Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CjeSZR86nfS6K8sFUbh397KLlSg.roa
File: CjeSZR86nfS6K8sFUbh397KLlSg.roa (raw, json)
Hash identifier: VvUNYRmECbisLlM1k5o1a+U0OGBTt8KDFsxxt+vB35I=
Subject key identifier: 0A:37:92:65:1F:3A:9D:F4:BA:2B:CB:05:51:B8:77:F7:B2:8B:95:28
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0198848A682E0DCD42FEE70C9E7692F06C5A
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CjeSZR86nfS6K8sFUbh397KLlSg.roa
Signing time: Thu 07 Aug 2025 12:38:39 +0000
ROA not before: Thu 07 Aug 2025 12:38:39 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 43641
IP address blocks: 195.216.181.0/24 maxlen: 24
195.216.189.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:84:8a:68:2e:0d:cd:42:fe:e7:0c:9e:76:92:f0:6c:5a
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Aug 7 12:38:39 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0a3792651f3a9df4ba2bcb0551b877f7b28b9528
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9d:4e:61:cf:54:4b:74:3a:0a:96:39:4c:3c:70:
f6:0c:69:e6:3a:5d:28:eb:17:e2:0d:60:9c:72:cd:
1b:4b:1b:e3:d7:f2:53:65:98:bc:41:9e:43:f9:64:
b9:61:6f:c8:e0:79:8d:c2:67:8f:0e:8f:56:28:0f:
9c:a8:3a:b2:de:ad:fd:84:22:60:50:7d:96:ae:13:
e6:67:e1:22:94:c0:5d:05:8c:6b:28:d1:5c:16:a0:
0c:73:a7:fc:99:84:c8:ab:af:5a:a1:b1:7a:b0:6b:
db:93:96:5d:15:a5:4c:02:29:ea:83:cc:d0:fd:06:
77:fd:46:61:f6:35:de:cd:c2:67:14:fa:0a:f4:81:
72:4d:34:7c:71:27:87:fe:90:65:2d:b6:f5:45:cf:
b3:80:b6:ac:75:b2:94:7b:78:31:d0:1a:3c:1d:e9:
6d:83:9c:50:62:8e:55:01:97:de:7e:a9:f0:f2:c7:
7c:90:99:e2:a3:ab:eb:00:b4:73:8c:df:95:e8:00:
b0:51:ae:06:89:2a:f4:37:1d:21:9d:8c:ab:c4:2c:
7b:8a:39:c1:f3:fa:b5:e0:72:9b:39:ed:2a:90:45:
e6:e2:0e:e0:f4:2a:22:2b:81:d0:b3:d4:5a:41:9e:
97:89:94:c5:dd:45:ca:db:08:bc:80:b2:46:ca:bd:
d3:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0A:37:92:65:1F:3A:9D:F4:BA:2B:CB:05:51:B8:77:F7:B2:8B:95:28
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/CjeSZR86nfS6K8sFUbh397KLlSg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.181.0/24
195.216.189.0/24
Signature Algorithm: sha256WithRSAEncryption
62:66:84:89:14:a6:c9:4d:39:d3:01:66:06:8f:e0:dd:84:8d:
91:5a:43:63:42:e0:aa:fd:38:38:df:35:c3:df:fb:e2:24:36:
73:4e:c2:3b:b3:6b:3c:8e:4a:fb:58:32:e7:17:0a:a7:e1:97:
1f:c1:a8:c6:0f:33:b4:6f:8d:3f:e7:5c:b3:cb:82:fa:a9:c2:
ac:72:08:80:da:6f:b1:d4:fd:fb:42:15:9f:b4:0c:16:60:b2:
2e:e5:f4:ad:fa:df:d6:09:e5:77:f5:d1:2f:fe:93:ea:6b:d8:
19:91:30:49:00:86:6d:a6:99:b2:b0:cb:83:a2:0d:31:f4:81:
bf:b7:84:2b:d9:da:ba:ba:a0:65:fc:92:73:a7:cd:e6:50:79:
8a:87:8b:b5:f6:ca:ce:94:9f:80:d8:da:09:66:05:53:31:13:
5e:68:45:1b:41:48:ce:bb:ff:36:3c:30:29:92:44:61:06:92:
42:a2:2b:ed:a8:83:e0:d2:a5:d3:bd:90:3b:69:81:a6:a6:10:
3d:a7:de:68:7b:48:a8:9b:af:f5:03:30:d4:b8:e4:8e:c2:2b:
0f:b5:0a:fc:54:22:99:8c:00:fd:63:22:40:7d:aa:ae:c1:f3:
b3:16:2d:1b:00:73:30:65:81:5b:95:6c:92:ac:7d:48:23:c7:
4e:9e:86:a8
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZiEimguDc1C/ucMnnaS8GxaMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwODA3MTIzODM5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwYTM3OTI2NTFmM2E5ZGY0YmEyYmNiMDU1MWI4NzdmN2IyOGI5NTI4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnU5hz1RLdDoKljlMPHD2DGnmOl0o
6xfiDWCccs0bSxvj1/JTZZi8QZ5D+WS5YW/I4HmNwmePDo9WKA+cqDqy3q39hCJg
UH2WrhPmZ+EilMBdBYxrKNFcFqAMc6f8mYTIq69aobF6sGvbk5ZdFaVMAinqg8zQ
/QZ3/UZh9jXezcJnFPoK9IFyTTR8cSeH/pBlLbb1Rc+zgLasdbKUe3gx0Bo8Helt
g5xQYo5VAZfefqnw8sd8kJnio6vrALRzjN+V6ACwUa4GiSr0Nx0hnYyrxCx7ijnB
8/q14HKbOe0qkEXm4g7g9CoiK4HQs9RaQZ6XiZTF3UXK2wi8gLJGyr3TjQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFAo3kmUfOp30uivLBVG4d/eyi5UoMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvQ2plU1pSODZuZlM2SzhzRlViaDM5N0tMbFNnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAw9i1AwQA
w9i9MA0GCSqGSIb3DQEBCwUAA4IBAQBiZoSJFKbJTTnTAWYGj+DdhI2RWkNjQuCq
/Tg43zXD3/viJDZzTsI7s2s8jkr7WDLnFwqn4ZcfwajGDzO0b40/51yzy4L6qcKs
cgiA2m+x1P37QhWftAwWYLIu5fSt+t/WCeV39dEv/pPqa9gZkTBJAIZtppmysMuD
og0x9IG/t4Qr2dq6uqBl/JJzp83mUHmKh4u19srOlJ+A2NoJZgVTMRNeaEUbQUjO
u/82PDApkkRhBpJCoivtqIPg0qXTvZA7aYGmphA9p95oe0iom6/1AzDUuOSOwisP
tQr8VCKZjAD9YyJAfaquwfOzFi0bAHMwZYFblWySrH1II8dOnoao
-----END CERTIFICATE-----
Generated at Sat Aug 23 13:30:58 2025 by rpki-client