Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/zfprMxQqKYOZnZ9jQ8sE4rmoCTA.roa
File: zfprMxQqKYOZnZ9jQ8sE4rmoCTA.roa (raw, json)
Hash identifier: SYWG5rVAQXfmAp4cYrCvqClS7+JcisSc/HDC4OTwVT0=
Subject key identifier: CD:FA:6B:33:14:2A:29:83:99:9D:9F:63:43:CB:04:E2:B9:A8:09:30
Certificate issuer: /CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Certificate serial: 019A0FF7B579A4FF9E6FB8838F8329A845A3
Authority key identifier: 27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/zfprMxQqKYOZnZ9jQ8sE4rmoCTA.roa
Signing time: Thu 23 Oct 2025 07:28:03 +0000
ROA not before: Thu 23 Oct 2025 07:28:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 9304
IP address blocks: 62.192.110.0/24 maxlen: 24
194.231.136.0/24 maxlen: 24
194.231.150.0/24 maxlen: 24
194.231.151.0/24 maxlen: 24
194.231.152.0/24 maxlen: 24
194.231.153.0/24 maxlen: 24
194.231.154.0/24 maxlen: 24
194.231.198.0/24 maxlen: 24
194.231.201.0/24 maxlen: 24
194.231.202.0/23 maxlen: 24
194.231.204.0/23 maxlen: 24
194.231.206.0/23 maxlen: 24
194.231.208.0/23 maxlen: 24
194.231.210.0/23 maxlen: 24
194.231.212.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.mft
rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 26 Oct 2025 08:33:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:0f:f7:b5:79:a4:ff:9e:6f:b8:83:8f:83:29:a8:45:a3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=279dbfdf4c20bdae8d6118566ece76444e46d171
Validity
Not Before: Oct 23 07:28:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cdfa6b33142a2983999d9f6343cb04e2b9a80930
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:df:89:22:0e:6c:35:73:8a:2c:1d:fd:33:28:ba:
76:e4:ad:61:5c:52:2d:38:62:ed:e2:53:35:ef:d1:
24:b4:23:f9:0d:44:2e:23:60:05:0a:9e:ab:28:b0:
d5:18:7e:81:4c:40:7c:bf:7e:95:49:b3:e9:23:02:
3c:ae:80:38:e0:ae:f6:e8:ec:bc:14:93:1e:cc:35:
af:f1:96:af:86:c8:33:88:05:8e:0d:a5:1a:c5:7d:
9d:8e:b7:d1:f6:10:d2:1b:25:19:ef:0c:8a:c6:e1:
c7:8a:ea:a9:ac:5b:68:53:d6:33:2a:82:75:0c:b4:
78:9a:88:a1:6c:2f:04:08:e1:c5:77:78:de:40:8f:
f5:ab:88:80:24:41:90:ad:95:cc:1a:30:ce:bb:5c:
1d:12:01:a3:e4:7c:63:a0:48:c5:81:6e:bd:58:00:
59:b8:73:53:7d:9f:2a:ff:8f:54:3e:1d:90:26:d3:
d8:55:8a:19:4d:05:0e:c0:be:90:26:3f:05:8e:a9:
b0:13:46:cc:52:ef:f4:1a:7d:63:d1:36:d1:07:6f:
3b:9f:11:ff:1b:11:b2:e9:02:e6:68:38:72:9d:64:
cd:19:90:2c:96:f3:7c:31:d0:77:33:06:5c:44:73:
76:a7:d5:60:83:6e:39:3c:76:a9:ae:39:cc:70:d6:
39:cb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:FA:6B:33:14:2A:29:83:99:9D:9F:63:43:CB:04:E2:B9:A8:09:30
X509v3 Authority Key Identifier:
keyid:27:9D:BF:DF:4C:20:BD:AE:8D:61:18:56:6E:CE:76:44:4E:46:D1:71
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/J52_30wgva6NYRhWbs52RE5G0XE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/zfprMxQqKYOZnZ9jQ8sE4rmoCTA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/35/9d54a5-0135-4b18-961a-0cf1093d4548/1/J52_30wgva6NYRhWbs52RE5G0XE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
62.192.110.0/24
194.231.136.0/24
194.231.150.0-194.231.154.255
194.231.198.0/24
194.231.201.0-194.231.212.255
Signature Algorithm: sha256WithRSAEncryption
72:2b:4a:5c:ef:1e:90:99:4c:ea:5c:0c:a0:a5:d3:79:3c:a3:
a7:92:aa:1f:bf:22:e0:3b:3e:04:eb:77:b4:84:17:4a:bd:a1:
cd:8f:03:6f:e3:b9:78:65:11:e2:6b:0b:88:14:96:8a:99:36:
4d:6c:1b:ec:6f:02:72:0c:e6:8d:22:60:83:10:8f:fc:45:74:
c2:bd:7b:90:2b:5e:7d:93:93:be:b7:97:4c:f6:69:0a:ac:65:
27:d8:57:5b:7f:31:5b:81:29:e1:1f:97:45:94:11:bf:2a:75:
3c:37:05:82:5b:a6:32:5f:25:1d:9f:ab:7c:90:91:be:8a:b2:
ac:bf:1c:fd:b9:41:18:cd:11:f4:6a:3c:f1:c7:71:25:1a:34:
33:ef:4a:d0:25:f0:80:82:f6:cc:53:d0:d1:4f:d7:b3:f5:99:
69:e8:70:cd:0a:ec:91:2e:48:9e:d6:c2:00:ba:9a:e0:7b:74:
93:93:57:94:5f:98:e0:ba:47:23:76:66:fc:31:27:c4:67:30:
9e:11:7c:8e:46:0e:08:81:cf:2e:70:6f:f2:98:0b:91:f8:8e:
fe:6e:17:66:57:a7:02:b0:b3:62:a2:1d:b3:87:60:76:41:6e:
99:41:66:85:91:01:d2:16:97:81:cf:9e:06:4b:93:0a:15:e1:
0e:1b:e4:37
-----BEGIN CERTIFICATE-----
MIIFJTCCBA2gAwIBAgISAZoP97V5pP+eb7iDj4MpqEWjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDI3OWRiZmRmNGMyMGJkYWU4ZDYxMTg1NjZlY2U3NjQ0NGU0
NmQxNzEwHhcNMjUxMDIzMDcyODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGZhNmIzMzE0MmEyOTgzOTk5ZDlmNjM0M2NiMDRlMmI5YTgwOTMwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA34kiDmw1c4osHf0zKLp25K1hXFIt
OGLt4lM179EktCP5DUQuI2AFCp6rKLDVGH6BTEB8v36VSbPpIwI8roA44K726Oy8
FJMezDWv8ZavhsgziAWODaUaxX2djrfR9hDSGyUZ7wyKxuHHiuqprFtoU9YzKoJ1
DLR4moihbC8ECOHFd3jeQI/1q4iAJEGQrZXMGjDOu1wdEgGj5HxjoEjFgW69WABZ
uHNTfZ8q/49UPh2QJtPYVYoZTQUOwL6QJj8FjqmwE0bMUu/0Gn1j0TbRB287nxH/
GxGy6QLmaDhynWTNGZAslvN8MdB3MwZcRHN2p9Vgg245PHaprjnMcNY5ywIDAQAB
o4ICMTCCAi0wHQYDVR0OBBYEFM36azMUKimDmZ2fY0PLBOK5qAkwMB8GA1UdIwQY
MBaAFCedv99MIL2ujWEYVm7OdkRORtFxMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEt
MGNmMTA5M2Q0NTQ4LzEvemZwck14UXFLWU9ablo5alE4c0U0cm1vQ1RBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8zNS85ZDU0YTUtMDEzNS00YjE4LTk2MWEtMGNmMTA5M2Q0NTQ4
LzEvSjUyXzMwd2d2YTZOWVJoV2JzNTJSRTVHMFhFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEcGCCsGAQUFBwEHAQH/BDgwNjA0BAIAATAuAwQAPsBuAwQA
wueIMAwDBAHC55YDBADC55oDBADC58YwDAMEAMLnyQMEAMLn1DANBgkqhkiG9w0B
AQsFAAOCAQEAcitKXO8ekJlM6lwMoKXTeTyjp5KqH78i4Ds+BOt3tIQXSr2hzY8D
b+O5eGUR4msLiBSWipk2TWwb7G8CcgzmjSJggxCP/EV0wr17kCtefZOTvreXTPZp
CqxlJ9hXW38xW4Ep4R+XRZQRvyp1PDcFglumMl8lHZ+rfJCRvoqyrL8c/blBGM0R
9Go88cdxJRo0M+9K0CXwgIL2zFPQ0U/Xs/WZaehwzQrskS5IntbCALqa4Ht0k5NX
lF+Y4LpHI3Zm/DEnxGcwnhF8jkYOCIHPLnBv8pgLkfiO/m4XZlenArCzYqIds4dg
dkFumUFmhZEB0haXgc+eBkuTChXhDhvkNw==
-----END CERTIFICATE-----
Generated at Sat Oct 25 15:17:00 2025 by rpki-client