Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/b73LYZVOKac6G4il-1ce4PTa138.roa
File: b73LYZVOKac6G4il-1ce4PTa138.roa (raw, json)
Hash identifier: pZGLRHEPXEVLg+1C0RtMLojmfnurp8HxJqliemmKo/I=
Subject key identifier: 6F:BD:CB:61:95:4E:29:A7:3A:1B:88:A5:FB:57:1E:E0:F4:DA:D7:7F
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019D1ADF39E102D1E92E76E3B71230C732A7
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/b73LYZVOKac6G4il-1ce4PTa138.roa
Signing time: Mon 23 Mar 2026 13:25:30 +0000
ROA not before: Mon 23 Mar 2026 13:25:30 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 395793
IP address blocks: 195.216.162.0/24 maxlen: 24
195.216.163.0/24 maxlen: 24
195.216.172.0/24 maxlen: 24
195.216.173.0/24 maxlen: 24
195.216.174.0/24 maxlen: 24
195.216.175.0/24 maxlen: 24
195.216.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 27 Mar 2026 00:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:1a:df:39:e1:02:d1:e9:2e:76:e3:b7:12:30:c7:32:a7
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Mar 23 13:25:30 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=6fbdcb61954e29a73a1b88a5fb571ee0f4dad77f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:eb:bd:96:67:cc:51:77:3d:c2:c8:ed:bf:09:
9c:c3:13:58:84:eb:0e:5a:70:79:e3:b0:03:21:33:
37:44:62:11:f5:3d:e0:6e:bc:4e:aa:eb:32:22:c1:
d9:5a:ff:b1:39:a6:1e:1b:a0:67:fa:f1:03:21:94:
a4:af:da:df:01:51:c6:e9:bc:3a:90:87:08:db:c3:
d3:d4:ed:7f:23:92:db:04:8f:ef:48:0b:92:05:31:
cb:fc:c3:d2:bd:4f:f7:b5:75:fd:19:1b:22:70:a2:
29:55:c9:bf:72:28:c8:13:7f:9c:8f:98:9a:90:97:
3b:7c:f5:cd:14:12:d6:60:07:b1:c1:08:56:af:f8:
27:4e:08:29:46:0f:2b:42:bf:ff:ce:0d:c3:37:f9:
ce:8c:93:41:bb:32:70:31:8b:79:18:ed:cf:33:a1:
db:3b:a3:0a:d1:ee:cc:5c:78:be:c8:7a:90:ef:ef:
40:f9:8d:62:26:a7:2d:27:02:f7:70:1f:1a:0c:fa:
eb:e2:03:00:6f:94:0d:2c:08:d4:48:77:ec:fe:c3:
dd:8a:03:df:ec:9a:d3:de:aa:b0:9c:3b:91:1d:ee:
ff:a1:ca:25:b4:3a:f1:fb:17:59:54:68:8e:89:78:
61:ee:6d:ac:2a:fd:27:45:7c:15:6a:eb:ad:08:c3:
40:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:BD:CB:61:95:4E:29:A7:3A:1B:88:A5:FB:57:1E:E0:F4:DA:D7:7F
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/b73LYZVOKac6G4il-1ce4PTa138.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.162.0/23
195.216.172.0/22
195.216.191.0/24
Signature Algorithm: sha256WithRSAEncryption
1d:d1:71:ec:92:26:5c:a8:06:62:30:21:6a:f8:ee:66:7f:24:
5c:19:12:b4:73:5f:7a:25:2f:3e:99:f7:67:6e:be:42:b6:8c:
a4:ca:44:86:74:f3:f6:92:1d:eb:29:82:c4:fb:3f:c7:b0:3d:
b0:b3:67:ee:5b:eb:3b:fe:2f:b8:e2:c9:1c:36:46:01:d0:59:
77:1f:c5:69:73:04:fa:b4:96:22:b7:a8:20:eb:f7:f5:e0:dc:
80:2c:8f:ca:e0:48:77:65:02:27:e4:dd:0d:96:79:79:6f:1a:
7a:4e:0e:cb:42:d1:f6:4e:dd:b4:9d:74:49:d5:4a:f4:76:15:
8f:07:bd:c3:df:72:a5:4a:2f:0d:52:bc:1f:06:06:93:dc:a0:
68:18:c6:f3:f0:53:c3:79:9a:7f:b8:b6:1c:57:78:ea:e6:42:
78:eb:e8:55:eb:c0:a5:9b:6b:b0:30:76:d8:cc:bc:99:24:dc:
5c:94:a1:a0:a8:25:d5:c8:7d:84:22:c3:56:16:a2:89:55:4d:
4d:b1:4c:0e:79:05:00:52:eb:fd:0e:c7:83:3b:28:8f:ab:78:
08:ea:3b:70:93:04:c3:34:d3:f2:4e:be:b9:ae:38:de:90:45:
04:21:14:9e:26:e4:c7:2b:52:9d:44:77:9c:42:c2:46:c2:53:
c1:e3:da:35
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZ0a3znhAtHpLnbjtxIwxzKnMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjYwMzIzMTMyNTMwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmJkY2I2MTk1NGUyOWE3M2ExYjg4YTVmYjU3MWVlMGY0ZGFkNzdmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArOu9lmfMUXc9wsjtvwmcwxNYhOsO
WnB547ADITM3RGIR9T3gbrxOqusyIsHZWv+xOaYeG6Bn+vEDIZSkr9rfAVHG6bw6
kIcI28PT1O1/I5LbBI/vSAuSBTHL/MPSvU/3tXX9GRsicKIpVcm/cijIE3+cj5ia
kJc7fPXNFBLWYAexwQhWr/gnTggpRg8rQr//zg3DN/nOjJNBuzJwMYt5GO3PM6Hb
O6MK0e7MXHi+yHqQ7+9A+Y1iJqctJwL3cB8aDPrr4gMAb5QNLAjUSHfs/sPdigPf
7JrT3qqwnDuRHe7/ocoltDrx+xdZVGiOiXhh7m2sKv0nRXwVauutCMNAnwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFG+9y2GVTimnOhuIpftXHuD02td/MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvYjczTFlaVk9LYWM2RzRpbC0xY2U0UFRhMTM4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBw9iiAwQC
w9isAwQAw9i/MA0GCSqGSIb3DQEBCwUAA4IBAQAd0XHskiZcqAZiMCFq+O5mfyRc
GRK0c196JS8+mfdnbr5CtoykykSGdPP2kh3rKYLE+z/HsD2ws2fuW+s7/i+44skc
NkYB0Fl3H8VpcwT6tJYit6gg6/f14NyALI/K4Eh3ZQIn5N0Nlnl5bxp6Tg7LQtH2
Tt20nXRJ1Ur0dhWPB73D33KlSi8NUrwfBgaT3KBoGMbz8FPDeZp/uLYcV3jq5kJ4
6+hV68Clm2uwMHbYzLyZJNxclKGgqCXVyH2EIsNWFqKJVU1NsUwOeQUAUuv9DseD
OyiPq3gI6jtwkwTDNNPyTr65rjjekEUEIRSeJuTHK1KdRHecQsJGwlPB49o1
-----END CERTIFICATE-----
Generated at Thu Mar 26 07:47:01 2026 by rpki-client