Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/zFFyOssEtNl2ZptlNvn-iw3yuoM.roa
File: zFFyOssEtNl2ZptlNvn-iw3yuoM.roa (raw, json)
Hash identifier: wU/a9ptBrD+06JSBz0EUZiC1M21vno+RkNOOYDTpTyw=
Subject key identifier: CC:51:72:3A:CB:04:B4:D9:76:66:9B:65:36:F9:FE:8B:0D:F2:BA:83
Certificate issuer: /CN=e8534643ec4826b439417fdb3cb2c493e61f949e
Certificate serial: 01973075D58550441868041029A7F665997E
Authority key identifier: E8:53:46:43:EC:48:26:B4:39:41:7F:DB:3C:B2:C4:93:E6:1F:94:9E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/zFFyOssEtNl2ZptlNvn-iw3yuoM.roa
Signing time: Mon 02 Jun 2025 11:45:17 +0000
ROA not before: Mon 02 Jun 2025 11:45:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 34829
IP address blocks: 91.225.252.0/24 maxlen: 24
91.225.254.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.crl
rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.mft
rsync://rpki.ripe.net/repository/DEFAULT/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 08:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:30:75:d5:85:50:44:18:68:04:10:29:a7:f6:65:99:7e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e8534643ec4826b439417fdb3cb2c493e61f949e
Validity
Not Before: Jun 2 11:45:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc51723acb04b4d976669b6536f9fe8b0df2ba83
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:51:96:41:5c:af:53:18:13:e7:d9:06:5c:8f:
9c:25:fe:79:29:49:02:24:ef:37:fc:67:a0:b1:4e:
dd:a2:da:c3:e2:8c:a0:a3:4f:83:ac:2e:b5:9e:3c:
fe:57:e0:01:87:14:67:4d:2f:70:c2:5c:35:3f:21:
de:ca:f4:b1:42:95:5b:c4:c8:ca:87:ed:cd:0f:2b:
01:fe:ac:da:eb:23:45:cb:de:34:81:11:f6:9c:ca:
fd:50:a3:d5:19:33:92:be:86:ce:60:00:e6:4c:9f:
75:4e:a0:59:8d:b4:64:aa:0b:9d:ab:b4:52:7a:0a:
9c:16:b5:9d:c5:20:01:ef:42:b3:7d:40:66:39:a5:
a8:1d:da:5b:e2:18:70:96:34:bf:c7:13:d6:07:1e:
33:1d:34:f3:29:51:a5:32:8a:fa:c5:96:84:12:cd:
3e:4c:ab:f3:d2:9f:4d:6c:5d:f6:29:c2:3d:b3:10:
7a:73:b9:16:38:29:c5:d7:24:e3:02:ea:9e:46:c0:
48:12:73:ac:51:ef:98:e0:c6:f3:b4:db:3c:21:93:
24:27:05:32:07:8b:da:24:be:72:2b:7c:8d:d9:16:
9a:6a:04:a8:8e:b6:a7:da:63:6d:da:56:2d:3d:77:
87:84:37:c1:94:ec:8f:62:89:19:88:21:7f:3f:70:
b1:3f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:51:72:3A:CB:04:B4:D9:76:66:9B:65:36:F9:FE:8B:0D:F2:BA:83
X509v3 Authority Key Identifier:
keyid:E8:53:46:43:EC:48:26:B4:39:41:7F:DB:3C:B2:C4:93:E6:1F:94:9E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/zFFyOssEtNl2ZptlNvn-iw3yuoM.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/42/83cae6-5bcb-48c4-8ebd-29de48ee00b9/1/6FNGQ-xIJrQ5QX_bPLLEk-YflJ4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.225.252.0/24
91.225.254.0/24
Signature Algorithm: sha256WithRSAEncryption
9d:77:70:bc:78:45:4b:44:22:22:86:7f:2a:bf:ad:d6:ab:ae:
a8:4c:12:df:06:78:0d:c7:e2:cf:d8:70:f9:45:87:ed:aa:b8:
60:55:6b:3c:1b:29:61:e3:0a:2e:fd:b3:04:6f:46:fd:00:06:
d7:a4:01:f2:23:72:b2:7f:31:d2:7b:0c:3f:06:f8:6f:65:65:
b4:25:70:e1:9b:ca:fc:64:67:17:9d:9d:7d:08:63:55:cf:41:
f9:87:c2:2e:c9:cf:09:cf:c2:a7:05:fe:a9:25:aa:91:ca:0a:
5e:eb:f3:88:06:3f:cd:0b:42:a3:89:02:f0:9d:0d:b0:27:70:
9d:4c:8f:db:5e:f6:01:e3:03:67:76:48:43:be:7e:83:a3:01:
38:f4:e3:2f:95:90:a9:79:09:03:31:ec:93:16:59:db:92:18:
a1:e4:61:96:5b:c5:28:77:70:22:bf:4c:92:fd:5f:91:d9:7a:
71:5c:5a:78:ca:10:de:3b:17:b2:04:e5:d3:8b:7c:ab:e7:aa:
2d:76:a0:8c:61:a1:4b:f8:6c:4b:9b:c3:0e:8a:f6:5c:99:95:
77:56:3d:68:29:ee:42:4f:08:05:06:50:c6:8e:b2:c6:8d:50:
16:16:e9:21:be:4c:58:e7:05:76:2b:44:c1:aa:47:86:e0:69:
2a:78:ec:6b
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZcwddWFUEQYaAQQKaf2ZZl+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGU4NTM0NjQzZWM0ODI2YjQzOTQxN2ZkYjNjYjJjNDkzZTYx
Zjk0OWUwHhcNMjUwNjAyMTE0NTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzUxNzIzYWNiMDRiNGQ5NzY2NjliNjUzNmY5ZmU4YjBkZjJiYTgzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApVGWQVyvUxgT59kGXI+cJf55KUkC
JO83/GegsU7dotrD4oygo0+DrC61njz+V+ABhxRnTS9wwlw1PyHeyvSxQpVbxMjK
h+3NDysB/qza6yNFy940gRH2nMr9UKPVGTOSvobOYADmTJ91TqBZjbRkqgudq7RS
egqcFrWdxSAB70KzfUBmOaWoHdpb4hhwljS/xxPWBx4zHTTzKVGlMor6xZaEEs0+
TKvz0p9NbF32KcI9sxB6c7kWOCnF1yTjAuqeRsBIEnOsUe+Y4MbztNs8IZMkJwUy
B4vaJL5yK3yN2RaaagSojran2mNt2lYtPXeHhDfBlOyPYokZiCF/P3CxPwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMxRcjrLBLTZdmabZTb5/osN8rqDMB8GA1UdIwQY
MBaAFOhTRkPsSCa0OUF/2zyyxJPmH5SeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNkZOR1EteElKclE1UVhfYlBMTEVrLVlmbEo0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80Mi84M2NhZTYtNWJjYi00OGM0LThlYmQt
MjlkZTQ4ZWUwMGI5LzEvekZGeU9zc0V0TmwyWnB0bE52bi1pdzN5dW9NLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80Mi84M2NhZTYtNWJjYi00OGM0LThlYmQtMjlkZTQ4ZWUwMGI5
LzEvNkZOR1EteElKclE1UVhfYlBMTEVrLVlmbEo0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW+H8AwQA
W+H+MA0GCSqGSIb3DQEBCwUAA4IBAQCdd3C8eEVLRCIihn8qv63Wq66oTBLfBngN
x+LP2HD5RYftqrhgVWs8Gylh4wou/bMEb0b9AAbXpAHyI3KyfzHSeww/BvhvZWW0
JXDhm8r8ZGcXnZ19CGNVz0H5h8Iuyc8Jz8KnBf6pJaqRygpe6/OIBj/NC0KjiQLw
nQ2wJ3CdTI/bXvYB4wNndkhDvn6DowE49OMvlZCpeQkDMeyTFlnbkhih5GGWW8Uo
d3Aiv0yS/V+R2XpxXFp4yhDeOxeyBOXTi3yr56otdqCMYaFL+GxLm8MOivZcmZV3
Vj1oKe5CTwgFBlDGjrLGjVAWFukhvkxY5wV2K0TBqkeG4GkqeOxr
-----END CERTIFICATE-----
Generated at Sat Jun 7 14:10:47 2025 by rpki-client