Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zApogsM3wQj9narTfcznfWq1dXo.roa
File: zApogsM3wQj9narTfcznfWq1dXo.roa (raw, json)
Hash identifier: 1tg1q8PEOxBvvA0QAQP8MTd3rfrMbFvAfVfpg3Is4go=
Subject key identifier: CC:0A:68:82:C3:37:C1:08:FD:9D:AA:D3:7D:CC:E7:7D:6A:B5:75:7A
Certificate issuer: /CN=cdaaa0e082360360acda347664eb8314eb11da10
Certificate serial: 019A488E1840C171A721E95FF55E43CA9030
Authority key identifier: CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zApogsM3wQj9narTfcznfWq1dXo.roa
Signing time: Mon 03 Nov 2025 07:11:03 +0000
ROA not before: Mon 03 Nov 2025 07:11:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 61317
IP address blocks: 2.58.171.0/24 maxlen: 24
88.209.192.0/24 maxlen: 24
88.209.222.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.mft
rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 03:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:8e:18:40:c1:71:a7:21:e9:5f:f5:5e:43:ca:90:30
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cdaaa0e082360360acda347664eb8314eb11da10
Validity
Not Before: Nov 3 07:11:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=cc0a6882c337c108fd9daad37dcce77d6ab5757a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b1:ea:09:f3:d7:5e:3a:bd:03:07:8e:67:fe:2b:
2a:53:6f:40:0c:6a:45:9d:a0:da:bd:43:3f:e4:7b:
3f:38:fe:19:29:5b:dc:0f:e2:7e:09:42:a9:35:78:
cc:5e:9d:93:ec:7f:e4:48:03:a7:94:aa:89:6e:6c:
07:8e:dc:12:9b:ae:e0:2c:8f:e2:83:23:41:a5:05:
a6:47:0f:b8:ff:df:cc:08:e8:76:9d:12:fa:7d:7a:
66:f6:45:ad:52:6c:6d:b5:20:d9:86:af:25:c3:c7:
cf:e6:8d:09:b0:4c:bd:5c:74:5e:fe:a4:d9:17:30:
fc:13:11:fc:e2:af:a7:86:ee:3f:a1:1f:c0:6a:68:
c5:aa:ed:fb:70:4b:c9:b6:22:2f:63:f8:38:74:3c:
f5:04:9e:6c:f4:f9:0f:c8:9d:a9:f7:41:da:c1:e4:
70:9a:89:82:a5:b6:31:b7:30:f0:b7:11:2d:3f:b3:
bf:1d:07:65:78:85:6f:f3:7a:93:7e:d1:5d:93:43:
76:d5:98:6d:4a:7e:45:20:b0:52:a1:68:71:3e:96:
1e:6e:4f:b0:17:6f:27:21:93:74:cc:8c:d7:44:29:
63:84:36:c5:f0:c1:1a:74:0f:9c:7d:6e:ae:17:a7:
46:26:1d:dd:3e:41:b5:5d:d5:56:0d:1c:ed:d0:6d:
b1:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
CC:0A:68:82:C3:37:C1:08:FD:9D:AA:D3:7D:CC:E7:7D:6A:B5:75:7A
X509v3 Authority Key Identifier:
keyid:CD:AA:A0:E0:82:36:03:60:AC:DA:34:76:64:EB:83:14:EB:11:DA:10
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zApogsM3wQj9narTfcznfWq1dXo.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/dd/589127-1096-4c91-96cc-7e4d6f6f6e66/1/zaqg4II2A2Cs2jR2ZOuDFOsR2hA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
2.58.171.0/24
88.209.192.0/24
88.209.222.0/24
Signature Algorithm: sha256WithRSAEncryption
5d:6e:5e:df:ee:5b:96:ee:2b:11:1b:b9:69:42:0f:a3:01:23:
e2:1d:74:71:49:0b:ce:a5:08:07:41:9f:42:81:0d:d9:5d:1a:
2b:77:cd:f0:6d:ee:d2:97:d1:25:cb:63:69:83:59:dd:f1:09:
2c:db:4e:74:c4:b0:27:3c:0e:9d:08:66:15:4e:d5:43:e5:f1:
d9:80:4a:ca:db:6a:a3:89:97:6f:a9:36:cc:f5:f7:7a:5b:4a:
93:56:37:be:10:ef:ef:37:2e:eb:59:e2:a3:ac:bb:d9:f6:60:
ad:ff:19:ca:f2:ba:27:dc:71:89:0e:fa:31:a7:33:9f:1c:d9:
69:8b:b0:9e:93:db:cf:7e:51:a5:a0:52:4e:68:35:49:07:45:
dd:8b:d4:0f:6b:61:eb:c7:b2:12:44:c9:a5:82:fa:a5:d9:df:
d8:ab:43:cc:f7:a5:ac:19:a9:14:d1:a7:75:88:7e:cf:c5:0f:
d8:49:1a:60:51:ce:f9:a2:60:71:bc:c0:b7:de:90:e1:d2:26:
e6:01:c1:f5:a7:6a:91:b3:2d:b9:d8:b4:21:d8:98:c3:a4:ee:
35:a1:9c:ba:53:87:97:40:5c:1e:1b:14:17:ec:20:e0:ee:f7:
ec:ab:e1:da:cf:c4:63:6e:b4:5b:19:a1:90:d4:0d:82:5d:80:
d6:93:a5:e7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZpIjhhAwXGnIelf9V5DypAwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkYWFhMGUwODIzNjAzNjBhY2RhMzQ3NjY0ZWI4MzE0ZWIx
MWRhMTAwHhcNMjUxMTAzMDcxMTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhjYzBhNjg4MmMzMzdjMTA4ZmQ5ZGFhZDM3ZGNjZTc3ZDZhYjU3NTdhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAseoJ89deOr0DB45n/isqU29ADGpF
naDavUM/5Hs/OP4ZKVvcD+J+CUKpNXjMXp2T7H/kSAOnlKqJbmwHjtwSm67gLI/i
gyNBpQWmRw+4/9/MCOh2nRL6fXpm9kWtUmxttSDZhq8lw8fP5o0JsEy9XHRe/qTZ
FzD8ExH84q+nhu4/oR/AamjFqu37cEvJtiIvY/g4dDz1BJ5s9PkPyJ2p90HaweRw
momCpbYxtzDwtxEtP7O/HQdleIVv83qTftFdk0N21ZhtSn5FILBSoWhxPpYebk+w
F28nIZN0zIzXRCljhDbF8MEadA+cfW6uF6dGJh3dPkG1XdVWDRzt0G2xIwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFMwKaILDN8EI/Z2q033M531qtXV6MB8GA1UdIwQY
MBaAFM2qoOCCNgNgrNo0dmTrgxTrEdoQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2Mt
N2U0ZDZmNmY2ZTY2LzEvekFwb2dzTTN3UWo5bmFyVGZjem5mV3ExZFhvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kZC81ODkxMjctMTA5Ni00YzkxLTk2Y2MtN2U0ZDZmNmY2ZTY2
LzEvemFxZzRJSTJBMkNzMmpSMlpPdURGT3NSMmhBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAAjqrAwQA
WNHAAwQAWNHeMA0GCSqGSIb3DQEBCwUAA4IBAQBdbl7f7luW7isRG7lpQg+jASPi
HXRxSQvOpQgHQZ9CgQ3ZXRord83wbe7Sl9Ely2Npg1nd8Qks2050xLAnPA6dCGYV
TtVD5fHZgErK22qjiZdvqTbM9fd6W0qTVje+EO/vNy7rWeKjrLvZ9mCt/xnK8ron
3HGJDvoxpzOfHNlpi7Cek9vPflGloFJOaDVJB0Xdi9QPa2Hrx7ISRMmlgvql2d/Y
q0PM96WsGakU0ad1iH7PxQ/YSRpgUc75omBxvMC33pDh0ibmAcH1p2qRsy252LQh
2JjDpO41oZy6U4eXQFweGxQX7CDg7vfsq+Haz8RjbrRbGaGQ1A2CXYDWk6Xn
-----END CERTIFICATE-----
Generated at Wed Nov 5 10:55:58 2025 by rpki-client