Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/BOk97mZUNqNJ_dOcwbdtwSJbWCE.roa
File: BOk97mZUNqNJ_dOcwbdtwSJbWCE.roa (raw, json)
Hash identifier: nV5ffA74nDihX8VuWYqqZdz4OqoRhRn+Oh7DUZiqZt8=
Subject key identifier: 04:E9:3D:EE:66:54:36:A3:49:FD:D3:9C:C1:B7:6D:C1:22:5B:58:21
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199E7E6130A9DDB414CA112C4538DFB62A7
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/BOk97mZUNqNJ_dOcwbdtwSJbWCE.roa
Signing time: Wed 15 Oct 2025 12:43:59 +0000
ROA not before: Wed 15 Oct 2025 12:43:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 134351
IP address blocks: 195.40.5.0/24 maxlen: 24
195.40.12.0/24 maxlen: 24
195.40.70.0/23 maxlen: 23
195.40.120.0/23 maxlen: 23
195.40.122.0/23 maxlen: 23
195.40.160.0/23 maxlen: 23
195.172.150.0/24 maxlen: 24
195.172.211.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e7:e6:13:0a:9d:db:41:4c:a1:12:c4:53:8d:fb:62:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 15 12:43:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=04e93dee665436a349fdd39cc1b76dc1225b5821
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cd:f7:22:35:b0:a7:95:7a:e5:bc:c4:c0:99:89:
fd:b1:cc:5d:43:d9:af:12:dc:8c:75:0e:03:d4:06:
dc:51:5e:27:13:31:bd:3e:b9:bf:3c:2c:51:8c:9f:
fa:00:2c:20:9e:85:92:ff:5e:40:5d:bd:37:cc:19:
cd:3e:48:18:12:d0:d9:bf:68:c4:ba:62:7a:3e:3c:
8f:b0:d8:17:41:82:66:c3:86:de:76:0e:e9:bb:b4:
92:57:2b:c9:71:78:4a:56:da:cd:d3:a2:9d:5a:23:
1c:55:62:a2:d1:38:db:67:a2:d4:24:e7:40:b2:f8:
f7:cd:ac:c8:1d:75:dc:1f:f9:9f:e6:4a:91:16:f8:
f0:65:5a:36:ba:5a:ca:f8:93:dd:20:fd:8b:4f:b2:
76:9f:a2:e4:99:9c:49:87:f2:ea:08:ee:ad:40:c7:
9b:f0:ec:fd:de:a2:2a:a6:21:1c:c6:eb:0e:63:39:
fb:70:c1:dc:18:d2:32:44:d2:a7:20:49:de:e4:a5:
00:54:33:df:f2:21:36:11:24:aa:2a:25:dd:6f:1a:
46:c9:60:70:cb:06:f1:20:73:a2:9c:c0:2d:4d:1e:
ac:ac:74:0c:5d:e4:3f:f4:cc:54:22:ef:30:8f:c1:
15:3d:15:95:79:2f:89:45:46:67:7b:57:68:77:e8:
77:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
04:E9:3D:EE:66:54:36:A3:49:FD:D3:9C:C1:B7:6D:C1:22:5B:58:21
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/BOk97mZUNqNJ_dOcwbdtwSJbWCE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.5.0/24
195.40.12.0/24
195.40.70.0/23
195.40.120.0/22
195.40.160.0/23
195.172.150.0/24
195.172.211.0/24
Signature Algorithm: sha256WithRSAEncryption
07:ad:bf:45:a9:72:fd:30:34:e1:e9:1a:26:2f:23:aa:82:67:
d1:a0:11:00:9d:c4:e4:49:c9:45:55:43:89:44:c7:75:5f:63:
41:46:4a:3b:19:4f:3b:b8:65:0c:72:7e:af:4f:09:52:f4:82:
db:12:17:9a:d2:40:3e:ec:0f:3f:02:61:48:0c:d1:a4:de:c3:
0e:8b:66:81:41:a3:92:1d:55:bd:53:64:13:f6:8f:69:46:9a:
06:9e:06:35:8f:b9:d0:b0:4e:6d:99:da:56:8d:74:87:ac:d7:
5d:6e:bc:cf:2f:9b:7c:bb:f8:49:05:ae:96:9b:36:dc:86:25:
de:90:9b:65:e9:29:a5:25:01:14:47:bc:68:37:1d:f7:f7:6a:
dd:db:a2:97:88:4d:fa:42:ad:23:93:38:56:cb:90:31:f0:9b:
5b:9f:ca:17:ed:13:1d:ad:ba:d9:e3:e3:60:03:ea:29:da:5b:
39:ec:0d:c9:d5:b4:df:f7:9c:c0:ef:d3:ec:a9:c0:8c:7a:96:
61:cf:30:5f:d5:f7:c1:8e:5c:ff:aa:e6:e2:84:c8:36:4c:eb:
1e:46:9f:b1:b8:bc:4d:64:6a:6f:1a:43:84:d5:5d:45:78:76:
92:75:8f:3c:cc:04:84:41:62:46:7c:d8:fa:38:13:81:c1:58:
c2:7c:84:82
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZnn5hMKndtBTKESxFON+2KnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDE1MTI0MzU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwNGU5M2RlZTY2NTQzNmEzNDlmZGQzOWNjMWI3NmRjMTIyNWI1ODIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzfciNbCnlXrlvMTAmYn9scxdQ9mv
EtyMdQ4D1AbcUV4nEzG9Prm/PCxRjJ/6ACwgnoWS/15AXb03zBnNPkgYEtDZv2jE
umJ6PjyPsNgXQYJmw4bedg7pu7SSVyvJcXhKVtrN06KdWiMcVWKi0TjbZ6LUJOdA
svj3zazIHXXcH/mf5kqRFvjwZVo2ulrK+JPdIP2LT7J2n6LkmZxJh/LqCO6tQMeb
8Oz93qIqpiEcxusOYzn7cMHcGNIyRNKnIEne5KUAVDPf8iE2ESSqKiXdbxpGyWBw
ywbxIHOinMAtTR6srHQMXeQ/9MxUIu8wj8EVPRWVeS+JRUZne1dod+h3IwIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFATpPe5mVDajSf3TnMG3bcEiW1ghMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvQk9rOTdtWlVOcU5KX2RPY3diZHR3U0piV0NFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAATAqAwQAwygFAwQA
wygMAwQBwyhGAwQCwyh4AwQBwyigAwQAw6yWAwQAw6zTMA0GCSqGSIb3DQEBCwUA
A4IBAQAHrb9FqXL9MDTh6RomLyOqgmfRoBEAncTkSclFVUOJRMd1X2NBRko7GU87
uGUMcn6vTwlS9ILbEhea0kA+7A8/AmFIDNGk3sMOi2aBQaOSHVW9U2QT9o9pRpoG
ngY1j7nQsE5tmdpWjXSHrNddbrzPL5t8u/hJBa6WmzbchiXekJtl6SmlJQEUR7xo
Nx3392rd26KXiE36Qq0jkzhWy5Ax8Jtbn8oX7RMdrbrZ4+NgA+op2ls57A3J1bTf
95zA79PsqcCMepZhzzBf1ffBjlz/qubihMg2TOseRp+xuLxNZGpvGkOE1V1FeHaS
dY88zASEQWJGfNj6OBOBwVjCfISC
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:12 2025 by rpki-client