Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/zrX35UZIaDQ7gsBizHdrkf-Nup0.roa
File: zrX35UZIaDQ7gsBizHdrkf-Nup0.roa (raw, json)
Hash identifier: YG/4j+fW6PNSItLJkk/6gbwhIYXjKk9jfgVFuX7jzdg=
Subject key identifier: CE:B5:F7:E5:46:48:68:34:3B:82:C0:62:CC:77:6B:91:FF:8D:BA:9D
Certificate issuer: /CN=77b020308865c3360dab19f3a5703341864e9f50
Certificate serial: 019837624AFADB2A0AB23CBFF424662E4CB4
Authority key identifier: 77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/zrX35UZIaDQ7gsBizHdrkf-Nup0.roa
Signing time: Wed 23 Jul 2025 13:04:05 +0000
ROA not before: Wed 23 Jul 2025 13:04:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210841
IP address blocks: 80.73.219.0/24 maxlen: 24
80.73.220.0/22 maxlen: 24
91.232.129.0/24 maxlen: 24
91.232.198.0/24 maxlen: 24
91.232.208.0/24 maxlen: 24
91.232.235.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.mft
rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 27 Jul 2025 20:00:05 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:37:62:4a:fa:db:2a:0a:b2:3c:bf:f4:24:66:2e:4c:b4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=77b020308865c3360dab19f3a5703341864e9f50
Validity
Not Before: Jul 23 13:04:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ceb5f7e5464868343b82c062cc776b91ff8dba9d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e7:31:77:39:4d:a7:79:f2:78:30:7f:a4:bd:d5:
e0:8e:75:8f:2c:6a:b8:4c:1b:8c:72:d4:af:95:64:
db:70:5a:90:42:b0:14:fd:b8:e3:aa:4d:b9:8f:1b:
65:7a:8d:01:31:b5:6f:36:8e:e2:ef:60:52:8a:42:
05:98:3c:69:72:99:71:fc:ea:9b:0f:10:ca:1b:7f:
32:2d:51:d1:ec:47:39:cf:40:8c:86:57:1e:98:03:
5d:50:c4:b5:c6:4b:e8:c2:df:51:fb:35:17:bb:28:
04:cf:10:02:8e:50:16:51:fb:62:8a:f5:7b:9a:9d:
da:80:fe:69:e2:05:ff:36:84:67:a5:96:8d:10:37:
8e:d5:2a:03:0f:1b:4e:a5:99:13:0f:ff:32:d2:e0:
3c:f3:3c:2d:8e:fd:49:c0:82:95:a7:74:bd:fa:8a:
2f:8f:21:22:a4:56:37:e5:4a:49:a2:37:61:1c:a3:
3a:29:71:a1:fc:90:b4:d4:12:bf:14:45:cb:be:8b:
44:9e:ff:84:f5:83:cb:21:3b:f6:7d:71:25:3f:0a:
5f:7e:31:60:e3:2d:44:17:f3:8a:05:21:d2:71:7a:
95:5c:f9:a7:40:f1:e5:59:4b:4e:0f:f9:6b:0f:84:
bf:35:c5:53:8c:b1:bb:18:7a:75:2a:99:b8:9b:ae:
5c:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:B5:F7:E5:46:48:68:34:3B:82:C0:62:CC:77:6B:91:FF:8D:BA:9D
X509v3 Authority Key Identifier:
keyid:77:B0:20:30:88:65:C3:36:0D:AB:19:F3:A5:70:33:41:86:4E:9F:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/d7AgMIhlwzYNqxnzpXAzQYZOn1A.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/zrX35UZIaDQ7gsBizHdrkf-Nup0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f8/d2aab0-8363-4b14-9cc2-c8bb8ea39804/1/d7AgMIhlwzYNqxnzpXAzQYZOn1A.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.73.219.0-80.73.223.255
91.232.129.0/24
91.232.198.0/24
91.232.208.0/24
91.232.235.0/24
Signature Algorithm: sha256WithRSAEncryption
25:47:93:aa:31:36:96:18:2e:1a:28:78:b5:2b:6d:f5:c3:e4:
6b:e5:f2:51:83:00:fe:71:c0:74:72:09:f3:21:c7:74:15:13:
a3:d8:b1:5a:5b:a7:d3:ee:79:36:89:1d:46:6c:8f:b2:08:09:
f1:17:62:06:7e:ec:a2:2e:bf:93:b7:6d:99:e4:19:c5:b5:9a:
94:82:62:54:ae:f1:38:ba:4c:27:7e:19:79:9a:71:00:86:be:
b5:fe:48:69:cc:18:46:2f:ce:9c:45:03:1f:54:66:2b:14:c0:
9e:9b:0a:9d:ec:20:52:02:ec:bc:6a:39:4d:c9:4f:a3:6a:03:
eb:27:d9:86:9a:46:48:9e:7d:e9:09:1b:76:05:c2:0e:7f:87:
77:f6:d9:55:5e:45:cd:b5:15:92:61:65:a2:3e:fe:b4:7e:a3:
8c:fc:dd:46:f3:04:e1:82:cb:5a:cc:f6:2b:c8:df:bb:11:e1:
f6:7e:e6:30:b4:52:98:64:af:d1:d4:f5:70:a9:ff:d8:b4:a8:
3d:be:77:e6:c1:15:be:d8:db:fd:d2:09:9b:7b:9f:be:2a:47:
2d:90:96:82:cc:a6:30:41:71:4c:f5:20:4b:ac:87:01:9b:95:
ea:c3:15:83:39:6d:e1:e8:d0:de:60:9b:96:46:76:5a:cc:5b:
0b:ed:52:3f
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZg3Ykr62yoKsjy/9CRmLky0MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDc3YjAyMDMwODg2NWMzMzYwZGFiMTlmM2E1NzAzMzQxODY0
ZTlmNTAwHhcNMjUwNzIzMTMwNDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZWI1ZjdlNTQ2NDg2ODM0M2I4MmMwNjJjYzc3NmI5MWZmOGRiYTlkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5zF3OU2nefJ4MH+kvdXgjnWPLGq4
TBuMctSvlWTbcFqQQrAU/bjjqk25jxtleo0BMbVvNo7i72BSikIFmDxpcplx/Oqb
DxDKG38yLVHR7Ec5z0CMhlcemANdUMS1xkvowt9R+zUXuygEzxACjlAWUftiivV7
mp3agP5p4gX/NoRnpZaNEDeO1SoDDxtOpZkTD/8y0uA88zwtjv1JwIKVp3S9+oov
jyEipFY35UpJojdhHKM6KXGh/JC01BK/FEXLvotEnv+E9YPLITv2fXElPwpffjFg
4y1EF/OKBSHScXqVXPmnQPHlWUtOD/lrD4S/NcVTjLG7GHp1Kpm4m65ciQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFM619+VGSGg0O4LAYsx3a5H/jbqdMB8GA1UdIwQY
MBaAFHewIDCIZcM2DasZ86VwM0GGTp9QMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzIt
YzhiYjhlYTM5ODA0LzEvenJYMzVVWklhRFE3Z3NCaXpIZHJrZi1OdXAwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mOC9kMmFhYjAtODM2My00YjE0LTljYzItYzhiYjhlYTM5ODA0
LzEvZDdBZ01JaGx3ellOcXhuenBYQXpRWVpPbjFBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmMAwDBABQSdsD
BAVQScADBABb6IEDBABb6MYDBABb6NADBABb6OswDQYJKoZIhvcNAQELBQADggEB
ACVHk6oxNpYYLhooeLUrbfXD5Gvl8lGDAP5xwHRyCfMhx3QVE6PYsVpbp9PueTaJ
HUZsj7IICfEXYgZ+7KIuv5O3bZnkGcW1mpSCYlSu8Ti6TCd+GXmacQCGvrX+SGnM
GEYvzpxFAx9UZisUwJ6bCp3sIFIC7LxqOU3JT6NqA+sn2YaaRkiefekJG3YFwg5/
h3f22VVeRc21FZJhZaI+/rR+o4z83UbzBOGCy1rM9ivI37sR4fZ+5jC0Uphkr9HU
9XCp/9i0qD2+d+bBFb7Y2/3SCZt7n74qRy2QloLMpjBBcUz1IEushwGblerDFYM5
beHo0N5gm5ZGdlrMWwvtUj8=
-----END CERTIFICATE-----
Generated at Sun Jul 27 05:17:22 2025 by rpki-client