Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/c0/eb3e9b-6db5-46c6-9aa1-eb87869bd1c9/1/ZB4LbNWANDxD2OGhZaFKGVmPVqc.roa
File: ZB4LbNWANDxD2OGhZaFKGVmPVqc.roa (raw, json)
Hash identifier: zEeyPPBtIpME2FXN1g85zYsY+3yYWfxT85ifdYuGGN4=
Subject key identifier: 64:1E:0B:6C:D5:80:34:3C:43:D8:E1:A1:65:A1:4A:19:59:8F:56:A7
Certificate issuer: /CN=fbf8cd5d24a08b5a8afb57c9e604d193bc8cae20
Certificate serial: 019A720C918E67E7798A79D34E1128BD2725
Authority key identifier: FB:F8:CD:5D:24:A0:8B:5A:8A:FB:57:C9:E6:04:D1:93:BC:8C:AE:20
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/1-_jNXSSgi1qK-1fJ5gTRk7yMriA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/c0/eb3e9b-6db5-46c6-9aa1-eb87869bd1c9/1/ZB4LbNWANDxD2OGhZaFKGVmPVqc.roa
Signing time: Tue 11 Nov 2025 08:33:37 +0000
ROA not before: Tue 11 Nov 2025 08:33:37 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215918
IP address blocks: 81.85.59.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/c0/eb3e9b-6db5-46c6-9aa1-eb87869bd1c9/1/1-_jNXSSgi1qK-1fJ5gTRk7yMriA.crl
rsync://rpki.ripe.net/repository/DEFAULT/c0/eb3e9b-6db5-46c6-9aa1-eb87869bd1c9/1/1-_jNXSSgi1qK-1fJ5gTRk7yMriA.mft
rsync://rpki.ripe.net/repository/DEFAULT/1-_jNXSSgi1qK-1fJ5gTRk7yMriA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 12 Nov 2025 08:33:37 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:72:0c:91:8e:67:e7:79:8a:79:d3:4e:11:28:bd:27:25
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fbf8cd5d24a08b5a8afb57c9e604d193bc8cae20
Validity
Not Before: Nov 11 08:33:37 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=641e0b6cd580343c43d8e1a165a14a19598f56a7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8b:75:f0:f7:6e:e9:ab:9d:50:5a:a6:e0:21:45:
33:10:aa:c6:ce:b3:96:c4:df:de:b5:52:3f:7f:d5:
42:75:51:f5:e8:87:15:d9:13:db:47:fc:77:52:90:
20:bd:7e:b0:ba:bd:59:dd:06:9c:aa:da:10:1a:5e:
16:f0:b3:72:36:0a:a6:d2:7e:8f:35:3a:6e:b9:8b:
9c:15:ed:b0:30:cf:e0:77:5c:a0:eb:c2:d5:91:99:
74:96:c0:84:eb:b3:4d:4c:c8:36:d4:07:23:ba:4b:
12:21:64:d8:bf:63:b7:7e:61:eb:66:ef:42:64:80:
5b:f0:88:54:6e:fd:03:68:43:16:e6:8d:40:73:eb:
58:8a:52:3c:f1:7c:5c:9a:cc:e9:ae:0a:4e:94:bc:
87:c9:64:4c:2e:5b:4b:47:c1:e6:2e:68:ea:3c:e8:
7f:43:bb:f3:8b:00:b3:be:cb:d7:d7:cf:45:aa:c9:
37:2d:44:97:7e:50:70:35:f8:8b:0d:2f:00:49:5f:
42:23:b2:45:a4:8d:d6:f2:5e:0f:12:ea:b6:05:90:
4b:bc:b9:34:21:3e:cc:cb:6d:01:20:eb:3d:c7:fa:
f9:30:d7:c9:e3:d9:3e:c4:01:80:de:77:f0:70:ac:
71:c7:c3:ed:64:ff:7b:61:59:b5:e1:1a:27:06:70:
39:79
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
64:1E:0B:6C:D5:80:34:3C:43:D8:E1:A1:65:A1:4A:19:59:8F:56:A7
X509v3 Authority Key Identifier:
keyid:FB:F8:CD:5D:24:A0:8B:5A:8A:FB:57:C9:E6:04:D1:93:BC:8C:AE:20
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/1-_jNXSSgi1qK-1fJ5gTRk7yMriA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/eb3e9b-6db5-46c6-9aa1-eb87869bd1c9/1/ZB4LbNWANDxD2OGhZaFKGVmPVqc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/c0/eb3e9b-6db5-46c6-9aa1-eb87869bd1c9/1/1-_jNXSSgi1qK-1fJ5gTRk7yMriA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.85.59.0/24
Signature Algorithm: sha256WithRSAEncryption
3c:94:31:8e:84:6a:86:5b:1a:22:cb:9e:31:8b:d8:d2:20:38:
e3:29:ae:9a:9c:74:65:a5:65:d6:9f:00:2a:d9:a1:46:b9:56:
a3:9f:de:95:42:a6:88:4b:5a:3a:cb:04:f0:f2:7a:ff:41:3f:
1e:d1:29:e1:c1:f7:6b:7c:c6:15:fe:24:5f:15:e2:14:4e:d2:
04:5d:86:64:cc:0e:08:94:aa:eb:67:ae:f0:14:73:48:99:66:
1d:6b:8e:23:4d:51:b3:1f:b8:5a:a0:c3:33:db:31:9f:9f:f6:
df:6e:31:62:46:bf:7e:67:7c:3e:aa:43:a8:c9:1f:18:3a:bc:
61:b6:b3:6d:c5:69:83:bc:28:f5:da:79:f2:b1:02:e3:8a:4f:
dd:10:24:33:dd:a0:c3:9a:40:41:95:e1:41:f3:8f:ee:f6:b0:
d8:f7:69:1e:b9:3b:49:6c:22:94:3d:47:fb:5e:19:50:a0:53:
28:1d:34:81:5c:01:30:ec:04:2d:a0:8e:81:2f:cd:4b:0d:c8:
2d:c8:4f:e9:0c:89:0d:ad:6e:43:bc:b0:a9:95:02:59:51:44:
cc:ef:40:6a:df:b8:6c:db:87:6e:f3:2a:40:e5:ed:e5:95:6b:
d3:34:24:eb:9c:4d:5e:73:de:de:08:5d:e2:f0:3b:73:02:5b:
da:2d:b2:13
-----BEGIN CERTIFICATE-----
MIIE/zCCA+egAwIBAgISAZpyDJGOZ+d5innTThEovSclMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZiZjhjZDVkMjRhMDhiNWE4YWZiNTdjOWU2MDRkMTkzYmM4
Y2FlMjAwHhcNMjUxMTExMDgzMzM3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NDFlMGI2Y2Q1ODAzNDNjNDNkOGUxYTE2NWExNGExOTU5OGY1NmE3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAi3Xw927pq51QWqbgIUUzEKrGzrOW
xN/etVI/f9VCdVH16IcV2RPbR/x3UpAgvX6wur1Z3QacqtoQGl4W8LNyNgqm0n6P
NTpuuYucFe2wMM/gd1yg68LVkZl0lsCE67NNTMg21AcjuksSIWTYv2O3fmHrZu9C
ZIBb8IhUbv0DaEMW5o1Ac+tYilI88XxcmszprgpOlLyHyWRMLltLR8HmLmjqPOh/
Q7vziwCzvsvX189Fqsk3LUSXflBwNfiLDS8ASV9CI7JFpI3W8l4PEuq2BZBLvLk0
IT7My20BIOs9x/r5MNfJ49k+xAGA3nfwcKxxx8PtZP97YVm14RonBnA5eQIDAQAB
o4ICCzCCAgcwHQYDVR0OBBYEFGQeC2zVgDQ8Q9jhoWWhShlZj1anMB8GA1UdIwQY
MBaAFPv4zV0koItaivtXyeYE0ZO8jK4gMA4GA1UdDwEB/wQEAwIHgDBlBggrBgEF
BQcBAQRZMFcwVQYIKwYBBQUHMAKGSXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMS1fak5YU1NnaTFxSy0xZko1Z1RSazd5TXJpQS5jZXIw
gY0GCCsGAQUFBwELBIGAMH4wfAYIKwYBBQUHMAuGcHJzeW5jOi8vcnBraS5yaXBl
Lm5ldC9yZXBvc2l0b3J5L0RFRkFVTFQvYzAvZWIzZTliLTZkYjUtNDZjNi05YWEx
LWViODc4NjliZDFjOS8xL1pCNExiTldBTkR4RDJPR2haYUZLR1ZtUFZxYy5yb2Ew
gYIGA1UdHwR7MHkwd6B1oHOGcXJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvYzAvZWIzZTliLTZkYjUtNDZjNi05YWExLWViODc4NjliZDFj
OS8xLzEtX2pOWFNTZ2kxcUstMWZKNWdUUms3eU1yaUEuY3JsMBgGA1UdIAEB/wQO
MAwwCgYIKwYBBQUHDgIwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYDBABRVTsw
DQYJKoZIhvcNAQELBQADggEBADyUMY6EaoZbGiLLnjGL2NIgOOMprpqcdGWlZdaf
ACrZoUa5VqOf3pVCpohLWjrLBPDyev9BPx7RKeHB92t8xhX+JF8V4hRO0gRdhmTM
DgiUqutnrvAUc0iZZh1rjiNNUbMfuFqgwzPbMZ+f9t9uMWJGv35nfD6qQ6jJHxg6
vGG2s23FaYO8KPXaefKxAuOKT90QJDPdoMOaQEGV4UHzj+72sNj3aR65O0lsIpQ9
R/teGVCgUygdNIFcATDsBC2gjoEvzUsNyC3IT+kMiQ2tbkO8sKmVAllRRMzvQGrf
uGzbh27zKkDl7eWVa9M0JOucTV5z3t4IXeLwO3MCW9otshM=
-----END CERTIFICATE-----
Generated at Tue Nov 11 13:02:01 2025 by rpki-client