Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/piZIF0KhX5XUtlQlqZTOR6AEy34.roa
File: piZIF0KhX5XUtlQlqZTOR6AEy34.roa (raw, json)
Hash identifier: ujmr+91E+fV9iYaYCXUQDR9ydJcOnbl/xIHSG/UHIJM=
Subject key identifier: A6:26:48:17:42:A1:5F:95:D4:B6:54:25:A9:94:CE:47:A0:04:CB:7E
Certificate issuer: /CN=ceb86983547113359bade1f3f38104091e3a6439
Certificate serial: 0199709D333F5D7040379C834D0AF3B1019A
Authority key identifier: CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/piZIF0KhX5XUtlQlqZTOR6AEy34.roa
Signing time: Mon 22 Sep 2025 08:49:34 +0000
ROA not before: Mon 22 Sep 2025 08:49:34 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 19905
IP address blocks: 195.130.248.0/22 maxlen: 24
212.123.79.0/24 maxlen: 24
212.123.82.0/23 maxlen: 24
212.123.84.0/23 maxlen: 24
212.123.93.0/24 maxlen: 24
213.205.0.0/19 maxlen: 24
213.205.32.0/19 maxlen: 24
213.205.32.0/24 maxlen: 24
213.205.33.0/24 maxlen: 24
213.205.34.0/24 maxlen: 24
213.205.36.0/24 maxlen: 24
213.205.37.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:70:9d:33:3f:5d:70:40:37:9c:83:4d:0a:f3:b1:01:9a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=ceb86983547113359bade1f3f38104091e3a6439
Validity
Not Before: Sep 22 08:49:34 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=a626481742a15f95d4b65425a994ce47a004cb7e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:11:87:bd:d8:d8:ab:1a:69:2a:df:5a:cf:c4:
3e:a3:13:e3:5e:30:34:c7:84:fb:6f:e9:76:c7:23:
9d:6b:21:d1:89:bd:5b:87:44:c1:92:3e:18:1d:53:
a8:fd:bd:67:43:47:d8:f0:26:fd:fd:f8:fc:6d:19:
44:6c:c8:e1:59:12:77:c1:63:8c:cf:88:94:e1:c4:
55:d8:b0:cb:e4:6e:cc:e9:14:45:e1:70:61:2f:17:
a4:9e:90:c2:ad:54:90:5f:21:74:7d:36:05:a0:fe:
21:7f:60:4c:3d:f9:56:b4:b4:c0:f8:59:61:8a:99:
e4:ce:b9:14:d4:51:cf:fd:1f:41:14:f4:26:87:0f:
ea:6e:98:7e:56:bb:fb:6c:ef:1c:3f:be:8a:29:96:
f9:ac:75:2f:02:53:6d:dd:5c:dc:fd:34:a5:ff:7a:
39:cd:5f:25:d0:69:23:ab:bd:ee:af:5a:0e:97:06:
76:41:be:b3:ac:36:9e:09:5b:81:13:65:e4:a2:00:
5d:48:b1:9a:f0:24:e5:90:2e:4c:31:2e:f8:a8:e0:
93:8f:71:6c:5a:ad:a3:39:28:ce:8d:81:29:14:67:
53:b2:15:ec:a3:a3:d6:e2:99:3c:44:04:ba:47:00:
6c:e8:0d:f4:d2:e4:4d:12:bc:60:8b:19:d6:8a:48:
82:db
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
A6:26:48:17:42:A1:5F:95:D4:B6:54:25:A9:94:CE:47:A0:04:CB:7E
X509v3 Authority Key Identifier:
keyid:CE:B8:69:83:54:71:13:35:9B:AD:E1:F3:F3:81:04:09:1E:3A:64:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zrhpg1RxEzWbreHz84EECR46ZDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/piZIF0KhX5XUtlQlqZTOR6AEy34.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/51/f3539d-38cd-465e-a57d-dee2f650dd86/1/zrhpg1RxEzWbreHz84EECR46ZDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.130.248.0/22
212.123.79.0/24
212.123.82.0-212.123.85.255
212.123.93.0/24
213.205.0.0/18
Signature Algorithm: sha256WithRSAEncryption
24:33:42:12:e4:bf:71:56:6e:c3:70:fb:08:4f:fd:22:97:0b:
fc:dc:d0:9c:78:bc:5f:72:b9:51:99:30:39:73:22:b7:57:2a:
db:36:45:ec:d0:8a:df:6f:ae:ac:59:ca:29:a6:24:9b:c8:8d:
91:0a:8f:a8:9c:7c:67:e2:f4:78:f1:54:33:c5:7d:ee:3b:d5:
d4:33:0f:e7:e5:b0:0c:e4:80:81:ca:7f:e4:2c:7c:03:3a:c6:
01:ec:92:81:11:b7:1a:68:c8:3a:75:94:8b:26:9c:7f:06:42:
d0:e8:a4:72:14:fc:fd:46:a5:b8:0b:04:b9:f0:ec:f5:04:b2:
cb:21:2c:a4:d9:bb:b3:c8:da:e3:a3:1a:59:bd:1f:73:c8:1b:
42:11:29:24:7f:f0:d3:89:d0:34:99:e0:e7:1e:b3:6c:39:1c:
b2:60:ca:6e:b8:60:84:ab:4c:3f:4c:c7:6a:f5:6b:83:0f:a7:
79:6f:5b:7b:5e:95:6c:b8:08:93:dd:b7:34:42:f0:5e:40:3c:
af:b5:9f:35:3a:d5:8e:b6:0a:e4:f5:f5:24:f0:fa:fb:33:f2:
55:22:0e:8d:c3:f9:c0:91:44:19:83:96:db:7e:75:e1:e2:8f:
3b:28:30:93:fd:6d:43:6d:22:f0:f5:92:4a:16:ba:af:47:83:
d9:79:dc:1b
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZlwnTM/XXBAN5yDTQrzsQGaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNlYjg2OTgzNTQ3MTEzMzU5YmFkZTFmM2YzODEwNDA5MWUz
YTY0MzkwHhcNMjUwOTIyMDg0OTM0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhNjI2NDgxNzQyYTE1Zjk1ZDRiNjU0MjVhOTk0Y2U0N2EwMDRjYjdlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6hGHvdjYqxppKt9az8Q+oxPjXjA0
x4T7b+l2xyOdayHRib1bh0TBkj4YHVOo/b1nQ0fY8Cb9/fj8bRlEbMjhWRJ3wWOM
z4iU4cRV2LDL5G7M6RRF4XBhLxeknpDCrVSQXyF0fTYFoP4hf2BMPflWtLTA+Flh
ipnkzrkU1FHP/R9BFPQmhw/qbph+Vrv7bO8cP76KKZb5rHUvAlNt3Vzc/TSl/3o5
zV8l0Gkjq73ur1oOlwZ2Qb6zrDaeCVuBE2XkogBdSLGa8CTlkC5MMS74qOCTj3Fs
Wq2jOSjOjYEpFGdTshXso6PW4pk8RAS6RwBs6A300uRNErxgixnWikiC2wIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFKYmSBdCoV+V1LZUJamUzkegBMt+MB8GA1UdIwQY
MBaAFM64aYNUcRM1m63h8/OBBAkeOmQ5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2Qt
ZGVlMmY2NTBkZDg2LzEvcGlaSUYwS2hYNVhVdGxRbHFaVE9SNkFFeTM0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81MS9mMzUzOWQtMzhjZC00NjVlLWE1N2QtZGVlMmY2NTBkZDg2
LzEvenJocGcxUnhFeldicmVIejg0RUVDUjQ2WkRrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQCw4L4AwQA
1HtPMAwDBAHUe1IDBAHUe1QDBADUe10DBAbVzQAwDQYJKoZIhvcNAQELBQADggEB
ACQzQhLkv3FWbsNw+whP/SKXC/zc0Jx4vF9yuVGZMDlzIrdXKts2RezQit9vrqxZ
yimmJJvIjZEKj6icfGfi9HjxVDPFfe471dQzD+flsAzkgIHKf+QsfAM6xgHskoER
txpoyDp1lIsmnH8GQtDopHIU/P1GpbgLBLnw7PUEssshLKTZu7PI2uOjGlm9H3PI
G0IRKSR/8NOJ0DSZ4Oces2w5HLJgym64YISrTD9Mx2r1a4MPp3lvW3telWy4CJPd
tzRC8F5APK+1nzU61Y62CuT19STw+vsz8lUiDo3D+cCRRBmDltt+deHijzsoMJP9
bUNtIvD1kkoWuq9Hg9l53Bs=
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:46 2025 by rpki-client