Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/15pjcL48pkWZSvyXnDWjH3srMzQ.roa
File: 15pjcL48pkWZSvyXnDWjH3srMzQ.roa (raw, json)
Hash identifier: dmd97hcLtSzZy7Qz5O/ccY1dtF/UXlYHWlHQGTz9cV0=
Subject key identifier: D7:9A:63:70:BE:3C:A6:45:99:4A:FC:97:9C:35:A3:1F:7B:2B:33:34
Certificate issuer: /CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Certificate serial: 01997662B29F7D9EFCF762044D3B262C2578
Authority key identifier: 4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/15pjcL48pkWZSvyXnDWjH3srMzQ.roa
Signing time: Tue 23 Sep 2025 11:43:23 +0000
ROA not before: Tue 23 Sep 2025 11:43:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8649
IP address blocks: 176.65.144.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.mft
rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:76:62:b2:9f:7d:9e:fc:f7:62:04:4d:3b:26:2c:25:78
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=4ca66f3c0f25774e696d2a46723277eb961128c3
Validity
Not Before: Sep 23 11:43:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d79a6370be3ca645994afc979c35a31f7b2b3334
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:12:8a:69:ab:46:88:db:6f:d2:eb:8a:c9:a5:
8f:3c:a7:eb:e3:15:fe:c7:8e:66:62:ce:52:39:df:
ca:52:ff:0b:87:fb:01:50:dc:fe:d4:76:2d:20:a9:
24:1b:68:94:99:53:04:e4:26:d8:3b:7d:a3:10:79:
6e:89:63:08:78:74:83:44:4e:52:4a:5e:aa:c1:43:
1d:5f:3f:68:e5:b9:5d:11:f8:06:36:a2:19:65:34:
dd:29:47:b6:af:52:07:14:9c:9a:49:53:85:8d:9c:
ca:fe:c7:47:3d:59:8b:26:13:b1:4b:fc:82:13:3e:
21:92:11:24:70:00:ec:6d:9f:82:3d:05:69:f6:06:
5b:65:0b:50:9a:9a:95:71:c9:d2:53:b0:1a:2a:7c:
fe:d2:a8:15:0f:e1:52:fd:34:c7:ba:5d:8c:de:25:
33:e6:8e:11:09:e5:a3:80:7d:31:f2:4f:71:9d:fa:
72:8d:7c:7f:ab:fe:30:db:f8:3f:69:80:b2:f9:a6:
e2:43:6d:33:ff:f5:95:ee:15:e0:3e:b8:76:a2:9e:
af:1a:be:fc:8f:ba:67:72:33:1c:87:56:d6:01:45:
f6:66:fc:ab:67:d9:11:ba:2b:5e:0e:de:62:11:89:
7d:51:11:d2:50:c9:cd:90:da:44:36:dd:4b:0a:b0:
c3:4f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9A:63:70:BE:3C:A6:45:99:4A:FC:97:9C:35:A3:1F:7B:2B:33:34
X509v3 Authority Key Identifier:
keyid:4C:A6:6F:3C:0F:25:77:4E:69:6D:2A:46:72:32:77:EB:96:11:28:C3
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/TKZvPA8ld05pbSpGcjJ365YRKMM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/15pjcL48pkWZSvyXnDWjH3srMzQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/17/204017-f046-4b69-b3e5-319b0c874440/1/TKZvPA8ld05pbSpGcjJ365YRKMM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.65.144.0/24
Signature Algorithm: sha256WithRSAEncryption
52:69:8a:5e:86:e8:b6:16:76:3e:0e:3c:3a:da:7b:b0:bf:d2:
da:ec:fc:1e:83:8b:40:52:00:7d:cc:78:3b:89:e7:75:99:5b:
4d:01:56:99:85:cd:2d:fd:39:b2:ea:32:44:16:3e:df:61:a6:
9c:e3:2c:5c:cd:bd:bf:18:44:14:41:68:b9:33:46:8b:f3:f6:
00:46:30:1e:72:31:2a:c2:be:f5:2c:fe:a7:5e:c5:c5:e3:6e:
fc:1b:96:f5:e5:fb:da:86:69:1e:df:61:e6:9b:e2:22:3f:20:
43:ac:c4:04:07:b2:d5:a6:21:4f:54:0e:d8:3c:95:45:88:2b:
ca:22:60:1f:57:c4:fa:ef:b8:b1:d9:3b:f0:b5:cb:a4:45:e4:
64:22:88:cb:d8:3f:ec:5c:db:c3:9c:f0:40:ae:4b:e8:ea:9b:
b5:94:b8:ad:5f:5e:da:2a:d3:df:d4:14:5d:af:fe:e7:0b:21:
2c:4b:a7:9d:16:e3:bc:1e:a1:94:c8:51:ab:44:cf:55:7b:25:
98:13:a7:d4:0e:4c:ce:8a:df:08:6b:ef:ba:f7:3e:b9:e9:1e:
91:d6:a9:ab:1d:b1:4f:73:a1:e2:7a:4f:d9:97:6f:d8:2b:38:
0b:53:a7:14:1c:56:89:0c:73:a2:d8:7a:7a:93:c1:d7:12:80:
5f:c5:bf:f4
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZl2YrKffZ7892IETTsmLCV4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDRjYTY2ZjNjMGYyNTc3NGU2OTZkMmE0NjcyMzI3N2ViOTYx
MTI4YzMwHhcNMjUwOTIzMTE0MzIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzlhNjM3MGJlM2NhNjQ1OTk0YWZjOTc5YzM1YTMxZjdiMmIzMzM0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAsBKKaatGiNtv0uuKyaWPPKfr4xX+
x45mYs5SOd/KUv8Lh/sBUNz+1HYtIKkkG2iUmVME5CbYO32jEHluiWMIeHSDRE5S
Sl6qwUMdXz9o5bldEfgGNqIZZTTdKUe2r1IHFJyaSVOFjZzK/sdHPVmLJhOxS/yC
Ez4hkhEkcADsbZ+CPQVp9gZbZQtQmpqVccnSU7AaKnz+0qgVD+FS/TTHul2M3iUz
5o4RCeWjgH0x8k9xnfpyjXx/q/4w2/g/aYCy+abiQ20z//WV7hXgPrh2op6vGr78
j7pncjMch1bWAUX2ZvyrZ9kRuiteDt5iEYl9URHSUMnNkNpENt1LCrDDTwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFNeaY3C+PKZFmUr8l5w1ox97KzM0MB8GA1UdIwQY
MBaAFEymbzwPJXdOaW0qRnIyd+uWESjDMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUt
MzE5YjBjODc0NDQwLzEvMTVwamNMNDhwa1daU3Z5WG5EV2pIM3NyTXpRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xNy8yMDQwMTctZjA0Ni00YjY5LWIzZTUtMzE5YjBjODc0NDQw
LzEvVEtadlBBOGxkMDVwYlNwR2NqSjM2NVlSS01NLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsEGQMA0G
CSqGSIb3DQEBCwUAA4IBAQBSaYpehui2FnY+Djw62nuwv9La7Pweg4tAUgB9zHg7
ied1mVtNAVaZhc0t/Tmy6jJEFj7fYaac4yxczb2/GEQUQWi5M0aL8/YARjAecjEq
wr71LP6nXsXF4278G5b15fvahmke32Hmm+IiPyBDrMQEB7LVpiFPVA7YPJVFiCvK
ImAfV8T677ix2TvwtcukReRkIojL2D/sXNvDnPBArkvo6pu1lLitX17aKtPf1BRd
r/7nCyEsS6edFuO8HqGUyFGrRM9VeyWYE6fUDkzOit8Ia++69z656R6R1qmrHbFP
c6Hiek/Zl2/YKzgLU6cUHFaJDHOi2Hp6k8HXEoBfxb/0
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:49:24 2025 by rpki-client