Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/ZTvw2_D_9jeSs1gO7ujxKFQcgjk.roa
File: ZTvw2_D_9jeSs1gO7ujxKFQcgjk.roa (raw, json)
Hash identifier: AbEf9+0Lzup0wYUvoLapGxmf6MnOCczvVXXaVGlPw0Y=
Subject key identifier: 65:3B:F0:DB:F0:FF:F6:37:92:B3:58:0E:EE:E8:F1:28:54:1C:82:39
Certificate issuer: /CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Certificate serial: 01980E77CC37811A8A3F976F2F4876DFD47C
Authority key identifier: 7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/ZTvw2_D_9jeSs1gO7ujxKFQcgjk.roa
Signing time: Tue 15 Jul 2025 14:23:08 +0000
ROA not before: Tue 15 Jul 2025 14:23:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 207350
IP address blocks: 45.159.148.0/24 maxlen: 24
185.113.10.0/24 maxlen: 24
195.254.165.0/24 maxlen: 24
2a05:9080:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.mft
rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 22:00:53 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:0e:77:cc:37:81:1a:8a:3f:97:6f:2f:48:76:df:d4:7c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7c3d022a240ce71e0a6e1e9aae0112da840cc34b
Validity
Not Before: Jul 15 14:23:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=653bf0dbf0fff63792b3580eeee8f128541c8239
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9f:03:dd:0d:27:84:32:3b:4a:7b:50:d6:00:a0:
44:c8:31:08:4d:d2:fb:46:e9:43:be:51:b8:7f:ab:
ac:26:13:f0:df:fe:af:19:33:09:84:a9:d6:53:ab:
d2:fc:52:c0:72:e6:1e:da:40:68:b0:38:07:08:69:
3c:6f:bc:e4:36:a6:38:62:72:2a:ca:7f:f4:ab:14:
db:9f:bf:93:16:8f:a6:0d:b2:13:74:47:af:cf:fb:
3b:ec:a9:a8:f1:9d:b3:ce:4b:e3:13:4c:d4:33:78:
ae:83:fe:65:68:8a:1e:5d:a7:cd:eb:f8:a8:4b:1f:
e0:46:82:1b:b8:16:0f:c4:18:d3:0e:89:30:c4:89:
2e:72:cf:42:2b:ad:69:96:d9:a0:bd:36:5f:5a:bf:
be:72:f3:78:66:02:38:6b:6b:0f:24:db:b5:8e:65:
ae:2a:3f:39:b9:43:a7:40:2d:91:60:b7:14:0c:26:
7a:01:df:b3:be:a5:82:10:e8:50:f8:1c:63:4c:40:
f0:20:e3:95:62:d7:e2:ee:4f:78:7d:65:3f:97:e8:
31:db:98:5b:83:a4:3a:4d:df:84:13:ee:ab:a2:a6:
e7:66:9b:9c:8a:85:b7:16:68:b0:14:4b:da:75:ae:
9d:0d:22:d4:8f:87:30:ec:dd:0e:d9:0d:db:a3:0a:
71:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3B:F0:DB:F0:FF:F6:37:92:B3:58:0E:EE:E8:F1:28:54:1C:82:39
X509v3 Authority Key Identifier:
keyid:7C:3D:02:2A:24:0C:E7:1E:0A:6E:1E:9A:AE:01:12:DA:84:0C:C3:4B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fD0CKiQM5x4Kbh6argES2oQMw0s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/ZTvw2_D_9jeSs1gO7ujxKFQcgjk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cf/fd362f-afcb-4cf5-98c6-0948989e6d55/1/fD0CKiQM5x4Kbh6argES2oQMw0s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.159.148.0/24
185.113.10.0/24
195.254.165.0/24
IPv6:
2a05:9080:1::/48
Signature Algorithm: sha256WithRSAEncryption
c7:cb:6d:52:bb:38:5b:81:55:dc:ad:7b:24:68:f2:80:19:8e:
7a:f7:f2:7d:21:67:68:41:b2:0c:ce:a7:49:4b:bd:11:ec:cc:
d0:c3:2d:ed:95:12:03:8d:84:8e:5e:83:0c:0b:e7:bd:f0:32:
db:3c:93:a0:25:e9:6e:d4:fb:f8:bb:bd:2c:92:f8:1b:69:51:
35:ba:77:1f:b4:33:7c:4c:ac:17:6f:53:f4:70:f5:92:55:b8:
c7:92:e5:b1:c3:9d:16:0f:4c:47:4d:fe:c4:1a:b6:d3:36:be:
18:4a:4b:3e:b8:2e:c0:a0:ca:6c:9a:63:79:95:95:fb:27:09:
e4:1e:e9:e1:78:12:df:78:b0:de:f4:32:c3:f7:55:ba:a1:ff:
07:3f:30:a6:da:10:df:6c:8a:25:7f:06:e8:39:0d:35:ac:36:
27:38:a8:35:17:33:57:7e:ba:da:2c:d9:cb:ac:e0:d9:a5:e8:
60:58:9b:39:3f:58:b3:59:8f:4f:0f:92:b1:f9:36:06:b5:ca:
a3:a6:d9:c8:ba:bc:ac:c0:ca:34:04:67:10:67:f3:43:54:32:
5c:15:fc:ba:38:2e:a1:9f:83:3a:d2:3c:8a:8d:22:d3:67:86:
67:e6:c2:4c:bb:f5:48:d8:c3:0d:57:d8:cd:86:e6:b8:da:50:
67:86:3c:03
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZgOd8w3gRqKP5dvL0h239R8MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdjM2QwMjJhMjQwY2U3MWUwYTZlMWU5YWFlMDExMmRhODQw
Y2MzNGIwHhcNMjUwNzE1MTQyMzA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTNiZjBkYmYwZmZmNjM3OTJiMzU4MGVlZWU4ZjEyODU0MWM4MjM5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnwPdDSeEMjtKe1DWAKBEyDEITdL7
RulDvlG4f6usJhPw3/6vGTMJhKnWU6vS/FLAcuYe2kBosDgHCGk8b7zkNqY4YnIq
yn/0qxTbn7+TFo+mDbITdEevz/s77Kmo8Z2zzkvjE0zUM3iug/5laIoeXafN6/io
Sx/gRoIbuBYPxBjTDokwxIkucs9CK61pltmgvTZfWr++cvN4ZgI4a2sPJNu1jmWu
Kj85uUOnQC2RYLcUDCZ6Ad+zvqWCEOhQ+BxjTEDwIOOVYtfi7k94fWU/l+gx25hb
g6Q6Td+EE+6roqbnZpucioW3FmiwFEvada6dDSLUj4cw7N0O2Q3bowpxJwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFGU78Nvw//Y3krNYDu7o8ShUHII5MB8GA1UdIwQY
MBaAFHw9AiokDOceCm4emq4BEtqEDMNLMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYt
MDk0ODk4OWU2ZDU1LzEvWlR2dzJfRF85amVTczFnTzd1anhLRlFjZ2prLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZi9mZDM2MmYtYWZjYi00Y2Y1LTk4YzYtMDk0ODk4OWU2ZDU1
LzEvZkQwQ0tpUU01eDRLYmg2YXJnRVMyb1FNdzBzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAYBAIAATASAwQALZ+UAwQA
uXEKAwQAw/6lMA8EAgACMAkDBwAqBZCAAAEwDQYJKoZIhvcNAQELBQADggEBAMfL
bVK7OFuBVdyteyRo8oAZjnr38n0hZ2hBsgzOp0lLvRHszNDDLe2VEgONhI5egwwL
573wMts8k6Al6W7U+/i7vSyS+BtpUTW6dx+0M3xMrBdvU/Rw9ZJVuMeS5bHDnRYP
TEdN/sQattM2vhhKSz64LsCgymyaY3mVlfsnCeQe6eF4Et94sN70MsP3Vbqh/wc/
MKbaEN9siiV/Bug5DTWsNic4qDUXM1d+utos2cus4Nml6GBYmzk/WLNZj08PkrH5
Nga1yqOm2ci6vKzAyjQEZxBn80NUMlwV/Lo4LqGfgzrSPIqNItNnhmfmwky79UjY
ww1X2M2G5rjaUGeGPAM=
-----END CERTIFICATE-----
Generated at Sun Jul 27 07:17:52 2025 by rpki-client