Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/AUJlTI7qlFuZBqYNtseczKVZY7o.roa
File: AUJlTI7qlFuZBqYNtseczKVZY7o.roa (raw, json)
Hash identifier: lrFJFDQHqIF3d1QaDadpDFGnq9WB4xACkbFUlWi2D+Q=
Subject key identifier: 01:42:65:4C:8E:EA:94:5B:99:06:A6:0D:B6:C7:9C:CC:A5:59:63:BA
Certificate issuer: /CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Certificate serial: 0198C109D6B2EA73A406F70DD4C31611EBA1
Authority key identifier: 14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/AUJlTI7qlFuZBqYNtseczKVZY7o.roa
Signing time: Tue 19 Aug 2025 06:35:04 +0000
ROA not before: Tue 19 Aug 2025 06:35:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 39855
IP address blocks: 195.226.205.0/24 maxlen: 24
213.249.73.0/24 maxlen: 24
213.249.74.0/23 maxlen: 24
213.249.76.0/24 maxlen: 24
213.249.77.0/24 maxlen: 24
213.249.78.0/23 maxlen: 24
213.249.81.0/24 maxlen: 24
213.249.82.0/23 maxlen: 24
213.249.84.0/24 maxlen: 24
213.249.85.0/24 maxlen: 24
213.249.86.0/23 maxlen: 24
213.249.88.0/24 maxlen: 24
213.249.89.0/24 maxlen: 24
213.249.90.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.mft
rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:c1:09:d6:b2:ea:73:a4:06:f7:0d:d4:c3:16:11:eb:a1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=14bee0ebd06b4b812f9e13716e25f1c3c3d14cc6
Validity
Not Before: Aug 19 06:35:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0142654c8eea945b9906a60db6c79ccca55963ba
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a5:3a:ef:c0:15:47:9a:52:53:ff:e8:22:9b:4f:
5d:c7:3a:50:6b:4c:23:ff:d0:dc:37:b5:3f:1d:7c:
d1:b8:14:76:43:51:09:06:cb:b0:44:ad:d6:da:7e:
5b:e8:df:45:8d:18:bf:d2:cd:db:d1:8b:ea:d3:af:
15:b9:99:97:e1:48:68:3a:ae:f2:38:42:a1:c4:df:
77:61:be:58:e3:3d:51:3a:d9:7d:1a:45:2a:d9:ec:
6a:ed:67:b7:30:73:a8:20:05:6e:86:77:4a:bc:a8:
60:5c:46:f0:6b:62:64:00:24:8b:22:85:7b:20:03:
37:3d:2c:97:6d:7d:0d:84:02:98:42:e8:bb:8d:c5:
97:96:0a:7a:c9:b1:84:bc:08:52:c4:1e:6e:a1:ca:
b2:dc:c8:4e:8d:c2:ca:d7:73:83:b3:c9:74:97:9e:
3d:7f:6d:26:1a:f7:01:76:8f:7b:b9:ca:2d:d5:8f:
1a:5f:03:51:49:06:e4:c9:b3:77:58:a5:b2:eb:ae:
f6:fe:a3:29:15:97:54:54:5c:3c:e5:df:25:e6:a8:
fa:6c:97:5e:57:3e:42:7a:b6:d4:60:22:46:0b:33:
8b:38:74:7a:e3:d2:3e:c4:72:ef:14:bd:d2:2a:72:
a5:5b:ee:c1:ca:62:06:49:6a:b6:0f:e5:da:9a:64:
7d:1d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:42:65:4C:8E:EA:94:5B:99:06:A6:0D:B6:C7:9C:CC:A5:59:63:BA
X509v3 Authority Key Identifier:
keyid:14:BE:E0:EB:D0:6B:4B:81:2F:9E:13:71:6E:25:F1:C3:C3:D1:4C:C6
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FL7g69BrS4EvnhNxbiXxw8PRTMY.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/AUJlTI7qlFuZBqYNtseczKVZY7o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/65/161c3f-b83d-45b1-aa8e-d1bb6b4dd701/1/FL7g69BrS4EvnhNxbiXxw8PRTMY.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.226.205.0/24
213.249.73.0-213.249.79.255
213.249.81.0-213.249.91.255
Signature Algorithm: sha256WithRSAEncryption
29:6b:ea:5d:08:cd:84:5a:ac:2e:af:3a:b7:51:97:40:d0:58:
e8:d3:d1:fa:35:6d:e6:e5:a8:d8:94:cc:2b:79:9c:ad:2e:ee:
9e:1b:0d:e2:7b:76:13:8e:27:83:13:9d:0a:e0:43:73:6d:b0:
f1:bf:21:32:e9:37:83:7a:d8:85:ee:4f:45:eb:9f:47:58:d4:
84:5f:56:0d:4d:8e:b3:a1:31:66:d5:63:3c:c7:9c:46:65:02:
05:19:ba:8b:9d:d4:f3:8c:92:9e:9d:9c:c7:e4:f1:95:ef:8d:
f4:97:23:a9:a1:aa:3c:38:03:5f:4a:38:e3:72:bf:d9:6a:0f:
07:25:a9:23:32:89:51:08:74:99:9a:7a:9e:7f:b5:f3:f0:a7:
91:a0:e4:bf:ed:db:b6:d7:22:25:0a:86:d5:33:2c:55:ba:0b:
7e:be:12:1b:e0:ad:47:d6:35:b4:f9:4b:e4:c3:49:ba:67:3a:
8f:56:93:09:56:a0:37:78:72:87:bf:2f:76:da:1c:ff:a2:5f:
ba:f6:b6:d2:31:fc:e9:6e:f4:ce:ef:42:2f:82:dd:d3:4e:f9:
5e:3b:7a:12:12:5d:c1:6e:8d:ca:3d:81:9a:cc:bc:c4:12:46:
d1:99:3c:40:41:32:80:c6:37:1d:88:98:c4:b4:04:ec:3f:28:
d9:fc:2c:d9
-----BEGIN CERTIFICATE-----
MIIFGTCCBAGgAwIBAgISAZjBCday6nOkBvcN1MMWEeuhMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE0YmVlMGViZDA2YjRiODEyZjllMTM3MTZlMjVmMWMzYzNk
MTRjYzYwHhcNMjUwODE5MDYzNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTQyNjU0YzhlZWE5NDViOTkwNmE2MGRiNmM3OWNjY2E1NTk2M2JhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApTrvwBVHmlJT/+gim09dxzpQa0wj
/9DcN7U/HXzRuBR2Q1EJBsuwRK3W2n5b6N9FjRi/0s3b0Yvq068VuZmX4UhoOq7y
OEKhxN93Yb5Y4z1ROtl9GkUq2exq7We3MHOoIAVuhndKvKhgXEbwa2JkACSLIoV7
IAM3PSyXbX0NhAKYQui7jcWXlgp6ybGEvAhSxB5uocqy3MhOjcLK13ODs8l0l549
f20mGvcBdo97ucot1Y8aXwNRSQbkybN3WKWy6672/qMpFZdUVFw85d8l5qj6bJde
Vz5CerbUYCJGCzOLOHR649I+xHLvFL3SKnKlW+7BymIGSWq2D+XammR9HQIDAQAB
o4ICJTCCAiEwHQYDVR0OBBYEFAFCZUyO6pRbmQamDbbHnMylWWO6MB8GA1UdIwQY
MBaAFBS+4OvQa0uBL54TcW4l8cPD0UzGMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUt
ZDFiYjZiNGRkNzAxLzEvQVVKbFRJN3FsRnVaQnFZTnRzZWN6S1ZaWTdvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82NS8xNjFjM2YtYjgzZC00NWIxLWFhOGUtZDFiYjZiNGRkNzAx
LzEvRkw3ZzY5QnJTNEV2bmhOeGJpWHh3OFBSVE1ZLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDsGCCsGAQUFBwEHAQH/BCwwKjAoBAIAATAiAwQAw+LNMAwD
BADV+UkDBATV+UAwDAMEANX5UQMEAtX5WDANBgkqhkiG9w0BAQsFAAOCAQEAKWvq
XQjNhFqsLq86t1GXQNBY6NPR+jVt5uWo2JTMK3mcrS7unhsN4nt2E44ngxOdCuBD
c22w8b8hMuk3g3rYhe5PReufR1jUhF9WDU2Os6ExZtVjPMecRmUCBRm6i53U84yS
np2cx+Txle+N9JcjqaGqPDgDX0o443K/2WoPByWpIzKJUQh0mZp6nn+18/CnkaDk
v+3bttciJQqG1TMsVboLfr4SG+CtR9Y1tPlL5MNJumc6j1aTCVagN3hyh78vdtoc
/6Jfuva20jH86W70zu9CL4Ld0075Xjt6EhJdwW6Nyj2Bmsy8xBJG0Zk8QEEygMY3
HYiYxLQE7D8o2fws2Q==
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:38:01 2025 by rpki-client