Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Ztetkk4bdJv5vcyHrtmKUOqZ7DY.roa
File: Ztetkk4bdJv5vcyHrtmKUOqZ7DY.roa (raw, json)
Hash identifier: UiZIzCeT9foT0pPnNWPu5tyLanoiyyPQHnGD82mCoIc=
Subject key identifier: 66:D7:AD:92:4E:1B:74:9B:F9:BD:CC:87:AE:D9:8A:50:EA:99:EC:36
Certificate issuer: /CN=51cf732a8a7439e9280f23ef57849814af195ae0
Certificate serial: 019A6D1E0F3C92397706DEF900687C06519E
Authority key identifier: 51:CF:73:2A:8A:74:39:E9:28:0F:23:EF:57:84:98:14:AF:19:5A:E0
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Ztetkk4bdJv5vcyHrtmKUOqZ7DY.roa
Signing time: Mon 10 Nov 2025 09:34:37 +0000
ROA not before: Mon 10 Nov 2025 09:34:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 49438
IP address blocks: 2a00:17f8::/32 maxlen: 64
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.crl
rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.mft
rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 04:00:56 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:6d:1e:0f:3c:92:39:77:06:de:f9:00:68:7c:06:51:9e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=51cf732a8a7439e9280f23ef57849814af195ae0
Validity
Not Before: Nov 10 09:34:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=66d7ad924e1b749bf9bdcc87aed98a50ea99ec36
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:e2:29:7f:1e:32:a0:4a:1e:79:a8:96:13:d5:
da:73:ae:b6:b3:d9:b2:dd:19:c0:b7:bd:60:3e:21:
6d:82:6a:b8:b2:33:cd:8b:ce:89:13:54:fd:93:40:
3d:bc:53:6a:ea:bf:d8:1f:78:cc:a9:ce:5e:b5:c8:
b7:0f:be:07:dc:72:79:37:5f:cb:d4:12:5e:0f:ce:
31:2a:93:87:22:55:9e:39:e6:87:31:c4:97:ed:0f:
0b:98:e0:54:cc:d2:dc:a8:d9:7d:23:79:88:44:7e:
81:3b:da:84:aa:41:4d:5a:98:a3:2e:b6:dd:c5:1b:
6c:99:88:ff:87:d9:58:43:2c:ce:60:23:c4:fe:dd:
5f:ff:78:dd:5a:10:54:f6:da:04:96:97:fc:ba:e4:
e0:f3:5e:24:5a:2c:4f:13:b8:41:d3:aa:90:8c:b3:
b9:c4:97:88:7b:89:c1:e9:f0:64:03:b6:12:b1:12:
fb:39:a1:b2:d5:5e:0e:0e:a3:1b:9a:90:30:77:c5:
05:d4:26:eb:89:d4:e1:90:55:64:9f:af:01:06:ac:
f5:f9:cd:05:10:59:2d:5c:68:9d:03:85:23:09:29:
4e:30:e2:59:aa:9e:bc:7d:c9:96:77:85:d8:f1:73:
4f:0c:e0:98:8b:17:bf:64:5f:81:f1:ec:67:f9:51:
14:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
66:D7:AD:92:4E:1B:74:9B:F9:BD:CC:87:AE:D9:8A:50:EA:99:EC:36
X509v3 Authority Key Identifier:
keyid:51:CF:73:2A:8A:74:39:E9:28:0F:23:EF:57:84:98:14:AF:19:5A:E0
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Uc9zKop0OekoDyPvV4SYFK8ZWuA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Ztetkk4bdJv5vcyHrtmKUOqZ7DY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b7/9a6638-c8fd-43cf-b1c4-b071c7efd915/1/Uc9zKop0OekoDyPvV4SYFK8ZWuA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a00:17f8::/32
Signature Algorithm: sha256WithRSAEncryption
55:96:08:f4:7c:32:ae:d7:f5:2f:6b:27:e2:63:6b:c6:0f:3d:
5c:d8:44:99:f5:47:31:d6:f2:03:cf:e2:48:4d:fc:e6:0c:0a:
be:19:40:9d:00:cc:72:95:f5:5f:a6:00:22:e6:d2:1f:4f:26:
2e:ed:cb:df:3c:30:00:6c:30:77:0f:3a:12:ce:4c:53:41:d1:
48:d2:08:63:07:11:85:d9:b5:37:e3:31:21:66:3f:34:9c:55:
f4:ad:44:e7:97:35:1e:05:bf:d0:ce:4f:72:23:ae:2e:72:2f:
a7:52:e5:c7:50:0b:db:85:23:d2:ce:b7:2e:bd:3f:5e:9f:14:
28:eb:04:40:c0:04:d7:49:9d:16:02:06:a9:b3:47:8b:35:e8:
85:25:09:61:fa:33:bf:5e:06:c2:c4:2e:c9:4f:4f:b7:11:e7:
62:9d:1c:eb:06:00:cd:07:75:e6:93:9d:47:29:a7:84:7a:d6:
d3:49:1b:99:38:1f:00:7d:05:c3:34:20:99:ac:eb:c4:4d:f7:
0c:27:aa:f8:a0:56:ba:e1:c0:b7:b6:e5:ea:20:e7:61:83:04:
ae:93:cf:7f:49:a9:3c:c6:7a:c6:d7:ac:91:b4:33:7c:4c:ec:
26:b9:b0:b9:55:ee:39:0a:13:70:9f:82:db:43:a1:a7:0e:7c:
c9:e2:ff:10
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZptHg88kjl3Bt75AGh8BlGeMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDUxY2Y3MzJhOGE3NDM5ZTkyODBmMjNlZjU3ODQ5ODE0YWYx
OTVhZTAwHhcNMjUxMTEwMDkzNDM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NmQ3YWQ5MjRlMWI3NDliZjliZGNjODdhZWQ5OGE1MGVhOTllYzM2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoeIpfx4yoEoeeaiWE9Xac662s9my
3RnAt71gPiFtgmq4sjPNi86JE1T9k0A9vFNq6r/YH3jMqc5etci3D74H3HJ5N1/L
1BJeD84xKpOHIlWeOeaHMcSX7Q8LmOBUzNLcqNl9I3mIRH6BO9qEqkFNWpijLrbd
xRtsmYj/h9lYQyzOYCPE/t1f/3jdWhBU9toElpf8uuTg814kWixPE7hB06qQjLO5
xJeIe4nB6fBkA7YSsRL7OaGy1V4ODqMbmpAwd8UF1CbridThkFVkn68BBqz1+c0F
EFktXGidA4UjCSlOMOJZqp68fcmWd4XY8XNPDOCYixe/ZF+B8exn+VEU2QIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFGbXrZJOG3Sb+b3Mh67ZilDqmew2MB8GA1UdIwQY
MBaAFFHPcyqKdDnpKA8j71eEmBSvGVrgMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVWM5ektvcDBPZWtvRHlQdlY0U1lGSzhaV3VBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iNy85YTY2MzgtYzhmZC00M2NmLWIxYzQt
YjA3MWM3ZWZkOTE1LzEvWnRldGtrNGJkSnY1dmN5SHJ0bUtVT3FaN0RZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iNy85YTY2MzgtYzhmZC00M2NmLWIxYzQtYjA3MWM3ZWZkOTE1
LzEvVWM5ektvcDBPZWtvRHlQdlY0U1lGSzhaV3VBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCAGCCsGAQUFBwEHAQH/BBEwDzANBAIAAjAHAwUAKgAX+DAN
BgkqhkiG9w0BAQsFAAOCAQEAVZYI9Hwyrtf1L2sn4mNrxg89XNhEmfVHMdbyA8/i
SE385gwKvhlAnQDMcpX1X6YAIubSH08mLu3L3zwwAGwwdw86Es5MU0HRSNIIYwcR
hdm1N+MxIWY/NJxV9K1E55c1HgW/0M5PciOuLnIvp1Llx1AL24Uj0s63Lr0/Xp8U
KOsEQMAE10mdFgIGqbNHizXohSUJYfozv14GwsQuyU9PtxHnYp0c6wYAzQd15pOd
RymnhHrW00kbmTgfAH0FwzQgmazrxE33DCeq+KBWuuHAt7bl6iDnYYMErpPPf0mp
PMZ6xteskbQzfEzsJrmwuVXuOQoTcJ+C20Ohpw58yeL/EA==
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:10:18 2025 by rpki-client