Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/nf08bxZrXlifI-WoWt3QiOzUCYE.roa
File: nf08bxZrXlifI-WoWt3QiOzUCYE.roa (raw, json)
Hash identifier: 9Fjz3WhUtYB2nXdTzmYUXTXJcsut26eiijRzx8g0Gdo=
Subject key identifier: 9D:FD:3C:6F:16:6B:5E:58:9F:23:E5:A8:5A:DD:D0:88:EC:D4:09:81
Certificate issuer: /CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Certificate serial: 01998D3BAF9A2C2C96AE1522692FF918AED1
Authority key identifier: 2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/nf08bxZrXlifI-WoWt3QiOzUCYE.roa
Signing time: Sat 27 Sep 2025 22:12:02 +0000
ROA not before: Sat 27 Sep 2025 22:12:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 10753
IP address blocks: 185.165.47.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.mft
rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:8d:3b:af:9a:2c:2c:96:ae:15:22:69:2f:f9:18:ae:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2e368b0aec6c7fd48d0d96b4077a23f906a86a48
Validity
Not Before: Sep 27 22:12:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9dfd3c6f166b5e589f23e5a85addd088ecd40981
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:97:ef:db:b7:99:82:aa:7c:1d:2a:f1:17:f2:b1:
4f:ae:2d:b8:a5:98:86:81:15:c5:b1:c5:2d:fe:e5:
1c:6a:5e:e4:01:84:0c:6d:d8:4c:50:00:ba:1b:85:
aa:66:48:64:bd:10:52:93:93:0a:79:7b:42:97:c5:
ec:aa:e2:b0:0f:bb:82:3d:c8:8e:5c:61:70:f3:9c:
1c:2a:f0:d0:e3:80:50:7a:49:d6:b2:0d:96:2a:ae:
d0:de:a7:a0:df:a9:cf:44:08:33:68:41:d0:85:71:
0e:2d:bb:c0:99:87:cc:df:13:49:18:8d:c2:3c:a9:
03:81:86:86:b8:fa:ea:de:07:43:64:54:8f:71:d6:
3a:47:dd:61:17:e1:90:4c:ca:21:59:e5:d4:d7:11:
45:8d:e9:19:fa:db:45:fc:d9:de:2d:2e:da:7c:de:
85:1a:0d:82:66:6d:a3:85:be:da:27:e7:16:40:77:
70:6e:05:af:88:1e:cc:0b:58:40:c1:75:71:dd:2c:
40:ff:ed:65:9d:47:6c:ee:a6:00:46:67:ce:8c:99:
3b:75:e0:ea:f8:cc:99:df:d6:13:b4:58:1a:57:13:
6b:d9:0e:34:68:54:74:76:e8:f4:cc:cc:44:ac:eb:
e9:b0:26:32:fd:05:95:fa:32:03:30:a8:21:ea:1f:
02:89
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9D:FD:3C:6F:16:6B:5E:58:9F:23:E5:A8:5A:DD:D0:88:EC:D4:09:81
X509v3 Authority Key Identifier:
keyid:2E:36:8B:0A:EC:6C:7F:D4:8D:0D:96:B4:07:7A:23:F9:06:A8:6A:48
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/LjaLCuxsf9SNDZa0B3oj-Qaoakg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/nf08bxZrXlifI-WoWt3QiOzUCYE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/87/dc7030-78cc-4800-888d-1427dd16efa4/1/LjaLCuxsf9SNDZa0B3oj-Qaoakg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
185.165.47.0/24
Signature Algorithm: sha256WithRSAEncryption
70:e5:48:61:a1:ea:be:a5:37:d2:3d:0e:cd:cd:63:c6:bd:29:
2d:53:ff:24:c1:36:47:8d:13:23:82:33:62:dd:87:21:16:9e:
7f:cc:29:51:77:39:47:be:09:e3:13:ad:f2:0e:b8:12:83:9d:
7c:13:b7:55:68:f7:8a:da:a3:4e:68:53:b5:f7:15:82:14:4a:
8c:e9:35:c2:86:be:83:56:bc:44:d4:44:36:2a:f2:d1:60:98:
25:c2:6f:93:cc:29:d9:8a:27:b4:d6:ba:88:81:72:9f:3f:e3:
74:80:0e:f3:32:e8:67:37:20:49:97:6d:51:ae:e6:21:f1:0e:
95:2b:7a:6f:25:b0:19:94:bb:76:6b:6d:59:c1:d6:8a:6f:c8:
fb:f1:98:3c:da:d6:c1:15:c6:7b:18:47:07:0d:98:6f:97:ce:
43:d3:d7:4c:9a:bb:53:aa:93:6e:6c:ca:01:36:cf:0a:2a:f0:
7e:27:8d:01:d6:65:f1:77:cb:d2:4c:56:eb:bd:45:83:cb:6e:
2e:f8:96:d0:4f:21:c8:c8:32:82:95:af:5f:2f:e6:f0:90:32:
2e:37:bc:dd:ab:c5:50:1e:87:71:ea:2a:d9:0a:78:79:98:65:
2f:ac:9b:21:39:5f:34:aa:fc:78:b1:88:27:f4:45:ee:3b:f2:
a6:80:a3:be
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZmNO6+aLCyWrhUiaS/5GK7RMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDJlMzY4YjBhZWM2YzdmZDQ4ZDBkOTZiNDA3N2EyM2Y5MDZh
ODZhNDgwHhcNMjUwOTI3MjIxMjAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZGZkM2M2ZjE2NmI1ZTU4OWYyM2U1YTg1YWRkZDA4OGVjZDQwOTgxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAl+/bt5mCqnwdKvEX8rFPri24pZiG
gRXFscUt/uUcal7kAYQMbdhMUAC6G4WqZkhkvRBSk5MKeXtCl8XsquKwD7uCPciO
XGFw85wcKvDQ44BQeknWsg2WKq7Q3qeg36nPRAgzaEHQhXEOLbvAmYfM3xNJGI3C
PKkDgYaGuPrq3gdDZFSPcdY6R91hF+GQTMohWeXU1xFFjekZ+ttF/NneLS7afN6F
Gg2CZm2jhb7aJ+cWQHdwbgWviB7MC1hAwXVx3SxA/+1lnUds7qYARmfOjJk7deDq
+MyZ39YTtFgaVxNr2Q40aFR0duj0zMxErOvpsCYy/QWV+jIDMKgh6h8CiQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJ39PG8Wa15YnyPlqFrd0Ijs1AmBMB8GA1UdIwQY
MBaAFC42iwrsbH/UjQ2WtAd6I/kGqGpIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQt
MTQyN2RkMTZlZmE0LzEvbmYwOGJ4WnJYbGlmSS1Xb1d0M1FpT3pVQ1lFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84Ny9kYzcwMzAtNzhjYy00ODAwLTg4OGQtMTQyN2RkMTZlZmE0
LzEvTGphTEN1eHNmOVNORFphMEIzb2otUWFvYWtnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAuaUvMA0G
CSqGSIb3DQEBCwUAA4IBAQBw5Uhhoeq+pTfSPQ7NzWPGvSktU/8kwTZHjRMjgjNi
3YchFp5/zClRdzlHvgnjE63yDrgSg518E7dVaPeK2qNOaFO19xWCFEqM6TXChr6D
VrxE1EQ2KvLRYJglwm+TzCnZiie01rqIgXKfP+N0gA7zMuhnNyBJl21RruYh8Q6V
K3pvJbAZlLt2a21ZwdaKb8j78Zg82tbBFcZ7GEcHDZhvl85D09dMmrtTqpNubMoB
Ns8KKvB+J40B1mXxd8vSTFbrvUWDy24u+JbQTyHIyDKCla9fL+bwkDIuN7zdq8VQ
Hodx6irZCnh5mGUvrJshOV80qvx4sYgn9EXuO/KmgKO+
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:45:48 2025 by rpki-client