Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/iXa0AFyKvc2taQNfQgD8YHz2Pgc.roa
File: iXa0AFyKvc2taQNfQgD8YHz2Pgc.roa (raw, json)
Hash identifier: zHUiQ4J0OYdVSRP/adsfKNmjsUt72LqOyMxb3t94zYE=
Subject key identifier: 89:76:B4:00:5C:8A:BD:CD:AD:69:03:5F:42:00:FC:60:7C:F6:3E:07
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 01999AD744E04F143759BFD964B1B1358389
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/iXa0AFyKvc2taQNfQgD8YHz2Pgc.roa
Signing time: Tue 30 Sep 2025 13:37:03 +0000
ROA not before: Tue 30 Sep 2025 13:37:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 3320
IP address blocks: 195.40.145.0/24 maxlen: 24
195.40.146.0/23 maxlen: 24
195.40.148.0/22 maxlen: 24
195.40.192.0/18 maxlen: 24
195.172.0.0/18 maxlen: 24
195.172.64.0/19 maxlen: 24
195.172.224.0/19 maxlen: 24
212.134.29.0/24 maxlen: 24
212.134.30.0/24 maxlen: 24
212.134.31.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:d7:44:e0:4f:14:37:59:bf:d9:64:b1:b1:35:83:89
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Sep 30 13:37:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=8976b4005c8abdcdad69035f4200fc607cf63e07
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:c2:f8:59:29:26:ff:ae:ad:61:d0:38:bc:5b:
a1:ea:c1:86:fa:2f:da:29:ec:47:6c:b1:72:83:4a:
d9:f7:c9:88:b5:f3:e6:e2:69:2d:34:0e:14:a0:36:
6e:78:3a:34:d5:36:67:3d:74:9b:ca:0d:12:62:ee:
60:96:6f:09:0b:a2:3d:db:36:3c:73:55:b7:ac:8b:
7b:ce:a2:ec:72:4a:60:55:79:53:c8:ac:66:07:5a:
85:32:1f:25:39:23:c2:6a:ea:7c:94:e4:ea:4f:33:
77:de:74:db:cf:c0:c6:f5:c8:b0:60:a3:79:65:b5:
0b:b3:d8:2d:05:f0:f4:ba:c9:06:35:d6:f9:35:73:
b4:9c:c1:6e:34:23:4e:09:8f:cf:08:ed:e4:82:fa:
5d:75:ef:ae:b5:8d:4d:b4:8b:ce:c8:3c:d2:77:1f:
0b:15:91:45:0b:84:b5:3e:fe:f5:3b:e9:81:ec:1f:
ed:05:76:ef:92:da:5a:78:83:5a:c5:e5:8b:4d:ef:
5a:15:8c:d0:3b:97:48:8f:3e:23:0c:7f:2f:75:d0:
5d:dc:e7:db:7d:63:17:45:b7:b2:17:c6:3d:82:e4:
f5:5d:e8:e4:32:a2:20:32:e7:1d:2f:ee:e9:17:33:
3d:b9:73:84:bc:d7:64:c5:c0:fe:a8:cc:29:3f:91:
97:b3
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
89:76:B4:00:5C:8A:BD:CD:AD:69:03:5F:42:00:FC:60:7C:F6:3E:07
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/iXa0AFyKvc2taQNfQgD8YHz2Pgc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.145.0-195.40.151.255
195.40.192.0/18
195.172.0.0-195.172.95.255
195.172.224.0/19
212.134.29.0-212.134.31.255
Signature Algorithm: sha256WithRSAEncryption
d4:10:e7:ad:7e:63:63:b6:3c:7b:9c:1a:2b:b3:41:87:07:c0:
04:fd:64:bf:46:b9:ab:45:2b:23:bc:f3:6f:b7:75:b0:65:00:
8e:3d:50:fa:d3:ef:f3:c8:9e:8b:6c:d6:19:c5:a7:2f:a1:09:
7c:47:24:3b:03:40:7e:06:c9:b7:a8:93:96:50:8e:dc:98:c1:
72:3f:de:13:38:1e:d5:2b:bd:b2:c6:66:21:88:5d:69:c0:f6:
98:10:0c:c8:35:90:80:77:33:af:4e:7e:f7:ef:38:c2:af:60:
7b:84:86:f9:27:24:cd:d8:b2:b4:90:ad:9b:4b:7a:99:fd:c0:
cb:8e:66:43:10:07:03:b4:88:72:e2:0c:70:52:79:1d:ac:19:
85:4e:77:7c:f2:9b:3a:dc:c2:ae:ed:36:e4:72:2a:e6:75:0a:
4a:da:e9:4d:d0:61:44:14:41:49:da:32:99:19:8a:d9:18:8e:
5f:7d:46:ef:37:02:58:ce:71:90:c5:f6:7a:4c:2c:f3:0e:05:
90:6f:8e:20:d9:7f:b0:61:b1:70:cc:64:97:9c:70:21:ad:07:
f0:79:d4:a4:ac:44:dc:60:42:d8:ae:eb:b1:e0:f6:39:c9:5b:
6a:b6:4f:7a:fe:cb:f7:0e:08:a4:8d:d7:64:53:96:5e:a6:25:
c2:6f:63:bc
-----BEGIN CERTIFICATE-----
MIIFLDCCBBSgAwIBAgISAZma10TgTxQ3Wb/ZZLGxNYOJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwOTMwMTMzNzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg4OTc2YjQwMDVjOGFiZGNkYWQ2OTAzNWY0MjAwZmM2MDdjZjYzZTA3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtcL4WSkm/66tYdA4vFuh6sGG+i/a
KexHbLFyg0rZ98mItfPm4mktNA4UoDZueDo01TZnPXSbyg0SYu5glm8JC6I92zY8
c1W3rIt7zqLsckpgVXlTyKxmB1qFMh8lOSPCaup8lOTqTzN33nTbz8DG9ciwYKN5
ZbULs9gtBfD0uskGNdb5NXO0nMFuNCNOCY/PCO3kgvpdde+utY1NtIvOyDzSdx8L
FZFFC4S1Pv71O+mB7B/tBXbvktpaeINaxeWLTe9aFYzQO5dIjz4jDH8vddBd3Ofb
fWMXRbeyF8Y9guT1XejkMqIgMucdL+7pFzM9uXOEvNdkxcD+qMwpP5GXswIDAQAB
o4ICODCCAjQwHQYDVR0OBBYEFIl2tABcir3NrWkDX0IA/GB89j4HMB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvaVhhMEFGeUt2YzJ0YVFOZlFnRDhZSHoyUGdjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CME4GCCsGAQUFBwEHAQH/BD8wPTA7BAIAATA1MAwDBADDKJED
BAPDKJADBAbDKMAwCwMDAsOsAwQFw6xAAwQFw6zgMAwDBADUhh0DBAXUhgAwDQYJ
KoZIhvcNAQELBQADggEBANQQ561+Y2O2PHucGiuzQYcHwAT9ZL9GuatFKyO882+3
dbBlAI49UPrT7/PInots1hnFpy+hCXxHJDsDQH4Gybeok5ZQjtyYwXI/3hM4HtUr
vbLGZiGIXWnA9pgQDMg1kIB3M69OfvfvOMKvYHuEhvknJM3YsrSQrZtLepn9wMuO
ZkMQBwO0iHLiDHBSeR2sGYVOd3zymzrcwq7tNuRyKuZ1Ckra6U3QYUQUQUnaMpkZ
itkYjl99Ru83AljOcZDF9npMLPMOBZBvjiDZf7BhsXDMZJeccCGtB/B51KSsRNxg
Qtiu67Hg9jnJW2q2T3r+y/cOCKSN12RTll6mJcJvY7w=
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:04:31 2025 by rpki-client