Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mDv8MzFAuvTVIARuxN1G5ZV4tJA.roa
File: mDv8MzFAuvTVIARuxN1G5ZV4tJA.roa (raw, json)
Hash identifier: BjwmiZa9oIbZzTPO9rJht/3cWnP/fYAMoo6mGH8xFHw=
Subject key identifier: 98:3B:FC:33:31:40:BA:F4:D5:20:04:6E:C4:DD:46:E5:95:78:B4:90
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0198518322A9324F67F6C64F053F382CE3CD
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mDv8MzFAuvTVIARuxN1G5ZV4tJA.roa
Signing time: Mon 28 Jul 2025 14:50:05 +0000
ROA not before: Mon 28 Jul 2025 14:50:05 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32043
IP address blocks: 195.216.164.0/24 maxlen: 24
195.216.165.0/24 maxlen: 24
195.216.166.0/24 maxlen: 24
195.216.167.0/24 maxlen: 24
195.216.184.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 05:01:29 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:51:83:22:a9:32:4f:67:f6:c6:4f:05:3f:38:2c:e3:cd
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jul 28 14:50:05 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=983bfc333140baf4d520046ec4dd46e59578b490
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ae:3c:24:fa:c0:97:a9:02:5c:36:54:73:59:71:
ab:37:bc:f2:c1:4c:c2:9d:e4:45:99:f7:fc:a1:1c:
30:a1:9d:bf:a7:29:bd:41:2c:b4:27:f5:cb:f5:22:
e2:5f:56:aa:c5:8c:46:3c:80:78:76:fe:d9:1f:26:
5b:37:e8:78:70:2b:9a:c9:fa:f0:1c:46:db:1b:db:
a4:ea:bc:bf:d2:ee:d3:ff:e0:da:c4:f9:ff:9f:41:
46:30:55:e2:f6:41:43:63:9e:cb:15:ab:17:99:b6:
06:ee:11:1c:b4:54:10:fd:c3:09:34:4a:07:14:a1:
c4:d8:e2:ac:16:0d:b7:a7:5d:36:aa:2e:f3:9e:f9:
09:a6:57:bf:f0:5c:99:d3:b0:13:72:39:75:63:97:
f1:59:03:8a:c2:19:e2:5e:5a:67:d3:84:27:de:c0:
b8:0e:d9:06:32:65:70:d4:2c:2b:27:a3:be:4c:54:
e8:9f:22:c7:f4:a6:91:a0:24:db:98:f8:c1:3e:11:
b1:77:96:6b:bd:a1:06:1f:6f:a9:27:a0:29:57:04:
d4:95:a2:09:cc:75:92:f0:50:3b:17:6e:37:88:13:
d2:1a:ce:5a:d4:a2:52:07:b9:af:55:ac:32:88:15:
de:53:58:a4:25:97:b3:9c:aa:d8:8f:8b:5e:f9:30:
4c:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
98:3B:FC:33:31:40:BA:F4:D5:20:04:6E:C4:DD:46:E5:95:78:B4:90
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/mDv8MzFAuvTVIARuxN1G5ZV4tJA.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.164.0/22
195.216.184.0/24
Signature Algorithm: sha256WithRSAEncryption
48:77:da:82:a9:2e:2c:dc:11:eb:44:9a:82:6c:28:7d:3a:43:
43:2a:d9:e0:c1:15:8a:92:55:cf:eb:89:56:60:1e:e5:da:43:
42:7d:55:06:c4:ef:17:c5:19:32:3a:c1:12:7c:2d:34:c6:72:
eb:b8:8c:20:1d:9e:3b:80:ce:cf:2d:bc:ff:ce:55:de:22:8f:
9e:2b:02:93:63:fb:6f:9d:87:59:7a:af:ed:e6:f0:0a:38:9c:
37:f6:e1:e8:11:83:8b:c0:16:47:cf:20:a1:e4:39:c3:e5:fc:
a2:ff:7e:ff:43:cc:2e:be:b8:2c:71:21:53:00:86:74:c5:39:
b0:38:27:bd:7a:40:68:e2:52:1e:56:ea:7e:83:34:c5:c0:9d:
d2:70:df:b7:4c:b7:9c:fa:89:f0:bc:b9:13:ce:f8:ee:a9:2e:
01:14:44:ea:81:e6:aa:3f:76:0c:c9:96:86:2f:fd:cb:c9:b2:
4f:f4:64:fa:f6:85:19:b1:79:8c:58:02:6a:6b:60:67:65:53:
48:5e:00:9f:98:0e:31:d0:63:ba:19:57:2d:c0:88:2d:03:49:
d0:a4:dd:7c:e2:72:8f:a9:f6:27:88:dd:e3:2d:77:fa:e2:bb:
b6:b0:31:fd:59:92:9a:8f:d6:38:33:84:12:a3:6a:38:41:1c:
d0:5e:25:98
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZhRgyKpMk9n9sZPBT84LOPNMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwNzI4MTQ1MDA1WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ODNiZmMzMzMxNDBiYWY0ZDUyMDA0NmVjNGRkNDZlNTk1NzhiNDkwMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArjwk+sCXqQJcNlRzWXGrN7zywUzC
neRFmff8oRwwoZ2/pym9QSy0J/XL9SLiX1aqxYxGPIB4dv7ZHyZbN+h4cCuayfrw
HEbbG9uk6ry/0u7T/+DaxPn/n0FGMFXi9kFDY57LFasXmbYG7hEctFQQ/cMJNEoH
FKHE2OKsFg23p102qi7znvkJple/8FyZ07ATcjl1Y5fxWQOKwhniXlpn04Qn3sC4
DtkGMmVw1CwrJ6O+TFTonyLH9KaRoCTbmPjBPhGxd5ZrvaEGH2+pJ6ApVwTUlaIJ
zHWS8FA7F243iBPSGs5a1KJSB7mvVawyiBXeU1ikJZeznKrYj4te+TBMmQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJg7/DMxQLr01SAEbsTdRuWVeLSQMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbUR2OE16RkF1dlRWSUFSdXhOMUc1WlY0dEpBLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQCw9ikAwQA
w9i4MA0GCSqGSIb3DQEBCwUAA4IBAQBId9qCqS4s3BHrRJqCbCh9OkNDKtngwRWK
klXP64lWYB7l2kNCfVUGxO8XxRkyOsESfC00xnLruIwgHZ47gM7PLbz/zlXeIo+e
KwKTY/tvnYdZeq/t5vAKOJw39uHoEYOLwBZHzyCh5DnD5fyi/37/Q8wuvrgscSFT
AIZ0xTmwOCe9ekBo4lIeVup+gzTFwJ3ScN+3TLec+onwvLkTzvjuqS4BFETqgeaq
P3YMyZaGL/3LybJP9GT69oUZsXmMWAJqa2BnZVNIXgCfmA4x0GO6GVctwIgtA0nQ
pN184nKPqfYniN3jLXf64ru2sDH9WZKaj9Y4M4QSo2o4QRzQXiWY
-----END CERTIFICATE-----
Generated at Sat Aug 23 14:27:35 2025 by rpki-client