
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6e/02e419-dd83-400b-b114-02c5008bcc09/1/zXpgIfivUxV3ksiBOIvLcsg5wsg.roa
File: zXpgIfivUxV3ksiBOIvLcsg5wsg.roa (raw, json)
Hash identifier: kEoJUet4XPH+HygffLp7TrLFhJPdEY2uJaOE3uj/HMY=
Subject key identifier: CD:7A:60:21:F8:AF:53:15:77:92:C8:81:38:8B:CB:72:C8:39:C2:C8
Certificate issuer: /CN=73d31367608564d8783bb242486e93d6506e7f95
Certificate serial: 0196D3635C3C543218009B6DDFA79E435CDA
Authority key identifier: 73:D3:13:67:60:85:64:D8:78:3B:B2:42:48:6E:93:D6:50:6E:7F:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/c9MTZ2CFZNh4O7JCSG6T1lBuf5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6e/02e419-dd83-400b-b114-02c5008bcc09/1/zXpgIfivUxV3ksiBOIvLcsg5wsg.roa
Signing time: Thu 15 May 2025 10:00:26 +0000
ROA not before: Thu 15 May 2025 10:00:26 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204288
IP address blocks: 91.210.110.0/24 maxlen: 24
193.33.38.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6e/02e419-dd83-400b-b114-02c5008bcc09/1/c9MTZ2CFZNh4O7JCSG6T1lBuf5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/6e/02e419-dd83-400b-b114-02c5008bcc09/1/c9MTZ2CFZNh4O7JCSG6T1lBuf5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/c9MTZ2CFZNh4O7JCSG6T1lBuf5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 10 Jun 2025 04:00:33 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:d3:63:5c:3c:54:32:18:00:9b:6d:df:a7:9e:43:5c:da
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=73d31367608564d8783bb242486e93d6506e7f95
Validity
Not Before: May 15 10:00:26 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd7a6021f8af53157792c881388bcb72c839c2c8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d9:0a:50:60:b3:4e:f1:d3:73:5f:48:d8:e0:49:
18:88:eb:f3:47:01:35:8e:e0:23:e0:96:18:d5:79:
69:88:c8:85:f2:bc:f9:c7:14:af:1c:5f:8a:47:49:
02:83:ae:b9:52:60:7c:ee:6a:54:84:98:b8:3e:47:
47:ca:42:f2:6f:b4:1a:be:6b:62:95:7a:94:f3:c3:
60:92:55:77:18:90:df:7b:da:16:df:20:37:ee:93:
b9:76:a6:93:b1:2b:a4:b0:4c:63:37:c4:7b:6c:da:
a5:bc:6a:77:ae:00:66:4d:be:15:83:ed:94:89:b6:
67:d3:8d:ca:20:5d:16:39:7c:aa:68:3e:65:a3:77:
2a:45:f0:d2:de:f7:fd:be:ae:d2:42:18:50:4d:b5:
20:c1:a4:55:66:5e:92:4b:ff:8d:07:54:1e:66:01:
61:c2:62:0a:3c:17:06:2f:0e:61:5a:72:59:bc:82:
38:87:78:71:86:00:66:58:25:e5:ca:db:4f:49:bd:
30:ed:8e:b5:58:0f:27:fe:cb:c5:a2:4f:d5:a0:3e:
be:e5:b3:07:1f:59:39:b8:c6:22:70:d0:12:82:44:
1e:d7:2e:c2:7f:5c:15:16:a9:66:ac:12:68:1d:01:
8c:d6:07:3b:ae:de:23:50:8d:c8:44:be:4e:40:29:
30:15
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:7A:60:21:F8:AF:53:15:77:92:C8:81:38:8B:CB:72:C8:39:C2:C8
X509v3 Authority Key Identifier:
keyid:73:D3:13:67:60:85:64:D8:78:3B:B2:42:48:6E:93:D6:50:6E:7F:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/c9MTZ2CFZNh4O7JCSG6T1lBuf5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/02e419-dd83-400b-b114-02c5008bcc09/1/zXpgIfivUxV3ksiBOIvLcsg5wsg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6e/02e419-dd83-400b-b114-02c5008bcc09/1/c9MTZ2CFZNh4O7JCSG6T1lBuf5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.210.110.0/24
193.33.38.0/23
Signature Algorithm: sha256WithRSAEncryption
8a:f0:1f:a0:2a:72:b5:29:23:15:a4:2f:6b:61:0a:f1:57:af:
9a:3a:e8:19:5c:ac:00:c1:eb:0d:c6:3e:0e:de:0f:26:68:bb:
ee:a8:54:13:0b:3c:54:80:06:58:e9:fe:2b:0e:1a:d1:08:e6:
f5:41:63:6c:27:c0:a1:52:98:9e:a0:e3:3b:63:70:08:d0:ac:
4f:f7:5e:14:5c:f3:57:b3:05:b9:c9:f5:04:10:07:ef:ac:42:
37:86:42:35:3f:e7:f4:9a:a8:54:db:fa:eb:66:e3:89:5e:24:
dd:f8:ed:c5:55:b7:d6:ae:9c:7b:8c:55:f7:5d:59:1f:68:0e:
cb:0f:2d:4f:8f:c1:17:43:e0:b3:51:f2:54:9d:e8:a6:0f:97:
99:79:6f:78:2b:9d:5b:77:d8:35:dc:26:b0:da:9f:be:4b:be:
d4:51:f1:f7:3b:5b:f6:10:f3:32:99:f3:3e:b2:c9:a5:89:ad:
70:34:75:0c:16:71:bb:63:42:32:af:0a:a4:8b:b6:b0:6d:75:
8a:ae:b7:74:cf:e2:cf:40:6a:6f:c0:9f:46:3b:c6:b9:2b:35:
8d:dc:e9:69:48:7e:6a:78:44:ea:15:86:5e:e2:e0:7b:8b:df:
24:5b:94:ed:c4:c7:ed:ae:95:9d:bb:35:4f:04:28:ee:b3:e3:
9a:cf:fb:cf
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZbTY1w8VDIYAJtt36eeQ1zaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDczZDMxMzY3NjA4NTY0ZDg3ODNiYjI0MjQ4NmU5M2Q2NTA2
ZTdmOTUwHhcNMjUwNTE1MTAwMDI2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDdhNjAyMWY4YWY1MzE1Nzc5MmM4ODEzODhiY2I3MmM4MzljMmM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA2QpQYLNO8dNzX0jY4EkYiOvzRwE1
juAj4JYY1XlpiMiF8rz5xxSvHF+KR0kCg665UmB87mpUhJi4PkdHykLyb7Qavmti
lXqU88NgklV3GJDfe9oW3yA37pO5dqaTsSuksExjN8R7bNqlvGp3rgBmTb4Vg+2U
ibZn043KIF0WOXyqaD5lo3cqRfDS3vf9vq7SQhhQTbUgwaRVZl6SS/+NB1QeZgFh
wmIKPBcGLw5hWnJZvII4h3hxhgBmWCXlyttPSb0w7Y61WA8n/svFok/VoD6+5bMH
H1k5uMYicNASgkQe1y7Cf1wVFqlmrBJoHQGM1gc7rt4jUI3IRL5OQCkwFQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFM16YCH4r1MVd5LIgTiLy3LIOcLIMB8GA1UdIwQY
MBaAFHPTE2dghWTYeDuyQkhuk9ZQbn+VMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYzlNVFoyQ0ZaTmg0TzdKQ1NHNlQxbEJ1ZjVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZS8wMmU0MTktZGQ4My00MDBiLWIxMTQt
MDJjNTAwOGJjYzA5LzEvelhwZ0lmaXZVeFYza3NpQk9Jdkxjc2c1d3NnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZS8wMmU0MTktZGQ4My00MDBiLWIxMTQtMDJjNTAwOGJjYzA5
LzEvYzlNVFoyQ0ZaTmg0TzdKQ1NHNlQxbEJ1ZjVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAW9JuAwQB
wSEmMA0GCSqGSIb3DQEBCwUAA4IBAQCK8B+gKnK1KSMVpC9rYQrxV6+aOugZXKwA
wesNxj4O3g8maLvuqFQTCzxUgAZY6f4rDhrRCOb1QWNsJ8ChUpieoOM7Y3AI0KxP
914UXPNXswW5yfUEEAfvrEI3hkI1P+f0mqhU2/rrZuOJXiTd+O3FVbfWrpx7jFX3
XVkfaA7LDy1Pj8EXQ+CzUfJUneimD5eZeW94K51bd9g13Caw2p++S77UUfH3O1v2
EPMymfM+ssmlia1wNHUMFnG7Y0Iyrwqki7awbXWKrrd0z+LPQGpvwJ9GO8a5KzWN
3OlpSH5qeETqFYZe4uB7i98kW5TtxMftrpWduzVPBCjus+Oaz/vP
-----END CERTIFICATE-----
Generated at Mon Jun 9 14:37:39 2025 by rpki-client