Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/jzZPQyTPxHmOrfm_zSEP30f3jkY.roa
File: jzZPQyTPxHmOrfm_zSEP30f3jkY.roa (raw, json)
Hash identifier: tZU3gCj8FKHIIHdBn9jyrUtj2ivWD71dmLJ5zAo81Ls=
Subject key identifier: 8F:36:4F:43:24:CF:C4:79:8E:AD:F9:BF:CD:21:0F:DF:47:F7:8E:46
Certificate issuer: /CN=00775d9471b85d963fef6d283590e2d942dd5c21
Certificate serial: 0196C3C243AD8867383FAD2DCADFFEB45AB9
Authority key identifier: 00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/jzZPQyTPxHmOrfm_zSEP30f3jkY.roa
Signing time: Mon 12 May 2025 09:10:10 +0000
ROA not before: Mon 12 May 2025 09:10:10 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 210470
IP address blocks: 87.107.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.mft
rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 09:00:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:96:c3:c2:43:ad:88:67:38:3f:ad:2d:ca:df:fe:b4:5a:b9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=00775d9471b85d963fef6d283590e2d942dd5c21
Validity
Not Before: May 12 09:10:10 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8f364f4324cfc4798eadf9bfcd210fdf47f78e46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:92:14:36:f5:12:55:58:89:58:51:f5:7d:f7:
d3:99:2a:d6:ef:60:3a:b6:57:a7:0e:e6:99:6c:21:
fa:d9:26:87:b8:2b:33:3e:c2:59:60:23:92:cd:66:
9b:3c:ef:5f:15:8d:ee:75:71:1d:f5:24:f5:87:5b:
52:63:2b:99:c8:d0:34:85:e3:01:b2:18:8e:e5:99:
b5:04:f3:23:1b:7c:f9:ad:33:ab:d5:e2:35:30:0b:
84:ac:c2:e2:4f:43:1f:db:da:e0:74:28:11:24:19:
0b:0f:42:77:65:ca:2d:9d:34:0e:5e:4e:c8:b3:fc:
8a:64:53:e1:d2:08:32:45:2f:6a:43:8f:97:8f:b6:
f4:8d:d0:f6:96:a0:e5:80:bc:0a:4b:06:6c:04:f8:
c0:18:76:e8:c6:96:60:9c:ca:3b:57:62:82:fe:b8:
ee:a7:7f:8f:17:97:4e:a1:01:0f:66:04:43:8b:2a:
37:58:b6:50:0a:83:48:09:95:6d:f5:05:f5:de:26:
71:0f:2a:7c:41:96:e2:da:2b:c8:2a:7c:59:71:1b:
2b:45:ac:a5:d3:a7:21:45:c5:da:29:d6:7f:b6:9e:
17:10:e4:76:5c:94:39:11:09:f5:4b:90:bc:a5:9d:
12:9d:7e:c6:88:e3:84:f0:52:1f:d1:20:13:8c:7e:
4f:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
8F:36:4F:43:24:CF:C4:79:8E:AD:F9:BF:CD:21:0F:DF:47:F7:8E:46
X509v3 Authority Key Identifier:
keyid:00:77:5D:94:71:B8:5D:96:3F:EF:6D:28:35:90:E2:D9:42:DD:5C:21
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AHddlHG4XZY_720oNZDi2ULdXCE.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/jzZPQyTPxHmOrfm_zSEP30f3jkY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b6/63760c-e21b-4baf-a9a4-76b33e4ce821/1/AHddlHG4XZY_720oNZDi2ULdXCE.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
87.107.159.0/24
Signature Algorithm: sha256WithRSAEncryption
a8:bf:96:9c:2c:38:e1:72:89:50:aa:0c:92:54:f2:b0:b4:40:
d0:bb:3c:95:6c:4f:72:43:69:5d:41:12:21:29:89:b2:e3:65:
97:5f:f1:5c:fa:93:fa:9d:47:8f:6e:01:a2:7f:74:b8:da:41:
2e:99:24:db:f5:75:4a:9e:d0:73:0f:d6:d3:e2:dc:b6:ca:0b:
87:61:ca:15:2f:63:ec:c3:2f:fc:da:bf:3e:94:c4:65:b7:cd:
74:da:62:4d:75:65:b4:1a:14:33:6c:b2:f6:12:55:bd:b4:eb:
8d:f8:07:9c:b9:84:6b:66:03:0f:01:49:f0:9b:86:36:44:22:
f0:ed:74:74:86:7f:a7:a1:a8:23:92:6f:c8:83:c5:f9:74:d6:
76:66:96:39:24:db:8c:9e:ad:c5:13:57:56:bf:72:6b:72:ef:
dd:61:c6:d0:25:7b:0c:11:55:38:50:03:9d:e1:1c:df:ee:67:
fb:c5:2f:b7:a8:1e:e5:c7:e3:7a:31:19:96:23:1b:e1:47:d6:
2e:73:64:03:4d:2f:9a:43:06:79:37:de:65:37:65:9f:0a:09:
1d:6f:bb:76:6f:1f:40:7d:63:4d:ad:05:48:1c:4b:d1:bc:b6:
13:bf:7e:4b:81:66:e0:25:ec:46:0d:74:23:ff:c7:40:5d:3e:
94:27:fe:7a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZbDwkOtiGc4P60tyt/+tFq5MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAwNzc1ZDk0NzFiODVkOTYzZmVmNmQyODM1OTBlMmQ5NDJk
ZDVjMjEwHhcNMjUwNTEyMDkxMDEwWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4ZjM2NGY0MzI0Y2ZjNDc5OGVhZGY5YmZjZDIxMGZkZjQ3Zjc4ZTQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxpIUNvUSVViJWFH1fffTmSrW72A6
tlenDuaZbCH62SaHuCszPsJZYCOSzWabPO9fFY3udXEd9ST1h1tSYyuZyNA0heMB
shiO5Zm1BPMjG3z5rTOr1eI1MAuErMLiT0Mf29rgdCgRJBkLD0J3ZcotnTQOXk7I
s/yKZFPh0ggyRS9qQ4+Xj7b0jdD2lqDlgLwKSwZsBPjAGHboxpZgnMo7V2KC/rju
p3+PF5dOoQEPZgRDiyo3WLZQCoNICZVt9QX13iZxDyp8QZbi2ivIKnxZcRsrRayl
06chRcXaKdZ/tp4XEOR2XJQ5EQn1S5C8pZ0SnX7GiOOE8FIf0SATjH5PewIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFI82T0Mkz8R5jq35v80hD99H945GMB8GA1UdIwQY
MBaAFAB3XZRxuF2WP+9tKDWQ4tlC3VwhMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQt
NzZiMzNlNGNlODIxLzEvanpaUFF5VFB4SG1PcmZtX3pTRVAzMGYzamtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNi82Mzc2MGMtZTIxYi00YmFmLWE5YTQtNzZiMzNlNGNlODIx
LzEvQUhkZGxIRzRYWllfNzIwb05aRGkyVUxkWENFLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAV2ufMA0G
CSqGSIb3DQEBCwUAA4IBAQCov5acLDjhcolQqgySVPKwtEDQuzyVbE9yQ2ldQRIh
KYmy42WXX/Fc+pP6nUePbgGif3S42kEumSTb9XVKntBzD9bT4ty2yguHYcoVL2Ps
wy/82r8+lMRlt8102mJNdWW0GhQzbLL2ElW9tOuN+AecuYRrZgMPAUnwm4Y2RCLw
7XR0hn+noagjkm/Ig8X5dNZ2ZpY5JNuMnq3FE1dWv3Jrcu/dYcbQJXsMEVU4UAOd
4Rzf7mf7xS+3qB7lx+N6MRmWIxvhR9Yuc2QDTS+aQwZ5N95lN2WfCgkdb7t2bx9A
fWNNrQVIHEvRvLYTv35LgWbgJexGDXQj/8dAXT6UJ/56
-----END CERTIFICATE-----
Generated at Sat Jun 7 18:44:16 2025 by rpki-client