Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ezYo1wgllAXbetC1-GKf4uCSixk.roa
File: ezYo1wgllAXbetC1-GKf4uCSixk.roa (raw, json)
Hash identifier: DXNzEzdBZwHAgaGmyoWw62UmDEcMW7pER+MyYjNmH88=
Subject key identifier: 7B:36:28:D7:08:25:94:05:DB:7A:D0:B5:F8:62:9F:E2:E0:92:8B:19
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 0199C81539C345FC31143B26CCCBC6EEFE00
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ezYo1wgllAXbetC1-GKf4uCSixk.roa
Signing time: Thu 09 Oct 2025 08:27:38 +0000
ROA not before: Thu 09 Oct 2025 08:27:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 396356
IP address blocks: 195.40.106.0/23 maxlen: 24
195.172.108.0/23 maxlen: 24
195.172.118.0/23 maxlen: 24
195.172.200.0/23 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:c8:15:39:c3:45:fc:31:14:3b:26:cc:cb:c6:ee:fe:00
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Oct 9 08:27:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7b3628d708259405db7ad0b5f8629fe2e0928b19
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:b1:e8:bc:e8:c0:b9:db:da:2b:d3:e3:3c:61:
8e:7e:7d:8c:4e:3d:26:60:bb:29:12:db:cc:4c:fe:
ac:12:17:60:f8:54:e5:0a:a3:2e:3a:b7:1c:bd:2b:
02:f9:61:10:96:19:ab:94:41:b7:3d:0c:e7:b5:f9:
9c:6e:9b:00:f2:9a:6b:06:32:46:a2:22:9e:58:db:
01:00:b8:d8:e9:92:63:18:19:ff:8c:59:90:6f:ea:
25:01:a8:3e:f2:56:4e:06:f8:c4:33:3f:04:f5:c8:
d4:a1:ae:ec:c8:78:b6:08:8a:a6:40:c5:ae:41:5c:
44:6c:ed:52:e3:23:58:fc:10:d8:d2:1b:c2:2a:8f:
bf:76:25:b5:f0:31:84:51:b5:ba:31:56:79:b7:7a:
b6:7b:ce:46:77:14:d2:3a:eb:b3:4c:47:2f:2b:5b:
b5:28:2f:7f:a0:f0:fa:b9:41:5b:06:5e:0a:15:a1:
31:7a:2f:e2:f0:61:01:c1:02:c3:01:fe:0a:e9:7e:
79:17:86:e9:eb:4a:44:ce:2e:fb:66:16:62:4c:00:
b2:54:93:47:81:6d:c1:87:ce:6f:5e:2b:91:39:f9:
e9:48:0f:4e:03:d2:8f:f4:56:87:58:84:17:7a:ae:
13:83:2c:f6:2b:4e:d3:89:e6:bc:d3:48:58:f6:1f:
04:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:36:28:D7:08:25:94:05:DB:7A:D0:B5:F8:62:9F:E2:E0:92:8B:19
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/ezYo1wgllAXbetC1-GKf4uCSixk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.106.0/23
195.172.108.0/23
195.172.118.0/23
195.172.200.0/23
Signature Algorithm: sha256WithRSAEncryption
6b:f2:87:47:a8:83:4d:39:1a:e7:ba:9d:86:de:d4:54:a8:e1:
75:ba:bf:a3:de:c5:28:82:39:03:d2:58:34:65:97:dd:74:09:
49:25:1b:f9:0c:e5:48:95:c8:e9:c7:f5:6b:52:a6:ef:08:c7:
48:c8:00:9c:94:06:a3:d8:86:ed:90:08:c1:ed:f7:8d:a3:06:
1f:9c:05:c5:e5:26:ba:7a:8b:9b:8b:16:1b:db:28:93:c6:0b:
c6:cd:d3:ce:1d:e7:33:bc:86:51:b8:af:81:78:d7:33:67:80:
e0:7f:52:e9:71:0e:b7:e4:1e:e2:c2:6a:10:72:40:13:10:cb:
54:c6:5c:07:8f:44:de:91:11:e1:76:4e:b0:4e:74:3a:91:58:
5d:74:a0:72:16:4a:58:7e:f8:d7:a7:96:93:71:35:ec:2f:ac:
c4:fd:73:91:29:bc:d3:29:21:9c:ce:51:4c:89:b3:68:ae:ce:
f5:c5:b2:f5:90:4d:d8:a1:3e:52:a0:d6:51:64:58:c7:bc:f9:
0c:75:8f:24:e9:01:67:87:68:f5:b2:b4:0c:b8:4f:7a:82:de:
10:25:33:a6:bf:a6:42:97:dd:89:8c:60:f5:93:2e:d3:b8:e3:
7f:ac:7e:a9:6f:a1:9f:a4:03:be:6d:52:53:f3:8b:90:54:17:
61:cc:ec:6c
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZnIFTnDRfwxFDsmzMvG7v4AMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUxMDA5MDgyNzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YjM2MjhkNzA4MjU5NDA1ZGI3YWQwYjVmODYyOWZlMmUwOTI4YjE5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArbHovOjAudvaK9PjPGGOfn2MTj0m
YLspEtvMTP6sEhdg+FTlCqMuOrccvSsC+WEQlhmrlEG3PQzntfmcbpsA8pprBjJG
oiKeWNsBALjY6ZJjGBn/jFmQb+olAag+8lZOBvjEMz8E9cjUoa7syHi2CIqmQMWu
QVxEbO1S4yNY/BDY0hvCKo+/diW18DGEUbW6MVZ5t3q2e85GdxTSOuuzTEcvK1u1
KC9/oPD6uUFbBl4KFaExei/i8GEBwQLDAf4K6X55F4bp60pEzi77ZhZiTACyVJNH
gW3Bh85vXiuROfnpSA9OA9KP9FaHWIQXeq4Tgyz2K07Tiea800hY9h8EMQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFHs2KNcIJZQF23rQtfhin+LgkosZMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvZXpZbzF3Z2xsQVhiZXRDMS1HS2Y0dUNTaXhrLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQBwyhqAwQB
w6xsAwQBw6x2AwQBw6zIMA0GCSqGSIb3DQEBCwUAA4IBAQBr8odHqINNORrnup2G
3tRUqOF1ur+j3sUogjkD0lg0ZZfddAlJJRv5DOVIlcjpx/VrUqbvCMdIyACclAaj
2IbtkAjB7feNowYfnAXF5Sa6eoubixYb2yiTxgvGzdPOHeczvIZRuK+BeNczZ4Dg
f1LpcQ635B7iwmoQckATEMtUxlwHj0TekRHhdk6wTnQ6kVhddKByFkpYfvjXp5aT
cTXsL6zE/XORKbzTKSGczlFMibNors71xbL1kE3YoT5SoNZRZFjHvPkMdY8k6QFn
h2j1srQMuE96gt4QJTOmv6ZCl92JjGD1ky7TuON/rH6pb6GfpAO+bVJT84uQVBdh
zOxs
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:40:13 2025 by rpki-client