Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/riKZEG-JM0WQarPYpauDaEJJnfw.roa
File: riKZEG-JM0WQarPYpauDaEJJnfw.roa (raw, json)
Hash identifier: LQZ0TkZ5ipH4SRJe2Fiu7ctfwjxOT3UFQOvQA4Mual8=
Subject key identifier: AE:22:99:10:6F:89:33:45:90:6A:B3:D8:A5:AB:83:68:42:49:9D:FC
Certificate issuer: /CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Certificate serial: 0199E653D648A670DF2C59D39DD2FC9B40F6
Authority key identifier: 06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/riKZEG-JM0WQarPYpauDaEJJnfw.roa
Signing time: Wed 15 Oct 2025 05:24:38 +0000
ROA not before: Wed 15 Oct 2025 05:24:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 213636
IP address blocks: 195.66.101.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/BlpHDbq5wcM08PhfQXzRqkJenxM.crl
rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/BlpHDbq5wcM08PhfQXzRqkJenxM.mft
rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e6:53:d6:48:a6:70:df:2c:59:d3:9d:d2:fc:9b:40:f6
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=065a470dbab9c1c334f0f85f417cd1aa425e9f13
Validity
Not Before: Oct 15 05:24:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=ae2299106f893345906ab3d8a5ab836842499dfc
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:0e:c4:d1:aa:8c:3d:84:90:87:3a:8f:6b:a5:
f0:80:08:c1:26:90:99:e9:34:df:e5:24:59:84:59:
35:57:6b:64:16:3f:c4:dd:89:c5:f0:a6:53:00:c7:
c2:09:94:e6:ed:7a:f4:ef:09:8e:6a:f3:c5:ac:d5:
83:91:b3:57:b5:85:d6:ee:ea:cf:68:fb:8d:43:e0:
79:1e:69:a0:5f:2d:c8:5b:04:88:52:be:98:db:2a:
54:ad:3a:61:e7:34:17:c6:3b:be:f8:19:dc:7c:4b:
34:69:7e:71:12:5b:4f:ca:28:47:2f:ea:3d:47:bd:
96:ff:4e:e8:d3:67:b0:03:b6:47:6c:0d:05:cf:4c:
f3:c3:dc:7b:72:f9:2d:1d:8c:38:28:95:e2:70:a0:
73:62:85:44:22:3a:d1:25:d7:a4:74:a0:17:ec:3d:
7b:09:8e:bb:57:2f:39:58:ae:65:49:05:da:b9:74:
0b:45:d3:ca:97:94:70:21:e1:2b:6b:9f:9a:a3:4c:
33:9c:08:74:42:4c:73:d4:9a:0b:5f:75:5b:40:f3:
36:a8:0e:f8:03:4c:02:94:cf:82:d0:4a:9c:6e:3e:
91:56:ce:66:96:ba:9e:1a:0c:bb:42:3b:3d:95:30:
a1:f2:c2:e7:d6:ca:26:4a:23:e7:82:ca:72:1a:57:
1b:29
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:22:99:10:6F:89:33:45:90:6A:B3:D8:A5:AB:83:68:42:49:9D:FC
X509v3 Authority Key Identifier:
keyid:06:5A:47:0D:BA:B9:C1:C3:34:F0:F8:5F:41:7C:D1:AA:42:5E:9F:13
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/BlpHDbq5wcM08PhfQXzRqkJenxM.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/riKZEG-JM0WQarPYpauDaEJJnfw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/1c/375a67-8c4e-4a46-99cc-65078a7f65b8/1/BlpHDbq5wcM08PhfQXzRqkJenxM.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.66.101.0/24
Signature Algorithm: sha256WithRSAEncryption
7c:56:12:ef:c4:42:18:61:a3:9b:92:73:38:82:2d:b1:2b:dc:
32:15:3e:22:ca:22:17:83:82:6b:d0:69:2f:00:10:6f:71:3b:
29:c9:d9:0c:b9:1f:da:eb:8e:cd:0d:d4:21:ea:0f:24:31:0a:
ef:9f:ed:9f:40:80:8d:51:78:d0:f4:3e:9f:c3:4e:3a:3f:43:
ac:39:c4:52:d5:ee:0a:04:54:1d:d2:bb:5b:ab:85:35:6c:8a:
37:50:b7:9b:6d:c9:83:e8:6f:b9:87:eb:c7:f9:31:ff:26:bb:
84:ee:32:a3:89:7d:8a:e5:36:1f:f0:ad:c3:d9:7b:7b:a4:1f:
b6:ea:b9:74:55:61:b7:ff:bb:5d:14:30:0d:da:6d:65:e9:28:
e7:3b:d8:59:a1:ad:7f:ed:98:9d:da:41:e2:49:5f:1f:6e:ba:
94:19:0b:52:80:fc:34:cc:31:04:87:f2:ce:7f:76:f0:16:cd:
f3:b6:12:d1:3f:32:9d:b2:7f:3d:16:16:96:d7:bb:30:9c:e5:
5e:9a:2c:fd:0b:46:57:6d:02:ee:74:21:95:3c:82:39:63:f0:
e6:21:ca:13:60:76:d7:70:c9:8a:00:c9:d9:38:e3:f5:5d:52:
a0:c6:cd:56:74:a6:6e:bc:af:eb:b4:bb:f2:05:2b:e5:5e:88:
92:12:35:7f
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnmU9ZIpnDfLFnTndL8m0D2MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA2NWE0NzBkYmFiOWMxYzMzNGYwZjg1ZjQxN2NkMWFhNDI1
ZTlmMTMwHhcNMjUxMDE1MDUyNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZTIyOTkxMDZmODkzMzQ1OTA2YWIzZDhhNWFiODM2ODQyNDk5ZGZjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5Q7E0aqMPYSQhzqPa6XwgAjBJpCZ
6TTf5SRZhFk1V2tkFj/E3YnF8KZTAMfCCZTm7Xr07wmOavPFrNWDkbNXtYXW7urP
aPuNQ+B5HmmgXy3IWwSIUr6Y2ypUrTph5zQXxju++BncfEs0aX5xEltPyihHL+o9
R72W/07o02ewA7ZHbA0Fz0zzw9x7cvktHYw4KJXicKBzYoVEIjrRJdekdKAX7D17
CY67Vy85WK5lSQXauXQLRdPKl5RwIeEra5+ao0wznAh0Qkxz1JoLX3VbQPM2qA74
A0wClM+C0Eqcbj6RVs5mlrqeGgy7Qjs9lTCh8sLn1somSiPngspyGlcbKQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFK4imRBviTNFkGqz2KWrg2hCSZ38MB8GA1UdIwQY
MBaAFAZaRw26ucHDNPD4X0F80apCXp8TMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2Mt
NjUwNzhhN2Y2NWI4LzEvcmlLWkVHLUpNMFdRYXJQWXBhdURhRUpKbmZ3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xYy8zNzVhNjctOGM0ZS00YTQ2LTk5Y2MtNjUwNzhhN2Y2NWI4
LzEvQmxwSERicTV3Y00wOFBoZlFYelJxa0plbnhNLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAw0JlMA0G
CSqGSIb3DQEBCwUAA4IBAQB8VhLvxEIYYaObknM4gi2xK9wyFT4iyiIXg4Jr0Gkv
ABBvcTspydkMuR/a647NDdQh6g8kMQrvn+2fQICNUXjQ9D6fw046P0OsOcRS1e4K
BFQd0rtbq4U1bIo3ULebbcmD6G+5h+vH+TH/JruE7jKjiX2K5TYf8K3D2Xt7pB+2
6rl0VWG3/7tdFDAN2m1l6SjnO9hZoa1/7Zid2kHiSV8fbrqUGQtSgPw0zDEEh/LO
f3bwFs3zthLRPzKdsn89FhaW17swnOVemiz9C0ZXbQLudCGVPII5Y/DmIcoTYHbX
cMmKAMnZOOP1XVKgxs1WdKZuvK/rtLvyBSvlXoiSEjV/
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:03:56 2025 by rpki-client