Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zS1Or9dRHkxIGjkL39Pp-_gerV0.roa
File: zS1Or9dRHkxIGjkL39Pp-_gerV0.roa (raw, json)
Hash identifier: LjpKMcrz+1rCDvlRPCiJ+0HWZ8+4U1l+u6ZPPAu/fHU=
Subject key identifier: CD:2D:4E:AF:D7:51:1E:4C:48:1A:39:0B:DF:D3:E9:FB:F8:1E:AD:5D
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0199104479354ED1029B207D1C3D37B41E1A
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zS1Or9dRHkxIGjkL39Pp-_gerV0.roa
Signing time: Wed 03 Sep 2025 15:49:06 +0000
ROA not before: Wed 03 Sep 2025 15:49:06 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61135
IP address blocks: 78.135.73.0/24 maxlen: 24
212.68.35.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 06 Sep 2025 21:00:26 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:10:44:79:35:4e:d1:02:9b:20:7d:1c:3d:37:b4:1e:1a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Sep 3 15:49:06 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd2d4eafd7511e4c481a390bdfd3e9fbf81ead5d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:94:d0:3e:01:88:b2:51:43:e5:c4:26:93:43:
e2:41:5b:62:5e:4e:2f:de:14:c3:e0:1d:c0:26:e0:
c5:da:77:e4:b0:9d:33:c5:d6:b8:23:14:93:80:13:
fb:96:21:9d:f0:41:77:80:26:cb:57:44:79:54:91:
ee:ef:b7:61:1a:95:1d:08:54:7f:00:68:8d:2f:36:
c0:37:c6:8a:99:1a:73:d4:ba:f8:5f:de:15:16:71:
d4:f3:d3:88:a0:9a:85:e5:2c:59:d9:86:d2:68:1f:
c0:c8:1b:7d:c1:73:ff:30:75:b3:d7:a8:05:38:26:
73:16:aa:e8:a0:9c:95:f1:87:17:1a:ad:a2:1e:a0:
c1:62:19:b1:a2:15:96:8d:bb:52:2d:df:fe:d5:32:
6b:d0:5a:65:b5:d6:b1:c5:07:46:28:f7:9d:b7:f7:
3b:18:18:64:9d:2f:49:61:c2:56:88:bc:04:43:66:
a1:84:af:f0:1a:f8:a1:5d:34:3f:84:60:90:24:ed:
52:33:6e:89:c1:b3:8d:31:5e:0f:34:8a:b7:38:b2:
eb:f8:5b:9c:88:ae:d0:92:f3:62:d7:28:24:5f:3e:
17:ea:17:29:ad:48:a9:b7:91:16:64:53:46:db:fc:
97:5f:62:3a:dc:fa:6a:15:24:78:fb:88:b7:67:db:
a1:0b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:2D:4E:AF:D7:51:1E:4C:48:1A:39:0B:DF:D3:E9:FB:F8:1E:AD:5D
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/zS1Or9dRHkxIGjkL39Pp-_gerV0.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
78.135.73.0/24
212.68.35.0/24
Signature Algorithm: sha256WithRSAEncryption
10:f8:1c:de:2e:00:cc:9f:0b:d1:b2:b6:89:94:44:19:7e:3b:
0b:75:4d:71:f7:75:64:4c:6a:c5:53:0a:1d:15:78:22:b6:d3:
43:4a:db:6b:f5:d5:50:8c:31:32:f3:fa:01:a0:87:97:8c:4a:
fc:fc:29:01:2c:f3:ac:ef:0b:fb:50:d2:90:40:ba:94:b2:1b:
c4:54:af:99:51:e2:b5:48:06:ae:97:31:20:71:8d:3c:84:5a:
2c:52:a1:2d:22:1a:d6:1b:61:c3:ab:62:92:9f:37:0e:6f:26:
e0:49:d8:65:fc:e9:43:e6:46:d4:a7:da:8e:26:95:94:10:e5:
0e:77:3e:69:59:86:a9:ed:48:d1:3c:35:d4:92:b4:50:5f:0e:
43:7f:05:17:64:b6:7a:d1:e5:80:88:ce:d6:09:09:c9:2f:35:
04:bc:58:a6:7c:9e:cf:a6:3a:d7:ae:82:07:0b:12:fd:c6:47:
42:b7:b1:45:a0:1b:bf:8b:b3:17:99:6a:dc:51:f6:e1:a6:9d:
03:b7:8d:6d:75:3d:72:80:b4:55:77:a4:d1:ce:f6:e0:30:f1:
f7:3a:96:69:c1:35:47:7a:22:43:1e:7f:0b:6a:70:4d:fa:c9:
4d:5c:ad:54:ad:ad:52:c9:b7:85:e8:49:99:d0:4b:c5:7d:78:
6d:c9:77:7f
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkQRHk1TtECmyB9HD03tB4aMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwOTAzMTU0OTA2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDJkNGVhZmQ3NTExZTRjNDgxYTM5MGJkZmQzZTlmYmY4MWVhZDVkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnJTQPgGIslFD5cQmk0PiQVtiXk4v
3hTD4B3AJuDF2nfksJ0zxda4IxSTgBP7liGd8EF3gCbLV0R5VJHu77dhGpUdCFR/
AGiNLzbAN8aKmRpz1Lr4X94VFnHU89OIoJqF5SxZ2YbSaB/AyBt9wXP/MHWz16gF
OCZzFqrooJyV8YcXGq2iHqDBYhmxohWWjbtSLd/+1TJr0FpltdaxxQdGKPedt/c7
GBhknS9JYcJWiLwEQ2ahhK/wGvihXTQ/hGCQJO1SM26JwbONMV4PNIq3OLLr+Fuc
iK7QkvNi1ygkXz4X6hcprUipt5EWZFNG2/yXX2I63PpqFSR4+4i3Z9uhCwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM0tTq/XUR5MSBo5C9/T6fv4Hq1dMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvelMxT3I5ZFJIa3hJR2prTDM5UHAtX2dlclYwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQATodJAwQA
1EQjMA0GCSqGSIb3DQEBCwUAA4IBAQAQ+BzeLgDMnwvRsraJlEQZfjsLdU1x93Vk
TGrFUwodFXgittNDSttr9dVQjDEy8/oBoIeXjEr8/CkBLPOs7wv7UNKQQLqUshvE
VK+ZUeK1SAaulzEgcY08hFosUqEtIhrWG2HDq2KSnzcObybgSdhl/OlD5kbUp9qO
JpWUEOUOdz5pWYap7UjRPDXUkrRQXw5DfwUXZLZ60eWAiM7WCQnJLzUEvFimfJ7P
pjrXroIHCxL9xkdCt7FFoBu/i7MXmWrcUfbhpp0Dt41tdT1ygLRVd6TRzvbgMPH3
OpZpwTVHeiJDHn8LanBN+slNXK1Ura1SybeF6EmZ0EvFfXhtyXd/
-----END CERTIFICATE-----
Generated at Sat Sep 6 05:05:53 2025 by rpki-client