Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/znoNBWia6W4C86fr-Er9zSBt3z4.roa
File: znoNBWia6W4C86fr-Er9zSBt3z4.roa (raw, json)
Hash identifier: 1cEa5kNLaAjAN6SHoWeZJLbyNheUqXOgYyH2CJfaeBo=
Subject key identifier: CE:7A:0D:05:68:9A:E9:6E:02:F3:A7:EB:F8:4A:FD:CD:20:6D:DF:3E
Certificate issuer: /CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Certificate serial: 0198856C51B6EE640EE3FEF78447F5DAF94F
Authority key identifier: FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/znoNBWia6W4C86fr-Er9zSBt3z4.roa
Signing time: Thu 07 Aug 2025 16:45:24 +0000
ROA not before: Thu 07 Aug 2025 16:45:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 7029
IP address blocks: 185.165.92.0/24 maxlen: 24
2a0d:f40::/29 maxlen: 32
2a13:80c4::/30 maxlen: 30
2a13:9244::/30 maxlen: 30
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.mft
rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 10 Aug 2025 13:02:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:85:6c:51:b6:ee:64:0e:e3:fe:f7:84:47:f5:da:f9:4f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=fc3ab55d57509cbfae798bd71aaa23b3444d8e5a
Validity
Not Before: Aug 7 16:45:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ce7a0d05689ae96e02f3a7ebf84afdcd206ddf3e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:95:88:04:b3:fa:0c:fa:da:86:e5:89:02:7c:c7:
4e:92:04:63:81:9d:17:8f:cf:76:d2:4f:84:0b:f6:
ac:12:29:00:57:6d:36:19:ac:1b:30:83:12:06:e0:
f8:69:df:dd:26:ea:17:2d:b3:15:72:19:70:58:42:
9b:a8:1e:51:a4:a0:26:d8:6e:6d:df:c3:47:10:88:
49:c2:c1:c4:2b:e0:db:71:42:eb:f2:99:e2:61:cd:
47:b4:02:a5:12:a8:e3:f7:09:2c:1b:12:b6:d6:da:
78:fe:de:59:5a:dc:48:28:cd:f3:da:81:12:42:bc:
e7:a3:6d:47:67:4c:1d:91:cf:65:52:56:ef:1e:2e:
a0:d3:36:a6:9c:f6:aa:82:8a:ef:c2:97:91:37:43:
80:55:f8:85:7f:d9:df:99:ef:ce:d1:cd:c4:18:cc:
23:21:4a:c3:77:0c:a9:d1:94:dd:cf:e6:ca:88:13:
d3:c9:a0:62:e4:9f:7a:7b:d7:43:05:a0:6f:3f:62:
dc:78:37:b7:0d:3b:17:e8:5e:02:37:3f:a5:12:0c:
c0:87:a8:bc:29:c5:cb:5a:cd:cd:1a:59:ea:59:9e:
1d:a6:d6:06:bd:a8:bf:bc:2d:b5:22:a8:6b:34:15:
78:f5:69:08:df:21:d4:43:91:3e:31:e2:56:f0:40:
36:13
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CE:7A:0D:05:68:9A:E9:6E:02:F3:A7:EB:F8:4A:FD:CD:20:6D:DF:3E
X509v3 Authority Key Identifier:
keyid:FC:3A:B5:5D:57:50:9C:BF:AE:79:8B:D7:1A:AA:23:B3:44:4D:8E:5A
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/_Dq1XVdQnL-ueYvXGqojs0RNjlo.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/znoNBWia6W4C86fr-Er9zSBt3z4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/44/729da9-eb03-451b-bfef-0c45218e7981/1/_Dq1XVdQnL-ueYvXGqojs0RNjlo.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.92.0/24
IPv6:
2a0d:f40::/29
2a13:80c4::/30
2a13:9244::/30
Signature Algorithm: sha256WithRSAEncryption
11:99:dc:8f:b8:76:6b:4e:0f:4b:8d:fc:c7:a3:ee:4f:f8:35:
e1:75:26:00:83:23:08:41:89:b6:a2:32:48:d9:15:a8:71:64:
19:b9:7f:48:7d:bb:9d:f9:89:a7:f5:e9:27:4d:a7:d6:8d:be:
87:91:a0:3e:7f:e4:6c:db:a7:7f:9d:06:2c:8d:56:77:5d:67:
0e:4b:a6:99:b0:93:f8:70:14:b1:05:96:33:4b:22:b5:29:37:
40:a8:4e:de:d2:27:3f:dd:5d:ee:7a:3f:91:1a:ff:66:4d:73:
71:db:28:11:d5:e6:7e:8e:f2:b8:d6:88:1e:8c:98:e4:fd:c3:
37:ec:0e:7d:09:bd:c9:d8:ec:fa:56:ed:57:c6:a9:aa:7e:c3:
44:06:14:93:39:1e:ea:d2:3b:66:ad:c3:00:4d:e3:62:64:2a:
d4:7d:eb:f8:ec:29:50:74:03:14:df:10:cc:94:a8:5a:ce:40:
3c:28:dc:2b:e3:42:65:03:ab:b7:3e:71:0d:db:b8:be:4d:8a:
92:a9:d5:6b:60:56:ae:09:86:7a:01:58:f9:b0:bb:e1:62:3e:
a0:01:9f:bf:29:9f:18:82:78:74:ae:60:b3:5d:07:bd:d5:25:
f8:3f:29:87:09:92:49:07:37:48:26:11:37:71:eb:3b:d5:c8:
0f:07:13:1e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZiFbFG27mQO4/73hEf12vlPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGZjM2FiNTVkNTc1MDljYmZhZTc5OGJkNzFhYWEyM2IzNDQ0
ZDhlNWEwHhcNMjUwODA3MTY0NTI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZTdhMGQwNTY4OWFlOTZlMDJmM2E3ZWJmODRhZmRjZDIwNmRkZjNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAlYgEs/oM+tqG5YkCfMdOkgRjgZ0X
j8920k+EC/asEikAV202GawbMIMSBuD4ad/dJuoXLbMVchlwWEKbqB5RpKAm2G5t
38NHEIhJwsHEK+DbcULr8pniYc1HtAKlEqjj9wksGxK21tp4/t5ZWtxIKM3z2oES
Qrzno21HZ0wdkc9lUlbvHi6g0zamnPaqgorvwpeRN0OAVfiFf9nfme/O0c3EGMwj
IUrDdwyp0ZTdz+bKiBPTyaBi5J96e9dDBaBvP2LceDe3DTsX6F4CNz+lEgzAh6i8
KcXLWs3NGlnqWZ4dptYGvai/vC21IqhrNBV49WkI3yHUQ5E+MeJW8EA2EwIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFM56DQVomuluAvOn6/hK/c0gbd8+MB8GA1UdIwQY
MBaAFPw6tV1XUJy/rnmL1xqqI7NETY5aMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYt
MGM0NTIxOGU3OTgxLzEvem5vTkJXaWE2VzRDODZmci1Fcjl6U0J0M3o0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80NC83MjlkYTktZWIwMy00NTFiLWJmZWYtMGM0NTIxOGU3OTgx
LzEvX0RxMVhWZFFuTC11ZVl2WEdxb2pzMFJOamxvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAMBAIAATAGAwQAuaVcMBsE
AgACMBUDBQMqDQ9AAwUCKhOAxAMFAioTkkQwDQYJKoZIhvcNAQELBQADggEBABGZ
3I+4dmtOD0uN/Mej7k/4NeF1JgCDIwhBibaiMkjZFahxZBm5f0h9u535iaf16SdN
p9aNvoeRoD5/5Gzbp3+dBiyNVnddZw5Lppmwk/hwFLEFljNLIrUpN0CoTt7SJz/d
Xe56P5Ea/2ZNc3HbKBHV5n6O8rjWiB6MmOT9wzfsDn0JvcnY7PpW7VfGqap+w0QG
FJM5HurSO2atwwBN42JkKtR96/jsKVB0AxTfEMyUqFrOQDwo3CvjQmUDq7c+cQ3b
uL5NipKp1WtgVq4JhnoBWPmwu+FiPqABn78pnxiCeHSuYLNdB73VJfg/KYcJkkkH
N0gmETdx6zvVyA8HEx4=
-----END CERTIFICATE-----
Generated at Sat Aug 9 22:47:22 2025 by rpki-client