Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/zIRMLHmYywDiynuMJiCzQ2AkQN4.roa
File: zIRMLHmYywDiynuMJiCzQ2AkQN4.roa (raw, json)
Hash identifier: Rrgpadknv0U3sbeqgvY1IlVZi+07otKptmpcn/hoyC4=
Subject key identifier: CC:84:4C:2C:79:98:CB:00:E2:CA:7B:8C:26:20:B3:43:60:24:40:DE
Certificate issuer: /CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Certificate serial: 01991D3D5A474BD5A7AF5D92592BCF0281E0
Authority key identifier: D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/zIRMLHmYywDiynuMJiCzQ2AkQN4.roa
Signing time: Sat 06 Sep 2025 04:16:24 +0000
ROA not before: Sat 06 Sep 2025 04:16:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 46.37.98.0/24 maxlen: 24
46.37.113.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.mft
rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 18 Sep 2025 21:38:15 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:1d:3d:5a:47:4b:d5:a7:af:5d:92:59:2b:cf:02:81:e0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=d3cf0884918a50239ef70518ee9fc04f1aae1929
Validity
Not Before: Sep 6 04:16:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc844c2c7998cb00e2ca7b8c2620b343602440de
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:a5:9a:0e:46:bd:d6:ec:01:64:5c:e4:be:e0:
a1:45:b6:e9:a3:29:e5:e7:47:5a:79:62:5d:62:ce:
7d:d6:5f:97:26:db:82:9e:44:2a:22:5b:69:b2:36:
e9:81:2e:c3:03:29:de:04:00:f6:74:2f:01:fb:31:
4e:f7:d2:68:50:4b:99:16:d2:f5:3d:df:41:d8:59:
23:f5:92:25:a2:fe:ef:2d:e4:ba:4c:01:e2:93:06:
29:a7:5d:73:80:a6:4a:27:7e:04:bc:2f:31:a3:9e:
c4:e4:12:79:b2:5c:0d:b4:ba:2d:d4:66:c3:e9:38:
ec:aa:d2:a4:1f:ad:e7:db:70:90:5a:b5:2f:ee:8f:
f0:85:3c:77:88:e2:20:bc:12:21:24:75:d2:59:fc:
bd:7e:a8:f7:81:ee:b2:49:47:04:bb:b7:ab:7c:6e:
76:e8:72:18:03:13:35:e9:17:69:b7:78:79:7c:f3:
bc:e0:0a:d4:7e:f7:18:cb:d6:1a:92:d8:d4:60:85:
65:86:0d:1b:cb:8f:42:ba:dd:3d:fc:cd:cf:92:b9:
06:eb:a6:20:33:b3:98:81:cf:2a:f7:1f:09:3e:21:
02:5d:d6:30:43:30:86:c8:1f:99:18:b7:18:64:05:
57:3e:ea:1e:f9:91:34:81:af:b9:4a:f6:d8:0b:21:
e5:c3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:84:4C:2C:79:98:CB:00:E2:CA:7B:8C:26:20:B3:43:60:24:40:DE
X509v3 Authority Key Identifier:
keyid:D3:CF:08:84:91:8A:50:23:9E:F7:05:18:EE:9F:C0:4F:1A:AE:19:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/088IhJGKUCOe9wUY7p_ATxquGSk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/zIRMLHmYywDiynuMJiCzQ2AkQN4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e7/cdff16-458a-47c3-8dfa-231549409720/1/088IhJGKUCOe9wUY7p_ATxquGSk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.37.98.0/24
46.37.113.0/24
Signature Algorithm: sha256WithRSAEncryption
5a:46:37:4d:e2:ec:9b:5f:dd:21:67:9d:0a:79:ca:fa:ff:7f:
c2:d4:20:1d:64:ef:48:d7:5c:c1:69:2f:a4:4f:66:81:be:b6:
51:74:6b:bb:1e:af:ed:31:8f:37:22:e3:b9:50:44:d5:ff:42:
2b:93:c6:35:c9:56:c7:fa:03:c8:7e:3f:ce:c3:d5:e7:f4:e2:
ad:a1:44:b2:96:ea:03:28:1f:dc:ed:cb:ff:96:00:d9:51:aa:
87:91:51:5a:7c:6b:0d:83:40:6b:42:94:87:99:9e:78:de:ae:
33:79:c4:07:1a:17:42:12:29:7c:c7:e2:8f:64:5c:6d:e8:1d:
ab:17:c4:26:ec:34:4e:21:0e:db:17:f9:09:4f:d8:a1:2e:19:
7a:20:f6:85:cd:23:cc:71:06:f7:5b:77:3a:bc:d2:58:4d:6a:
72:60:21:53:f7:be:b6:6a:70:71:de:97:96:91:77:21:eb:e9:
e6:35:69:2d:6d:bc:ae:6d:97:71:21:08:58:76:af:6a:ea:37:
d3:4f:07:ad:00:d6:12:13:62:fd:4f:58:86:7a:9d:9d:93:39:
df:c0:49:96:2a:7c:80:bb:ec:ff:1a:1a:ee:eb:7e:a0:46:48:
97:e8:50:58:3d:69:45:17:0a:80:26:ef:78:b5:ee:a6:78:b5:
e1:22:7b:b5
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZkdPVpHS9Wnr12SWSvPAoHgMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGQzY2YwODg0OTE4YTUwMjM5ZWY3MDUxOGVlOWZjMDRmMWFh
ZTE5MjkwHhcNMjUwOTA2MDQxNjI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzg0NGMyYzc5OThjYjAwZTJjYTdiOGMyNjIwYjM0MzYwMjQ0MGRlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0aWaDka91uwBZFzkvuChRbbpoynl
50daeWJdYs591l+XJtuCnkQqIltpsjbpgS7DAyneBAD2dC8B+zFO99JoUEuZFtL1
Pd9B2Fkj9ZIlov7vLeS6TAHikwYpp11zgKZKJ34EvC8xo57E5BJ5slwNtLot1GbD
6TjsqtKkH63n23CQWrUv7o/whTx3iOIgvBIhJHXSWfy9fqj3ge6ySUcEu7erfG52
6HIYAxM16Rdpt3h5fPO84ArUfvcYy9YaktjUYIVlhg0by49Cut09/M3PkrkG66Yg
M7OYgc8q9x8JPiECXdYwQzCGyB+ZGLcYZAVXPuoe+ZE0ga+5SvbYCyHlwwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFMyETCx5mMsA4sp7jCYgs0NgJEDeMB8GA1UdIwQY
MBaAFNPPCISRilAjnvcFGO6fwE8arhkpMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEt
MjMxNTQ5NDA5NzIwLzEveklSTUxIbVl5d0RpeW51TUppQ3pRMkFrUU40LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lNy9jZGZmMTYtNDU4YS00N2MzLThkZmEtMjMxNTQ5NDA5NzIw
LzEvMDg4SWhKR0tVQ09lOXdVWTdwX0FUeHF1R1NrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQALiViAwQA
LiVxMA0GCSqGSIb3DQEBCwUAA4IBAQBaRjdN4uybX90hZ50Kecr6/3/C1CAdZO9I
11zBaS+kT2aBvrZRdGu7Hq/tMY83IuO5UETV/0Irk8Y1yVbH+gPIfj/Ow9Xn9OKt
oUSyluoDKB/c7cv/lgDZUaqHkVFafGsNg0BrQpSHmZ543q4zecQHGhdCEil8x+KP
ZFxt6B2rF8Qm7DROIQ7bF/kJT9ihLhl6IPaFzSPMcQb3W3c6vNJYTWpyYCFT9762
anBx3peWkXch6+nmNWktbbyubZdxIQhYdq9q6jfTTwetANYSE2L9T1iGep2dkznf
wEmWKnyAu+z/Ghru636gRkiX6FBYPWlFFwqAJu94te6meLXhInu1
-----END CERTIFICATE-----
Generated at Thu Sep 18 05:02:51 2025 by rpki-client