Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/eXzNPFB8evVF4M9GKM9iNp1CQKY.roa
File: eXzNPFB8evVF4M9GKM9iNp1CQKY.roa (raw, json)
Hash identifier: 3o1zQB3byjNP0T4iSERgx0SfW87i/ushB0KeeTR7qr4=
Subject key identifier: 79:7C:CD:3C:50:7C:7A:F5:45:E0:CF:46:28:CF:62:36:9D:42:40:A6
Certificate issuer: /CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Certificate serial: 0198EC0FA1FBAE27047332C61E1CE7612106
Authority key identifier: DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/eXzNPFB8evVF4M9GKM9iNp1CQKY.roa
Signing time: Wed 27 Aug 2025 15:05:04 +0000
ROA not before: Wed 27 Aug 2025 15:05:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 52145
IP address blocks: 46.253.90.0/24 maxlen: 24
46.253.93.0/24 maxlen: 24
46.253.94.0/24 maxlen: 24
46.253.95.0/24 maxlen: 24
2a04:19c0::/29 maxlen: 29
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 11:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:ec:0f:a1:fb:ae:27:04:73:32:c6:1e:1c:e7:61:21:06
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=dd97c7ca05bcc3d6a2ad1ba235bed8feab694550
Validity
Not Before: Aug 27 15:05:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=797ccd3c507c7af545e0cf4628cf62369d4240a6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9a:95:2c:50:14:0d:81:b3:17:89:8d:e2:43:c7:
d8:22:03:7b:be:0e:bf:4b:ce:98:6b:90:e7:1a:67:
7e:d1:c4:c2:a2:90:28:ad:e1:91:09:25:d4:21:70:
fc:f4:72:47:02:48:a8:2c:e9:3a:b8:fa:4a:f3:a7:
b7:e2:4f:0b:84:dc:74:3b:b4:cb:12:cf:44:cb:b5:
dc:19:4b:b9:21:b5:98:a0:0f:e4:71:81:47:a9:e3:
77:99:be:86:95:5f:12:bb:40:d7:24:1f:17:c0:ca:
f0:58:ba:99:bd:9a:05:32:76:0c:6b:28:00:7f:a4:
2e:1e:55:a2:ac:4b:9a:b6:4a:8a:3b:9e:40:35:e0:
fb:cf:8a:70:c2:d2:0c:76:f2:b7:a1:bb:5b:f5:b4:
15:f9:d1:01:8b:c1:0a:14:ae:3e:87:41:0a:fc:37:
e7:ae:15:db:f4:03:f6:ca:95:6d:95:22:d2:c8:4e:
6c:44:bb:c8:a0:1e:0f:6f:0b:d3:58:57:f6:ce:71:
67:65:23:b4:dc:66:01:d1:87:5d:b6:72:ed:62:b3:
5b:95:a1:d4:31:09:91:0c:9c:f1:6a:46:51:df:71:
b2:4e:c1:c5:d5:16:87:05:28:52:35:92:ca:7c:24:
f0:44:f5:3d:89:0e:ec:e4:17:9e:fd:64:6e:4d:7d:
da:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
79:7C:CD:3C:50:7C:7A:F5:45:E0:CF:46:28:CF:62:36:9D:42:40:A6
X509v3 Authority Key Identifier:
keyid:DD:97:C7:CA:05:BC:C3:D6:A2:AD:1B:A2:35:BE:D8:FE:AB:69:45:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/3ZfHygW8w9airRuiNb7Y_qtpRVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/eXzNPFB8evVF4M9GKM9iNp1CQKY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/75/e32a9a-83e0-4fb9-ac71-4d4b16144d68/1/3ZfHygW8w9airRuiNb7Y_qtpRVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
46.253.90.0/24
46.253.93.0-46.253.95.255
IPv6:
2a04:19c0::/29
Signature Algorithm: sha256WithRSAEncryption
42:88:79:cc:84:d4:0b:e9:83:68:f0:9f:f7:9f:2b:60:87:0a:
30:d0:90:07:d0:a9:81:82:7c:b2:96:19:66:be:3e:6e:96:d3:
6c:d1:0d:8c:01:39:ce:f5:4b:a4:15:3e:b8:0a:5c:72:91:0a:
36:57:68:a9:d5:4d:0c:36:01:73:fb:f3:71:6d:11:59:db:4a:
2e:98:cc:c3:51:1c:2e:0c:7a:ce:cb:55:25:5b:3a:49:5e:0f:
b1:a5:1c:49:61:4f:fc:e3:6f:d9:9e:1c:1f:bb:3e:9d:88:98:
67:c6:30:9c:c0:b2:94:09:59:41:e1:a6:8e:bb:09:dd:5a:5f:
9d:e4:ba:c0:fc:86:73:11:36:ae:6e:1b:6d:1e:70:b6:fd:43:
82:37:85:b1:a0:e5:ff:57:87:1f:6a:d2:71:35:2e:19:7d:02:
5e:b3:1f:e7:98:20:03:62:d6:0b:db:62:ed:ca:11:41:3c:7d:
e4:1f:b8:07:f5:a7:bc:67:a1:db:a4:f7:35:f5:03:af:2a:30:
a7:3b:77:a6:a7:a3:0a:4d:d2:3e:3b:3b:d2:c1:a1:54:2c:f7:
77:59:94:82:e5:f1:95:91:3a:07:72:6f:74:39:24:cb:a3:67:
c5:b1:e6:1e:53:89:b6:a7:8b:e9:d2:9c:32:7e:fb:b3:2c:83:
c4:50:6f:2e
-----BEGIN CERTIFICATE-----
MIIFGjCCBAKgAwIBAgISAZjsD6H7ricEczLGHhznYSEGMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGRkOTdjN2NhMDViY2MzZDZhMmFkMWJhMjM1YmVkOGZlYWI2
OTQ1NTAwHhcNMjUwODI3MTUwNTA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3OTdjY2QzYzUwN2M3YWY1NDVlMGNmNDYyOGNmNjIzNjlkNDI0MGE2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAmpUsUBQNgbMXiY3iQ8fYIgN7vg6/
S86Ya5DnGmd+0cTCopAoreGRCSXUIXD89HJHAkioLOk6uPpK86e34k8LhNx0O7TL
Es9Ey7XcGUu5IbWYoA/kcYFHqeN3mb6GlV8Su0DXJB8XwMrwWLqZvZoFMnYMaygA
f6QuHlWirEuatkqKO55ANeD7z4pwwtIMdvK3obtb9bQV+dEBi8EKFK4+h0EK/Dfn
rhXb9AP2ypVtlSLSyE5sRLvIoB4PbwvTWFf2znFnZSO03GYB0YddtnLtYrNblaHU
MQmRDJzxakZR33GyTsHF1RaHBShSNZLKfCTwRPU9iQ7s5Bee/WRuTX3a0QIDAQAB
o4ICJjCCAiIwHQYDVR0OBBYEFHl8zTxQfHr1ReDPRijPYjadQkCmMB8GA1UdIwQY
MBaAFN2Xx8oFvMPWoq0bojW+2P6raUVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEt
NGQ0YjE2MTQ0ZDY4LzEvZVh6TlBGQjhldlZGNE05R0tNOWlOcDFDUUtZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83NS9lMzJhOWEtODNlMC00ZmI5LWFjNzEtNGQ0YjE2MTQ0ZDY4
LzEvM1pmSHlnVzh3OWFpclJ1aU5iN1lfcXRwUlZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDwGCCsGAQUFBwEHAQH/BC0wKzAaBAIAATAUAwQALv1aMAwD
BAAu/V0DBAUu/UAwDQQCAAIwBwMFAyoEGcAwDQYJKoZIhvcNAQELBQADggEBAEKI
ecyE1Avpg2jwn/efK2CHCjDQkAfQqYGCfLKWGWa+Pm6W02zRDYwBOc71S6QVPrgK
XHKRCjZXaKnVTQw2AXP783FtEVnbSi6YzMNRHC4Mes7LVSVbOkleD7GlHElhT/zj
b9meHB+7Pp2ImGfGMJzAspQJWUHhpo67Cd1aX53kusD8hnMRNq5uG20ecLb9Q4I3
hbGg5f9Xhx9q0nE1Lhl9Al6zH+eYIANi1gvbYu3KEUE8feQfuAf1p7xnoduk9zX1
A68qMKc7d6anowpN0j47O9LBoVQs93dZlILl8ZWROgdyb3Q5JMujZ8Wx5h5Tiban
i+nSnDJ++7Msg8RQby4=
-----END CERTIFICATE-----
Generated at Mon Oct 20 17:58:08 2025 by rpki-client