Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Zx7o0NJ7lPcPWusoEu-hir0u3sI.roa
File: Zx7o0NJ7lPcPWusoEu-hir0u3sI.roa (raw, json)
Hash identifier: RaHzV4CwJ05D0LodvMcl63WAfLK7uU2RzT47rVSSlwM=
Subject key identifier: 67:1E:E8:D0:D2:7B:94:F7:0F:5A:EB:28:12:EF:A1:8A:BD:2E:DE:C2
Certificate issuer: /CN=4e2d20f2de4d57e1bc645cb6287ff810d0f5a4bf
Certificate serial: 0198500F6CE3F78B40E5633FE073383F926A
Authority key identifier: 4E:2D:20:F2:DE:4D:57:E1:BC:64:5C:B6:28:7F:F8:10:D0:F5:A4:BF
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Zx7o0NJ7lPcPWusoEu-hir0u3sI.roa
Signing time: Mon 28 Jul 2025 08:04:04 +0000
ROA not before: Mon 28 Jul 2025 08:04:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 50676
IP address blocks: 192.162.40.0/22 maxlen: 24
195.191.82.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Ti0g8t5NV-G8ZFy2KH_4END1pL8.crl
rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Ti0g8t5NV-G8ZFy2KH_4END1pL8.mft
rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 11 Aug 2025 11:00:48 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:50:0f:6c:e3:f7:8b:40:e5:63:3f:e0:73:38:3f:92:6a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4e2d20f2de4d57e1bc645cb6287ff810d0f5a4bf
Validity
Not Before: Jul 28 08:04:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=671ee8d0d27b94f70f5aeb2812efa18abd2edec2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d3:07:59:f9:bc:11:b4:6b:da:cc:60:94:69:76:
d5:ef:cd:60:b5:21:bf:9b:dd:6c:06:53:07:37:0f:
0f:72:b5:45:d0:f3:32:7f:5a:1d:21:0a:78:8d:c9:
96:cf:d3:f2:b3:f4:77:5b:38:1d:3c:dc:f5:b1:3a:
55:f7:b0:81:59:01:8a:a8:b9:7d:fe:ec:29:c3:27:
b0:c1:22:95:31:02:fc:a0:d7:98:33:20:79:79:67:
08:65:ec:c3:40:27:3a:ec:6f:9b:d9:44:0b:c1:f6:
98:43:66:fa:73:e7:99:7f:dd:7c:bf:ed:93:b1:01:
3e:26:a6:d4:e9:40:cf:d6:02:51:ea:b7:12:81:95:
2f:7c:95:51:aa:91:17:03:a9:e5:80:34:71:af:83:
39:83:a5:3d:fc:15:ba:fc:64:b6:e2:db:38:fc:a4:
a7:c2:3e:43:bf:52:99:0a:a4:c3:65:e0:ac:01:92:
a6:f0:e8:aa:1f:08:f6:db:55:be:c0:6a:11:e6:7f:
ed:6a:0a:1d:17:d9:53:5f:e8:e8:0e:ad:76:2e:4b:
24:5d:5d:82:e5:51:cc:aa:3e:a1:2f:f9:87:fd:40:
97:34:ea:25:49:af:db:14:a9:7b:0d:cc:68:77:5f:
09:a3:de:97:ce:87:f5:3b:4a:e0:8c:36:93:61:e4:
d4:53
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
67:1E:E8:D0:D2:7B:94:F7:0F:5A:EB:28:12:EF:A1:8A:BD:2E:DE:C2
X509v3 Authority Key Identifier:
keyid:4E:2D:20:F2:DE:4D:57:E1:BC:64:5C:B6:28:7F:F8:10:D0:F5:A4:BF
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/Ti0g8t5NV-G8ZFy2KH_4END1pL8.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Zx7o0NJ7lPcPWusoEu-hir0u3sI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1f/ce876c-2c02-4775-8095-78d4a64d22d9/1/Ti0g8t5NV-G8ZFy2KH_4END1pL8.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.162.40.0/22
195.191.82.0/23
Signature Algorithm: sha256WithRSAEncryption
6c:e5:21:7c:ad:82:95:dc:cb:af:d7:ec:cb:5e:4e:e8:3c:17:
2d:34:87:9e:21:66:48:5f:ae:d8:9e:66:29:b7:f4:8f:af:ba:
88:eb:53:1a:7c:d1:2d:a0:9a:f3:49:0f:ff:1b:b3:8d:c3:ff:
91:a9:77:35:0b:c8:df:9b:67:33:09:26:b3:49:df:12:b9:6f:
61:bc:85:50:01:6a:19:38:26:e5:ee:34:5c:0b:aa:0e:3b:65:
ae:a8:7d:1e:99:56:1e:0c:52:8d:4c:ec:d0:06:5f:61:7c:c3:
9f:b2:50:d2:ae:00:7c:14:c1:2c:f0:56:35:32:52:4e:d9:02:
f2:5a:68:8e:19:c0:5a:b0:ea:d1:63:04:c5:14:ae:4b:b2:c4:
c0:7b:1a:4e:7f:e8:e3:16:62:1d:01:88:cd:3e:b6:c2:4d:e4:
7f:fb:9c:0e:02:22:32:8a:72:21:b2:ed:6e:b0:6e:f7:d3:fc:
35:e8:7a:cc:13:8c:48:89:85:e0:d5:59:72:38:dd:1e:01:6b:
fd:81:af:51:84:39:87:99:a1:d1:24:ab:33:6f:3c:4b:23:bf:
6b:ee:ab:ac:76:41:7d:32:0b:41:9e:14:70:04:e0:bd:e1:35:
04:31:69:fc:01:ba:58:3e:88:2a:5e:3c:9b:fa:4e:dc:84:71:
20:51:d8:b9
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhQD2zj94tA5WM/4HM4P5JqMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRlMmQyMGYyZGU0ZDU3ZTFiYzY0NWNiNjI4N2ZmODEwZDBm
NWE0YmYwHhcNMjUwNzI4MDgwNDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2NzFlZThkMGQyN2I5NGY3MGY1YWViMjgxMmVmYTE4YWJkMmVkZWMyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA0wdZ+bwRtGvazGCUaXbV781gtSG/
m91sBlMHNw8PcrVF0PMyf1odIQp4jcmWz9Pys/R3WzgdPNz1sTpV97CBWQGKqLl9
/uwpwyewwSKVMQL8oNeYMyB5eWcIZezDQCc67G+b2UQLwfaYQ2b6c+eZf918v+2T
sQE+JqbU6UDP1gJR6rcSgZUvfJVRqpEXA6nlgDRxr4M5g6U9/BW6/GS24ts4/KSn
wj5Dv1KZCqTDZeCsAZKm8OiqHwj221W+wGoR5n/tagodF9lTX+joDq12LkskXV2C
5VHMqj6hL/mH/UCXNOolSa/bFKl7Dcxod18Jo96Xzof1O0rgjDaTYeTUUwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFGce6NDSe5T3D1rrKBLvoYq9Lt7CMB8GA1UdIwQY
MBaAFE4tIPLeTVfhvGRctih/+BDQ9aS/MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVGkwZzh0NU5WLUc4WkZ5MktIXzRFTkQxcEw4LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xZi9jZTg3NmMtMmMwMi00Nzc1LTgwOTUt
NzhkNGE2NGQyMmQ5LzEvWng3bzBOSjdsUGNQV3Vzb0V1LWhpcjB1M3NJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xZi9jZTg3NmMtMmMwMi00Nzc1LTgwOTUtNzhkNGE2NGQyMmQ5
LzEvVGkwZzh0NU5WLUc4WkZ5MktIXzRFTkQxcEw4LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCwKIoAwQB
w79SMA0GCSqGSIb3DQEBCwUAA4IBAQBs5SF8rYKV3Muv1+zLXk7oPBctNIeeIWZI
X67YnmYpt/SPr7qI61MafNEtoJrzSQ//G7ONw/+RqXc1C8jfm2czCSazSd8SuW9h
vIVQAWoZOCbl7jRcC6oOO2WuqH0emVYeDFKNTOzQBl9hfMOfslDSrgB8FMEs8FY1
MlJO2QLyWmiOGcBasOrRYwTFFK5LssTAexpOf+jjFmIdAYjNPrbCTeR/+5wOAiIy
inIhsu1usG730/w16HrME4xIiYXg1VlyON0eAWv9ga9RhDmHmaHRJKszbzxLI79r
7qusdkF9MgtBnhRwBOC94TUEMWn8AbpYPogqXjyb+k7chHEgUdi5
-----END CERTIFICATE-----
Generated at Sun Aug 10 18:11:46 2025 by rpki-client