Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zaK7g2klAtwCGQFnfe_zrOgOJdA.roa
File: zaK7g2klAtwCGQFnfe_zrOgOJdA.roa (raw, json)
Hash identifier: tBmARlQQAzmv3v9ImSbiUoVw1kndaC1qx7ql+RM5QpU=
Subject key identifier: CD:A2:BB:83:69:25:02:DC:02:19:01:67:7D:EF:F3:AC:E8:0E:25:D0
Certificate issuer: /CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Certificate serial: 019855483A4A3E7388CABEBC95A12047FBB5
Authority key identifier: 6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zaK7g2klAtwCGQFnfe_zrOgOJdA.roa
Signing time: Tue 29 Jul 2025 08:24:13 +0000
ROA not before: Tue 29 Jul 2025 08:24:13 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8772
IP address blocks: 94.131.0.0/23 maxlen: 23
94.131.0.0/24 maxlen: 24
94.131.4.0/24 maxlen: 24
94.131.6.0/24 maxlen: 24
94.131.7.0/24 maxlen: 24
94.131.21.0/24 maxlen: 24
94.131.22.0/24 maxlen: 24
94.131.124.0/24 maxlen: 24
94.131.127.0/24 maxlen: 24
195.214.213.0/24 maxlen: 24
195.214.214.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.mft
rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 20:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:55:48:3a:4a:3e:73:88:ca:be:bc:95:a1:20:47:fb:b5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6d743ed63e868ef50f6d84c0003a83483fc62a03
Validity
Not Before: Jul 29 08:24:13 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cda2bb83692502dc021901677deff3ace80e25d0
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:8a:93:ca:29:60:6a:0f:86:5d:93:7a:8d:67:
9b:44:8f:13:76:c4:de:ed:ce:0d:33:7e:ab:70:ca:
b6:5b:b5:89:c9:da:6b:19:98:68:59:9c:1b:04:2c:
e9:39:10:95:fa:37:82:2f:d6:39:4b:e0:02:57:02:
60:44:fb:75:2e:ea:30:5c:a8:9b:0e:01:cf:ae:17:
ed:66:22:9d:c6:2e:8f:e3:fa:60:41:1f:02:49:12:
a0:f5:57:2a:c6:57:0c:9b:d7:64:33:1c:5a:c1:66:
cf:c1:e6:af:ad:57:b5:54:b7:7e:e7:07:24:6f:95:
a6:d9:40:d6:9e:84:76:e2:dc:43:3e:db:9a:16:2f:
8d:33:88:e9:69:67:c8:90:5a:41:37:55:8d:8f:29:
0d:14:d3:a3:d2:2b:a1:a5:4c:15:42:9b:0f:20:df:
17:3f:15:e6:cb:d9:c9:5e:42:66:80:2f:36:b7:b9:
ff:9b:a6:0a:ac:41:ba:e9:46:2a:37:56:ec:4d:f5:
ec:f6:80:b8:75:7a:70:50:2b:aa:5a:33:8f:b3:f2:
a3:c0:74:f6:37:14:5a:d0:d0:92:53:0a:29:8f:eb:
76:1a:e6:be:a7:5b:0c:11:44:50:1c:86:c0:03:8d:
93:2e:63:50:72:a2:2d:a0:8a:18:e0:48:7a:87:55:
63:1f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CD:A2:BB:83:69:25:02:DC:02:19:01:67:7D:EF:F3:AC:E8:0E:25:D0
X509v3 Authority Key Identifier:
keyid:6D:74:3E:D6:3E:86:8E:F5:0F:6D:84:C0:00:3A:83:48:3F:C6:2A:03
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/bXQ-1j6GjvUPbYTAADqDSD_GKgM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/zaK7g2klAtwCGQFnfe_zrOgOJdA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2d/e05352-f148-40a0-87a4-e9724a7a6bc8/1/bXQ-1j6GjvUPbYTAADqDSD_GKgM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
94.131.0.0/23
94.131.4.0/24
94.131.6.0/23
94.131.21.0-94.131.22.255
94.131.124.0/24
94.131.127.0/24
195.214.213.0-195.214.214.255
Signature Algorithm: sha256WithRSAEncryption
1b:8c:58:f0:ae:05:0c:aa:e0:53:74:eb:3c:41:42:06:74:1d:
06:71:ec:e0:e2:5e:11:ce:e7:66:9a:15:29:b7:d9:59:97:f2:
7b:d1:f0:d8:f7:11:31:32:36:80:01:80:11:57:fd:35:9a:53:
7d:b6:1e:a3:d3:7e:33:87:d6:1b:a3:12:68:94:d4:ee:89:6b:
7e:2c:2b:a6:15:19:c0:c0:08:00:ca:b3:60:98:ff:6e:cf:5a:
30:f9:d8:62:98:32:15:0f:cb:73:a5:92:06:17:a6:0f:e8:5a:
f7:76:d8:24:97:3e:e0:67:73:66:31:47:0f:10:58:60:b1:2e:
d2:f3:28:39:7f:89:3e:9f:2f:2f:2a:ba:01:27:2d:5a:78:0f:
f7:a8:c5:a2:24:78:1f:e7:63:fc:f5:89:9b:17:04:91:b5:4e:
cc:ca:cd:7f:1f:c3:a4:e7:86:15:3a:bc:45:45:f5:a6:ab:0a:
a6:49:13:b8:dd:5f:2e:85:a6:87:d8:2f:6e:b7:c8:79:35:6b:
41:03:be:00:09:a3:5e:4d:dd:6c:d9:fe:68:85:fe:a0:38:9b:
3c:11:e3:0d:48:90:46:99:56:da:8e:b2:79:b8:13:6e:15:86:
96:9b:18:ad:8d:22:f1:4b:34:1b:7c:9b:de:5c:0e:18:4c:d9:
b9:74:97:dc
-----BEGIN CERTIFICATE-----
MIIFMTCCBBmgAwIBAgISAZhVSDpKPnOIyr68laEgR/u1MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDZkNzQzZWQ2M2U4NjhlZjUwZjZkODRjMDAwM2E4MzQ4M2Zj
NjJhMDMwHhcNMjUwNzI5MDgyNDEzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZGEyYmI4MzY5MjUwMmRjMDIxOTAxNjc3ZGVmZjNhY2U4MGUyNWQwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzIqTyilgag+GXZN6jWebRI8TdsTe
7c4NM36rcMq2W7WJydprGZhoWZwbBCzpORCV+jeCL9Y5S+ACVwJgRPt1LuowXKib
DgHPrhftZiKdxi6P4/pgQR8CSRKg9VcqxlcMm9dkMxxawWbPweavrVe1VLd+5wck
b5Wm2UDWnoR24txDPtuaFi+NM4jpaWfIkFpBN1WNjykNFNOj0iuhpUwVQpsPIN8X
PxXmy9nJXkJmgC82t7n/m6YKrEG66UYqN1bsTfXs9oC4dXpwUCuqWjOPs/KjwHT2
NxRa0NCSUwopj+t2Gua+p1sMEURQHIbAA42TLmNQcqItoIoY4Eh6h1VjHwIDAQAB
o4ICPTCCAjkwHQYDVR0OBBYEFM2iu4NpJQLcAhkBZ33v86zoDiXQMB8GA1UdIwQY
MBaAFG10PtY+ho71D22EwAA6g0g/xioDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQt
ZTk3MjRhN2E2YmM4LzEvemFLN2cya2xBdHdDR1FGbmZlX3pyT2dPSmRBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZC9lMDUzNTItZjE0OC00MGEwLTg3YTQtZTk3MjRhN2E2YmM4
LzEvYlhRLTFqNkdqdlVQYllUQUFEcURTRF9HS2dNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFMGCCsGAQUFBwEHAQH/BEQwQjBABAIAATA6AwQBXoMAAwQA
XoMEAwQBXoMGMAwDBABegxUDBABegxYDBABeg3wDBABeg38wDAMEAMPW1QMEAMPW
1jANBgkqhkiG9w0BAQsFAAOCAQEAG4xY8K4FDKrgU3TrPEFCBnQdBnHs4OJeEc7n
ZpoVKbfZWZfye9Hw2PcRMTI2gAGAEVf9NZpTfbYeo9N+M4fWG6MSaJTU7olrfiwr
phUZwMAIAMqzYJj/bs9aMPnYYpgyFQ/Lc6WSBhemD+ha93bYJJc+4GdzZjFHDxBY
YLEu0vMoOX+JPp8vLyq6ASctWngP96jFoiR4H+dj/PWJmxcEkbVOzMrNfx/DpOeG
FTq8RUX1pqsKpkkTuN1fLoWmh9gvbrfIeTVrQQO+AAmjXk3dbNn+aIX+oDibPBHj
DUiQRplW2o6yebgTbhWGlpsYrY0i8Us0G3yb3lwOGEzZuXSX3A==
-----END CERTIFICATE-----
Generated at Wed Aug 6 05:59:18 2025 by rpki-client