Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ZY9I81FG4Id2GF9DG6vJ_zd5Jxc.roa
File: ZY9I81FG4Id2GF9DG6vJ_zd5Jxc.roa (raw, json)
Hash identifier: SkhX+cmyU9TLwyWh1p2c0HRvsQhKx7OanFlINAk8ELM=
Subject key identifier: 65:8F:48:F3:51:46:E0:87:76:18:5F:43:1B:AB:C9:FF:37:79:27:17
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 0198EF6FE64A2B49B0BF34C04EF8DB8CEAD8
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ZY9I81FG4Id2GF9DG6vJ_zd5Jxc.roa
Signing time: Thu 28 Aug 2025 06:49:04 +0000
ROA not before: Thu 28 Aug 2025 06:49:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 399989
IP address blocks: 194.231.132.0/22 maxlen: 22
194.231.136.0/22 maxlen: 22
194.231.144.0/22 maxlen: 22
194.231.152.0/22 maxlen: 22
194.231.192.0/22 maxlen: 22
194.231.204.0/22 maxlen: 22
194.231.212.0/22 maxlen: 22
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 01:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ef:6f:e6:4a:2b:49:b0:bf:34:c0:4e:f8:db:8c:ea:d8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Aug 28 06:49:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=658f48f35146e08776185f431babc9ff37792717
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bb:19:68:6c:44:22:66:ca:35:db:62:33:39:43:
ef:40:7a:1e:6e:0b:11:8b:c4:fb:b8:07:be:26:e5:
93:1e:70:16:14:25:ab:81:79:4b:d0:c0:5d:63:53:
c8:25:19:e3:e5:45:6b:f3:4d:54:7c:3d:86:67:f7:
d3:73:ae:6e:5d:d3:71:34:c4:0b:65:9f:64:b9:45:
33:8c:90:19:4d:ee:94:9e:83:77:d7:77:4c:29:24:
2f:f7:38:9d:e9:2e:f2:8f:54:cc:d0:96:be:7b:9f:
99:7d:66:ae:1c:23:2a:01:c0:ba:6c:de:59:3e:f7:
16:57:ef:5e:b8:19:2a:20:c3:71:57:9d:f5:7a:79:
be:0d:9d:ba:42:cd:f2:20:6c:cb:4c:cc:bd:fa:45:
11:03:e0:24:c5:cf:34:44:1b:4a:4c:26:ec:6c:de:
70:1a:4d:65:e3:13:09:0d:ba:4f:19:53:58:ff:1d:
9e:6b:b8:34:e4:a7:a7:22:f3:d6:2e:5d:2c:40:0c:
5f:ed:2a:ab:29:a3:fb:8f:f5:cf:75:f4:ab:4a:e2:
0c:3a:0e:f9:e7:a2:8d:e5:e3:6e:ed:3e:70:42:dc:
40:20:ff:22:82:fc:79:b5:6d:86:47:b5:a9:fe:51:
14:6b:39:74:8c:9c:25:55:54:79:c9:2c:d1:66:cf:
f3:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:8F:48:F3:51:46:E0:87:76:18:5F:43:1B:AB:C9:FF:37:79:27:17
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/ZY9I81FG4Id2GF9DG6vJ_zd5Jxc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
194.231.132.0-194.231.139.255
194.231.144.0/22
194.231.152.0/22
194.231.192.0/22
194.231.204.0/22
194.231.212.0/22
Signature Algorithm: sha256WithRSAEncryption
b8:a4:19:76:f2:16:3c:a8:01:b5:04:ca:50:25:c5:d0:f3:ee:
81:6c:0f:c1:0f:74:74:4f:7e:76:09:30:e6:c2:6a:1f:a6:a2:
e6:c3:a4:10:d2:c3:b7:5f:7d:9d:0f:99:82:96:b8:65:32:78:
78:ca:dd:0e:92:fa:48:1b:b9:40:3b:1f:a4:e1:b1:f1:df:16:
5c:0f:39:f2:a4:15:6a:e6:e8:08:ac:4f:0c:3a:17:46:59:44:
84:0f:67:7f:27:79:20:e7:ac:da:b5:ce:57:5c:a9:3b:cc:17:
dc:4a:72:8a:9f:0e:b5:ee:62:c5:b5:6d:b0:b6:e2:a4:2f:e1:
67:86:04:f1:57:c8:c1:77:9c:ca:28:16:1d:df:06:00:2e:11:
01:da:70:f7:31:59:9c:ec:83:93:5c:78:86:ee:f0:5a:95:aa:
53:ba:c5:61:bc:9d:6f:42:26:a5:3e:42:2d:68:d0:f8:03:c1:
42:2d:86:70:c1:74:37:46:49:c1:8e:d0:dc:d1:6a:91:9f:f5:
fd:87:27:c1:e1:75:11:37:8b:9d:22:70:a8:5a:54:04:5f:62:
85:d5:cc:77:08:1b:77:ca:e3:fe:25:ab:53:b1:aa:75:9f:20:
b9:fa:f8:d4:00:0b:d5:7a:e0:3a:8e:fc:70:d1:c0:1c:fb:21:
14:e4:15:b5
-----BEGIN CERTIFICATE-----
MIIFIzCCBAugAwIBAgISAZjvb+ZKK0mwvzTATvjbjOrYMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUwODI4MDY0OTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NThmNDhmMzUxNDZlMDg3NzYxODVmNDMxYmFiYzlmZjM3NzkyNzE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAuxlobEQiZso122IzOUPvQHoebgsR
i8T7uAe+JuWTHnAWFCWrgXlL0MBdY1PIJRnj5UVr801UfD2GZ/fTc65uXdNxNMQL
ZZ9kuUUzjJAZTe6UnoN313dMKSQv9zid6S7yj1TM0Ja+e5+ZfWauHCMqAcC6bN5Z
PvcWV+9euBkqIMNxV531enm+DZ26Qs3yIGzLTMy9+kURA+Akxc80RBtKTCbsbN5w
Gk1l4xMJDbpPGVNY/x2ea7g05KenIvPWLl0sQAxf7SqrKaP7j/XPdfSrSuIMOg75
56KN5eNu7T5wQtxAIP8igvx5tW2GR7Wp/lEUazl0jJwlVVR5ySzRZs/zKQIDAQAB
o4ICLzCCAiswHQYDVR0OBBYEFGWPSPNRRuCHdhhfQxuryf83eScXMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvWlk5STgxRkc0SWQyR0Y5REc2dkpfemQ1SnhjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEUGCCsGAQUFBwEHAQH/BDYwNDAyBAIAATAsMAwDBALC54QD
BALC54gDBALC55ADBALC55gDBALC58ADBALC58wDBALC59QwDQYJKoZIhvcNAQEL
BQADggEBALikGXbyFjyoAbUEylAlxdDz7oFsD8EPdHRPfnYJMObCah+moubDpBDS
w7dffZ0PmYKWuGUyeHjK3Q6S+kgbuUA7H6ThsfHfFlwPOfKkFWrm6AisTww6F0ZZ
RIQPZ38neSDnrNq1zldcqTvMF9xKcoqfDrXuYsW1bbC24qQv4WeGBPFXyMF3nMoo
Fh3fBgAuEQHacPcxWZzsg5NceIbu8FqVqlO6xWG8nW9CJqU+Qi1o0PgDwUIthnDB
dDdGScGO0NzRapGf9f2HJ8HhdRE3i50icKhaVARfYoXVzHcIG3fK4/4lq1OxqnWf
ILn6+NQAC9V64DqO/HDRwBz7IRTkFbU=
-----END CERTIFICATE-----
Generated at Fri Sep 5 10:16:54 2025 by rpki-client