Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/zSDAF0PQddQHeW6i_GWTITih2KY.roa
File: zSDAF0PQddQHeW6i_GWTITih2KY.roa (raw, json)
Hash identifier: Mb6/GC70VogXKs0Rb5KqUZmBD8GHXHt8/O4k3D8gR8A=
Subject key identifier: CD:20:C0:17:43:D0:75:D4:07:79:6E:A2:FC:65:93:21:38:A1:D8:A6
Certificate issuer: /CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Certificate serial: 019929054FE35D6347B50F391C6BAE2C0F2B
Authority key identifier: 32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/zSDAF0PQddQHeW6i_GWTITih2KY.roa
Signing time: Mon 08 Sep 2025 11:10:37 +0000
ROA not before: Mon 08 Sep 2025 11:10:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 2856
IP address blocks: 37.44.229.0/24 maxlen: 24
37.44.230.0/24 maxlen: 24
37.44.231.0/24 maxlen: 24
192.145.52.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.mft
rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 19 Sep 2025 10:45:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:29:05:4f:e3:5d:63:47:b5:0f:39:1c:6b:ae:2c:0f:2b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3263787fd0f94b37813eef16bc8137423ee3fef3
Validity
Not Before: Sep 8 11:10:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cd20c01743d075d407796ea2fc65932138a1d8a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b0:ff:82:65:5b:c8:f6:01:9a:d4:2d:f2:bf:
b8:01:18:cb:c8:09:1b:08:cc:03:6f:25:4f:4b:58:
d4:55:92:ee:3b:55:2a:c7:9c:b7:78:f7:e2:86:53:
13:44:e6:d3:ff:42:37:96:ca:00:19:d8:77:1e:5e:
f9:d0:ee:84:45:71:f7:d2:35:1e:6e:df:9b:23:b6:
f5:52:e1:2f:9e:68:01:5e:8f:9c:e1:5f:9f:9d:2c:
aa:ed:ce:79:63:f2:de:3e:18:33:1c:be:b0:ee:40:
a7:6d:36:24:42:1a:91:26:3c:83:48:01:3c:da:09:
e9:8e:bd:ca:b0:5a:1d:d5:0f:57:b1:3f:f2:02:7a:
7a:74:15:86:ea:f7:18:bc:7a:7e:9e:9d:7e:96:b3:
8a:45:17:55:c0:9f:a8:2a:52:25:83:b3:d0:a2:37:
e9:33:f7:ce:b1:43:91:8f:a8:e8:94:f4:a9:83:96:
17:3f:1c:d2:21:5d:31:d2:e0:1a:96:69:bc:92:20:
e7:b7:01:15:bf:4d:3e:46:26:38:71:08:5f:45:d3:
c5:f4:8f:ad:b0:d1:a9:70:13:69:e7:d7:d6:fa:2d:
26:9a:39:8b:fb:14:7f:ca:13:57:08:70:93:17:64:
5f:14:c1:d1:0a:88:ed:95:74:e9:be:cc:93:ab:13:
04:fb
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:20:C0:17:43:D0:75:D4:07:79:6E:A2:FC:65:93:21:38:A1:D8:A6
X509v3 Authority Key Identifier:
keyid:32:63:78:7F:D0:F9:4B:37:81:3E:EF:16:BC:81:37:42:3E:E3:FE:F3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/zSDAF0PQddQHeW6i_GWTITih2KY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b1/7703ef-2422-437c-b93d-595e0bf5c613/1/MmN4f9D5SzeBPu8WvIE3Qj7j_vM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
37.44.229.0-37.44.231.255
192.145.52.0/24
Signature Algorithm: sha256WithRSAEncryption
5b:7e:25:75:41:3d:09:f1:c4:02:d6:1d:1f:7d:98:e8:33:0b:
c7:b9:6d:50:9a:36:0c:0a:f1:13:89:e4:02:a0:03:9b:72:c2:
46:5e:eb:88:6a:c2:00:f4:56:39:8b:81:c6:fe:d2:8d:92:41:
85:b8:03:cd:bc:77:2d:70:a3:4f:a5:68:b1:99:0b:31:32:c7:
6c:2d:30:01:7d:51:a1:8c:10:6b:8b:d8:e2:0b:3b:d4:6a:e3:
96:a2:1f:63:dd:fa:6f:69:60:8e:15:4d:9d:fb:b7:64:e1:b5:
7c:bb:4d:cc:d5:a3:d6:d9:f1:23:d7:fa:ec:72:33:85:7f:48:
64:23:c1:ad:f6:76:38:8f:39:c7:a2:f3:90:b2:d1:b5:8f:76:
00:b8:4a:f5:d9:62:fd:d4:83:7a:d1:46:d7:e6:e2:17:fc:e1:
1c:d6:58:89:53:93:67:cf:a7:b7:00:f8:d7:d6:d5:c6:0f:93:
99:86:37:65:4c:57:e1:e9:20:ef:3d:35:1e:8c:db:5d:95:1a:
94:20:bc:af:97:c4:d0:24:81:4d:61:38:04:cb:9c:57:01:ce:
28:20:99:a6:0a:bc:c5:13:75:f1:54:36:11:5e:ec:de:ca:e1:
6f:ce:51:88:f7:0e:1b:00:ff:3e:37:35:eb:15:bc:7a:7e:d1:
e6:ae:df:e1
-----BEGIN CERTIFICATE-----
MIIFCzCCA/OgAwIBAgISAZkpBU/jXWNHtQ85HGuuLA8rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMyNjM3ODdmZDBmOTRiMzc4MTNlZWYxNmJjODEzNzQyM2Vl
M2ZlZjMwHhcNMjUwOTA4MTExMDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZDIwYzAxNzQzZDA3NWQ0MDc3OTZlYTJmYzY1OTMyMTM4YTFkOGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrD/gmVbyPYBmtQt8r+4ARjLyAkb
CMwDbyVPS1jUVZLuO1Uqx5y3ePfihlMTRObT/0I3lsoAGdh3Hl750O6ERXH30jUe
bt+bI7b1UuEvnmgBXo+c4V+fnSyq7c55Y/LePhgzHL6w7kCnbTYkQhqRJjyDSAE8
2gnpjr3KsFod1Q9XsT/yAnp6dBWG6vcYvHp+np1+lrOKRRdVwJ+oKlIlg7PQojfp
M/fOsUORj6jolPSpg5YXPxzSIV0x0uAalmm8kiDntwEVv00+RiY4cQhfRdPF9I+t
sNGpcBNp59fW+i0mmjmL+xR/yhNXCHCTF2RfFMHRCojtlXTpvsyTqxME+wIDAQAB
o4ICFzCCAhMwHQYDVR0OBBYEFM0gwBdD0HXUB3luovxlkyE4odimMB8GA1UdIwQY
MBaAFDJjeH/Q+Us3gT7vFryBN0I+4/7zMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2Qt
NTk1ZTBiZjVjNjEzLzEvelNEQUYwUFFkZFFIZVc2aV9HV1RJVGloMktZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iMS83NzAzZWYtMjQyMi00MzdjLWI5M2QtNTk1ZTBiZjVjNjEz
LzEvTW1ONGY5RDVTemVCUHU4V3ZJRTNRajdqX3ZNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC0GCCsGAQUFBwEHAQH/BB4wHDAaBAIAATAUMAwDBAAlLOUD
BAMlLOADBADAkTQwDQYJKoZIhvcNAQELBQADggEBAFt+JXVBPQnxxALWHR99mOgz
C8e5bVCaNgwK8ROJ5AKgA5tywkZe64hqwgD0VjmLgcb+0o2SQYW4A828dy1wo0+l
aLGZCzEyx2wtMAF9UaGMEGuL2OILO9Rq45aiH2Pd+m9pYI4VTZ37t2ThtXy7TczV
o9bZ8SPX+uxyM4V/SGQjwa32djiPOcei85Cy0bWPdgC4SvXZYv3Ug3rRRtfm4hf8
4RzWWIlTk2fPp7cA+NfW1cYPk5mGN2VMV+HpIO89NR6M212VGpQgvK+XxNAkgU1h
OATLnFcBziggmaYKvMUTdfFUNhFe7N7K4W/OUYj3DhsA/z43NesVvHp+0eau3+E=
-----END CERTIFICATE-----
Generated at Thu Sep 18 13:04:23 2025 by rpki-client