Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/pZHCAjsk0quEKKapLoBOB8SLyYU.roa
File: pZHCAjsk0quEKKapLoBOB8SLyYU.roa (raw, json)
Hash identifier: PkFYd+Uy2SwEBC/xRtpP2pJp1/vhJ01S2mfX0UJzqmk=
Subject key identifier: A5:91:C2:02:3B:24:D2:AB:84:28:A6:A9:2E:80:4E:07:C4:8B:C9:85
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 0196FD61015398C9B5D647738379C402589F
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/pZHCAjsk0quEKKapLoBOB8SLyYU.roa
Signing time: Fri 23 May 2025 13:41:54 +0000
ROA not before: Fri 23 May 2025 13:41:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 25369
IP address blocks: 45.66.94.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:fd:61:01:53:98:c9:b5:d6:47:73:83:79:c4:02:58:9f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: May 23 13:41:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a591c2023b24d2ab8428a6a92e804e07c48bc985
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:88:dd:05:7e:df:d6:9a:c5:35:20:1c:fb:70:75:
48:ae:33:85:91:00:17:b5:78:b2:a2:bc:30:75:a7:
57:b0:eb:7e:a6:62:0b:9a:6c:60:08:92:17:37:dc:
76:66:7b:a5:db:ac:68:39:df:2d:6d:04:35:57:f8:
60:98:76:27:15:e9:42:23:21:10:06:6d:85:f1:79:
6d:5e:c7:76:d9:47:c8:ba:f1:f8:6f:d9:62:11:c6:
dc:00:20:22:96:38:8c:b6:ba:9a:6c:a9:e7:ee:9c:
0c:5a:10:8c:e2:e5:e4:c7:aa:99:dd:86:82:0f:16:
ae:67:d6:13:e4:9e:50:4f:76:91:b9:8e:cb:d4:86:
fe:ff:a0:b7:a7:cf:a4:68:c8:c0:51:27:a3:74:ec:
c5:f1:97:5b:f0:d7:7a:f4:6c:62:c6:3b:c3:e2:7b:
9c:37:07:97:23:4e:ae:50:f1:b6:64:1d:89:34:5d:
92:1d:71:08:a8:95:06:dd:89:cd:e5:d7:aa:88:89:
c3:19:42:6f:50:b2:d5:aa:80:a8:1a:5c:57:d3:50:
3c:d1:c8:ff:24:d8:13:48:67:f1:22:66:18:b4:44:
d7:ae:39:1a:31:f4:67:9f:28:c5:b8:b7:a6:05:b3:
a3:e2:9b:37:24:a7:f1:ca:73:cb:1d:33:ee:15:20:
2b:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A5:91:C2:02:3B:24:D2:AB:84:28:A6:A9:2E:80:4E:07:C4:8B:C9:85
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/pZHCAjsk0quEKKapLoBOB8SLyYU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
45.66.94.0/23
Signature Algorithm: sha256WithRSAEncryption
46:3d:a4:99:4c:51:a2:a5:e2:67:0d:d2:53:7f:ac:00:10:2a:
ad:c2:23:57:0a:95:b5:68:99:dc:c7:02:8c:ad:e9:68:75:91:
22:92:e7:ac:e0:e6:14:50:7e:2a:19:15:36:bd:af:00:37:c7:
22:10:34:ec:62:f9:70:49:a0:71:46:df:16:f2:49:cb:80:53:
d4:fb:aa:50:12:10:73:b9:10:48:d4:c9:2c:d5:aa:b3:69:94:
4d:3f:e5:d5:ea:5f:66:07:6e:c1:32:cb:2e:dc:05:25:69:16:
f9:7b:c0:64:9e:98:1a:d7:69:52:09:66:ac:2c:49:2c:61:ef:
86:fb:80:0f:87:aa:55:fa:ec:a5:1b:b6:e4:d0:d6:78:24:dd:
3c:56:0b:93:cb:a0:1d:dc:bf:04:a1:72:e9:c6:86:21:d8:68:
20:ca:1f:89:38:44:4a:42:43:0b:79:c1:71:3e:7f:78:eb:b6:
b8:05:67:35:38:2e:c4:60:2c:8c:77:2a:26:03:a2:1a:f7:61:
2d:74:e1:89:5a:dc:86:56:b1:71:72:50:c3:25:d9:a3:9e:5c:
af:a2:4c:01:25:50:b7:04:50:31:6c:49:6b:e9:39:16:d4:5a:
f3:06:21:0b:78:67:3d:cb:dc:8c:3f:9f:7e:9d:bc:b6:65:34:
5b:1d:48:1a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZb9YQFTmMm11kdzg3nEAlifMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwNTIzMTM0MTU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNTkxYzIwMjNiMjRkMmFiODQyOGE2YTkyZTgwNGUwN2M0OGJjOTg1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAiN0Fft/WmsU1IBz7cHVIrjOFkQAX
tXiyorwwdadXsOt+pmILmmxgCJIXN9x2Znul26xoOd8tbQQ1V/hgmHYnFelCIyEQ
Bm2F8XltXsd22UfIuvH4b9liEcbcACAiljiMtrqabKnn7pwMWhCM4uXkx6qZ3YaC
DxauZ9YT5J5QT3aRuY7L1Ib+/6C3p8+kaMjAUSejdOzF8Zdb8Nd69GxixjvD4nuc
NweXI06uUPG2ZB2JNF2SHXEIqJUG3YnN5deqiInDGUJvULLVqoCoGlxX01A80cj/
JNgTSGfxImYYtETXrjkaMfRnnyjFuLemBbOj4ps3JKfxynPLHTPuFSAr2wIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFKWRwgI7JNKrhCimqS6ATgfEi8mFMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvcFpIQ0Fqc2swcXVFS0thcExvQk9COFNMeVlVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQBLUJeMA0G
CSqGSIb3DQEBCwUAA4IBAQBGPaSZTFGipeJnDdJTf6wAECqtwiNXCpW1aJncxwKM
relodZEikues4OYUUH4qGRU2va8AN8ciEDTsYvlwSaBxRt8W8knLgFPU+6pQEhBz
uRBI1Mks1aqzaZRNP+XV6l9mB27BMssu3AUlaRb5e8Bknpga12lSCWasLEksYe+G
+4APh6pV+uylG7bk0NZ4JN08VguTy6Ad3L8EoXLpxoYh2Gggyh+JOERKQkMLecFx
Pn9467a4BWc1OC7EYCyMdyomA6Ia92EtdOGJWtyGVrFxclDDJdmjnlyvokwBJVC3
BFAxbElr6TkW1FrzBiELeGc9y9yMP59+nby2ZTRbHUga
-----END CERTIFICATE-----
Generated at Fri Jun 6 05:31:22 2025 by rpki-client