Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/DOPJ9J5tJa0yDHsJn8y3GdbFKRs.roa
File: DOPJ9J5tJa0yDHsJn8y3GdbFKRs.roa (raw, json)
Hash identifier: OjZL29yzeXyfyAKLIl20bkrfbSDQRrppmzNpZKo1iKU=
Subject key identifier: 0C:E3:C9:F4:9E:6D:25:AD:32:0C:7B:09:9F:CC:B7:19:D6:C5:29:1B
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019998F95C2E534063DAC478EF1F45A4320C
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/DOPJ9J5tJa0yDHsJn8y3GdbFKRs.roa
Signing time: Tue 30 Sep 2025 04:55:02 +0000
ROA not before: Tue 30 Sep 2025 04:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 6762
IP address blocks: 195.40.145.0/24 maxlen: 24
195.40.146.0/23 maxlen: 24
195.40.148.0/22 maxlen: 24
195.40.192.0/18 maxlen: 24
195.172.0.0/18 maxlen: 24
195.172.64.0/19 maxlen: 24
195.172.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:98:f9:5c:2e:53:40:63:da:c4:78:ef:1f:45:a4:32:0c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Sep 30 04:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0ce3c9f49e6d25ad320c7b099fccb719d6c5291b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c3:e1:b4:06:7b:57:7f:ae:a0:5b:b6:74:54:df:
b1:26:74:8a:7a:8b:20:69:d0:90:e8:46:9d:16:de:
d8:87:fb:d5:df:42:f9:e4:94:78:52:0f:62:b2:00:
68:95:19:ef:13:f6:d4:be:a9:20:bd:ad:be:c5:8d:
e3:84:05:df:e5:64:ad:76:c8:b5:12:12:e6:56:21:
ae:25:6e:eb:77:9b:62:08:56:20:3b:9e:7a:4f:16:
fc:a8:f6:38:cc:b6:35:90:5a:86:99:52:7c:37:99:
4e:67:17:95:d6:70:bc:60:d1:a4:22:a1:3e:ce:55:
2e:fc:51:c4:69:c3:1f:4b:20:ae:81:0b:00:cc:1c:
52:7a:1f:39:32:01:d4:7f:5c:eb:43:c6:8f:be:f5:
9a:23:f7:06:7c:c4:4d:ff:76:d9:78:e6:3b:d1:e4:
f1:ec:cd:88:20:e9:48:5e:7a:cd:df:54:24:07:0a:
b4:d2:a1:c3:c1:de:e8:73:79:05:68:9c:72:f2:84:
30:d1:9a:57:3c:8f:d3:9d:f3:b1:57:7b:87:6f:df:
4f:1d:e2:97:e8:d0:a8:25:b5:be:79:f5:bd:6c:2e:
ac:97:3b:b8:2d:84:d4:e4:ee:c5:2a:2e:ae:7c:f9:
45:a4:0b:1d:0b:08:7e:6f:15:3e:e6:a7:e3:7c:d2:
38:4d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0C:E3:C9:F4:9E:6D:25:AD:32:0C:7B:09:9F:CC:B7:19:D6:C5:29:1B
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/DOPJ9J5tJa0yDHsJn8y3GdbFKRs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.145.0-195.40.151.255
195.40.192.0/18
195.172.0.0-195.172.95.255
195.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
4e:0e:66:5b:73:97:fa:72:7d:c6:8f:e2:6d:26:e7:ac:70:a0:
7a:57:33:9e:2b:5d:b7:f9:80:ac:b6:6a:7a:2e:ce:f6:07:84:
58:af:8c:ff:47:87:42:de:d3:17:aa:6a:73:ec:46:2a:50:4e:
d7:18:e3:89:53:db:95:ab:85:a1:99:df:c9:44:2d:d2:09:27:
bb:80:72:97:85:a0:45:ab:b1:01:2f:54:da:ff:b3:a3:91:86:
2e:ff:06:ca:57:1c:24:4c:c4:0b:54:70:00:3e:28:11:08:c9:
cf:95:79:63:af:01:1f:cb:17:d3:a2:24:bc:70:ca:95:6a:9b:
7c:59:23:c7:96:a5:8a:f5:72:97:72:e7:16:10:a8:4a:13:67:
ee:4c:a7:2f:9f:12:fa:b4:20:50:77:5e:71:4b:be:90:39:64:
fd:f1:37:19:3d:b8:1c:fb:18:45:d5:ae:e9:a0:10:74:10:f9:
28:c3:a8:d5:d4:da:bd:22:27:7d:6e:01:0e:fb:6b:58:0f:07:
cf:47:e9:25:c1:79:bc:18:cb:9d:05:a4:ef:df:dc:ac:2d:af:
68:80:f3:2a:c9:76:eb:cb:ef:50:19:38:cf:ff:e0:cd:82:bf:
ee:e5:f4:14:1e:49:20:f2:53:9d:a1:69:68:72:dc:14:19:c3:
7b:01:b9:32
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZmY+VwuU0Bj2sR47x9FpDIMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwOTMwMDQ1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwY2UzYzlmNDllNmQyNWFkMzIwYzdiMDk5ZmNjYjcxOWQ2YzUyOTFiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAw+G0BntXf66gW7Z0VN+xJnSKeosg
adCQ6EadFt7Yh/vV30L55JR4Ug9isgBolRnvE/bUvqkgva2+xY3jhAXf5WStdsi1
EhLmViGuJW7rd5tiCFYgO556Txb8qPY4zLY1kFqGmVJ8N5lOZxeV1nC8YNGkIqE+
zlUu/FHEacMfSyCugQsAzBxSeh85MgHUf1zrQ8aPvvWaI/cGfMRN/3bZeOY70eTx
7M2IIOlIXnrN31QkBwq00qHDwd7oc3kFaJxy8oQw0ZpXPI/TnfOxV3uHb99PHeKX
6NCoJbW+efW9bC6slzu4LYTU5O7FKi6ufPlFpAsdCwh+bxU+5qfjfNI4TQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFAzjyfSebSWtMgx7CZ/MtxnWxSkbMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvRE9QSjlKNXRKYTB5REhzSm44eTNHZGJGS1JzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnMAwDBADDKJED
BAPDKJADBAbDKMAwCwMDAsOsAwQFw6xAAwQFw6zgMA0GCSqGSIb3DQEBCwUAA4IB
AQBODmZbc5f6cn3Gj+JtJuescKB6VzOeK123+YCstmp6Ls72B4RYr4z/R4dC3tMX
qmpz7EYqUE7XGOOJU9uVq4Whmd/JRC3SCSe7gHKXhaBFq7EBL1Ta/7OjkYYu/wbK
VxwkTMQLVHAAPigRCMnPlXljrwEfyxfToiS8cMqVapt8WSPHlqWK9XKXcucWEKhK
E2fuTKcvnxL6tCBQd15xS76QOWT98TcZPbgc+xhF1a7poBB0EPkow6jV1Nq9Iid9
bgEO+2tYDwfPR+klwXm8GMudBaTv39ysLa9ogPMqyXbry+9QGTjP/+DNgr/u5fQU
Hkkg8lOdoWloctwUGcN7Abky
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:10 2025 by rpki-client