Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/AZYvtxCiQAo7McIIg5dYZPnjqkI.roa
File: AZYvtxCiQAo7McIIg5dYZPnjqkI.roa (raw, json)
Hash identifier: e/Nkv2lWFMKh5GkiCT+Bt9tYXmSUttTSHjKIqokHr5w=
Subject key identifier: 01:96:2F:B7:10:A2:40:0A:3B:31:C2:08:83:97:58:64:F9:E3:AA:42
Certificate issuer: /CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Certificate serial: 0198A26FFC1442A81C71D93A7EAB4DBD99C2
Authority key identifier: 98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/AZYvtxCiQAo7McIIg5dYZPnjqkI.roa
Signing time: Wed 13 Aug 2025 07:58:24 +0000
ROA not before: Wed 13 Aug 2025 07:58:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 401838
IP address blocks: 81.22.129.0/24 maxlen: 24
109.72.113.0/24 maxlen: 24
109.72.121.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.mft
rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 24 Aug 2025 10:00:47 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a2:6f:fc:14:42:a8:1c:71:d9:3a:7e:ab:4d:bd:99:c2
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=982cf809c0e3e8e5552f9d0dd2e27e0dd2d8dabe
Validity
Not Before: Aug 13 07:58:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=01962fb710a2400a3b31c20883975864f9e3aa42
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a8:0c:67:21:e3:d4:dd:bc:80:66:bf:92:69:fe:
2e:b0:65:51:e7:a8:08:6b:05:01:97:70:e3:79:7d:
6b:61:f7:58:46:8a:86:07:a0:87:3b:bf:cf:33:1e:
19:a1:5f:92:d4:1a:9f:79:b2:26:5a:3d:f1:62:ca:
6f:92:6a:bf:c0:a9:c5:d3:73:3c:28:2a:f2:62:08:
c2:d7:5c:4f:36:b3:fe:c5:52:0d:8f:18:09:3f:3c:
4f:c7:23:ea:70:54:8f:08:47:af:0d:08:b3:90:10:
1a:45:60:e6:38:e5:5c:52:aa:7d:51:81:ba:ba:36:
32:3b:11:18:da:a4:c3:58:6d:85:9a:2f:db:25:ec:
8e:2e:84:0d:08:45:39:18:7a:70:a2:a8:b5:db:57:
db:0f:28:b0:7b:53:94:b4:bc:3c:21:2f:64:07:fa:
34:45:aa:3c:a8:cc:48:0c:f6:7b:0e:49:65:4c:c6:
3d:f2:9f:30:15:a8:a5:b2:90:40:b3:36:0e:ec:80:
a3:15:52:e1:39:3b:1b:6f:0d:b8:53:b7:fd:07:1a:
69:8c:8d:9c:03:18:df:7c:6f:33:d2:f9:e4:e0:a6:
15:db:82:d7:bb:df:ae:0d:d4:3f:99:e0:05:a7:c6:
b6:d4:07:f2:ca:cb:2b:5d:bf:c8:5d:21:23:80:0b:
81:99
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
01:96:2F:B7:10:A2:40:0A:3B:31:C2:08:83:97:58:64:F9:E3:AA:42
X509v3 Authority Key Identifier:
keyid:98:2C:F8:09:C0:E3:E8:E5:55:2F:9D:0D:D2:E2:7E:0D:D2:D8:DA:BE
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/mCz4CcDj6OVVL50N0uJ-DdLY2r4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/AZYvtxCiQAo7McIIg5dYZPnjqkI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/cd/6168d7-946c-4574-91ea-82ad14555eaa/1/mCz4CcDj6OVVL50N0uJ-DdLY2r4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
81.22.129.0/24
109.72.113.0/24
109.72.121.0/24
Signature Algorithm: sha256WithRSAEncryption
7d:e9:fa:ef:94:cc:86:5c:2f:82:41:95:32:2c:48:d5:d4:8e:
68:d0:88:68:d8:35:25:de:f7:f3:23:e0:4b:5b:11:47:2a:68:
a5:13:99:b1:b2:b0:37:10:87:b5:ab:fd:94:64:64:a0:8e:79:
7a:4c:77:dc:0f:ca:e7:da:06:2d:8c:16:a6:8c:f5:47:5d:8f:
6c:eb:94:51:a6:ef:c7:e0:f0:cd:ff:92:9c:48:5d:fd:76:77:
33:f1:dd:28:61:11:64:ba:f5:b9:81:a3:2e:64:9d:2c:ba:51:
35:07:51:f7:de:90:d2:06:4b:5a:dc:c4:55:03:54:2e:67:37:
5c:47:9e:13:11:1b:b0:a9:26:39:44:14:96:38:d8:19:d0:ed:
52:12:f2:33:07:d9:a0:95:bf:09:80:8e:3e:b1:50:af:a7:a1:
c0:2f:fd:a9:49:e4:8d:f3:1d:35:5f:2b:1d:aa:e6:0e:25:b4:
39:96:66:c0:9b:eb:2e:16:b2:ca:b2:a3:d3:ee:59:96:b8:54:
e0:87:a2:5c:ed:ef:36:75:47:6a:b5:16:dc:6e:15:08:10:e4:
7e:b1:86:1f:0a:41:23:70:eb:ff:bf:f6:d1:ea:f4:1e:65:23:
29:87:3d:bd:2a:e0:70:64:78:2c:f5:7f:08:2a:f6:72:b5:a3:
77:e9:cb:5d
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZiib/wUQqgccdk6fqtNvZnCMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk4MmNmODA5YzBlM2U4ZTU1NTJmOWQwZGQyZTI3ZTBkZDJk
OGRhYmUwHhcNMjUwODEzMDc1ODI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwMTk2MmZiNzEwYTI0MDBhM2IzMWMyMDg4Mzk3NTg2NGY5ZTNhYTQyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAqAxnIePU3byAZr+Saf4usGVR56gI
awUBl3DjeX1rYfdYRoqGB6CHO7/PMx4ZoV+S1BqfebImWj3xYspvkmq/wKnF03M8
KCryYgjC11xPNrP+xVINjxgJPzxPxyPqcFSPCEevDQizkBAaRWDmOOVcUqp9UYG6
ujYyOxEY2qTDWG2Fmi/bJeyOLoQNCEU5GHpwoqi121fbDyiwe1OUtLw8IS9kB/o0
Rao8qMxIDPZ7DkllTMY98p8wFailspBAszYO7ICjFVLhOTsbbw24U7f9BxppjI2c
AxjffG8z0vnk4KYV24LXu9+uDdQ/meAFp8a21AfyyssrXb/IXSEjgAuBmQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFAGWL7cQokAKOzHCCIOXWGT546pCMB8GA1UdIwQY
MBaAFJgs+AnA4+jlVS+dDdLifg3S2Nq+MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEt
ODJhZDE0NTU1ZWFhLzEvQVpZdnR4Q2lRQW83TWNJSWc1ZFlaUG5qcWtJLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9jZC82MTY4ZDctOTQ2Yy00NTc0LTkxZWEtODJhZDE0NTU1ZWFh
LzEvbUN6NENjRGo2T1ZWTDUwTjB1Si1EZExZMnI0LmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAURaBAwQA
bUhxAwQAbUh5MA0GCSqGSIb3DQEBCwUAA4IBAQB96frvlMyGXC+CQZUyLEjV1I5o
0Iho2DUl3vfzI+BLWxFHKmilE5mxsrA3EIe1q/2UZGSgjnl6THfcD8rn2gYtjBam
jPVHXY9s65RRpu/H4PDN/5KcSF39dncz8d0oYRFkuvW5gaMuZJ0sulE1B1H33pDS
Bkta3MRVA1QuZzdcR54TERuwqSY5RBSWONgZ0O1SEvIzB9mglb8JgI4+sVCvp6HA
L/2pSeSN8x01XysdquYOJbQ5lmbAm+suFrLKsqPT7lmWuFTgh6Jc7e82dUdqtRbc
bhUIEOR+sYYfCkEjcOv/v/bR6vQeZSMphz29KuBwZHgs9X8IKvZytaN36ctd
-----END CERTIFICATE-----
Generated at Sat Aug 23 16:38:10 2025 by rpki-client