Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/zErY100DK7ioQox1ZzAkRJEw58A.roa
File: zErY100DK7ioQox1ZzAkRJEw58A.roa (raw, json)
Hash identifier: 5zdCqOsn2rNGmVqhQaT7S+ghfmyDSWdx/JglPCJCIZE=
Subject key identifier: CC:4A:D8:D7:4D:03:2B:B8:A8:42:8C:75:67:30:24:44:91:30:E7:C0
Certificate issuer: /CN=954a2aee086174b01272fae779ad431eb092aeb7
Certificate serial: 01980CC6BFFB1803D09101053CDF8F671CA9
Authority key identifier: 95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/zErY100DK7ioQox1ZzAkRJEw58A.roa
Signing time: Tue 15 Jul 2025 06:30:08 +0000
ROA not before: Tue 15 Jul 2025 06:30:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 58212
IP address blocks: 185.7.82.0/24 maxlen: 24
185.7.83.0/24 maxlen: 24
2a03:403::/32 maxlen: 32
2a03:403:4000::/34 maxlen: 34
2a03:403:8000::/34 maxlen: 34
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.mft
rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 24 Jul 2025 23:00:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0c:c6:bf:fb:18:03:d0:91:01:05:3c:df:8f:67:1c:a9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=954a2aee086174b01272fae779ad431eb092aeb7
Validity
Not Before: Jul 15 06:30:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc4ad8d74d032bb8a8428c75673024449130e7c0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ab:3d:6c:65:a2:20:65:a5:70:38:a1:96:1d:a6:
3c:4a:e5:bf:80:8e:67:53:b8:cb:a3:35:71:39:69:
d7:27:5b:75:12:6c:8b:00:f3:7e:61:cd:8c:88:2b:
f3:e3:ff:c6:c2:23:2b:e1:28:e4:71:be:3b:18:2c:
df:72:0a:a7:9a:05:6c:67:27:da:81:b2:12:9b:96:
53:c3:ac:0d:ef:dc:89:c3:5d:44:63:fb:c0:5b:0c:
d5:8b:30:51:e2:ae:28:50:ed:47:89:48:cf:bd:fd:
a3:f5:46:bb:f9:4b:bb:c3:f7:8b:20:19:5c:01:1e:
9b:54:28:e6:5b:60:01:00:d8:6e:fe:a9:30:5f:2c:
fd:4c:81:4d:4d:ad:da:21:b9:2a:12:9f:29:1b:66:
8c:6a:ed:3c:86:d8:ee:5e:5f:c7:aa:b6:e6:b7:d0:
a1:7a:15:f4:71:28:2c:56:e1:0b:56:30:cf:21:ad:
33:4f:7e:db:cb:13:44:dc:78:51:35:b5:7d:fb:f0:
13:f1:64:fa:8f:b3:40:15:52:b1:60:1c:a4:12:13:
59:e6:0f:14:7f:a2:c8:f1:9c:99:d9:e7:4d:eb:73:
de:1f:0f:d4:43:a9:51:02:a6:c3:d5:86:3a:43:64:
57:88:cc:f7:86:b5:ce:2a:b0:26:4f:14:6d:26:44:
7a:17
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:4A:D8:D7:4D:03:2B:B8:A8:42:8C:75:67:30:24:44:91:30:E7:C0
X509v3 Authority Key Identifier:
keyid:95:4A:2A:EE:08:61:74:B0:12:72:FA:E7:79:AD:43:1E:B0:92:AE:B7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/lUoq7ghhdLAScvrnea1DHrCSrrc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/zErY100DK7ioQox1ZzAkRJEw58A.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ae/235396-0e42-4377-855a-4565f04f8d85/1/lUoq7ghhdLAScvrnea1DHrCSrrc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.7.82.0/23
IPv6:
2a03:403::/32
Signature Algorithm: sha256WithRSAEncryption
ee:10:86:01:a1:3b:77:86:a5:93:15:73:48:ad:b4:9a:40:54:
e6:0b:ed:49:d9:28:50:3b:b9:83:de:1c:a6:b7:ee:7d:55:d2:
cb:4f:f4:82:9d:a7:49:77:27:31:5c:13:1b:fb:8d:d6:38:3d:
ed:37:59:38:af:16:72:74:8d:4c:3a:a3:65:0f:d3:a5:5c:f6:
d5:3c:65:9b:f7:71:5a:cf:b6:4f:38:35:48:29:b5:ed:6a:a0:
cf:4a:3b:6b:a5:fb:3c:24:d8:a3:ce:c3:73:5d:99:6c:4b:a7:
a5:a4:ad:d7:4d:eb:e7:90:8b:c2:4e:46:42:7a:05:51:87:e4:
46:6c:95:b4:db:73:a0:9b:5a:d0:eb:f7:03:2c:b7:d8:15:18:
ce:fd:8a:ad:4f:f3:5a:a2:9c:17:e7:c5:c8:f5:9d:65:4b:e9:
51:55:52:d9:08:84:f4:ca:f9:13:3b:20:16:76:6d:58:35:ad:
55:17:b9:2f:b7:10:3d:0a:b6:2c:7a:8b:2d:de:b6:a9:7b:32:
f9:d2:39:9d:f8:4f:7f:89:0d:67:7a:0d:81:00:d8:4d:de:21:
5b:37:66:f0:0c:5c:7c:c6:0c:3b:af:ea:2c:5e:1f:5e:20:36:
01:f0:f0:a1:f0:6e:f9:f1:45:4d:4b:e6:0d:bf:c6:41:7e:0a:
4a:13:93:ab
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZgMxr/7GAPQkQEFPN+PZxypMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk1NGEyYWVlMDg2MTc0YjAxMjcyZmFlNzc5YWQ0MzFlYjA5
MmFlYjcwHhcNMjUwNzE1MDYzMDA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzRhZDhkNzRkMDMyYmI4YTg0MjhjNzU2NzMwMjQ0NDkxMzBlN2MwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqz1sZaIgZaVwOKGWHaY8SuW/gI5n
U7jLozVxOWnXJ1t1EmyLAPN+Yc2MiCvz4//GwiMr4Sjkcb47GCzfcgqnmgVsZyfa
gbISm5ZTw6wN79yJw11EY/vAWwzVizBR4q4oUO1HiUjPvf2j9Ua7+Uu7w/eLIBlc
AR6bVCjmW2ABANhu/qkwXyz9TIFNTa3aIbkqEp8pG2aMau08htjuXl/Hqrbmt9Ch
ehX0cSgsVuELVjDPIa0zT37byxNE3HhRNbV9+/AT8WT6j7NAFVKxYBykEhNZ5g8U
f6LI8ZyZ2edN63PeHw/UQ6lRAqbD1YY6Q2RXiMz3hrXOKrAmTxRtJkR6FwIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFMxK2NdNAyu4qEKMdWcwJESRMOfAMB8GA1UdIwQY
MBaAFJVKKu4IYXSwEnL653mtQx6wkq63MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEt
NDU2NWYwNGY4ZDg1LzEvekVyWTEwMERLN2lvUW94MVp6QWtSSkV3NThBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hZS8yMzUzOTYtMGU0Mi00Mzc3LTg1NWEtNDU2NWYwNGY4ZDg1
LzEvbFVvcTdnaGhkTEFTY3ZybmVhMURIckNTcnJjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQBuQdSMA0E
AgACMAcDBQAqAwQDMA0GCSqGSIb3DQEBCwUAA4IBAQDuEIYBoTt3hqWTFXNIrbSa
QFTmC+1J2ShQO7mD3hymt+59VdLLT/SCnadJdycxXBMb+43WOD3tN1k4rxZydI1M
OqNlD9OlXPbVPGWb93Faz7ZPODVIKbXtaqDPSjtrpfs8JNijzsNzXZlsS6elpK3X
TevnkIvCTkZCegVRh+RGbJW023Ogm1rQ6/cDLLfYFRjO/YqtT/NaopwX58XI9Z1l
S+lRVVLZCIT0yvkTOyAWdm1YNa1VF7kvtxA9CrYseost3rapezL50jmd+E9/iQ1n
eg2BANhN3iFbN2bwDFx8xgw7r+osXh9eIDYB8PCh8G758UVNS+YNv8ZBfgpKE5Or
-----END CERTIFICATE-----
Generated at Thu Jul 24 08:33:42 2025 by rpki-client