd30d8a7e12fc7bf62e0c121e7cc226dea53b9b
Validity
Not Before: Sep 16 14:28:16 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6537ba6f304d1265e1a52242195826b26370bd0d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c0:9f:3e:c8:23:48:d9:5d:01:95:02:48:16:59:
72:48:f0:40:bc:8a:2f:33:c9:8e:6b:e3:ae:88:bd:
70:d3:3c:c5:11:c9:01:92:43:f0:92:05:c9:38:cd:
cb:cb:71:50:f8:24:f6:59:d1:e3:36:76:17:55:70:
ad:9c:24:42:02:a0:10:97:38:6b:27:f8:c4:1d:7e:
26:22:cb:e2:7b:d0:62:90:19:b9:c1:61:39:09:dd:
5f:9d:e0:f7:fc:ad:d4:32:d2:e1:10:c5:cb:44:d1:
7d:c0:72:3f:ce:f2:8e:a3:ba:4e:7a:fd:bc:42:21:
02:0b:3d:e6:58:0a:c8:a6:36:e3:87:29:89:e1:21:
23:fa:38:e5:1d:77:1f:91:60:c7:92:b7:ce:af:66:
45:1e:65:b6:b7:b3:bc:72:30:59:f1:8c:a4:0f:5e:
80:5c:71:4c:cc:fc:3e:94:25:6c:5f:af:f5:5f:4b:
f2:e8:4e:c1:90:64:51:a4:4f:05:50:c4:b3:2d:81:
91:1b:75:94:50:f4:8c:ea:5e:63:f7:a2:f6:05:36:
f0:56:0b:89:51:57:a7:65:80:47:79:6c:52:5c:69:
96:29:88:8c:b2:84:93:05:06:79:48:6f:4c:5d:d3:
9b:c7:82:01:cb:a1:07:1f:29:fb:c1:9c:b5:14:2b:
e3:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:37:BA:6F:30:4D:12:65:E1:A5:22:42:19:58:26:B2:63:70:BD:0D
X509v3 Authority Key Identifier:
keyid:3F:D3:0D:8A:7E:12:FC:7B:F6:2E:0C:12:1E:7C:C2:26:DE:A5:3B:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/P9MNin4S_Hv2LgwSHnzCJt6lO5s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/ZTe6bzBNEmXhpSJCGVgmsmNwvQ0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8a/49dc00-97e2-4628-ae39-41228e39ff7c/1/P9MNin4S_Hv2LgwSHnzCJt6lO5s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
82.153.80.0/24
89.213.147.0/24
109.176.244.0/24
217.144.156.0/24
Signature Algorithm: sha256WithRSAEncryption
85:82:f6:0f:5d:26:57:24:c6:c2:39:a2:b0:09:f6:36:d7:c7:
11:4d:7a:db:f4:6a:e1:6f:60:e8:71:84:aa:d2:12:f4:29:e3:
44:1e:1c:d4:43:57:63:fe:84:01:74:c3:7c:ea:10:6f:a9:55:
c1:d2:f1:ea:e6:3c:bc:cc:0e:f8:d4:21:33:de:e2:d5:60:62:
74:c6:67:67:29:97:5a:7f:cd:65:9b:06:9e:1c:10:7b:22:f4:
71:29:02:4a:8a:3d:f7:8f:5c:87:be:57:85:5f:48:ee:a5:d4:
44:66:e9:64:5e:f7:1a:da:63:ff:22:56:df:17:54:4e:02:fc:
4b:5e:c2:41:af:e2:47:09:7f:1c:51:e2:f9:70:65:3f:f2:a5:
a3:d6:33:ec:d4:a8:8f:49:5e:d8:32:a6:7d:33:45:6a:5b:cf:
59:62:e4:99:23:94:77:e0:c2:dd:89:3e:58:c3:0c:91:14:63:
0a:ed:71:26:8a:08:2d:4b:32:20:23:ff:91:52:9c:71:38:61:
89:c1:fc:af:a0:5b:f7:1c:60:d3:80:53:43:86:b8:f0:2a:91:
c9:f6:d1:95:92:14:a0:f8:eb:07:fd:f7:0e:9d:e6:2c:c5:cf:
b1:4e:0c:24:5b:ab:00:8f:dd:d7:ed:cf:22:d9:1a:ff:a1:69:
e5:41:7e:dd
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZlS7SGlBHSuOh9I0Ru/mcuZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNmZDMwZDhhN2UxMmZjN2JmNjJlMGMxMjFlN2NjMjI2ZGVh
NTNiOWIwHhcNMjUwOTE2MTQyODE2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTM3YmE2ZjMwNGQxMjY1ZTFhNTIyNDIxOTU4MjZiMjYzNzBiZDBkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwJ8+yCNI2V0BlQJIFllySPBAvIov
M8mOa+OuiL1w0zzFEckBkkPwkgXJOM3Ly3FQ+CT2WdHjNnYXVXCtnCRCAqAQlzhr
J/jEHX4mIsvie9BikBm5wWE5Cd1fneD3/K3UMtLhEMXLRNF9wHI/zvKOo7pOev28
QiECCz3mWArIpjbjhymJ4SEj+jjlHXcfkWDHkrfOr2ZFHmW2t7O8cjBZ8YykD16A
XHFMzPw+lCVsX6/1X0vy6E7BkGRRpE8FUMSzLYGRG3WUUPSM6l5j96L2BTbwVguJ
UVenZYBHeWxSXGmWKYiMsoSTBQZ5SG9MXdObx4IBy6EHHyn7wZy1FCvj3wIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFGU3um8wTRJl4aUiQhlYJrJjcL0NMB8GA1UdIwQY
MBaAFD/TDYp+Evx79i4MEh58wibepTubMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzkt
NDEyMjhlMzlmZjdjLzEvWlRlNmJ6Qk5FbVhocFNKQ0dWZ21zbU53dlEwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84YS80OWRjMDAtOTdlMi00NjI4LWFlMzktNDEyMjhlMzlmZjdj
LzEvUDlNTmluNFNfSHYyTGd3U0huekNKdDZsTzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAUplQAwQA
WdWTAwQAbbD0AwQA2ZCcMA0GCSqGSIb3DQEBCwUAA4IBAQCFgvYPXSZXJMbCOaKw
CfY218cRTXrb9Grhb2DocYSq0hL0KeNEHhzUQ1dj/oQBdMN86hBvqVXB0vHq5jy8
zA741CEz3uLVYGJ0xmdnKZdaf81lmwaeHBB7IvRxKQJKij33j1yHvleFX0jupdRE
ZulkXvca2mP/IlbfF1ROAvxLXsJBr+JHCX8cUeL5cGU/8qWj1jPs1KiPSV7YMqZ9
M0VqW89ZYuSZI5R34MLdiT5YwwyRFGMK7XEmiggtSzIgI/+RUpxxOGGJwfyvoFv3
HGDTgFNDhrjwKpHJ9tGVkhSg+OsH/fcOneYsxc+xTgwkW6sAj93X7c8i2Rr/oWnl
QX7d
-----END CERTIFICATE-----
Generated at Thu Oct 9 01:27:59 2025 by rpki-client