Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/FzZZdicxxaAtlbuALXuqBTSHvYM.roa
File: FzZZdicxxaAtlbuALXuqBTSHvYM.roa (raw, json)
Hash identifier: SL75856b9V/PxlIMDP02SZH+Sja8kFbvsV+DyvbJLSw=
Subject key identifier: 17:36:59:76:27:31:C5:A0:2D:95:BB:80:2D:7B:AA:05:34:87:BD:83
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019A42F637C712653A7773471F52050B79DD
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/FzZZdicxxaAtlbuALXuqBTSHvYM.roa
Signing time: Sun 02 Nov 2025 05:07:03 +0000
ROA not before: Sun 02 Nov 2025 05:07:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215607
IP address blocks: 77.90.33.0/24 maxlen: 24
89.106.89.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 07 Nov 2025 14:44:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:42:f6:37:c7:12:65:3a:77:73:47:1f:52:05:0b:79:dd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Nov 2 05:07:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=173659762731c5a02d95bb802d7baa053487bd83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bf:38:b0:99:9b:5f:e2:f0:f9:bd:b5:89:be:d8:
d7:37:d1:9e:88:85:a0:85:c6:fd:c0:f2:2d:dd:12:
20:9b:84:83:25:1d:00:d7:c2:8d:2a:55:55:3e:8c:
b8:3b:6d:23:c8:10:11:24:99:4e:80:d8:13:8a:11:
58:df:08:e0:09:2b:7c:a3:f8:76:ff:fe:d5:d6:76:
3a:33:0b:7e:02:6c:9a:43:3d:16:80:69:6f:41:87:
89:c5:b6:b8:18:a0:c6:d0:24:93:05:db:cc:66:e7:
2d:0e:38:8d:aa:36:85:1a:5d:82:8e:03:d1:e2:04:
14:27:05:89:cc:14:fd:bc:c6:13:1f:10:65:3a:14:
61:15:5e:df:e4:06:60:6b:32:00:5e:e0:08:fd:ae:
2c:c5:cc:11:c0:37:b9:56:8f:62:70:20:90:2e:9e:
9d:34:06:2d:fd:b8:cc:a5:47:fa:4c:0d:c7:cb:80:
80:71:1f:3d:17:7b:c8:78:2a:75:84:12:54:fa:4f:
fc:43:28:15:4d:32:ea:34:cd:e6:eb:a4:aa:0e:9d:
c7:02:89:27:fd:eb:49:a7:a2:df:30:3f:b0:8a:4c:
23:14:af:a1:6c:44:fc:5e:90:f6:fb:ce:05:74:64:
69:0f:f9:d7:77:2c:d5:58:74:5f:bd:bb:23:c9:58:
b0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
17:36:59:76:27:31:C5:A0:2D:95:BB:80:2D:7B:AA:05:34:87:BD:83
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/FzZZdicxxaAtlbuALXuqBTSHvYM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
77.90.33.0/24
89.106.89.0/24
Signature Algorithm: sha256WithRSAEncryption
01:18:bd:ed:d7:ec:89:58:b7:cc:79:6a:64:7f:b6:be:c1:47:
39:40:57:ca:35:e0:86:7d:da:63:30:4a:e2:f6:35:e8:5e:4b:
f1:0b:f7:09:12:93:d9:ea:ce:92:a2:72:a3:bb:68:df:f1:75:
77:da:71:80:40:a8:d5:b3:29:11:06:a6:b9:b7:84:80:78:6c:
02:1f:d3:ea:55:da:fc:9f:37:88:6d:57:c4:df:17:91:72:b9:
22:58:6b:9e:f8:24:fd:e8:8c:61:2c:6f:a0:f4:66:5c:ba:4d:
46:4a:59:27:ce:cf:02:93:7c:ad:f3:06:47:e7:fc:3d:00:5b:
4f:e8:2b:4e:a4:f5:59:e8:b4:67:d7:96:dc:17:90:b5:1f:e1:
66:cf:31:8a:ee:45:b9:66:22:58:43:d8:71:83:e9:f1:53:94:
bd:7c:ef:05:68:91:9f:de:ce:08:24:aa:5c:dd:bd:9c:28:9a:
fb:3b:6b:7c:be:37:4c:68:81:7c:ba:a2:85:e5:9b:cb:cf:60:
b8:59:55:83:bf:04:f5:80:b0:62:6d:76:fa:d1:4b:ea:f5:46:
a2:d7:48:4a:1c:6d:0e:f6:02:47:b2:5c:d7:0b:d0:d3:c9:74:
91:e5:e6:77:c1:4b:75:eb:ed:90:9e:33:fc:14:7c:a0:cb:cc:
a1:c9:f5:82
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpC9jfHEmU6d3NHH1IFC3ndMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMTAyMDUwNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygxNzM2NTk3NjI3MzFjNWEwMmQ5NWJiODAyZDdiYWEwNTM0ODdiZDgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvziwmZtf4vD5vbWJvtjXN9GeiIWg
hcb9wPIt3RIgm4SDJR0A18KNKlVVPoy4O20jyBARJJlOgNgTihFY3wjgCSt8o/h2
//7V1nY6Mwt+AmyaQz0WgGlvQYeJxba4GKDG0CSTBdvMZuctDjiNqjaFGl2CjgPR
4gQUJwWJzBT9vMYTHxBlOhRhFV7f5AZgazIAXuAI/a4sxcwRwDe5Vo9icCCQLp6d
NAYt/bjMpUf6TA3Hy4CAcR89F3vIeCp1hBJU+k/8QygVTTLqNM3m66SqDp3HAokn
/etJp6LfMD+wikwjFK+hbET8XpD2+84FdGRpD/nXdyzVWHRfvbsjyViwgQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFBc2WXYnMcWgLZW7gC17qgU0h72DMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvRnpaWmRpY3h4YUF0bGJ1QUxYdXFCVFNIdllNLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATVohAwQA
WWpZMA0GCSqGSIb3DQEBCwUAA4IBAQABGL3t1+yJWLfMeWpkf7a+wUc5QFfKNeCG
fdpjMEri9jXoXkvxC/cJEpPZ6s6SonKju2jf8XV32nGAQKjVsykRBqa5t4SAeGwC
H9PqVdr8nzeIbVfE3xeRcrkiWGue+CT96IxhLG+g9GZcuk1GSlknzs8Ck3yt8wZH
5/w9AFtP6CtOpPVZ6LRn15bcF5C1H+FmzzGK7kW5ZiJYQ9hxg+nxU5S9fO8FaJGf
3s4IJKpc3b2cKJr7O2t8vjdMaIF8uqKF5ZvLz2C4WVWDvwT1gLBibXb60Uvq9Uai
10hKHG0O9gJHslzXC9DTyXSR5eZ3wUt16+2QnjP8FHygy8yhyfWC
-----END CERTIFICATE-----
Generated at Thu Nov 6 22:59:55 2025 by rpki-client