Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/PPz_1wH3hqFDjLC-MrIMRrZJxeQ.roa
File: PPz_1wH3hqFDjLC-MrIMRrZJxeQ.roa (raw, json)
Hash identifier: ZY1q21nV+Hi/oVRVSMTtHd27zoQ6myzruEINZqqxjKM=
Subject key identifier: 3C:FC:FF:D7:01:F7:86:A1:43:8C:B0:BE:32:B2:0C:46:B6:49:C5:E4
Certificate issuer: /CN=0f025fa357c20abbf118426234658e62d7dc7076
Certificate serial: 019713B678491D379907DA6C4A6AED41B17F
Authority key identifier: 0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/PPz_1wH3hqFDjLC-MrIMRrZJxeQ.roa
Signing time: Tue 27 May 2025 21:46:54 +0000
ROA not before: Tue 27 May 2025 21:46:54 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 214294
IP address blocks: 123.100.225.0/24 maxlen: 24
2a01:ee80::/32 maxlen: 32
2a01:ee80:1::/48 maxlen: 48
2a01:ee80:2::/48 maxlen: 48
2a01:ee80:77::/48 maxlen: 48
2a01:ee80:141::/48 maxlen: 48
2a01:ee80:169::/48 maxlen: 48
2a01:ee80:333::/48 maxlen: 48
2a01:ee80:777::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.crl
rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.mft
rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 08 Jun 2025 11:24:49 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:13:b6:78:49:1d:37:99:07:da:6c:4a:6a:ed:41:b1:7f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0f025fa357c20abbf118426234658e62d7dc7076
Validity
Not Before: May 27 21:46:54 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=3cfcffd701f786a1438cb0be32b20c46b649c5e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:04:67:1e:63:5a:b6:ed:61:7a:ae:bf:c2:cc:
92:2d:de:12:4b:b2:55:5b:cc:1b:e8:cf:bf:00:ef:
88:55:4c:bf:b1:7a:33:29:68:23:f9:2c:ef:9d:57:
3e:4b:bd:2d:d2:1a:14:51:a6:69:dc:fa:65:0d:2a:
af:3e:a4:69:bf:d5:38:d8:c7:16:ee:08:e4:3e:4a:
b3:e2:c4:f1:91:fb:2d:f7:62:0e:94:68:d8:d3:b3:
b8:ac:94:2d:32:0a:c8:f5:0f:9e:2c:36:ad:fc:04:
7c:6d:67:85:82:3e:17:e9:79:74:3f:02:9c:09:be:
54:aa:cd:7d:37:d2:d4:a0:4c:05:be:57:1e:6a:04:
9f:3f:fd:1f:35:4a:11:f9:aa:b7:1d:80:6d:e9:ea:
11:48:6f:00:c6:a9:33:c9:7e:87:d2:eb:ce:72:36:
68:46:f9:4d:3b:9e:08:95:1b:38:47:cc:32:bd:13:
4f:27:3a:69:b9:fd:fc:5d:a0:ea:47:57:09:01:a8:
c9:21:e2:c3:a7:20:40:07:f8:89:49:db:a6:db:3a:
13:ac:61:a7:98:63:77:d5:33:5b:f5:bd:16:08:ff:
b1:30:10:ee:d7:34:31:42:a3:a3:18:cb:d1:a1:0f:
24:df:01:18:75:7d:7a:c6:25:fc:a8:89:9b:dc:40:
53:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
3C:FC:FF:D7:01:F7:86:A1:43:8C:B0:BE:32:B2:0C:46:B6:49:C5:E4
X509v3 Authority Key Identifier:
keyid:0F:02:5F:A3:57:C2:0A:BB:F1:18:42:62:34:65:8E:62:D7:DC:70:76
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DwJfo1fCCrvxGEJiNGWOYtfccHY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/PPz_1wH3hqFDjLC-MrIMRrZJxeQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d3/114a10-8ef7-4903-963e-d4d59a095c7f/1/DwJfo1fCCrvxGEJiNGWOYtfccHY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
123.100.225.0/24
IPv6:
2a01:ee80::/32
Signature Algorithm: sha256WithRSAEncryption
23:e7:8a:b2:4c:5a:22:dc:69:65:7b:8a:71:5c:35:e7:03:d3:
91:3c:46:5f:6c:49:c8:0b:8d:42:9e:6b:5d:21:96:b9:5a:42:
d1:19:28:f7:d5:18:4f:f1:8f:d1:c9:5b:36:ea:64:0f:41:6c:
fe:cd:06:fe:78:75:6d:ff:57:fb:43:fe:ae:a8:7a:c8:f9:b1:
8d:57:e1:47:4e:bc:00:18:63:34:3c:71:f0:37:f7:5f:0c:4b:
1f:54:61:e8:57:e3:ef:1e:fe:81:e5:76:4c:99:e9:42:c3:8e:
2e:15:34:c1:80:8b:c9:d1:0e:07:11:e9:34:48:b4:2b:cf:95:
4d:ca:5a:c4:12:b4:c4:89:b9:28:d7:c6:49:20:ab:4b:ff:3e:
da:94:aa:58:be:4b:40:de:92:ff:b3:6e:16:90:a6:d2:ef:1a:
7d:a9:da:e9:ff:af:d7:56:31:02:41:fe:80:32:dc:42:a5:d3:
cd:41:60:64:56:d7:9f:04:b8:88:d5:76:71:8d:77:a2:d7:d4:
be:8d:0d:b6:54:14:a7:45:10:d8:ac:f4:be:38:6b:b6:b1:a4:
f4:ae:81:b4:ed:3c:52:c2:7f:39:26:a7:76:2f:11:4b:63:71:
8a:d2:3f:a3:99:d6:02:1b:59:de:2a:17:81:17:2e:25:dc:00:
df:5d:31:0f
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZcTtnhJHTeZB9psSmrtQbF/MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBmMDI1ZmEzNTdjMjBhYmJmMTE4NDI2MjM0NjU4ZTYyZDdk
YzcwNzYwHhcNMjUwNTI3MjE0NjU0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzY2ZjZmZkNzAxZjc4NmExNDM4Y2IwYmUzMmIyMGM0NmI2NDljNWU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwgRnHmNatu1heq6/wsySLd4SS7JV
W8wb6M+/AO+IVUy/sXozKWgj+SzvnVc+S70t0hoUUaZp3PplDSqvPqRpv9U42McW
7gjkPkqz4sTxkfst92IOlGjY07O4rJQtMgrI9Q+eLDat/AR8bWeFgj4X6Xl0PwKc
Cb5Uqs19N9LUoEwFvlceagSfP/0fNUoR+aq3HYBt6eoRSG8AxqkzyX6H0uvOcjZo
RvlNO54IlRs4R8wyvRNPJzppuf38XaDqR1cJAajJIeLDpyBAB/iJSdum2zoTrGGn
mGN31TNb9b0WCP+xMBDu1zQxQqOjGMvRoQ8k3wEYdX16xiX8qImb3EBTMQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFDz8/9cB94ahQ4ywvjKyDEa2ScXkMB8GA1UdIwQY
MBaAFA8CX6NXwgq78RhCYjRljmLX3HB2MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2Ut
ZDRkNTlhMDk1YzdmLzEvUFB6XzF3SDNocUZEakxDLU1ySU1SclpKeGVRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kMy8xMTRhMTAtOGVmNy00OTAzLTk2M2UtZDRkNTlhMDk1Yzdm
LzEvRHdKZm8xZkNDcnZ4R0VKaU5HV09ZdGZjY0hZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQAe2ThMA0E
AgACMAcDBQAqAe6AMA0GCSqGSIb3DQEBCwUAA4IBAQAj54qyTFoi3Glle4pxXDXn
A9ORPEZfbEnIC41CnmtdIZa5WkLRGSj31RhP8Y/RyVs26mQPQWz+zQb+eHVt/1f7
Q/6uqHrI+bGNV+FHTrwAGGM0PHHwN/dfDEsfVGHoV+PvHv6B5XZMmelCw44uFTTB
gIvJ0Q4HEek0SLQrz5VNylrEErTEibko18ZJIKtL/z7alKpYvktA3pL/s24WkKbS
7xp9qdrp/6/XVjECQf6AMtxCpdPNQWBkVtefBLiI1XZxjXei19S+jQ22VBSnRRDY
rPS+OGu2saT0roG07TxSwn85Jqd2LxFLY3GK0j+jmdYCG1neKheBFy4l3ADfXTEP
-----END CERTIFICATE-----
Generated at Sat Jun 7 21:05:46 2025 by rpki-client