Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/84/2dcd18-c5b6-4ff5-b235-26c67cd0128c/1/Zxk5-UNoTN_fe5rahHCdwdJyWVw.roa
File: Zxk5-UNoTN_fe5rahHCdwdJyWVw.roa (raw, json)
Hash identifier: 0rHpKBpbLdp/1wBkgWFoF+psPXoi1NKt4eIQVUq7Q8M=
Subject key identifier: 67:19:39:F9:43:68:4C:DF:DF:7B:9A:DA:84:70:9D:C1:D2:72:59:5C
Certificate issuer: /CN=2d2a08a7438a49589d634f88a09e93941f8107f6
Certificate serial: 01971BE532ACD49480C4500F6D585396ABBF
Authority key identifier: 2D:2A:08:A7:43:8A:49:58:9D:63:4F:88:A0:9E:93:94:1F:81:07:F6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LSoIp0OKSVidY0-IoJ6TlB-BB_Y.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/84/2dcd18-c5b6-4ff5-b235-26c67cd0128c/1/Zxk5-UNoTN_fe5rahHCdwdJyWVw.roa
Signing time: Thu 29 May 2025 11:54:54 +0000
ROA not before: Thu 29 May 2025 11:54:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8075
IP address blocks: 195.88.21.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/84/2dcd18-c5b6-4ff5-b235-26c67cd0128c/1/LSoIp0OKSVidY0-IoJ6TlB-BB_Y.crl
rsync://rpki.ripe.net/repository/DEFAULT/84/2dcd18-c5b6-4ff5-b235-26c67cd0128c/1/LSoIp0OKSVidY0-IoJ6TlB-BB_Y.mft
rsync://rpki.ripe.net/repository/DEFAULT/LSoIp0OKSVidY0-IoJ6TlB-BB_Y.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 05 Jun 2025 13:00:43 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:1b:e5:32:ac:d4:94:80:c4:50:0f:6d:58:53:96:ab:bf
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2d2a08a7438a49589d634f88a09e93941f8107f6
Validity
Not Before: May 29 11:54:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=671939f943684cdfdf7b9ada84709dc1d272595c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c5:49:4b:38:40:cc:ee:3a:b8:0b:3c:a3:0e:61:
60:22:16:0b:9f:7d:72:37:09:2d:8c:56:70:2d:2c:
90:6a:4b:d7:b1:a6:8c:1d:0d:3c:51:79:70:5b:e8:
e5:17:64:44:8d:eb:3e:5e:9d:a0:14:cf:d8:85:df:
49:d4:a9:17:29:1e:7f:65:6e:49:02:fc:bf:89:ac:
2f:f9:17:e9:aa:42:3c:cb:27:19:fc:58:4b:97:04:
99:8e:91:b6:48:d1:b5:f2:63:5f:94:41:c1:52:58:
3c:f7:e0:91:b8:e0:62:cd:85:aa:4e:b3:9e:ee:ed:
f4:1d:ca:e1:67:2b:81:d6:cd:a7:f0:d9:98:0a:b8:
cc:41:14:ad:9e:fd:e9:b5:e2:08:ad:73:71:10:b0:
36:70:46:f0:96:27:d8:56:f6:f9:f3:1f:f0:11:4d:
76:81:2f:24:5c:30:ec:78:73:4c:29:1d:24:cd:46:
d4:5f:c9:5f:23:6f:47:d4:ea:c9:9e:5c:e0:70:44:
2f:24:00:23:c9:1c:f4:da:5e:d6:c4:9e:dc:ba:ae:
39:2b:66:71:7d:5e:ad:04:15:65:3e:c5:23:f4:45:
dc:a4:28:78:46:2e:ab:48:c7:7b:15:a2:a3:35:b7:
69:27:50:35:3a:6e:47:f2:41:ff:05:be:6e:33:50:
97:b5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:19:39:F9:43:68:4C:DF:DF:7B:9A:DA:84:70:9D:C1:D2:72:59:5C
X509v3 Authority Key Identifier:
keyid:2D:2A:08:A7:43:8A:49:58:9D:63:4F:88:A0:9E:93:94:1F:81:07:F6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LSoIp0OKSVidY0-IoJ6TlB-BB_Y.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2dcd18-c5b6-4ff5-b235-26c67cd0128c/1/Zxk5-UNoTN_fe5rahHCdwdJyWVw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/84/2dcd18-c5b6-4ff5-b235-26c67cd0128c/1/LSoIp0OKSVidY0-IoJ6TlB-BB_Y.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.88.21.0/24
Signature Algorithm: sha256WithRSAEncryption
4c:a1:54:87:e1:4d:ac:ba:40:82:63:66:be:8e:4a:e0:82:97:
ec:16:31:9a:8e:4c:33:34:46:41:6a:61:79:e9:13:5f:4d:ca:
57:f7:c8:3b:88:4a:5c:64:c4:6c:ac:ac:d8:67:ea:74:7b:47:
70:5c:7f:5f:1a:53:f3:b5:fc:04:05:d0:00:d6:75:98:33:30:
9a:7c:37:24:bc:87:5c:c5:45:ba:b7:30:da:b2:b4:e2:28:14:
11:b3:16:b9:85:7f:1c:ee:e0:8a:5a:0b:f2:ee:e3:9a:0f:46:
a2:fa:c7:f6:dd:84:89:1d:21:bd:bf:14:5f:9b:6d:48:4d:48:
6d:16:41:18:5c:03:47:a2:4a:5b:65:46:5e:55:e9:ba:52:d5:
aa:ba:0b:3d:64:68:1a:6f:26:4a:cb:d7:bb:5a:85:30:bc:96:
f9:44:bd:cf:e4:e6:d2:1c:31:d4:3a:58:2c:ba:92:fd:cc:87:
d4:7a:ce:68:36:ef:f0:db:5a:9b:c3:eb:42:7d:61:fa:4e:ca:
26:fb:94:03:1e:58:6d:75:62:f4:f9:86:8d:09:e7:65:bc:1a:
5c:c3:c9:c6:48:21:d4:ef:be:e9:11:58:72:82:0a:41:12:4e:
be:90:d9:77:f3:3d:66:9a:cf:a1:76:0a:db:84:d5:23:0f:da:
99:a7:24:fb
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZcb5TKs1JSAxFAPbVhTlqu/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJkMmEwOGE3NDM4YTQ5NTg5ZDYzNGY4OGEwOWU5Mzk0MWY4
MTA3ZjYwHhcNMjUwNTI5MTE1NDU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzE5MzlmOTQzNjg0Y2RmZGY3YjlhZGE4NDcwOWRjMWQyNzI1OTVjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxUlLOEDM7jq4CzyjDmFgIhYLn31y
NwktjFZwLSyQakvXsaaMHQ08UXlwW+jlF2REjes+Xp2gFM/Yhd9J1KkXKR5/ZW5J
Avy/iawv+RfpqkI8yycZ/FhLlwSZjpG2SNG18mNflEHBUlg89+CRuOBizYWqTrOe
7u30HcrhZyuB1s2n8NmYCrjMQRStnv3pteIIrXNxELA2cEbwlifYVvb58x/wEU12
gS8kXDDseHNMKR0kzUbUX8lfI29H1OrJnlzgcEQvJAAjyRz02l7WxJ7cuq45K2Zx
fV6tBBVlPsUj9EXcpCh4Ri6rSMd7FaKjNbdpJ1A1Om5H8kH/Bb5uM1CXtQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFGcZOflDaEzf33ua2oRwncHScllcMB8GA1UdIwQY
MBaAFC0qCKdDiklYnWNPiKCek5QfgQf2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTFNvSXAwT0tTVmlkWTAtSW9KNlRsQi1CQl9ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84NC8yZGNkMTgtYzViNi00ZmY1LWIyMzUt
MjZjNjdjZDAxMjhjLzEvWnhrNS1VTm9UTl9mZTVyYWhIQ2R3ZEp5V1Z3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84NC8yZGNkMTgtYzViNi00ZmY1LWIyMzUtMjZjNjdjZDAxMjhj
LzEvTFNvSXAwT0tTVmlkWTAtSW9KNlRsQi1CQl9ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw1gVMA0G
CSqGSIb3DQEBCwUAA4IBAQBMoVSH4U2sukCCY2a+jkrggpfsFjGajkwzNEZBamF5
6RNfTcpX98g7iEpcZMRsrKzYZ+p0e0dwXH9fGlPztfwEBdAA1nWYMzCafDckvIdc
xUW6tzDasrTiKBQRsxa5hX8c7uCKWgvy7uOaD0ai+sf23YSJHSG9vxRfm21ITUht
FkEYXANHokpbZUZeVem6UtWqugs9ZGgabyZKy9e7WoUwvJb5RL3P5ObSHDHUOlgs
upL9zIfUes5oNu/w21qbw+tCfWH6Tsom+5QDHlhtdWL0+YaNCedlvBpcw8nGSCHU
777pEVhyggpBEk6+kNl38z1mms+hdgrbhNUjD9qZpyT7
-----END CERTIFICATE-----
Generated at Wed Jun 4 22:16:03 2025 by rpki-client