Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/_zcItGlmx6998FM_OkVMktHXtJY.roa
File: _zcItGlmx6998FM_OkVMktHXtJY.roa (raw, json)
Hash identifier: BVU2FfRsrCVxlC5hx2l9rOZ/f3ofzH78ETxGPtN8M6c=
Subject key identifier: FF:37:08:B4:69:66:C7:AF:7D:F0:53:3F:3A:45:4C:92:D1:D7:B4:96
Certificate issuer: /CN=0e298900355fdf4254c20831f2d7ee3bec429bdb
Certificate serial: 019E975636557370AE447A4CC8F087E82280
Authority key identifier: 0E:29:89:00:35:5F:DF:42:54:C2:08:31:F2:D7:EE:3B:EC:42:9B:DB
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/_zcItGlmx6998FM_OkVMktHXtJY.roa
Signing time: Fri 05 Jun 2026 10:31:10 +0000
ROA not before: Fri 05 Jun 2026 10:31:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 48958
IP address blocks: 185.125.76.0/24 maxlen: 24
185.125.77.0/24 maxlen: 24
185.125.79.0/24 maxlen: 24
195.8.48.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.mft
rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:97:56:36:55:73:70:ae:44:7a:4c:c8:f0:87:e8:22:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=0e298900355fdf4254c20831f2d7ee3bec429bdb
Validity
Not Before: Jun 5 10:31:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=ff3708b46966c7af7df0533f3a454c92d1d7b496
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b4:61:92:5b:3b:22:0a:13:dc:00:0e:3d:30:ab:
3a:c1:02:75:02:97:00:39:b7:67:5b:a5:98:a8:be:
d0:15:f6:50:19:60:93:db:fb:97:d7:91:0b:92:b4:
8a:52:b9:bc:a7:00:e6:e0:19:5e:a8:4a:d3:56:a5:
f6:f6:66:39:05:8d:e8:b2:ba:d0:1a:ac:cb:d4:3e:
29:8c:63:41:7e:cb:82:54:50:7d:57:9a:28:fc:df:
b0:c7:50:5f:71:f7:a1:32:7b:33:43:74:0a:39:f8:
c3:cb:bd:28:95:57:10:b8:2f:03:27:ca:89:41:d9:
09:5c:85:26:cd:41:23:a1:bf:d7:76:27:28:d3:a3:
f3:5a:42:bd:5a:a7:23:36:5d:2f:cc:9d:c5:9f:9c:
fe:38:dc:dc:d7:39:af:2e:0d:10:05:c5:4c:6f:1f:
44:12:0e:f7:41:87:5c:da:f1:cb:ee:c4:95:c0:58:
a5:f9:49:f2:7c:d4:9b:79:f6:56:23:9c:a7:02:36:
24:34:53:60:12:55:34:8c:9a:ef:42:86:7a:87:0c:
13:9d:d1:9e:53:42:e8:fa:cf:14:55:76:c9:7f:2b:
e6:03:75:c6:15:f9:4e:10:bc:d6:09:3a:0e:51:e5:
9e:79:1e:92:d9:9d:48:e1:fc:d5:60:04:d9:01:09:
73:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FF:37:08:B4:69:66:C7:AF:7D:F0:53:3F:3A:45:4C:92:D1:D7:B4:96
X509v3 Authority Key Identifier:
keyid:0E:29:89:00:35:5F:DF:42:54:C2:08:31:F2:D7:EE:3B:EC:42:9B:DB
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/DimJADVf30JUwggx8tfuO-xCm9s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/_zcItGlmx6998FM_OkVMktHXtJY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/cfea9e-bee2-4bcb-8def-3e4b74dd058d/1/DimJADVf30JUwggx8tfuO-xCm9s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.125.76.0/23
185.125.79.0/24
195.8.48.0/24
Signature Algorithm: sha256WithRSAEncryption
b1:c0:88:14:c0:f1:36:1c:23:61:f8:98:e7:d4:4d:aa:d7:b6:
98:61:c0:7a:18:92:9b:4a:a6:36:67:91:1c:e9:fc:19:dc:91:
50:a6:e5:48:b5:e7:fb:bf:0f:fc:b3:83:e0:22:f4:f9:0e:62:
0e:35:60:fe:33:c0:dc:e3:67:6f:70:5f:f5:c5:bf:57:92:c3:
67:e7:b9:50:37:b8:7e:97:3b:8f:f8:ed:f8:59:a2:b2:ce:e1:
43:61:b9:cf:76:35:cc:f6:cd:b4:88:3b:0f:d1:4c:9d:b9:2d:
ef:49:f1:3c:c2:e6:30:7b:36:93:eb:9d:97:6c:fc:3a:77:31:
1e:17:0e:2e:43:10:10:b0:66:9c:59:9c:a6:91:53:31:7b:fa:
6d:77:50:af:ec:07:6e:e2:98:95:ba:9c:22:17:cb:ca:cd:ad:
bb:59:f9:2b:a1:c8:d4:6d:11:a5:5a:a7:fd:2f:04:b9:16:4c:
c1:34:4c:23:df:49:e7:c5:7c:6c:05:65:79:ef:51:79:27:de:
d5:f5:57:e3:fa:dd:98:a2:db:d4:78:71:41:63:bc:d8:c4:49:
39:bb:a2:e7:c9:48:a7:e7:f6:2a:1a:97:78:01:ae:a5:cc:9e:
39:12:f6:86:b3:cb:71:59:2d:d9:d4:0a:56:09:f5:0a:17:06:
42:c8:38:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ6XVjZVc3CuRHpMyPCH6CKAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDBlMjk4OTAwMzU1ZmRmNDI1NGMyMDgzMWYyZDdlZTNiZWM0
MjliZGIwHhcNMjYwNjA1MTAzMTEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmZjM3MDhiNDY5NjZjN2FmN2RmMDUzM2YzYTQ1NGM5MmQxZDdiNDk2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtGGSWzsiChPcAA49MKs6wQJ1ApcA
ObdnW6WYqL7QFfZQGWCT2/uX15ELkrSKUrm8pwDm4BleqErTVqX29mY5BY3osrrQ
GqzL1D4pjGNBfsuCVFB9V5oo/N+wx1BfcfehMnszQ3QKOfjDy70olVcQuC8DJ8qJ
QdkJXIUmzUEjob/Xdico06PzWkK9WqcjNl0vzJ3Fn5z+ONzc1zmvLg0QBcVMbx9E
Eg73QYdc2vHL7sSVwFil+UnyfNSbefZWI5ynAjYkNFNgElU0jJrvQoZ6hwwTndGe
U0Lo+s8UVXbJfyvmA3XGFflOELzWCToOUeWeeR6S2Z1I4fzVYATZAQlzewIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFP83CLRpZsevffBTPzpFTJLR17SWMB8GA1UdIwQY
MBaAFA4piQA1X99CVMIIMfLX7jvsQpvbMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRGltSkFEVmYzMEpVd2dneDh0ZnVPLXhDbTlzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi9jZmVhOWUtYmVlMi00YmNiLThkZWYt
M2U0Yjc0ZGQwNThkLzEvX3pjSXRHbG14Njk5OEZNX09rVk1rdEhYdEpZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi9jZmVhOWUtYmVlMi00YmNiLThkZWYtM2U0Yjc0ZGQwNThk
LzEvRGltSkFEVmYzMEpVd2dneDh0ZnVPLXhDbTlzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBuX1MAwQA
uX1PAwQAwwgwMA0GCSqGSIb3DQEBCwUAA4IBAQCxwIgUwPE2HCNh+Jjn1E2q17aY
YcB6GJKbSqY2Z5Ec6fwZ3JFQpuVItef7vw/8s4PgIvT5DmIONWD+M8Dc42dvcF/1
xb9XksNn57lQN7h+lzuP+O34WaKyzuFDYbnPdjXM9s20iDsP0UyduS3vSfE8wuYw
ezaT652XbPw6dzEeFw4uQxAQsGacWZymkVMxe/ptd1Cv7Adu4piVupwiF8vKza27
WfkrocjUbRGlWqf9LwS5FkzBNEwj30nnxXxsBWV571F5J97V9Vfj+t2YotvUeHFB
Y7zYxEk5u6LnyUin5/YqGpd4Aa6lzJ45EvaGs8txWS3Z1ApWCfUKFwZCyDjn
-----END CERTIFICATE-----
Generated at Sat Jun 13 10:37:25 2026 by rpki-client