Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1Nyu3rzbXU0OhL0dJofuCetaQOQ.roa
File: 1Nyu3rzbXU0OhL0dJofuCetaQOQ.roa (raw, json)
Hash identifier: iscYj8ZH5lKF76tm4/ts39qHDDvtW/7ycLU7tBspT3M=
Subject key identifier: D4:DC:AE:DE:BC:DB:5D:4D:0E:84:BD:1D:26:87:EE:09:EB:5A:40:E4
Certificate issuer: /CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Certificate serial: 0199946A107B0F947045DB2B621FB6734CFE
Authority key identifier: 21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1Nyu3rzbXU0OhL0dJofuCetaQOQ.roa
Signing time: Mon 29 Sep 2025 07:40:03 +0000
ROA not before: Mon 29 Sep 2025 07:40:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 202780
IP address blocks: 192.165.130.0/24 maxlen: 24
192.165.133.0/24 maxlen: 24
194.132.36.0/22 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.mft
rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:94:6a:10:7b:0f:94:70:45:db:2b:62:1f:b6:73:4c:fe
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=2135c7f571eefeb67404ab6c45fd475551adaf1b
Validity
Not Before: Sep 29 07:40:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d4dcaedebcdb5d4d0e84bd1d2687ee09eb5a40e4
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ea:64:b9:dc:ec:81:e3:c1:5e:d2:f7:dd:9b:d3:
a3:34:42:6d:b6:fd:93:01:9c:3d:08:95:7e:09:7f:
7d:a9:ce:54:cc:2a:aa:b7:f2:9a:90:76:6e:f0:8b:
70:ca:bd:3f:b4:d8:39:cf:eb:82:1e:3a:89:17:a5:
cd:ae:d9:49:ef:3a:00:fa:b6:2a:47:b9:bc:c9:9b:
3d:1a:c4:2f:38:39:04:0c:76:31:64:54:5e:5d:7f:
05:61:5a:d9:df:84:7f:47:97:58:d7:78:84:a5:df:
46:3a:7b:62:64:71:4a:a2:ab:c1:1b:89:42:ad:72:
c9:95:6c:fa:1b:95:4c:d0:7a:b7:b6:a1:d8:c9:49:
52:06:2b:4a:6f:d3:15:3b:9e:b6:0d:7e:08:d9:11:
9a:36:ef:da:f6:29:89:f7:50:a1:b6:5a:f0:4c:de:
63:5a:f4:85:7a:11:fb:6d:0a:79:31:60:37:13:65:
85:a4:e2:ca:a9:59:84:fe:ad:6c:26:45:41:6c:54:
f9:37:bb:6c:70:11:dd:98:59:eb:7e:87:56:fe:3d:
6c:0f:e6:5b:3b:57:96:b4:13:e2:90:45:40:f2:8c:
dc:2d:a1:49:30:83:cf:a4:26:1b:7f:92:2b:ab:cd:
16:30:b5:38:15:c5:72:7d:f0:4f:b5:5e:0b:e9:33:
08:27
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D4:DC:AE:DE:BC:DB:5D:4D:0E:84:BD:1D:26:87:EE:09:EB:5A:40:E4
X509v3 Authority Key Identifier:
keyid:21:35:C7:F5:71:EE:FE:B6:74:04:AB:6C:45:FD:47:55:51:AD:AF:1B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/1Nyu3rzbXU0OhL0dJofuCetaQOQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/d9/680b78-96af-4a85-ac02-943d03321326/1/ITXH9XHu_rZ0BKtsRf1HVVGtrxs.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
192.165.130.0/24
192.165.133.0/24
194.132.36.0/22
Signature Algorithm: sha256WithRSAEncryption
c3:2f:2b:7c:55:f2:ef:a6:d7:6d:07:1f:12:b8:7f:23:23:d1:
7e:23:da:e2:c2:b4:c0:6b:fe:ed:3d:e5:1e:51:3c:f1:a3:f5:
8f:fc:f4:89:3d:eb:4a:58:15:b2:dc:f2:ef:56:e1:77:01:24:
b6:9c:da:fe:bf:68:eb:df:d7:13:48:03:c0:f1:d8:a5:eb:b4:
65:31:58:fa:cd:e6:0a:52:ff:1d:92:fd:e5:87:ee:09:42:7c:
dc:b1:90:cc:92:19:d5:0f:c3:e1:45:68:42:cd:65:5a:98:3a:
b0:ad:d3:06:50:36:05:4f:87:9d:20:dc:4f:65:85:6a:a9:34:
fa:3c:22:e7:e8:3f:1f:7a:1e:d9:5d:22:f2:e4:14:7c:e6:1a:
64:f9:cd:30:d7:88:72:0d:f9:36:50:4d:0f:f0:0d:0a:ed:d0:
8c:6a:87:8a:ca:54:93:99:ca:81:ec:26:e8:3f:24:03:b8:19:
39:3f:97:2a:58:84:f6:90:34:ea:b0:bd:53:d9:23:30:7a:64:
24:85:c0:c2:b1:eb:96:97:d8:ec:19:74:cb:47:18:71:c5:41:
ed:13:0b:1d:8d:31:80:a8:7a:ca:1a:e0:21:ef:dc:e9:d7:86:
4b:e8:ec:a7:fa:70:e3:43:f1:d8:f2:92:b3:ee:38:4e:27:9a:
a3:07:0e:9c
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZmUahB7D5RwRdsrYh+2c0z+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIxMzVjN2Y1NzFlZWZlYjY3NDA0YWI2YzQ1ZmQ0NzU1NTFh
ZGFmMWIwHhcNMjUwOTI5MDc0MDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNGRjYWVkZWJjZGI1ZDRkMGU4NGJkMWQyNjg3ZWUwOWViNWE0MGU0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA6mS53OyB48Fe0vfdm9OjNEJttv2T
AZw9CJV+CX99qc5UzCqqt/KakHZu8Itwyr0/tNg5z+uCHjqJF6XNrtlJ7zoA+rYq
R7m8yZs9GsQvODkEDHYxZFReXX8FYVrZ34R/R5dY13iEpd9GOntiZHFKoqvBG4lC
rXLJlWz6G5VM0Hq3tqHYyUlSBitKb9MVO562DX4I2RGaNu/a9imJ91ChtlrwTN5j
WvSFehH7bQp5MWA3E2WFpOLKqVmE/q1sJkVBbFT5N7tscBHdmFnrfodW/j1sD+Zb
O1eWtBPikEVA8ozcLaFJMIPPpCYbf5Irq80WMLU4FcVyffBPtV4L6TMIJwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNTcrt68211NDoS9HSaH7gnrWkDkMB8GA1UdIwQY
MBaAFCE1x/Vx7v62dASrbEX9R1VRra8bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDIt
OTQzZDAzMzIxMzI2LzEvMU55dTNyemJYVTBPaEwwZEpvZnVDZXRhUU9RLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9kOS82ODBiNzgtOTZhZi00YTg1LWFjMDItOTQzZDAzMzIxMzI2
LzEvSVRYSDlYSHVfclowQkt0c1JmMUhWVkd0cnhzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAwKWCAwQA
wKWFAwQCwoQkMA0GCSqGSIb3DQEBCwUAA4IBAQDDLyt8VfLvptdtBx8SuH8jI9F+
I9riwrTAa/7tPeUeUTzxo/WP/PSJPetKWBWy3PLvVuF3ASS2nNr+v2jr39cTSAPA
8dil67RlMVj6zeYKUv8dkv3lh+4JQnzcsZDMkhnVD8PhRWhCzWVamDqwrdMGUDYF
T4edINxPZYVqqTT6PCLn6D8feh7ZXSLy5BR85hpk+c0w14hyDfk2UE0P8A0K7dCM
aoeKylSTmcqB7CboPyQDuBk5P5cqWIT2kDTqsL1T2SMwemQkhcDCseuWl9jsGXTL
RxhxxUHtEwsdjTGAqHrKGuAh79zp14ZL6Oyn+nDjQ/HY8pKz7jhOJ5qjBw6c
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:45:51 2025 by rpki-client