Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/0mUEdLJyCtB-8V_B-TcYPs8bnlI.roa
File: 0mUEdLJyCtB-8V_B-TcYPs8bnlI.roa (raw, json)
Hash identifier: vf8QhP1MDK9+Rj/1zatnHVCOXq4wFBMmhXEA4d/vdpo=
Subject key identifier: D2:65:04:74:B2:72:0A:D0:7E:F1:5F:C1:F9:37:18:3E:CF:1B:9E:52
Certificate issuer: /CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Certificate serial: 0198D047D170DD2E181080810C9E8231CAF0
Authority key identifier: 23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/0mUEdLJyCtB-8V_B-TcYPs8bnlI.roa
Signing time: Fri 22 Aug 2025 05:37:04 +0000
ROA not before: Fri 22 Aug 2025 05:37:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 8491
IP address blocks: 81.95.32.0/20 maxlen: 24
81.95.42.0/24 maxlen: 24
81.95.46.0/24 maxlen: 24
82.194.224.0/19 maxlen: 19
82.194.232.0/24 maxlen: 24
82.194.237.0/24 maxlen: 24
87.238.96.0/21 maxlen: 21
87.238.101.0/24 maxlen: 24
89.188.160.0/19 maxlen: 19
2a03:8640::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.mft
rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 08:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:d0:47:d1:70:dd:2e:18:10:80:81:0c:9e:82:31:ca:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=23e3d92bfe16619ca500c03267effa9aa7ca0c47
Validity
Not Before: Aug 22 05:37:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d2650474b2720ad07ef15fc1f937183ecf1b9e52
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:00:48:7b:49:ae:1f:99:3e:ee:05:0c:b5:47:
7d:ba:06:20:44:65:55:e4:7f:77:82:b6:48:aa:52:
24:7e:8f:0a:bc:09:10:54:f9:dc:53:85:b7:96:f8:
41:38:51:76:20:70:4e:1c:ed:77:a8:44:14:45:b0:
bf:4c:8d:53:dd:da:73:74:ea:36:86:97:8a:c2:ea:
03:cb:27:6c:dd:f6:59:3b:58:28:f6:58:c6:1a:05:
81:b3:18:64:87:1b:00:7b:6b:9f:30:e5:ff:85:af:
1d:47:a6:a4:c8:7a:1b:47:c7:14:1a:6e:3d:d5:b0:
1c:19:95:38:a3:d2:fe:1c:2d:39:59:c9:65:dd:5d:
5a:12:c4:67:ec:51:67:d3:21:67:a0:f2:2b:c3:aa:
d6:66:63:db:29:96:b6:ac:84:b3:77:0f:ef:f6:00:
84:15:6f:a7:27:43:0b:b3:7d:f0:bd:e0:26:b5:10:
cc:1c:12:bf:da:8e:8b:2c:68:cb:0d:b4:2b:16:63:
60:6d:25:86:ca:56:89:77:ce:6a:ad:3c:9c:8d:20:
72:04:32:8a:ac:c1:4a:30:e6:2e:ed:a9:ab:17:68:
7d:df:0b:08:68:32:9b:2d:8a:9e:1c:17:4e:55:ac:
38:53:64:73:11:cb:16:18:c8:a7:f7:f4:3c:cf:d6:
12:4b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:65:04:74:B2:72:0A:D0:7E:F1:5F:C1:F9:37:18:3E:CF:1B:9E:52
X509v3 Authority Key Identifier:
keyid:23:E3:D9:2B:FE:16:61:9C:A5:00:C0:32:67:EF:FA:9A:A7:CA:0C:47
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/I-PZK_4WYZylAMAyZ-_6mqfKDEc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/0mUEdLJyCtB-8V_B-TcYPs8bnlI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/20/9c2c90-c7d4-48b7-9baf-f1bf0c33a908/1/I-PZK_4WYZylAMAyZ-_6mqfKDEc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.95.32.0/20
82.194.224.0/19
87.238.96.0/21
89.188.160.0/19
IPv6:
2a03:8640::/32
Signature Algorithm: sha256WithRSAEncryption
74:c0:3d:c4:79:b5:b1:f7:5f:45:28:c3:49:1b:0b:fc:e2:8d:
92:38:87:d7:6a:1a:91:84:b2:42:b2:1f:d0:0f:6b:b1:a9:e5:
41:c7:d2:e1:71:7a:bb:2b:cf:7a:ce:a9:61:d7:c8:55:61:df:
bc:3a:97:69:16:e6:d2:22:6e:66:67:c8:02:88:b8:58:57:33:
d5:b1:e4:b7:32:41:58:50:49:37:f5:9a:5c:15:c8:2e:4a:f0:
16:38:99:ce:56:f9:06:7f:6a:26:cf:bf:56:c4:28:8c:f8:7b:
ab:92:c0:ec:3e:16:d0:30:de:55:be:01:48:81:6d:94:55:0e:
51:8c:e0:95:a5:3d:cc:c8:07:85:18:55:d3:a2:b8:ef:20:d0:
8c:e2:13:ed:0d:10:81:90:47:ba:89:a7:d4:52:6c:b5:0d:66:
bd:a2:05:35:f7:ff:70:0e:80:01:0b:15:fb:02:c3:bf:5b:b1:
ef:90:78:5a:e2:83:81:e0:4c:79:e5:0a:47:89:0e:bf:77:6b:
33:70:f7:0d:57:16:41:7e:4b:88:e4:90:2f:8f:5d:aa:81:34:
66:0a:47:9a:31:19:5c:28:e6:11:0c:f8:90:e3:81:ad:ff:a0:
27:2f:68:b4:67:c4:c0:b3:3a:84:4d:f5:88:07:08:16:a0:98:
7a:bd:fa:08
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZjQR9Fw3S4YEICBDJ6CMcrwMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIzZTNkOTJiZmUxNjYxOWNhNTAwYzAzMjY3ZWZmYTlhYTdj
YTBjNDcwHhcNMjUwODIyMDUzNzA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY1MDQ3NGIyNzIwYWQwN2VmMTVmYzFmOTM3MTgzZWNmMWI5ZTUyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnABIe0muH5k+7gUMtUd9ugYgRGVV
5H93grZIqlIkfo8KvAkQVPncU4W3lvhBOFF2IHBOHO13qEQURbC/TI1T3dpzdOo2
hpeKwuoDyyds3fZZO1go9ljGGgWBsxhkhxsAe2ufMOX/ha8dR6akyHobR8cUGm49
1bAcGZU4o9L+HC05Wcll3V1aEsRn7FFn0yFnoPIrw6rWZmPbKZa2rISzdw/v9gCE
FW+nJ0MLs33wveAmtRDMHBK/2o6LLGjLDbQrFmNgbSWGylaJd85qrTycjSByBDKK
rMFKMOYu7amrF2h93wsIaDKbLYqeHBdOVaw4U2RzEcsWGMin9/Q8z9YSSwIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFNJlBHSycgrQfvFfwfk3GD7PG55SMB8GA1UdIwQY
MBaAFCPj2Sv+FmGcpQDAMmfv+pqnygxHMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYt
ZjFiZjBjMzNhOTA4LzEvMG1VRWRMSnlDdEItOFZfQi1UY1lQczhibmxJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yMC85YzJjOTAtYzdkNC00OGI3LTliYWYtZjFiZjBjMzNhOTA4
LzEvSS1QWktfNFdZWnlsQU1BeVotXzZtcWZLREVjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAeBAIAATAYAwQEUV8gAwQF
UsLgAwQDV+5gAwQFWbygMA0EAgACMAcDBQAqA4ZAMA0GCSqGSIb3DQEBCwUAA4IB
AQB0wD3EebWx919FKMNJGwv84o2SOIfXahqRhLJCsh/QD2uxqeVBx9LhcXq7K896
zqlh18hVYd+8OpdpFubSIm5mZ8gCiLhYVzPVseS3MkFYUEk39ZpcFcguSvAWOJnO
VvkGf2omz79WxCiM+HurksDsPhbQMN5VvgFIgW2UVQ5RjOCVpT3MyAeFGFXTorjv
INCM4hPtDRCBkEe6iafUUmy1DWa9ogU19/9wDoABCxX7AsO/W7HvkHha4oOB4Ex5
5QpHiQ6/d2szcPcNVxZBfkuI5JAvj12qgTRmCkeaMRlcKOYRDPiQ44Gt/6AnL2i0
Z8TAszqETfWIBwgWoJh6vfoI
-----END CERTIFICATE-----
Generated at Sat Aug 23 17:43:22 2025 by rpki-client