Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/0mdXaX_nSuGMJhdnGf4S8ZjmZCY.roa
File: 0mdXaX_nSuGMJhdnGf4S8ZjmZCY.roa (raw, json)
Hash identifier: +dkjaaagik15IwcDp4TC2oMZO262Rj+MM9jemWEwdmI=
Subject key identifier: D2:67:57:69:7F:E7:4A:E1:8C:26:17:67:19:FE:12:F1:98:E6:64:26
Certificate issuer: /CN=64d4e8723450d0a710c32d90ffea18529104e538
Certificate serial: 0199FC163A021189F1551B6B55EF570815F8
Authority key identifier: 64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/0mdXaX_nSuGMJhdnGf4S8ZjmZCY.roa
Signing time: Sun 19 Oct 2025 10:48:59 +0000
ROA not before: Sun 19 Oct 2025 10:48:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202656
IP address blocks: 91.216.155.0/24 maxlen: 24
91.217.90.0/24 maxlen: 24
91.226.212.0/24 maxlen: 24
91.226.213.0/24 maxlen: 24
193.203.50.0/23 maxlen: 23
193.203.50.0/24 maxlen: 24
193.203.51.0/24 maxlen: 24
195.211.40.0/23 maxlen: 23
2a13:f580::/48 maxlen: 48
2a13:f580:5::/48 maxlen: 48
2a13:f580:6::/48 maxlen: 48
2a13:f580:7::/48 maxlen: 48
2a13:f580:8::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:16:3a:02:11:89:f1:55:1b:6b:55:ef:57:08:15:f8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=64d4e8723450d0a710c32d90ffea18529104e538
Validity
Not Before: Oct 19 10:48:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d26757697fe74ae18c26176719fe12f198e66426
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b6:17:39:79:86:4a:aa:7f:ab:30:e3:cf:60:39:
6e:e3:26:7a:75:a6:5f:eb:0d:0c:1f:72:2e:22:90:
6d:6e:ee:52:41:a4:fd:e0:df:e2:ce:00:41:5f:bf:
f4:a0:47:9c:f5:97:6f:02:87:1d:bd:bb:bc:fe:e7:
17:63:02:ba:8e:af:e0:33:d6:b0:9a:55:55:29:7d:
a1:12:c8:a7:27:f9:f9:63:11:e1:da:88:ad:d0:f9:
22:cb:3c:9b:e4:8a:b7:2a:e4:2e:69:f8:f2:1d:60:
cb:a1:9e:b9:91:95:3b:4b:a9:8c:e0:03:9b:2b:f8:
3e:c2:4e:68:9c:10:ab:1d:69:d4:32:e2:d6:d2:96:
9c:07:46:f6:06:a3:87:fd:35:eb:20:da:ab:6b:7f:
d9:e4:8f:e8:12:e7:cb:64:d2:13:6f:ec:c9:e7:d1:
1e:f5:6b:28:ba:db:c2:d6:74:b6:35:2d:65:89:f0:
69:f6:6a:ab:bb:39:36:0e:29:3f:d8:1c:1c:ed:54:
8c:fc:8a:98:59:23:45:98:f3:95:71:e5:6a:a0:32:
9e:45:9e:35:bb:52:44:1f:cb:f9:d6:57:a1:3c:a3:
3e:df:70:15:49:34:6c:aa:86:1d:26:cf:97:4e:57:
f8:c4:64:97:93:50:47:0f:c3:02:03:8a:5e:61:d4:
6d:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D2:67:57:69:7F:E7:4A:E1:8C:26:17:67:19:FE:12:F1:98:E6:64:26
X509v3 Authority Key Identifier:
keyid:64:D4:E8:72:34:50:D0:A7:10:C3:2D:90:FF:EA:18:52:91:04:E5:38
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/0mdXaX_nSuGMJhdnGf4S8ZjmZCY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/6d/2310b1-96a1-48e4-aa72-422aed3a7702/1/ZNTocjRQ0KcQwy2Q_-oYUpEE5Tg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
91.216.155.0/24
91.217.90.0/24
91.226.212.0/23
193.203.50.0/23
195.211.40.0/23
IPv6:
2a13:f580::/48
2a13:f580:5::-2a13:f580:8:ffff:ffff:ffff:ffff:ffff
Signature Algorithm: sha256WithRSAEncryption
82:2e:95:79:39:99:e8:43:c9:74:e0:d6:38:63:f4:fa:25:14:
58:fd:50:3b:b0:7b:bf:9b:4b:57:7f:4d:ae:cc:72:62:ca:11:
f7:73:98:ee:cf:82:0d:04:60:1d:22:2b:fa:cb:8d:36:4e:20:
1b:05:cb:1d:86:20:ce:b0:12:34:e7:4e:ec:5a:8f:82:48:8d:
82:3e:cd:f7:f1:50:b3:d6:b5:dd:22:46:10:ee:57:4f:08:51:
30:3b:ea:58:bc:c6:15:c7:d7:0d:2c:b5:40:a9:79:0d:0e:f2:
4d:9f:2b:5f:0c:50:4b:e1:49:d8:34:02:6d:79:e4:4e:20:7f:
53:a4:12:62:4a:d1:72:f4:05:78:66:3b:44:58:ca:0c:31:85:
43:28:7c:77:c6:4f:89:95:4e:44:46:c0:39:c8:59:56:fe:dc:
0c:c3:a9:ea:e1:60:17:c5:be:8d:ff:b6:8d:f7:20:c3:ba:ae:
dc:07:5d:d1:98:8c:a6:a8:2a:f6:8b:e6:8f:cf:eb:29:0f:35:
e4:c5:8e:66:19:3b:7c:00:85:7c:cb:56:61:53:5d:89:e8:ad:
7b:9b:c5:ba:9a:e7:fd:12:49:fc:3f:59:66:2d:25:4c:63:ab:
8c:73:d6:98:fb:8e:21:2b:4a:0b:25:e7:ec:27:c0:f2:92:b6:
54:ac:f9:55
-----BEGIN CERTIFICATE-----
MIIFOjCCBCKgAwIBAgISAZn8FjoCEYnxVRtrVe9XCBX4MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY0ZDRlODcyMzQ1MGQwYTcxMGMzMmQ5MGZmZWExODUyOTEw
NGU1MzgwHhcNMjUxMDE5MTA0ODU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkMjY3NTc2OTdmZTc0YWUxOGMyNjE3NjcxOWZlMTJmMTk4ZTY2NDI2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAthc5eYZKqn+rMOPPYDlu4yZ6daZf
6w0MH3IuIpBtbu5SQaT94N/izgBBX7/0oEec9ZdvAocdvbu8/ucXYwK6jq/gM9aw
mlVVKX2hEsinJ/n5YxHh2oit0Pkiyzyb5Iq3KuQuafjyHWDLoZ65kZU7S6mM4AOb
K/g+wk5onBCrHWnUMuLW0pacB0b2BqOH/TXrINqra3/Z5I/oEufLZNITb+zJ59Ee
9WsoutvC1nS2NS1lifBp9mqruzk2Dik/2Bwc7VSM/IqYWSNFmPOVceVqoDKeRZ41
u1JEH8v51lehPKM+33AVSTRsqoYdJs+XTlf4xGSXk1BHD8MCA4peYdRtgQIDAQAB
o4ICRjCCAkIwHQYDVR0OBBYEFNJnV2l/50rhjCYXZxn+EvGY5mQmMB8GA1UdIwQY
MBaAFGTU6HI0UNCnEMMtkP/qGFKRBOU4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzIt
NDIyYWVkM2E3NzAyLzEvMG1kWGFYX25TdUdNSmhkbkdmNFM4WmptWkNZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC82ZC8yMzEwYjEtOTZhMS00OGU0LWFhNzItNDIyYWVkM2E3NzAy
LzEvWk5Ub2NqUlEwS2NRd3kyUV8tb1lVcEVFNVRnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMFwGCCsGAQUFBwEHAQH/BE0wSzAkBAIAATAeAwQAW9ibAwQA
W9laAwQBW+LUAwQBwcsyAwQBw9MoMCMEAgACMB0DBwAqE/WAAAAwEgMHACoT9YAA
BQMHACoT9YAACDANBgkqhkiG9w0BAQsFAAOCAQEAgi6VeTmZ6EPJdODWOGP0+iUU
WP1QO7B7v5tLV39NrsxyYsoR93OY7s+CDQRgHSIr+suNNk4gGwXLHYYgzrASNOdO
7FqPgkiNgj7N9/FQs9a13SJGEO5XTwhRMDvqWLzGFcfXDSy1QKl5DQ7yTZ8rXwxQ
S+FJ2DQCbXnkTiB/U6QSYkrRcvQFeGY7RFjKDDGFQyh8d8ZPiZVOREbAOchZVv7c
DMOp6uFgF8W+jf+2jfcgw7qu3Add0ZiMpqgq9ovmj8/rKQ815MWOZhk7fACFfMtW
YVNdieite5vFuprn/RJJ/D9ZZi0lTGOrjHPWmPuOIStKCyXn7CfA8pK2VKz5VQ==
-----END CERTIFICATE-----
Generated at Sun Oct 19 21:09:11 2025 by rpki-client