Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/ZYZn-5YwBHa46UGZ7YpzFXkXV2c.roa
File: ZYZn-5YwBHa46UGZ7YpzFXkXV2c.roa (raw, json)
Hash identifier: nysaKplSjq7+66zMvup13xDe5hG/XF/iaG+ccwRnc48=
Subject key identifier: 65:86:67:FB:96:30:04:76:B8:E9:41:99:ED:8A:73:15:79:17:57:67
Certificate issuer: /CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Certificate serial: 0197374FFAD258EABC31FB7B7CDF9088C690
Authority key identifier: E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/ZYZn-5YwBHa46UGZ7YpzFXkXV2c.roa
Signing time: Tue 03 Jun 2025 19:41:17 +0000
ROA not before: Tue 03 Jun 2025 19:41:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 203622
IP address blocks: 46.32.160.0/24 maxlen: 24
46.32.161.0/24 maxlen: 24
46.32.162.0/24 maxlen: 24
46.32.164.0/24 maxlen: 24
46.32.165.0/24 maxlen: 24
46.32.166.0/24 maxlen: 24
46.32.167.0/24 maxlen: 24
46.32.170.0/24 maxlen: 24
46.32.171.0/24 maxlen: 24
46.32.173.0/24 maxlen: 24
46.32.176.0/24 maxlen: 24
46.32.189.0/24 maxlen: 24
46.32.190.0/24 maxlen: 24
46.32.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.mft
rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 06 Jun 2025 20:42:17 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:37:4f:fa:d2:58:ea:bc:31:fb:7b:7c:df:90:88:c6:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=e37ee1eced19f8a0a3a635bfaa264293e3437795
Validity
Not Before: Jun 3 19:41:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=658667fb96300476b8e94199ed8a731579175767
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:9f:8d:c2:7a:73:7a:07:af:07:2c:18:bd:73:
68:fb:ac:f1:19:82:9e:e3:f8:82:2b:db:d6:36:4d:
83:fa:03:a9:fc:66:f2:3f:21:47:90:d6:36:82:f7:
4f:7b:bd:1a:b5:21:3f:92:63:95:03:54:e6:44:08:
9e:b1:14:e1:68:17:6c:d6:44:a1:32:1a:f9:eb:9f:
07:4d:2c:c1:96:b9:af:18:00:90:e8:6c:e7:55:64:
ba:16:95:28:81:9c:62:16:ca:7d:b2:79:51:89:ed:
77:5f:dc:7a:30:ff:75:f9:53:1f:33:6c:90:a4:1c:
af:13:37:88:d9:28:e8:64:ad:36:ff:84:11:66:82:
fd:41:e8:a3:d8:bf:84:1d:51:cf:34:a3:3d:20:a0:
e3:e9:ce:91:29:9a:f3:44:91:c1:70:1b:2d:8f:37:
fe:26:d7:9e:60:c9:f7:3d:d2:0c:ec:82:bd:7d:f1:
fd:78:91:e8:b8:0c:40:01:94:3d:0e:f3:80:79:3b:
9c:fc:8a:f8:c1:f1:fc:79:96:d4:45:c2:49:f5:8d:
f3:6f:10:3a:54:ce:29:9e:28:89:dd:44:88:85:14:
06:56:d2:68:98:3f:d7:08:73:2f:18:dc:e0:41:b3:
54:9b:41:f7:d6:e2:c4:ef:bf:83:6a:17:93:55:fa:
69:37
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:86:67:FB:96:30:04:76:B8:E9:41:99:ED:8A:73:15:79:17:57:67
X509v3 Authority Key Identifier:
keyid:E3:7E:E1:EC:ED:19:F8:A0:A3:A6:35:BF:AA:26:42:93:E3:43:77:95
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/437h7O0Z-KCjpjW_qiZCk-NDd5U.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/ZYZn-5YwBHa46UGZ7YpzFXkXV2c.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/b8/6d5d75-4d1e-4697-b1d3-36e344abc9d3/1/437h7O0Z-KCjpjW_qiZCk-NDd5U.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.32.160.0-46.32.162.255
46.32.164.0/22
46.32.170.0/23
46.32.173.0/24
46.32.176.0/24
46.32.189.0-46.32.191.255
Signature Algorithm: sha256WithRSAEncryption
39:8f:f1:e6:3d:15:1e:4c:70:4a:6e:f0:df:d6:31:33:59:26:
e5:a6:e6:55:0b:5d:f5:3e:8f:da:c6:6e:d8:87:19:ae:57:19:
50:61:3d:b4:69:cb:56:bd:e2:86:80:2a:0b:1f:b6:7c:60:14:
e9:f7:f4:a8:cb:0a:34:ce:0c:dd:6a:77:25:6a:a1:77:3d:fb:
7c:46:a2:0b:36:40:95:14:d6:a5:42:7b:08:51:8c:ae:1b:78:
9a:4c:28:64:03:5d:a9:e9:aa:c5:71:23:19:10:b8:40:e3:4e:
11:68:ab:03:d9:05:a8:6a:08:42:4b:7c:14:5c:31:73:7a:a4:
86:2c:6a:60:f3:68:f0:64:bb:22:11:ba:5c:ef:1b:2d:5d:28:
87:dc:91:3f:fb:88:90:4c:8b:6b:b8:b4:48:bb:f2:1f:75:f6:
00:a8:06:5b:5c:7a:cb:1f:c6:a2:08:78:10:25:45:66:a7:a6:
00:8b:a2:33:1f:3e:5c:f7:db:d9:39:3e:57:8c:93:b6:47:de:
c3:b0:52:b4:04:5e:08:40:7b:04:cd:7d:76:0e:cf:79:a7:c9:
c5:49:ed:ef:25:28:bd:19:be:57:b1:af:c2:f6:88:58:4e:f8:
53:a0:bd:e1:46:e4:ed:be:4c:2a:a8:bf:7c:1c:32:d6:2a:56:
5d:58:bd:62
-----BEGIN CERTIFICATE-----
MIIFKzCCBBOgAwIBAgISAZc3T/rSWOq8Mft7fN+QiMaQMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGUzN2VlMWVjZWQxOWY4YTBhM2E2MzViZmFhMjY0MjkzZTM0
Mzc3OTUwHhcNMjUwNjAzMTk0MTE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NTg2NjdmYjk2MzAwNDc2YjhlOTQxOTllZDhhNzMxNTc5MTc1NzY3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzJ+NwnpzegevBywYvXNo+6zxGYKe
4/iCK9vWNk2D+gOp/GbyPyFHkNY2gvdPe70atSE/kmOVA1TmRAiesRThaBds1kSh
Mhr5658HTSzBlrmvGACQ6GznVWS6FpUogZxiFsp9snlRie13X9x6MP91+VMfM2yQ
pByvEzeI2SjoZK02/4QRZoL9Qeij2L+EHVHPNKM9IKDj6c6RKZrzRJHBcBstjzf+
JteeYMn3PdIM7IK9ffH9eJHouAxAAZQ9DvOAeTuc/Ir4wfH8eZbURcJJ9Y3zbxA6
VM4pniiJ3USIhRQGVtJomD/XCHMvGNzgQbNUm0H31uLE77+DaheTVfppNwIDAQAB
o4ICNzCCAjMwHQYDVR0OBBYEFGWGZ/uWMAR2uOlBme2KcxV5F1dnMB8GA1UdIwQY
MBaAFON+4eztGfigo6Y1v6omQpPjQ3eVMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMt
MzZlMzQ0YWJjOWQzLzEvWllabi01WXdCSGE0NlVHWjdZcHpGWGtYVjJjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9iOC82ZDVkNzUtNGQxZS00Njk3LWIxZDMtMzZlMzQ0YWJjOWQz
LzEvNDM3aDdPMFotS0NqcGpXX3FpWkNrLU5EZDVVLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME0GCCsGAQUFBwEHAQH/BD4wPDA6BAIAATA0MAwDBAUuIKAD
BAAuIKIDBAIuIKQDBAEuIKoDBAAuIK0DBAAuILAwDAMEAC4gvQMEBi4ggDANBgkq
hkiG9w0BAQsFAAOCAQEAOY/x5j0VHkxwSm7w39YxM1km5abmVQtd9T6P2sZu2IcZ
rlcZUGE9tGnLVr3ihoAqCx+2fGAU6ff0qMsKNM4M3Wp3JWqhdz37fEaiCzZAlRTW
pUJ7CFGMrht4mkwoZANdqemqxXEjGRC4QONOEWirA9kFqGoIQkt8FFwxc3qkhixq
YPNo8GS7IhG6XO8bLV0oh9yRP/uIkEyLa7i0SLvyH3X2AKgGW1x6yx/Gogh4ECVF
ZqemAIuiMx8+XPfb2Tk+V4yTtkfew7BStAReCEB7BM19dg7PeafJxUnt7yUovRm+
V7GvwvaIWE74U6C94Ubk7b5MKqi/fBwy1ipWXVi9Yg==
-----END CERTIFICATE-----
Generated at Fri Jun 6 06:25:55 2025 by rpki-client