Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/zHV9GqK3lxtDByRIPKRkmVKqS2Q.roa
File: zHV9GqK3lxtDByRIPKRkmVKqS2Q.roa (raw, json)
Hash identifier: JoddG80WH5u4hXBwT8RabzSa/mDpe7uGflIm0cVjomU=
Subject key identifier: CC:75:7D:1A:A2:B7:97:1B:43:07:24:48:3C:A4:64:99:52:AA:4B:64
Certificate issuer: /CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Certificate serial: 01999A01F2086D95D1DCCB2542F6A368AAE4
Authority key identifier: BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/zHV9GqK3lxtDByRIPKRkmVKqS2Q.roa
Signing time: Tue 30 Sep 2025 09:44:02 +0000
ROA not before: Tue 30 Sep 2025 09:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60064
IP address blocks: 185.63.252.0/24 maxlen: 24
185.63.253.0/24 maxlen: 24
185.63.254.0/24 maxlen: 24
185.63.255.0/24 maxlen: 24
2a04:f780::/32 maxlen: 32
2a04:f781::/40 maxlen: 40
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/v6Xw52VHV1lXvJLG3d0ITT6n-GM.crl
rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/v6Xw52VHV1lXvJLG3d0ITT6n-GM.mft
rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 15 Oct 2025 13:51:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:01:f2:08:6d:95:d1:dc:cb:25:42:f6:a3:68:aa:e4
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=bfa5f0e76547575957bc92c6dddd084d3ea7f863
Validity
Not Before: Sep 30 09:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc757d1aa2b7971b430724483ca4649952aa4b64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:18:cd:65:16:ce:60:1e:46:1e:01:b7:51:24:
af:9d:99:93:a2:97:8a:8f:57:ad:7d:c5:24:32:e1:
72:e0:1e:38:d9:7b:ef:b1:a9:b7:27:8a:93:e4:50:
a1:1a:ea:d4:de:2e:c8:91:7b:ec:68:62:77:24:4f:
54:b6:82:30:a9:a5:3a:d3:48:bb:d6:36:11:53:9a:
f5:1d:29:8e:86:6a:a7:5d:76:e3:f7:8c:86:2d:c3:
58:25:4f:ab:f3:bf:67:0c:14:c3:39:ab:f8:52:d9:
8a:81:d2:8b:4a:b4:bd:4a:12:97:d7:0f:c3:96:88:
f3:d4:d7:f3:d1:bb:a3:4d:ab:e7:b2:d5:bb:5b:77:
7e:b5:28:96:5d:df:14:95:24:76:8c:f6:9c:bd:8a:
58:90:d3:62:d9:27:e5:72:bf:52:54:eb:18:45:4f:
e8:46:ee:d5:f7:da:db:7e:ba:7c:cf:e4:68:a6:3e:
48:9f:92:ac:37:ee:92:4c:28:37:e8:f3:d7:af:8c:
ee:57:e1:0f:ad:c7:79:15:5e:4a:3d:5a:20:79:69:
0f:74:34:fa:5f:4d:40:29:fa:f0:2b:48:94:a5:82:
f0:9b:c6:59:94:13:7f:84:52:62:06:2f:3d:b6:9e:
5f:41:55:7e:29:ae:94:05:86:8b:5f:e4:5e:83:77:
be:9b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:75:7D:1A:A2:B7:97:1B:43:07:24:48:3C:A4:64:99:52:AA:4B:64
X509v3 Authority Key Identifier:
keyid:BF:A5:F0:E7:65:47:57:59:57:BC:92:C6:DD:DD:08:4D:3E:A7:F8:63
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/v6Xw52VHV1lXvJLG3d0ITT6n-GM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/zHV9GqK3lxtDByRIPKRkmVKqS2Q.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ab/bcccb8-6c74-4d0a-895f-01d19a74be23/1/v6Xw52VHV1lXvJLG3d0ITT6n-GM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.63.252.0/22
IPv6:
2a04:f780::-2a04:f781:ff:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
77:24:02:12:fc:b7:09:b0:5f:be:bf:81:6e:4c:18:d5:99:51:
3a:ba:4c:14:eb:64:18:ca:51:e0:af:4d:f7:ff:04:86:5d:c9:
12:c5:c9:6a:47:ba:be:98:ed:8f:19:ac:a2:e2:20:29:e5:6a:
cb:29:cb:a0:b7:4e:9f:ca:3c:1d:18:0c:aa:75:32:53:71:87:
d3:7f:8a:08:12:7f:e2:f1:4b:fc:e7:3a:fe:7f:61:ac:6d:5f:
67:eb:40:4a:34:71:b1:a6:0f:52:2c:78:be:e6:27:d3:bf:36:
af:7f:9d:06:82:a6:5a:3a:e3:a7:57:6a:30:e6:a5:79:4a:0b:
e8:e2:92:0f:0b:df:ce:e7:8e:c4:c5:a2:83:e8:d0:8b:93:93:
c6:6f:03:94:01:93:d4:f6:31:05:25:c2:44:4d:db:56:9e:b8:
6f:be:59:d5:3d:b3:46:82:0b:9f:64:7e:2f:2b:b5:c2:e7:7f:
80:d3:0f:37:ce:ec:49:3e:d0:60:6d:9b:f0:34:a6:94:96:ca:
7e:85:d0:b2:1b:d4:87:3c:f1:f7:f1:8b:0f:78:ce:c5:2d:1c:
57:c4:ca:b0:31:be:e0:43:51:9f:87:e5:41:29:35:d8:74:c5:
c2:65:25:7d:17:be:56:3f:d3:d2:ff:45:15:85:01:fa:1e:3f:
76:16:bf:04
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZmaAfIIbZXR3MslQvajaKrkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJmYTVmMGU3NjU0NzU3NTk1N2JjOTJjNmRkZGQwODRkM2Vh
N2Y4NjMwHhcNMjUwOTMwMDk0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzc1N2QxYWEyYjc5NzFiNDMwNzI0NDgzY2E0NjQ5OTUyYWE0YjY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4RjNZRbOYB5GHgG3USSvnZmTopeK
j1etfcUkMuFy4B442Xvvsam3J4qT5FChGurU3i7IkXvsaGJ3JE9UtoIwqaU600i7
1jYRU5r1HSmOhmqnXXbj94yGLcNYJU+r879nDBTDOav4UtmKgdKLSrS9ShKX1w/D
lojz1Nfz0bujTavnstW7W3d+tSiWXd8UlSR2jPacvYpYkNNi2Sflcr9SVOsYRU/o
Ru7V99rbfrp8z+Ropj5In5KsN+6STCg36PPXr4zuV+EPrcd5FV5KPVogeWkPdDT6
X01AKfrwK0iUpYLwm8ZZlBN/hFJiBi89tp5fQVV+Ka6UBYaLX+Reg3e+mwIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFMx1fRqit5cbQwckSDykZJlSqktkMB8GA1UdIwQY
MBaAFL+l8OdlR1dZV7ySxt3dCE0+p/hjMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYt
MDFkMTlhNzRiZTIzLzEvekhWOUdxSzNseHREQnlSSVBLUmttVktxUzJRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9hYi9iY2NjYjgtNmM3NC00ZDBhLTg5NWYtMDFkMTlhNzRiZTIz
LzEvdjZYdzUyVkhWMWxYdkpMRzNkMElUVDZuLUdNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDgGCCsGAQUFBwEHAQH/BCkwJzAMBAIAATAGAwQCuT/8MBcE
AgACMBEwDwMFByoE94ADBgAqBPeBADANBgkqhkiG9w0BAQsFAAOCAQEAdyQCEvy3
CbBfvr+BbkwY1ZlROrpMFOtkGMpR4K9N9/8Ehl3JEsXJake6vpjtjxmsouIgKeVq
yynLoLdOn8o8HRgMqnUyU3GH03+KCBJ/4vFL/Oc6/n9hrG1fZ+tASjRxsaYPUix4
vuYn0782r3+dBoKmWjrjp1dqMOaleUoL6OKSDwvfzueOxMWig+jQi5OTxm8DlAGT
1PYxBSXCRE3bVp64b75Z1T2zRoILn2R+Lyu1wud/gNMPN87sST7QYG2b8DSmlJbK
foXQshvUhzzx9/GLD3jOxS0cV8TKsDG+4ENRn4flQSk12HTFwmUlfRe+Vj/T0v9F
FYUB+h4/dha/BA==
-----END CERTIFICATE-----
Generated at Tue Oct 14 17:07:01 2025 by rpki-client