Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/z1h6DBCO1s6KuoPYM870wJtUPmQ.roa
File: z1h6DBCO1s6KuoPYM870wJtUPmQ.roa (raw, json)
Hash identifier: S3E1JdRwmQPnlP93iVX42bm+z+Q8AWhyOkfBvQvY/7c=
Subject key identifier: CF:58:7A:0C:10:8E:D6:CE:8A:BA:83:D8:33:CE:F4:C0:9B:54:3E:64
Certificate issuer: /CN=c9d57447e3420b853875b6fa40372aade3192ca2
Certificate serial: 0198744B02A128519206F17FE87B0E2BBB0F
Authority key identifier: C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/z1h6DBCO1s6KuoPYM870wJtUPmQ.roa
Signing time: Mon 04 Aug 2025 08:55:29 +0000
ROA not before: Mon 04 Aug 2025 08:55:29 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42216
IP address blocks: 31.210.47.0/24 maxlen: 24
77.92.142.0/24 maxlen: 24
77.92.143.0/24 maxlen: 24
77.92.152.0/24 maxlen: 24
78.135.86.0/24 maxlen: 24
78.135.98.0/24 maxlen: 24
188.132.163.0/24 maxlen: 24
188.132.228.0/24 maxlen: 24
2a10:9440::/48 maxlen: 48
2a10:9440:1::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.mft
rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 06 Aug 2025 14:37:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:74:4b:02:a1:28:51:92:06:f1:7f:e8:7b:0e:2b:bb:0f
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c9d57447e3420b853875b6fa40372aade3192ca2
Validity
Not Before: Aug 4 08:55:29 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cf587a0c108ed6ce8aba83d833cef4c09b543e64
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d5:55:b2:ae:83:73:ba:84:ae:fd:7f:2f:82:45:
57:b8:b6:12:db:c3:b7:ad:6c:2a:ea:c2:28:8e:25:
89:d0:4c:67:25:1e:53:e0:5e:a3:c7:92:9c:56:cd:
02:b0:10:5e:78:08:15:f4:ae:e7:36:c1:e1:b3:7a:
18:38:c5:8b:11:a6:17:af:67:a5:fc:08:f0:c3:30:
1e:47:22:67:81:30:ee:3e:fc:2b:60:53:88:58:3b:
21:42:0b:44:6b:2c:b1:23:56:68:25:11:4b:46:a5:
36:f9:53:ab:1b:0b:d5:2e:ab:88:79:11:1f:3c:93:
46:fb:8d:9b:f3:76:b8:97:a9:e3:d0:63:80:0d:1f:
77:94:1a:af:32:95:29:bb:a2:f4:71:78:f4:94:09:
9b:95:a8:9c:5a:d6:67:27:e6:c9:43:b3:bf:17:f4:
c0:8a:ea:2f:9e:92:96:c1:1c:fe:9c:28:cf:8f:01:
03:43:3f:cb:73:d4:c6:82:79:5f:91:0a:37:c8:9b:
d9:df:47:1a:d5:63:e6:2c:cf:94:ca:5d:73:ff:bb:
27:b1:e0:1e:b5:40:14:3d:8b:dc:03:32:c1:55:54:
84:3b:c8:6a:4d:18:fd:4d:c2:ff:f9:59:0a:3a:45:
12:7b:58:5e:9d:f8:29:03:4b:81:00:76:26:76:35:
eb:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CF:58:7A:0C:10:8E:D6:CE:8A:BA:83:D8:33:CE:F4:C0:9B:54:3E:64
X509v3 Authority Key Identifier:
keyid:C9:D5:74:47:E3:42:0B:85:38:75:B6:FA:40:37:2A:AD:E3:19:2C:A2
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ydV0R-NCC4U4dbb6QDcqreMZLKI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/z1h6DBCO1s6KuoPYM870wJtUPmQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/4d/1586fd-fd2c-41f8-8fe9-4e198f0a6013/1/ydV0R-NCC4U4dbb6QDcqreMZLKI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
31.210.47.0/24
77.92.142.0/23
77.92.152.0/24
78.135.86.0/24
78.135.98.0/24
188.132.163.0/24
188.132.228.0/24
IPv6:
2a10:9440::/47
Signature Algorithm: sha256WithRSAEncryption
4e:cc:58:1e:23:cf:11:09:7e:23:a2:b4:8a:d4:64:26:1a:57:
ee:8c:4b:13:30:ec:4f:13:86:9d:3c:01:1f:e7:6c:57:47:25:
69:bd:a0:32:51:3c:94:11:7f:20:b4:7e:61:0c:ba:1a:12:8e:
7d:f7:b7:69:fe:d1:46:df:dd:03:74:8b:b2:20:7c:ba:73:99:
b3:46:6b:8a:1f:e7:24:82:a3:d0:42:6e:9c:f8:73:a6:9e:f8:
09:77:01:68:dc:59:2a:07:1d:8e:a3:b7:80:b1:cb:72:02:91:
cd:46:4d:2f:0a:93:8a:29:5a:5c:5d:72:4d:26:bc:77:45:4d:
6e:f8:ca:b9:c9:84:3b:6c:5c:51:d9:b6:27:d1:e5:b2:ba:d0:
e2:c9:6a:34:00:3e:cf:64:3a:63:5f:9a:ed:5d:1f:30:93:b9:
d4:70:68:24:c1:dc:af:2b:a3:d2:b2:46:c0:ad:c7:05:91:6a:
6a:28:8f:f1:eb:2a:b8:25:41:3b:e6:33:b0:23:19:06:42:41:
70:dd:31:b7:df:da:f4:42:b7:e7:de:7f:26:3c:89:af:ee:18:
06:5f:ae:2e:b3:ec:88:1e:9e:52:5e:3b:1e:ff:15:9b:83:fd:
0c:0c:7e:3f:a9:16:4e:6b:bb:8c:68:01:b7:55:5e:a7:22:8e:
3f:b7:b2:8a
-----BEGIN CERTIFICATE-----
MIIFMjCCBBqgAwIBAgISAZh0SwKhKFGSBvF/6HsOK7sPMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM5ZDU3NDQ3ZTM0MjBiODUzODc1YjZmYTQwMzcyYWFkZTMx
OTJjYTIwHhcNMjUwODA0MDg1NTI5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjZjU4N2EwYzEwOGVkNmNlOGFiYTgzZDgzM2NlZjRjMDliNTQzZTY0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1VWyroNzuoSu/X8vgkVXuLYS28O3
rWwq6sIojiWJ0ExnJR5T4F6jx5KcVs0CsBBeeAgV9K7nNsHhs3oYOMWLEaYXr2el
/AjwwzAeRyJngTDuPvwrYFOIWDshQgtEayyxI1ZoJRFLRqU2+VOrGwvVLquIeREf
PJNG+42b83a4l6nj0GOADR93lBqvMpUpu6L0cXj0lAmblaicWtZnJ+bJQ7O/F/TA
iuovnpKWwRz+nCjPjwEDQz/Lc9TGgnlfkQo3yJvZ30ca1WPmLM+Uyl1z/7snseAe
tUAUPYvcAzLBVVSEO8hqTRj9TcL/+VkKOkUSe1henfgpA0uBAHYmdjXr8QIDAQAB
o4ICPjCCAjowHQYDVR0OBBYEFM9YegwQjtbOirqD2DPO9MCbVD5kMB8GA1UdIwQY
MBaAFMnVdEfjQguFOHW2+kA3Kq3jGSyiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTkt
NGUxOThmMGE2MDEzLzEvejFoNkRCQ08xczZLdW9QWU04NzB3SnRVUG1RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80ZC8xNTg2ZmQtZmQyYy00MWY4LThmZTktNGUxOThmMGE2MDEz
LzEveWRWMFItTkNDNFU0ZGJiNlFEY3FyZU1aTEtJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFQGCCsGAQUFBwEHAQH/BEUwQzAwBAIAATAqAwQAH9IvAwQB
TVyOAwQATVyYAwQATodWAwQATodiAwQAvISjAwQAvITkMA8EAgACMAkDBwEqEJRA
AAAwDQYJKoZIhvcNAQELBQADggEBAE7MWB4jzxEJfiOitIrUZCYaV+6MSxMw7E8T
hp08AR/nbFdHJWm9oDJRPJQRfyC0fmEMuhoSjn33t2n+0Ubf3QN0i7IgfLpzmbNG
a4of5ySCo9BCbpz4c6ae+Al3AWjcWSoHHY6jt4Cxy3ICkc1GTS8Kk4opWlxdck0m
vHdFTW74yrnJhDtsXFHZtifR5bK60OLJajQAPs9kOmNfmu1dHzCTudRwaCTB3K8r
o9KyRsCtxwWRamooj/HrKrglQTvmM7AjGQZCQXDdMbff2vRCt+fefyY8ia/uGAZf
ri6z7IgenlJeOx7/FZuD/QwMfj+pFk5ru4xoAbdVXqcijj+3soo=
-----END CERTIFICATE-----
Generated at Tue Aug 5 23:06:18 2025 by rpki-client