
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rvzReihTyFBt9nI6M3bCSbVPs9o.roa
File: rvzReihTyFBt9nI6M3bCSbVPs9o.roa (raw, json)
Hash identifier: NcjJOdYLLfElvdCgCeH7K9NSaDYZDakTLQfXQ3OdkBo=
Subject key identifier: AE:FC:D1:7A:28:53:C8:50:6D:F6:72:3A:33:76:C2:49:B5:4F:B3:DA
Certificate issuer: /CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Certificate serial: 01997922BD1A9E7966F75D77B75949FCAB68
Authority key identifier: 2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rvzReihTyFBt9nI6M3bCSbVPs9o.roa
Signing time: Wed 24 Sep 2025 00:32:23 +0000
ROA not before: Wed 24 Sep 2025 00:32:23 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 18464
IP address blocks: 178.173.224.0/21 maxlen: 24
178.173.224.0/24 maxlen: 24
178.173.225.0/24 maxlen: 24
178.173.226.0/24 maxlen: 24
178.173.227.0/24 maxlen: 24
178.173.228.0/24 maxlen: 24
178.173.229.0/24 maxlen: 24
178.173.230.0/24 maxlen: 24
178.173.241.0/24 maxlen: 24
2001:16c0:16c0::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.mft
rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:01:08 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:79:22:bd:1a:9e:79:66:f7:5d:77:b7:59:49:fc:ab:68
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2ac3daa1b14850f2e61c592b2191915a5e65a478
Validity
Not Before: Sep 24 00:32:23 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=aefcd17a2853c8506df6723a3376c249b54fb3da
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:3d:1c:83:a3:07:c2:88:0f:1b:17:68:55:d7:
c7:53:22:d4:8a:03:be:39:b5:d1:13:26:f6:79:b9:
23:11:33:13:1a:c3:ce:13:b4:18:4b:74:78:51:16:
16:38:4d:32:58:74:24:3e:5b:be:3d:71:6b:97:a0:
a1:a7:67:8c:29:7e:ca:11:7b:06:14:7d:6a:05:63:
79:e9:b8:11:40:ea:ec:7e:41:d2:bc:bb:17:ad:56:
1e:d9:9d:4c:43:da:bd:ed:56:e1:0a:07:9c:90:06:
75:10:8e:19:c6:e7:ed:89:01:0a:68:d7:83:37:e9:
f1:67:18:ca:39:fb:0b:9b:0c:f9:76:98:68:86:eb:
cf:90:eb:a3:3e:b0:bf:6f:f3:8b:b1:50:f8:c4:64:
5c:57:73:41:83:26:5c:75:a7:79:7d:fe:82:41:ae:
8a:ff:53:b1:9d:d9:b9:8a:e2:45:e7:55:94:38:94:
f4:5b:06:03:e9:01:01:d3:fb:c1:94:8b:cd:34:72:
fe:38:fe:58:f6:2f:7e:16:8e:da:9d:77:ee:1f:91:
b9:63:5b:c4:5d:3d:33:db:01:88:1a:ea:cf:c0:2b:
8e:26:ed:c2:f0:10:96:75:10:ea:f1:a4:05:07:25:
a6:fd:0b:d7:d0:5d:ac:80:4e:38:3f:0f:7f:68:b6:
fb:e1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
AE:FC:D1:7A:28:53:C8:50:6D:F6:72:3A:33:76:C2:49:B5:4F:B3:DA
X509v3 Authority Key Identifier:
keyid:2A:C3:DA:A1:B1:48:50:F2:E6:1C:59:2B:21:91:91:5A:5E:65:A4:78
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/KsPaobFIUPLmHFkrIZGRWl5lpHg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/rvzReihTyFBt9nI6M3bCSbVPs9o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/70/405bbd-5913-4e95-8e75-fe0659176a56/1/KsPaobFIUPLmHFkrIZGRWl5lpHg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
178.173.224.0/21
178.173.241.0/24
IPv6:
2001:16c0:16c0::/48
Signature Algorithm: sha256WithRSAEncryption
c6:7c:31:23:43:b0:61:7a:54:cc:c8:30:c4:3a:d8:78:e0:40:
cb:af:02:2a:c7:80:5a:55:f5:12:e1:89:c2:f4:7b:89:e2:1a:
6e:34:da:da:8e:ae:eb:8a:dd:1b:25:4d:45:b2:2a:d9:c1:91:
cc:b8:77:d8:bb:16:8d:40:65:29:19:fb:d7:e9:a5:02:17:ab:
f0:df:aa:0a:b6:52:2d:24:73:8e:01:c3:ef:93:84:c2:62:79:
06:5e:67:d9:1a:ed:f1:22:2a:32:9a:74:28:27:b5:ea:e6:83:
57:7a:65:b8:1a:0d:5f:3e:f3:3e:3d:21:0e:08:97:c8:5b:16:
56:b4:c9:14:0d:64:b2:67:f7:df:dc:10:f0:79:b0:0d:11:7f:
70:a5:2e:d3:5c:e1:37:d0:84:c6:85:4a:c3:bf:e0:2f:62:bc:
7f:e5:21:b7:89:a3:94:4c:88:bb:67:e9:52:ce:3b:63:d0:fb:
7c:ba:50:1e:0e:8e:02:18:5e:d3:22:7c:e4:1a:17:e8:89:f2:
87:2e:56:71:26:ca:64:2e:1c:5c:0e:96:a3:71:de:5c:86:b9:
78:f4:08:d8:d9:e2:4c:32:2a:7f:a2:cc:35:7b:33:ac:b4:f8:
82:27:4c:7c:f5:ed:f2:f4:3c:52:ba:a6:91:9f:9f:33:38:3d:
6b:34:ea:f6
-----BEGIN CERTIFICATE-----
MIIFFDCCA/ygAwIBAgISAZl5Ir0annlm9113t1lJ/KtoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJhYzNkYWExYjE0ODUwZjJlNjFjNTkyYjIxOTE5MTVhNWU2
NWE0NzgwHhcNMjUwOTI0MDAzMjIzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhhZWZjZDE3YTI4NTNjODUwNmRmNjcyM2EzMzc2YzI0OWI1NGZiM2RhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxj0cg6MHwogPGxdoVdfHUyLUigO+
ObXREyb2ebkjETMTGsPOE7QYS3R4URYWOE0yWHQkPlu+PXFrl6Chp2eMKX7KEXsG
FH1qBWN56bgRQOrsfkHSvLsXrVYe2Z1MQ9q97VbhCgeckAZ1EI4ZxuftiQEKaNeD
N+nxZxjKOfsLmwz5dphohuvPkOujPrC/b/OLsVD4xGRcV3NBgyZcdad5ff6CQa6K
/1Oxndm5iuJF51WUOJT0WwYD6QEB0/vBlIvNNHL+OP5Y9i9+Fo7anXfuH5G5Y1vE
XT0z2wGIGurPwCuOJu3C8BCWdRDq8aQFByWm/QvX0F2sgE44Pw9/aLb74QIDAQAB
o4ICIDCCAhwwHQYDVR0OBBYEFK780XooU8hQbfZyOjN2wkm1T7PaMB8GA1UdIwQY
MBaAFCrD2qGxSFDy5hxZKyGRkVpeZaR4MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUt
ZmUwNjU5MTc2YTU2LzEvcnZ6UmVpaFR5RkJ0OW5JNk0zYkNTYlZQczlvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MC80MDViYmQtNTkxMy00ZTk1LThlNzUtZmUwNjU5MTc2YTU2
LzEvS3NQYW9iRklVUExtSEZrcklaR1JXbDVscEhnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDYGCCsGAQUFBwEHAQH/BCcwJTASBAIAATAMAwQDsq3gAwQA
sq3xMA8EAgACMAkDBwAgARbAFsAwDQYJKoZIhvcNAQELBQADggEBAMZ8MSNDsGF6
VMzIMMQ62HjgQMuvAirHgFpV9RLhicL0e4niGm402tqOruuK3RslTUWyKtnBkcy4
d9i7Fo1AZSkZ+9fppQIXq/Dfqgq2Ui0kc44Bw++ThMJieQZeZ9ka7fEiKjKadCgn
termg1d6ZbgaDV8+8z49IQ4Il8hbFla0yRQNZLJn99/cEPB5sA0Rf3ClLtNc4TfQ
hMaFSsO/4C9ivH/lIbeJo5RMiLtn6VLOO2PQ+3y6UB4OjgIYXtMifOQaF+iJ8ocu
VnEmymQuHFwOlqNx3lyGuXj0CNjZ4kwyKn+izDV7M6y0+IInTHz17fL0PFK6ppGf
nzM4PWs06vY=
-----END CERTIFICATE-----
Generated at Sun Oct 19 17:44:29 2025 by rpki-client