Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/vwu7c26o7b77RE7SCnU0LMYegrE.roa
File: vwu7c26o7b77RE7SCnU0LMYegrE.roa (raw, json)
Hash identifier: E6XIX7EQDjDO8obOi+FPj+e6VA588ayYXUVe16SPD18=
Subject key identifier: BF:0B:BB:73:6E:A8:ED:BE:FB:44:4E:D2:0A:75:34:2C:C6:1E:82:B1
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0197659F254B5DEAC39318AA1E81ABF0BB82
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/vwu7c26o7b77RE7SCnU0LMYegrE.roa
Signing time: Thu 12 Jun 2025 19:30:17 +0000
ROA not before: Thu 12 Jun 2025 19:30:17 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 195.216.162.0/24 maxlen: 24
195.216.163.0/24 maxlen: 24
195.216.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 03 Jul 2025 05:01:21 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:65:9f:25:4b:5d:ea:c3:93:18:aa:1e:81:ab:f0:bb:82
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jun 12 19:30:17 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bf0bbb736ea8edbefb444ed20a75342cc61e82b1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:bc:33:cd:0f:ff:52:b5:e0:20:e3:63:0d:dd:3a:
fc:4e:57:49:db:01:42:41:f4:02:ad:de:91:85:33:
5e:c5:e4:a5:ce:ea:4f:5c:f2:49:24:0c:a3:d2:14:
a1:c7:fc:c4:8b:fc:11:31:ce:92:aa:8a:b2:ec:88:
b3:66:7a:b5:7f:6d:54:a3:25:82:1c:87:36:85:a8:
1b:9b:07:e2:45:05:e6:43:95:2b:0d:8c:a3:15:93:
34:e9:1b:48:9d:4d:2f:2f:17:7a:11:e9:8e:ae:49:
24:e3:71:52:65:26:30:82:46:1a:ec:76:09:51:d0:
38:2a:8a:1a:a7:e7:bb:9d:45:9a:35:49:83:7d:eb:
27:e0:dd:15:22:65:4c:e1:e8:43:08:f6:29:32:45:
44:ca:0a:fc:0b:ac:01:18:66:22:e0:b6:21:ca:10:
41:98:aa:40:cb:df:f4:fb:90:b5:31:20:ae:c8:01:
03:9d:dc:e5:8a:0b:09:8e:2b:74:23:a2:ae:ab:1a:
36:09:62:37:cb:b5:29:e1:bc:d7:38:df:e3:14:64:
da:f3:2d:7a:10:b5:c4:9c:f9:d0:e1:11:65:ea:db:
d1:e5:62:8b:53:7a:a1:bd:87:45:e8:fc:61:7d:1f:
74:4d:1e:03:c8:20:25:32:ca:c6:f7:2e:77:65:4e:
f9:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BF:0B:BB:73:6E:A8:ED:BE:FB:44:4E:D2:0A:75:34:2C:C6:1E:82:B1
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/vwu7c26o7b77RE7SCnU0LMYegrE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.162.0/23
195.216.191.0/24
Signature Algorithm: sha256WithRSAEncryption
2f:29:c9:d0:a7:b9:e1:ca:e1:9f:35:af:8e:60:e9:8a:08:87:
4a:44:01:df:6b:c4:a2:1b:9e:be:77:b3:42:25:30:e3:a1:ef:
f1:a0:9f:87:61:90:8c:52:0f:59:f8:65:b4:37:13:8c:45:6d:
b6:6e:37:9c:72:99:b1:3c:7c:03:44:e9:21:5b:ad:34:79:1d:
a5:80:58:b1:02:ee:c0:22:f6:d0:81:58:2a:71:dd:41:45:df:
30:5c:53:91:cb:e7:b4:17:6e:e3:d1:b8:38:5e:67:f3:c1:54:
b5:a7:57:cb:74:13:fa:24:e8:d2:34:93:fa:50:ee:09:f1:1d:
91:12:72:38:0f:c3:3d:60:b7:86:17:11:66:f5:ad:0b:82:29:
72:ca:0a:ef:39:07:b4:30:bf:78:a2:a4:90:7f:2b:28:8e:43:
ff:13:5d:55:e7:30:e4:98:2c:03:83:1b:99:32:d5:c4:70:34:
65:92:6f:57:4b:a2:9f:d6:d8:aa:22:5c:1c:cb:ab:c9:eb:5a:
de:4e:a6:2b:fc:60:cc:07:1d:3a:b1:2e:60:b5:5a:cc:b8:15:
98:3a:a6:02:55:5c:7c:75:1b:48:c6:e6:e4:4d:36:6a:2b:b1:
12:48:03:9e:91:1b:b1:4c:de:9f:b3:a2:88:02:f9:2d:9a:07:
39:c5:e7:74
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZdlnyVLXerDkxiqHoGr8LuCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwNjEyMTkzMDE3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiZjBiYmI3MzZlYThlZGJlZmI0NDRlZDIwYTc1MzQyY2M2MWU4MmIxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvDPND/9SteAg42MN3Tr8TldJ2wFC
QfQCrd6RhTNexeSlzupPXPJJJAyj0hShx/zEi/wRMc6Sqoqy7IizZnq1f21UoyWC
HIc2hagbmwfiRQXmQ5UrDYyjFZM06RtInU0vLxd6EemOrkkk43FSZSYwgkYa7HYJ
UdA4Kooap+e7nUWaNUmDfesn4N0VImVM4ehDCPYpMkVEygr8C6wBGGYi4LYhyhBB
mKpAy9/0+5C1MSCuyAEDndzligsJjit0I6Kuqxo2CWI3y7Up4bzXON/jFGTa8y16
ELXEnPnQ4RFl6tvR5WKLU3qhvYdF6PxhfR90TR4DyCAlMsrG9y53ZU75qwIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFL8Lu3NuqO2++0RO0gp1NCzGHoKxMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvdnd1N2MyNm83Yjc3UkU3U0NuVTBMTVllZ3JFLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQBw9iiAwQA
w9i/MA0GCSqGSIb3DQEBCwUAA4IBAQAvKcnQp7nhyuGfNa+OYOmKCIdKRAHfa8Si
G56+d7NCJTDjoe/xoJ+HYZCMUg9Z+GW0NxOMRW22bjeccpmxPHwDROkhW600eR2l
gFixAu7AIvbQgVgqcd1BRd8wXFORy+e0F27j0bg4XmfzwVS1p1fLdBP6JOjSNJP6
UO4J8R2REnI4D8M9YLeGFxFm9a0LgilyygrvOQe0ML94oqSQfysojkP/E11V5zDk
mCwDgxuZMtXEcDRlkm9XS6Kf1tiqIlwcy6vJ61reTqYr/GDMBx06sS5gtVrMuBWY
OqYCVVx8dRtIxubkTTZqK7ESSAOekRuxTN6fs6KIAvktmgc5xed0
-----END CERTIFICATE-----
Generated at Wed Jul 2 15:09:17 2025 by rpki-client