Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/cZOo7tUTiwmQVDcPszMv__Go-gU.roa
File: cZOo7tUTiwmQVDcPszMv__Go-gU.roa (raw, json)
Hash identifier: JxUz5FxweK7KXv6E5Wh3T79HWbUgQcVmiUYjFSnulR8=
Subject key identifier: 71:93:A8:EE:D5:13:8B:09:90:54:37:0F:B3:33:2F:FF:F1:A8:FA:05
Certificate issuer: /CN=2f3136ed10998580a517d9598abca33d9ba66599
Certificate serial: 01975E554E87170D91A3726249C54FDBCA45
Authority key identifier: 2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/cZOo7tUTiwmQVDcPszMv__Go-gU.roa
Signing time: Wed 11 Jun 2025 09:32:18 +0000
ROA not before: Wed 11 Jun 2025 09:32:18 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16509
IP address blocks: 145.224.128.0/20 maxlen: 24
145.224.144.0/20 maxlen: 24
145.224.160.0/20 maxlen: 24
145.224.176.0/20 maxlen: 24
145.224.192.0/19 maxlen: 24
145.224.192.0/24 maxlen: 24
163.76.128.0/20 maxlen: 24
163.76.144.0/20 maxlen: 24
163.76.160.0/20 maxlen: 24
163.76.176.0/20 maxlen: 24
2a03:5d67::/32 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.mft
rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 15 Jun 2025 00:00:31 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:5e:55:4e:87:17:0d:91:a3:72:62:49:c5:4f:db:ca:45
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2f3136ed10998580a517d9598abca33d9ba66599
Validity
Not Before: Jun 11 09:32:18 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7193a8eed5138b099054370fb3332ffff1a8fa05
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e1:83:ad:3b:ab:cc:99:ac:80:ab:0d:62:55:60:
39:aa:d3:c2:4d:e6:58:86:d3:ee:4c:97:89:66:88:
ec:b0:e6:6e:0e:da:de:ed:95:8e:eb:57:c4:86:4c:
4f:6f:94:a4:3f:a2:2a:97:df:4b:8e:b1:94:e7:ac:
dd:2a:cd:a6:8a:ad:1e:b8:35:7f:d9:d7:9c:c3:ac:
3e:81:f9:d5:a4:23:25:8f:40:43:0b:d5:48:75:b6:
61:14:b9:f7:49:0d:63:fd:2b:8d:52:f1:ca:e0:49:
cb:5f:3e:75:35:b7:a6:6b:92:e9:89:06:79:0d:c8:
9a:03:7c:89:82:4b:90:ca:b2:77:15:49:fc:14:75:
82:4b:09:6d:5c:9c:41:9e:fd:a1:e2:22:63:11:6f:
66:95:48:eb:73:bc:68:cd:10:40:72:a2:f5:55:67:
ba:2b:37:0a:fd:e7:fd:38:dd:f5:b1:85:41:2b:cb:
6e:2c:5f:7a:c9:bb:27:09:52:f8:6b:f0:ee:72:e5:
16:09:d2:d9:01:f3:9c:f5:70:bd:81:ac:92:4e:a5:
95:47:24:70:94:32:d2:a9:e8:03:c1:30:54:6d:23:
0d:98:20:95:6f:33:ec:6a:26:38:4c:e7:4b:be:c2:
0a:54:c7:f1:6d:2d:1c:7f:34:4a:75:e0:3b:20:2c:
a9:e3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:93:A8:EE:D5:13:8B:09:90:54:37:0F:B3:33:2F:FF:F1:A8:FA:05
X509v3 Authority Key Identifier:
keyid:2F:31:36:ED:10:99:85:80:A5:17:D9:59:8A:BC:A3:3D:9B:A6:65:99
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LzE27RCZhYClF9lZiryjPZumZZk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/cZOo7tUTiwmQVDcPszMv__Go-gU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/f90d83-02be-4e5f-bd0f-929f106630f1/1/LzE27RCZhYClF9lZiryjPZumZZk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
145.224.128.0-145.224.223.255
163.76.128.0/18
IPv6:
2a03:5d67::/32
Signature Algorithm: sha256WithRSAEncryption
98:a9:c4:a1:5a:d1:00:e3:b7:91:08:9d:58:ed:77:b2:e9:8a:
74:9a:7c:0b:88:b9:1a:2f:b3:81:64:90:3d:01:41:3f:02:1b:
48:d8:2f:84:cf:d1:71:79:e8:af:73:85:cc:e7:32:09:93:85:
7c:a9:71:81:0e:a6:46:51:6a:13:be:6d:7c:e8:8d:3f:76:4a:
c4:a5:3f:80:2b:51:b5:f2:37:7d:ac:8b:f7:4c:48:26:53:61:
9d:0a:2b:23:6a:fd:e4:2c:84:af:34:ce:0a:0c:d3:13:df:51:
54:14:f1:3b:47:18:6e:e4:4a:4c:82:a9:d7:05:ed:76:c9:c0:
ed:f1:69:bf:f8:4a:79:79:83:a6:66:29:0e:cf:20:83:78:db:
64:26:91:21:7d:82:31:d2:58:bc:97:52:61:df:3f:f5:34:c0:
eb:bb:e8:2c:ab:d8:49:e5:cd:f3:6d:bb:23:bd:31:f4:da:72:
f9:e8:ac:a0:da:40:a3:d4:de:f3:90:89:17:eb:a9:2e:55:36:
bb:ea:3a:98:98:02:02:39:01:48:3d:06:84:72:15:ce:f1:0f:
23:37:2c:16:78:ee:53:dd:33:ad:48:26:6b:53:c6:d7:a0:55:
83:ab:20:31:c5:4e:de:5f:dd:36:29:62:6d:7d:02:79:14:cb:
3b:f9:96:1e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZdeVU6HFw2Ro3JiScVP28pFMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJmMzEzNmVkMTA5OTg1ODBhNTE3ZDk1OThhYmNhMzNkOWJh
NjY1OTkwHhcNMjUwNjExMDkzMjE4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MTkzYThlZWQ1MTM4YjA5OTA1NDM3MGZiMzMzMmZmZmYxYThmYTA1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA4YOtO6vMmayAqw1iVWA5qtPCTeZY
htPuTJeJZojssOZuDtre7ZWO61fEhkxPb5SkP6Iql99LjrGU56zdKs2miq0euDV/
2decw6w+gfnVpCMlj0BDC9VIdbZhFLn3SQ1j/SuNUvHK4EnLXz51Nbema5LpiQZ5
DciaA3yJgkuQyrJ3FUn8FHWCSwltXJxBnv2h4iJjEW9mlUjrc7xozRBAcqL1VWe6
KzcK/ef9ON31sYVBK8tuLF96ybsnCVL4a/DucuUWCdLZAfOc9XC9gaySTqWVRyRw
lDLSqegDwTBUbSMNmCCVbzPsaiY4TOdLvsIKVMfxbS0cfzRKdeA7ICyp4wIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHGTqO7VE4sJkFQ3D7MzL//xqPoFMB8GA1UdIwQY
MBaAFC8xNu0QmYWApRfZWYq8oz2bpmWZMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYt
OTI5ZjEwNjYzMGYxLzEvY1pPbzd0VVRpd21RVkRjUHN6TXZfX0dvLWdVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC9mOTBkODMtMDJiZS00ZTVmLWJkMGYtOTI5ZjEwNjYzMGYx
LzEvTHpFMjdSQ1poWUNsRjlsWmlyeWpQWnVtWlprLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUMAwDBAeR4IAD
BAWR4MADBAajTIAwDQQCAAIwBwMFACoDXWcwDQYJKoZIhvcNAQELBQADggEBAJip
xKFa0QDjt5EInVjtd7LpinSafAuIuRovs4FkkD0BQT8CG0jYL4TP0XF56K9zhczn
MgmThXypcYEOpkZRahO+bXzojT92SsSlP4ArUbXyN32si/dMSCZTYZ0KKyNq/eQs
hK80zgoM0xPfUVQU8TtHGG7kSkyCqdcF7XbJwO3xab/4Snl5g6ZmKQ7PIIN422Qm
kSF9gjHSWLyXUmHfP/U0wOu76Cyr2EnlzfNtuyO9MfTacvnorKDaQKPU3vOQiRfr
qS5VNrvqOpiYAgI5AUg9BoRyFc7xDyM3LBZ47lPdM61IJmtTxtegVYOrIDHFTt5f
3TYpYm19AnkUyzv5lh4=
-----END CERTIFICATE-----
Generated at Sat Jun 14 06:09:45 2025 by rpki-client