Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/c2f206-219f-4599-8e22-722614cecb09/1/I_Z5070VnqjEINScGnrsjIIGhyI.roa
File: I_Z5070VnqjEINScGnrsjIIGhyI.roa (raw, json)
Hash identifier: aKnIa9mebw8FwAQj874+YedV1EUpg+SaV2Y+JlM4u6U=
Subject key identifier: 23:F6:79:D3:BD:15:9E:A8:C4:20:D4:9C:1A:7A:EC:8C:82:06:87:22
Certificate issuer: /CN=01e622564484649a5a657b45c9d3bb30c789a3e4
Certificate serial: 0197E5122B82A90815221E8A32C2C5D73740
Authority key identifier: 01:E6:22:56:44:84:64:9A:5A:65:7B:45:C9:D3:BB:30:C7:89:A3:E4
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/AeYiVkSEZJpaZXtFydO7MMeJo-Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/c2f206-219f-4599-8e22-722614cecb09/1/I_Z5070VnqjEINScGnrsjIIGhyI.roa
Signing time: Mon 07 Jul 2025 13:27:42 +0000
ROA not before: Mon 07 Jul 2025 13:27:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8902
IP address blocks: 31.25.160.0/21 maxlen: 24
80.76.112.0/20 maxlen: 24
185.27.12.0/22 maxlen: 24
194.105.160.0/19 maxlen: 24
2a00:1670::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/c2f206-219f-4599-8e22-722614cecb09/1/AeYiVkSEZJpaZXtFydO7MMeJo-Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/c2f206-219f-4599-8e22-722614cecb09/1/AeYiVkSEZJpaZXtFydO7MMeJo-Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/AeYiVkSEZJpaZXtFydO7MMeJo-Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 05:00:24 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:e5:12:2b:82:a9:08:15:22:1e:8a:32:c2:c5:d7:37:40
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=01e622564484649a5a657b45c9d3bb30c789a3e4
Validity
Not Before: Jul 7 13:27:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=23f679d3bd159ea8c420d49c1a7aec8c82068722
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d1:ac:eb:4c:65:34:94:0f:78:42:fc:61:c8:a1:
da:27:ce:9c:5a:06:11:62:9f:4c:d8:5f:0f:e6:aa:
97:f0:7f:e8:a0:f8:72:59:13:e0:da:b1:e5:dc:00:
2a:be:4b:d9:29:36:0e:1f:1a:4a:c9:86:5e:1a:f2:
de:ec:5c:2a:f8:35:9a:e6:38:2f:c4:31:0a:c4:70:
00:68:de:df:9d:05:75:c2:81:f8:89:37:b7:17:8d:
f9:b0:35:12:e9:ac:dc:41:cf:fa:3c:00:fc:3d:f0:
cb:da:85:3b:5c:16:8d:6f:c1:ab:b6:94:cc:a9:f4:
35:fc:a8:c8:d3:c2:cf:27:1e:2e:52:f8:bf:e8:0a:
d6:9d:5e:5f:f0:c7:1e:09:77:22:a8:5b:04:64:ab:
71:82:0c:c2:22:9a:f5:4d:b9:d9:d2:08:09:be:6d:
7a:a9:a0:73:0c:be:f4:8f:16:6c:fe:b0:7e:85:ba:
51:22:54:85:de:9b:15:0c:e9:54:52:fe:22:73:56:
92:f6:5d:19:4d:05:fd:ce:cf:f6:59:8e:c3:7e:4e:
6c:f1:76:42:13:83:39:c0:cd:f0:04:77:e6:e8:a8:
d8:91:af:f7:47:88:95:17:3f:10:56:10:08:27:20:
38:07:04:f0:e2:17:9b:ec:f9:e4:5f:13:7e:78:70:
47:6d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
23:F6:79:D3:BD:15:9E:A8:C4:20:D4:9C:1A:7A:EC:8C:82:06:87:22
X509v3 Authority Key Identifier:
keyid:01:E6:22:56:44:84:64:9A:5A:65:7B:45:C9:D3:BB:30:C7:89:A3:E4
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/AeYiVkSEZJpaZXtFydO7MMeJo-Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c2f206-219f-4599-8e22-722614cecb09/1/I_Z5070VnqjEINScGnrsjIIGhyI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/c2f206-219f-4599-8e22-722614cecb09/1/AeYiVkSEZJpaZXtFydO7MMeJo-Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.25.160.0/21
80.76.112.0/20
185.27.12.0/22
194.105.160.0/19
IPv6:
2a00:1670::/32
Signature Algorithm: sha256WithRSAEncryption
00:2f:98:6d:2a:b3:77:7e:27:97:96:f3:84:79:2e:3c:8e:37:
4b:9d:9a:f7:71:a6:66:7d:2c:92:f3:fb:d6:7e:8b:1f:06:b0:
29:4f:39:8d:f3:b7:0b:72:a1:60:8b:2b:d9:ab:9b:fd:96:ae:
e4:71:ec:0b:4f:5f:ac:5b:64:03:db:c0:0e:04:23:79:ee:15:
58:73:46:34:5e:07:51:7a:be:41:d4:62:2a:4e:f1:bf:7f:c9:
d5:ed:0a:cf:7d:50:1a:c8:b4:1b:00:1d:15:52:8d:d5:c5:5b:
e1:41:5e:f9:76:46:b1:10:83:2d:13:44:ee:2f:47:e0:78:0f:
7c:02:27:f9:07:d2:c0:06:94:64:84:05:87:1f:1d:fb:c7:07:
7f:50:53:e2:65:77:1c:ed:89:79:ea:eb:8f:e5:b6:0e:57:a4:
aa:03:2b:4a:f7:83:5a:ee:76:94:fa:fe:c6:fd:b0:44:6b:e1:
1f:f0:42:63:ff:67:88:f2:f5:50:b2:af:1f:e9:2d:fb:f7:a5:
4b:d3:e5:6e:3f:00:50:a6:9b:55:e0:a8:0c:c4:d8:9d:ac:15:
b5:7b:67:74:f9:16:6a:29:49:33:66:48:3a:43:72:a5:1c:b4:
9b:28:c4:82:cc:d5:8d:9c:53:68:bb:3f:71:3d:5c:42:d5:9f:
6c:d8:cb:25
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZflEiuCqQgVIh6KMsLF1zdAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDAxZTYyMjU2NDQ4NDY0OWE1YTY1N2I0NWM5ZDNiYjMwYzc4
OWEzZTQwHhcNMjUwNzA3MTMyNzQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyM2Y2NzlkM2JkMTU5ZWE4YzQyMGQ0OWMxYTdhZWM4YzgyMDY4NzIyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0azrTGU0lA94QvxhyKHaJ86cWgYR
Yp9M2F8P5qqX8H/ooPhyWRPg2rHl3AAqvkvZKTYOHxpKyYZeGvLe7Fwq+DWa5jgv
xDEKxHAAaN7fnQV1woH4iTe3F435sDUS6azcQc/6PAD8PfDL2oU7XBaNb8GrtpTM
qfQ1/KjI08LPJx4uUvi/6ArWnV5f8MceCXciqFsEZKtxggzCIpr1TbnZ0ggJvm16
qaBzDL70jxZs/rB+hbpRIlSF3psVDOlUUv4ic1aS9l0ZTQX9zs/2WY7Dfk5s8XZC
E4M5wM3wBHfm6KjYka/3R4iVFz8QVhAIJyA4BwTw4heb7PnkXxN+eHBHbQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFCP2edO9FZ6oxCDUnBp67IyCBociMB8GA1UdIwQY
MBaAFAHmIlZEhGSaWmV7RcnTuzDHiaPkMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQWVZaVZrU0VaSnBhWlh0RnlkTzdNTWVKby1RLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jMmYyMDYtMjE5Zi00NTk5LThlMjIt
NzIyNjE0Y2VjYjA5LzEvSV9aNTA3MFZucWpFSU5TY0ducnNqSUlHaHlJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jMmYyMDYtMjE5Zi00NTk5LThlMjItNzIyNjE0Y2VjYjA5
LzEvQWVZaVZrU0VaSnBhWlh0RnlkTzdNTWVKby1RLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQDHxmgAwQE
UExwAwQCuRsMAwQFwmmgMA0EAgACMAcDBQAqABZwMA0GCSqGSIb3DQEBCwUAA4IB
AQAAL5htKrN3fieXlvOEeS48jjdLnZr3caZmfSyS8/vWfosfBrApTzmN87cLcqFg
iyvZq5v9lq7kcewLT1+sW2QD28AOBCN57hVYc0Y0XgdRer5B1GIqTvG/f8nV7QrP
fVAayLQbAB0VUo3VxVvhQV75dkaxEIMtE0TuL0fgeA98Aif5B9LABpRkhAWHHx37
xwd/UFPiZXcc7Yl56uuP5bYOV6SqAytK94Na7naU+v7G/bBEa+Ef8EJj/2eI8vVQ
sq8f6S3796VL0+VuPwBQpptV4KgMxNidrBW1e2d0+RZqKUkzZkg6Q3KlHLSbKMSC
zNWNnFNouz9xPVxC1Z9s2Msl
-----END CERTIFICATE-----
Generated at Sat Aug 9 14:27:10 2025 by rpki-client