Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/n4MiY7-N6cFd5LT0fX5jCdnE9mY.roa
File: n4MiY7-N6cFd5LT0fX5jCdnE9mY.roa (raw, json)
Hash identifier: CRHGc+7jYmhGfV22dxwe8myMH4qMsfgwaqoVc3MLHgc=
Subject key identifier: 9F:83:22:63:BF:8D:E9:C1:5D:E4:B4:F4:7D:7E:63:09:D9:C4:F6:66
Certificate issuer: /CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Certificate serial: 01987EE0F61CB9EDD4338C268C3D0FB3BCBE
Authority key identifier: 16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/n4MiY7-N6cFd5LT0fX5jCdnE9mY.roa
Signing time: Wed 06 Aug 2025 10:15:28 +0000
ROA not before: Wed 06 Aug 2025 10:15:28 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 0
IP address blocks: 80.255.192.0/19 maxlen: 19
84.19.104.0/21 maxlen: 21
84.19.122.0/23 maxlen: 23
84.19.124.0/22 maxlen: 22
185.228.252.0/22 maxlen: 22
193.39.32.0/20 maxlen: 20
193.39.65.0/24 maxlen: 24
193.193.96.0/20 maxlen: 20
194.145.148.0/23 maxlen: 23
195.182.160.0/19 maxlen: 19
212.43.160.0/19 maxlen: 19
213.147.224.0/19 maxlen: 19
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.mft
rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 23 Aug 2025 22:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:7e:e0:f6:1c:b9:ed:d4:33:8c:26:8c:3d:0f:b3:bc:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=16307d29f5543f21ea3009b9523fe71b8f1369ca
Validity
Not Before: Aug 6 10:15:28 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9f832263bf8de9c15de4b4f47d7e6309d9c4f666
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:90:7b:1f:b4:fd:a0:1b:68:90:09:04:3e:ff:3d:
3b:b8:c2:d3:c9:d0:d4:11:87:06:6e:2a:aa:a2:c6:
c7:ab:fe:62:a2:2a:d3:15:45:02:d1:9c:7a:27:e2:
b3:34:12:5d:00:52:dd:28:fd:62:0c:14:81:4f:18:
a8:95:f1:e5:01:34:32:eb:da:bc:e9:ac:ee:ce:52:
81:ec:7d:9f:49:4d:b9:93:a3:df:8f:bf:16:f1:9f:
61:18:cc:88:7a:44:06:53:db:a5:bd:98:4f:c3:3d:
8d:53:45:ef:79:93:79:8a:33:21:0d:94:9d:62:a0:
59:73:a3:48:9f:3c:70:e9:34:eb:a2:a8:06:0b:36:
5d:25:18:35:bd:fd:03:1f:98:05:08:a8:e6:de:1a:
1c:88:44:9a:2a:f8:e3:6b:8f:c3:d6:ec:dc:a8:2b:
9f:35:af:63:4a:df:59:c8:47:cb:35:f7:c4:65:b6:
f5:c6:cc:71:cf:0c:a9:1b:8a:01:fa:7e:9b:53:82:
79:d4:57:bc:83:ae:e8:82:81:aa:c9:7e:59:46:d5:
94:7d:98:9b:18:a8:eb:fc:92:57:be:de:52:50:4b:
a9:1d:c9:3c:49:b2:cc:45:b6:24:06:38:70:5a:8f:
f7:1a:ba:2a:e3:25:9a:f5:b5:63:6a:7d:a9:e9:09:
f5:f1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9F:83:22:63:BF:8D:E9:C1:5D:E4:B4:F4:7D:7E:63:09:D9:C4:F6:66
X509v3 Authority Key Identifier:
keyid:16:30:7D:29:F5:54:3F:21:EA:30:09:B9:52:3F:E7:1B:8F:13:69:CA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/FjB9KfVUPyHqMAm5Uj_nG48Taco.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/n4MiY7-N6cFd5LT0fX5jCdnE9mY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d5/bf5e70-6665-49de-b9cf-4cfe40f07a6b/1/FjB9KfVUPyHqMAm5Uj_nG48Taco.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.255.192.0/19
84.19.104.0/21
84.19.122.0-84.19.127.255
185.228.252.0/22
193.39.32.0/20
193.39.65.0/24
193.193.96.0/20
194.145.148.0/23
195.182.160.0/19
212.43.160.0/19
213.147.224.0/19
Signature Algorithm: sha256WithRSAEncryption
58:ed:ac:df:72:ff:9c:71:b4:32:ad:86:51:c3:43:29:63:54:
80:21:c1:ad:c6:2e:fd:01:bc:43:ad:8b:8c:35:b1:9d:bc:4b:
3b:13:93:e2:62:75:a7:6e:f0:48:ec:d3:4b:43:71:6b:79:78:
d3:ec:dc:d0:db:73:1a:7c:d5:f5:48:c7:b5:6a:29:e7:f8:31:
f8:f7:03:75:10:1f:fd:41:be:a1:b3:85:2b:6a:77:13:50:a6:
be:46:1d:43:78:e5:55:6a:a9:b8:2e:c2:86:3b:77:19:ed:27:
dd:ce:1f:6f:f5:87:d6:a8:bb:62:d6:c8:0b:40:3d:ac:c7:5d:
72:f5:80:d6:97:55:99:0b:fc:b3:a1:84:1e:9b:fb:51:78:7e:
43:32:6e:28:25:67:16:0f:c7:70:69:5c:65:2b:6d:c7:67:e9:
b2:75:b9:9b:c6:c6:74:e0:c5:81:ab:31:6d:38:9e:7e:09:3c:
e7:d7:c4:54:0d:20:09:02:37:25:fe:11:6d:0b:96:8e:c6:44:
56:14:06:0d:6f:78:8e:ab:33:23:df:6f:99:8e:f4:f2:16:d5:
5e:34:3c:8c:23:82:d0:89:c2:31:8e:46:70:4d:8c:cd:90:15:
9c:50:72:5a:2c:d2:be:a0:6e:dc:94:e4:95:28:a5:4c:54:86:
a0:9c:10:8b
-----BEGIN CERTIFICATE-----
MIIFQTCCBCmgAwIBAgISAZh+4PYcue3UM4wmjD0Ps7y+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDE2MzA3ZDI5ZjU1NDNmMjFlYTMwMDliOTUyM2ZlNzFiOGYx
MzY5Y2EwHhcNMjUwODA2MTAxNTI4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZjgzMjI2M2JmOGRlOWMxNWRlNGI0ZjQ3ZDdlNjMwOWQ5YzRmNjY2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkHsftP2gG2iQCQQ+/z07uMLTydDU
EYcGbiqqosbHq/5ioirTFUUC0Zx6J+KzNBJdAFLdKP1iDBSBTxiolfHlATQy69q8
6azuzlKB7H2fSU25k6Pfj78W8Z9hGMyIekQGU9ulvZhPwz2NU0XveZN5ijMhDZSd
YqBZc6NInzxw6TTroqgGCzZdJRg1vf0DH5gFCKjm3hociESaKvjja4/D1uzcqCuf
Na9jSt9ZyEfLNffEZbb1xsxxzwypG4oB+n6bU4J51Fe8g67ogoGqyX5ZRtWUfZib
GKjr/JJXvt5SUEupHck8SbLMRbYkBjhwWo/3Groq4yWa9bVjan2p6Qn18QIDAQAB
o4ICTTCCAkkwHQYDVR0OBBYEFJ+DImO/jenBXeS09H1+YwnZxPZmMB8GA1UdIwQY
MBaAFBYwfSn1VD8h6jAJuVI/5xuPE2nKMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2Yt
NGNmZTQwZjA3YTZiLzEvbjRNaVk3LU42Y0ZkNUxUMGZYNWpDZG5FOW1ZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kNS9iZjVlNzAtNjY2NS00OWRlLWI5Y2YtNGNmZTQwZjA3YTZi
LzEvRmpCOUtmVlVQeUhxTUFtNVVqX25HNDhUYWNvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMGMGCCsGAQUFBwEHAQH/BFQwUjBQBAIAATBKAwQFUP/AAwQD
VBNoMAwDBAFUE3oDBAdUEwADBAK55PwDBATBJyADBADBJ0EDBATBwWADBAHCkZQD
BAXDtqADBAXUK6ADBAXVk+AwDQYJKoZIhvcNAQELBQADggEBAFjtrN9y/5xxtDKt
hlHDQyljVIAhwa3GLv0BvEOti4w1sZ28SzsTk+Jidadu8Ejs00tDcWt5eNPs3NDb
cxp81fVIx7VqKef4Mfj3A3UQH/1BvqGzhStqdxNQpr5GHUN45VVqqbguwoY7dxnt
J93OH2/1h9aou2LWyAtAPazHXXL1gNaXVZkL/LOhhB6b+1F4fkMybiglZxYPx3Bp
XGUrbcdn6bJ1uZvGxnTgxYGrMW04nn4JPOfXxFQNIAkCNyX+EW0Llo7GRFYUBg1v
eI6rMyPfb5mO9PIW1V40PIwjgtCJwjGORnBNjM2QFZxQclos0r6gbtyU5JUopUxU
hqCcEIs=
-----END CERTIFICATE-----
Generated at Sat Aug 23 08:08:51 2025 by rpki-client