
Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/TvRgaW9-CsNjYomAsfORBTmW3OU.roa
File: TvRgaW9-CsNjYomAsfORBTmW3OU.roa (raw, json)
Hash identifier: E1pW1tBEDD4gp+efpV/wAMGMYES5LCvHxLW4UcIoHuI=
Subject key identifier: 4E:F4:60:69:6F:7E:0A:C3:63:62:89:80:B1:F3:91:05:39:96:DC:E5
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 01999ADDADABB21C861FE3C974A30B3ACD14
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/TvRgaW9-CsNjYomAsfORBTmW3OU.roa
Signing time: Tue 30 Sep 2025 13:44:03 +0000
ROA not before: Tue 30 Sep 2025 13:44:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 266827
IP address blocks: 95.164.8.0/24 maxlen: 24
95.164.33.0/24 maxlen: 24
95.164.51.0/24 maxlen: 24
95.164.149.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 04:02:42 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:dd:ad:ab:b2:1c:86:1f:e3:c9:74:a3:0b:3a:cd:14
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Sep 30 13:44:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=4ef460696f7e0ac363628980b1f391053996dce5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:8f:80:d5:62:d6:37:43:02:da:86:ee:89:72:42:
7a:60:ab:c8:20:08:d4:72:c9:a3:c7:e2:ba:86:f8:
e3:46:9f:2b:8c:e6:1d:51:9f:5d:8e:39:2a:46:f6:
2f:44:bc:38:d8:ba:0c:00:94:83:f4:49:18:a8:bd:
b8:d6:81:d1:58:fb:e1:f4:bd:fc:c8:cc:46:88:14:
dc:9f:a3:70:93:67:c0:32:e0:1c:84:74:47:04:26:
61:16:24:38:09:1b:04:e7:ec:61:21:6b:2b:0d:6e:
47:f3:33:26:e5:0f:30:ff:8b:cd:ad:d7:eb:0c:72:
58:11:d9:77:a0:7b:d7:1d:66:ac:e1:7d:5a:e2:9f:
cf:69:84:c0:b6:50:5a:62:b0:91:ec:3c:0b:f0:4f:
a7:c4:44:0a:22:75:ee:72:4e:6e:b9:28:2b:39:de:
c3:1e:8e:cd:a7:2b:af:88:62:f2:84:03:bf:4f:64:
0e:93:2f:79:c8:6c:13:52:29:eb:0e:b8:0f:9f:25:
2c:64:cc:31:55:95:45:0b:93:a8:c6:5f:12:c1:56:
f7:1c:84:ec:a0:61:49:5d:e6:50:a0:5c:28:0b:12:
a4:df:57:68:82:c2:67:42:c3:e1:f5:26:a1:2f:7c:
cc:6a:7e:63:29:72:66:bb:5a:eb:eb:91:99:3e:13:
9f:23
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
4E:F4:60:69:6F:7E:0A:C3:63:62:89:80:B1:F3:91:05:39:96:DC:E5
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/TvRgaW9-CsNjYomAsfORBTmW3OU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.8.0/24
95.164.33.0/24
95.164.51.0/24
95.164.149.0/24
Signature Algorithm: sha256WithRSAEncryption
59:b9:3b:e2:d2:6c:6d:a3:05:dc:2f:d2:5a:d5:6c:cd:44:5c:
2e:5b:b7:4c:eb:b6:08:a6:62:55:42:a1:e7:21:06:f1:45:a3:
4e:4d:3a:89:20:d6:35:c4:e7:20:78:cb:37:9f:09:50:51:bd:
eb:c4:e0:51:b8:51:52:61:a9:f6:92:e2:e5:03:78:6b:3a:3c:
ee:09:3a:1e:49:60:f0:d4:29:ea:53:58:7f:6c:5b:f9:71:20:
33:34:15:fe:0f:19:98:c1:b3:12:54:2f:af:4b:37:98:e9:41:
6b:41:4b:1e:10:92:5b:67:e2:2c:44:ef:d0:82:90:81:9d:ad:
3a:1f:18:12:b0:c7:b6:d5:c2:41:05:d4:39:fe:a8:37:b4:78:
b2:70:be:2b:3f:23:07:ac:8c:ed:b5:8f:e8:e0:0b:1e:dc:e0:
00:76:3a:ea:ba:3c:9c:20:bc:17:1d:54:9e:84:8c:02:76:6e:
8d:4b:ce:70:3d:e7:7f:b5:ad:e8:22:ba:a9:40:53:9d:7a:6f:
82:e3:24:93:33:4a:93:4e:d9:4c:8e:43:32:20:42:d1:70:9f:
a1:be:dc:73:5f:a2:15:26:19:44:f8:ca:f3:39:42:dc:06:62:
eb:77:c6:9e:12:c8:7a:0a:b6:dd:e5:63:13:8d:aa:ac:ce:ce:
68:d3:ce:08
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZma3a2rshyGH+PJdKMLOs0UMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwOTMwMTM0NDAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0ZWY0NjA2OTZmN2UwYWMzNjM2Mjg5ODBiMWYzOTEwNTM5OTZkY2U1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAj4DVYtY3QwLahu6JckJ6YKvIIAjU
csmjx+K6hvjjRp8rjOYdUZ9djjkqRvYvRLw42LoMAJSD9EkYqL241oHRWPvh9L38
yMxGiBTcn6Nwk2fAMuAchHRHBCZhFiQ4CRsE5+xhIWsrDW5H8zMm5Q8w/4vNrdfr
DHJYEdl3oHvXHWas4X1a4p/PaYTAtlBaYrCR7DwL8E+nxEQKInXuck5uuSgrOd7D
Ho7NpyuviGLyhAO/T2QOky95yGwTUinrDrgPnyUsZMwxVZVFC5Ooxl8SwVb3HITs
oGFJXeZQoFwoCxKk31dogsJnQsPh9SahL3zMan5jKXJmu1rr65GZPhOfIwIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFE70YGlvfgrDY2KJgLHzkQU5ltzlMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvVHZSZ2FXOS1Dc05qWW9tQXNmT1JCVG1XM09VLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDEGCCsGAQUFBwEHAQH/BCIwIDAeBAIAATAYAwQAX6QIAwQA
X6QhAwQAX6QzAwQAX6SVMA0GCSqGSIb3DQEBCwUAA4IBAQBZuTvi0mxtowXcL9Ja
1WzNRFwuW7dM67YIpmJVQqHnIQbxRaNOTTqJINY1xOcgeMs3nwlQUb3rxOBRuFFS
Yan2kuLlA3hrOjzuCToeSWDw1CnqU1h/bFv5cSAzNBX+DxmYwbMSVC+vSzeY6UFr
QUseEJJbZ+IsRO/QgpCBna06HxgSsMe21cJBBdQ5/qg3tHiycL4rPyMHrIzttY/o
4Ase3OAAdjrqujycILwXHVSehIwCdm6NS85wPed/ta3oIrqpQFOdem+C4ySTM0qT
TtlMjkMyIELRcJ+hvtxzX6IVJhlE+MrzOULcBmLrd8aeEsh6Crbd5WMTjaqszs5o
084I
-----END CERTIFICATE-----
Generated at Mon Oct 20 13:28:47 2025 by rpki-client