
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZPiS3FUDx3kZVXUn-MC5YsGvcBM.roa
File: ZPiS3FUDx3kZVXUn-MC5YsGvcBM.roa (raw, json)
Hash identifier: wPVizWHeaqhgx2GFdm/95z99COlZ+/NVaN/i60VMLR4=
Subject key identifier: 64:F8:92:DC:55:03:C7:79:19:55:75:27:F8:C0:B9:62:C1:AF:70:13
Certificate issuer: /CN=c66266f466fb2498a39459b3352da25151a5a4c0
Certificate serial: 0197ED5AEE8770E560CB89214ECEB58D5877
Authority key identifier: C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZPiS3FUDx3kZVXUn-MC5YsGvcBM.roa
Signing time: Wed 09 Jul 2025 04:04:08 +0000
ROA not before: Wed 09 Jul 2025 04:04:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214808
IP address blocks: 151.244.3.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.mft
rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:ed:5a:ee:87:70:e5:60:cb:89:21:4e:ce:b5:8d:58:77
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c66266f466fb2498a39459b3352da25151a5a4c0
Validity
Not Before: Jul 9 04:04:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=64f892dc5503c77919557527f8c0b962c1af7013
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:82:4b:78:04:cd:f2:61:b0:87:95:25:a4:18:
e1:1b:b3:8e:c9:0e:ed:75:0a:2a:25:c9:9d:39:ad:
61:81:a1:04:53:c7:31:be:6b:10:bd:7b:68:11:7d:
ef:94:ce:32:14:f2:6a:15:82:6d:a8:97:a8:36:78:
b5:4c:45:2e:e6:85:4b:de:01:96:c6:11:7e:53:37:
b0:a5:18:da:20:70:68:42:46:44:69:34:19:01:f1:
4e:25:f8:91:2a:e5:84:51:02:b9:71:a8:03:8c:6a:
2d:0f:df:24:3d:ee:7a:33:0c:60:69:b9:24:6b:a5:
d6:a4:c1:40:14:b0:68:14:15:0e:e0:c4:e0:45:b1:
3b:25:8b:b3:4c:5d:aa:1b:c1:7f:60:45:36:ae:55:
fe:d3:e9:98:3f:0c:75:de:5d:8b:dd:bc:bc:89:f7:
5c:ed:5f:92:fc:2c:12:49:f2:f4:1a:cc:58:4d:15:
85:ef:c1:08:0b:c0:6d:33:18:7a:f4:bf:30:ad:48:
aa:31:49:42:b8:d4:b6:74:f3:4b:73:60:08:cb:56:
64:7d:fa:f3:4d:51:94:a4:19:f9:6a:b3:0e:e7:0a:
fe:2b:c9:4b:b5:91:92:13:be:bf:59:db:ff:64:db:
4e:b4:50:ed:3e:63:d6:d0:c0:ed:31:b5:28:82:05:
9d:0d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:F8:92:DC:55:03:C7:79:19:55:75:27:F8:C0:B9:62:C1:AF:70:13
X509v3 Authority Key Identifier:
keyid:C6:62:66:F4:66:FB:24:98:A3:94:59:B3:35:2D:A2:51:51:A5:A4:C0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xmJm9Gb7JJijlFmzNS2iUVGlpMA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/ZPiS3FUDx3kZVXUn-MC5YsGvcBM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/8e/f43b1d-9e50-4551-ae6a-17b9de141252/1/xmJm9Gb7JJijlFmzNS2iUVGlpMA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
151.244.3.0/24
Signature Algorithm: sha256WithRSAEncryption
63:04:3c:5c:ac:b6:12:f1:bd:70:da:cf:0a:65:01:74:3c:d4:
34:78:3b:24:70:6b:2b:ee:2e:12:93:67:3a:fb:f9:a2:b8:bc:
64:73:63:2b:e9:76:57:77:72:ed:bd:7d:cb:27:10:89:d9:d9:
19:bd:64:e1:1b:7f:57:81:31:ec:20:96:0a:6d:64:ab:18:12:
d5:52:f4:32:d1:dc:44:12:50:5e:27:48:d9:b4:d2:b9:92:aa:
83:23:c1:db:6d:b6:88:3b:56:d9:3a:08:6e:21:96:68:c1:a7:
0f:33:3d:65:33:19:c8:f7:5f:d5:fd:b9:8b:8d:64:36:5b:3e:
4c:e6:26:90:64:e3:5c:d4:27:a0:c3:3f:1c:da:a4:d5:03:29:
f6:7b:23:69:f5:a7:d2:75:80:79:5a:63:3d:42:00:33:c8:23:
68:4a:9e:90:70:c3:8b:65:ad:60:9a:4e:47:38:ea:8a:18:9d:
34:4b:12:d9:2e:a7:03:fb:0e:80:36:dc:7a:dc:70:95:8b:6e:
f8:e4:80:6c:f6:4a:e4:7d:8d:20:c4:ee:19:e3:64:ae:0c:96:
e6:2b:a9:7a:d4:44:28:c6:db:cb:c6:8a:8a:52:02:bd:94:f9:
06:7a:09:55:87:6c:3f:fa:12:d0:fc:2a:c4:8d:8d:f7:5d:b3:
ea:d2:d0:45
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZftWu6HcOVgy4khTs61jVh3MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2NjI2NmY0NjZmYjI0OThhMzk0NTliMzM1MmRhMjUxNTFh
NWE0YzAwHhcNMjUwNzA5MDQwNDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NGY4OTJkYzU1MDNjNzc5MTk1NTc1MjdmOGMwYjk2MmMxYWY3MDEzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1IJLeATN8mGwh5UlpBjhG7OOyQ7t
dQoqJcmdOa1hgaEEU8cxvmsQvXtoEX3vlM4yFPJqFYJtqJeoNni1TEUu5oVL3gGW
xhF+UzewpRjaIHBoQkZEaTQZAfFOJfiRKuWEUQK5cagDjGotD98kPe56Mwxgabkk
a6XWpMFAFLBoFBUO4MTgRbE7JYuzTF2qG8F/YEU2rlX+0+mYPwx13l2L3by8ifdc
7V+S/CwSSfL0GsxYTRWF78EIC8BtMxh69L8wrUiqMUlCuNS2dPNLc2AIy1Zkffrz
TVGUpBn5arMO5wr+K8lLtZGSE76/Wdv/ZNtOtFDtPmPW0MDtMbUoggWdDQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGT4ktxVA8d5GVV1J/jAuWLBr3ATMB8GA1UdIwQY
MBaAFMZiZvRm+ySYo5RZszUtolFRpaTAMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEt
MTdiOWRlMTQxMjUyLzEvWlBpUzNGVUR4M2taVlhVbi1NQzVZc0d2Y0JNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84ZS9mNDNiMWQtOWU1MC00NTUxLWFlNmEtMTdiOWRlMTQxMjUy
LzEveG1KbTlHYjdKSmlqbEZtek5TMmlVVkdscE1BLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAl/QDMA0G
CSqGSIb3DQEBCwUAA4IBAQBjBDxcrLYS8b1w2s8KZQF0PNQ0eDskcGsr7i4Sk2c6
+/miuLxkc2Mr6XZXd3LtvX3LJxCJ2dkZvWThG39XgTHsIJYKbWSrGBLVUvQy0dxE
ElBeJ0jZtNK5kqqDI8HbbbaIO1bZOghuIZZowacPMz1lMxnI91/V/bmLjWQ2Wz5M
5iaQZONc1Cegwz8c2qTVAyn2eyNp9afSdYB5WmM9QgAzyCNoSp6QcMOLZa1gmk5H
OOqKGJ00SxLZLqcD+w6ANtx63HCVi2745IBs9krkfY0gxO4Z42SuDJbmK6l61EQo
xtvLxoqKUgK9lPkGeglVh2w/+hLQ/CrEjY33XbPq0tBF
-----END CERTIFICATE-----
Generated at Sun Jul 20 22:28:14 2025 by rpki-client