Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/e_ENa9NQtcVIjb5O_oQwLQrqTww.roa
File: e_ENa9NQtcVIjb5O_oQwLQrqTww.roa (raw, json)
Hash identifier: AVxIz7N9OcyxU6ZzRtu6hf2VS4z3pFTO7JZMHNOa9PI=
Subject key identifier: 7B:F1:0D:6B:D3:50:B5:C5:48:8D:BE:4E:FE:84:30:2D:0A:EA:4F:0C
Certificate issuer: /CN=6991c56f11a7171c6153239769f557beba10182d
Certificate serial: 01999ADDAD24FB03C54EDEB219AA4E3A9D38
Authority key identifier: 69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/e_ENa9NQtcVIjb5O_oQwLQrqTww.roa
Signing time: Tue 30 Sep 2025 13:44:02 +0000
ROA not before: Tue 30 Sep 2025 13:44:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 44477
IP address blocks: 95.164.0.0/22 maxlen: 24
95.164.4.0/22 maxlen: 24
95.164.9.0/24 maxlen: 24
95.164.10.0/24 maxlen: 24
95.164.11.0/24 maxlen: 24
95.164.16.0/22 maxlen: 32
95.164.21.0/24 maxlen: 24
95.164.22.0/23 maxlen: 24
95.164.32.0/21 maxlen: 24
95.164.44.0/22 maxlen: 24
95.164.60.0/22 maxlen: 24
95.164.68.0/23 maxlen: 24
95.164.84.0/22 maxlen: 24
95.164.88.0/23 maxlen: 24
95.164.112.0/21 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.mft
rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9a:dd:ad:24:fb:03:c5:4e:de:b2:19:aa:4e:3a:9d:38
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=6991c56f11a7171c6153239769f557beba10182d
Validity
Not Before: Sep 30 13:44:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=7bf10d6bd350b5c5488dbe4efe84302d0aea4f0c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9c:5b:4c:a5:8f:21:74:ea:02:54:9b:da:ed:0b:
5a:13:51:ac:4b:ba:7c:6f:90:01:78:2d:d5:bd:ee:
2a:d9:a7:e1:40:cb:22:fb:c6:8a:02:f6:d6:65:b3:
c2:b6:c4:b1:82:5e:7d:94:03:65:55:a4:fd:c9:2b:
e4:64:b3:36:0a:c2:68:fb:0f:49:24:9f:bb:f2:90:
f4:07:67:dc:20:61:79:70:a9:a8:74:16:36:c2:7d:
b0:2e:c5:b3:a8:8d:94:2a:be:f2:98:e0:42:4f:39:
76:93:74:10:bf:be:11:61:8e:ac:af:f7:69:81:90:
27:cb:37:80:36:98:24:09:8d:f7:ee:52:29:58:12:
ad:e7:67:ec:f0:1a:ed:30:9f:b7:be:24:a7:d8:f6:
95:bb:c6:90:e7:84:4e:81:49:08:9d:a9:93:75:71:
5c:0b:99:a4:26:80:29:44:2a:0b:cb:0d:e1:51:4f:
0b:c2:39:70:2e:c7:be:bf:14:66:86:59:5c:a0:79:
fd:c4:47:fb:21:45:2b:43:05:42:25:6f:4b:b6:6e:
cd:92:79:11:43:22:20:31:1f:e7:8e:29:ab:13:53:
36:c2:94:9e:20:86:65:1c:02:07:6a:be:fd:d8:78:
ff:55:16:72:57:5b:ad:9c:60:7b:80:b4:07:01:e2:
44:35
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
7B:F1:0D:6B:D3:50:B5:C5:48:8D:BE:4E:FE:84:30:2D:0A:EA:4F:0C
X509v3 Authority Key Identifier:
keyid:69:91:C5:6F:11:A7:17:1C:61:53:23:97:69:F5:57:BE:BA:10:18:2D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/aZHFbxGnFxxhUyOXafVXvroQGC0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/e_ENa9NQtcVIjb5O_oQwLQrqTww.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/ed/428815-02b9-4606-b066-65d1567340fd/1/aZHFbxGnFxxhUyOXafVXvroQGC0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.164.0.0/21
95.164.9.0-95.164.11.255
95.164.16.0/22
95.164.21.0-95.164.23.255
95.164.32.0/21
95.164.44.0/22
95.164.60.0/22
95.164.68.0/23
95.164.84.0-95.164.89.255
95.164.112.0/21
Signature Algorithm: sha256WithRSAEncryption
ac:ca:13:52:b3:c6:40:df:97:ec:b9:ec:a5:55:d2:55:df:85:
e8:29:30:dc:67:0f:45:c0:01:62:a3:05:b2:d2:9f:20:65:58:
05:4d:e8:54:05:89:38:c0:14:24:cc:40:26:88:df:2d:6b:e6:
e1:bf:b4:70:37:dc:12:14:73:50:b6:46:57:2d:22:dc:da:0d:
d0:db:2e:90:e5:ee:3a:a8:68:f4:f1:db:a4:af:94:be:b6:11:
da:f8:56:82:ce:1d:59:38:a9:d7:35:f1:34:63:97:b0:ed:e3:
1d:14:67:8c:71:21:1f:17:25:86:e5:66:b1:aa:b1:59:19:0f:
47:37:ef:84:f0:db:78:23:d3:60:33:6e:fa:d7:34:0b:72:75:
51:9e:68:52:29:00:78:08:b4:32:b5:de:c5:61:66:dd:5a:5c:
ba:b4:87:da:a5:75:d0:ab:ed:d2:5b:7f:7f:30:db:d2:4a:e9:
2b:65:55:e1:69:69:40:9f:5f:e5:ec:d5:fc:39:84:bf:c4:05:
26:c6:27:8b:45:64:0c:2c:77:1c:ce:19:2a:a8:fd:b0:94:ea:
ef:90:c5:46:d9:78:6c:72:f7:ad:2d:d1:68:c5:a7:2e:f7:48:
63:3d:43:76:73:94:63:2f:56:4c:26:ff:6d:f1:98:40:f0:78:
9b:73:29:49
-----BEGIN CERTIFICATE-----
MIIFSzCCBDOgAwIBAgISAZma3a0k+wPFTt6yGapOOp04MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY5OTFjNTZmMTFhNzE3MWM2MTUzMjM5NzY5ZjU1N2JlYmEx
MDE4MmQwHhcNMjUwOTMwMTM0NDAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3YmYxMGQ2YmQzNTBiNWM1NDg4ZGJlNGVmZTg0MzAyZDBhZWE0ZjBjMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnFtMpY8hdOoCVJva7QtaE1GsS7p8
b5ABeC3Vve4q2afhQMsi+8aKAvbWZbPCtsSxgl59lANlVaT9ySvkZLM2CsJo+w9J
JJ+78pD0B2fcIGF5cKmodBY2wn2wLsWzqI2UKr7ymOBCTzl2k3QQv74RYY6sr/dp
gZAnyzeANpgkCY337lIpWBKt52fs8BrtMJ+3viSn2PaVu8aQ54ROgUkInamTdXFc
C5mkJoApRCoLyw3hUU8LwjlwLse+vxRmhllcoHn9xEf7IUUrQwVCJW9Ltm7NknkR
QyIgMR/njimrE1M2wpSeIIZlHAIHar792Hj/VRZyV1utnGB7gLQHAeJENQIDAQAB
o4ICVzCCAlMwHQYDVR0OBBYEFHvxDWvTULXFSI2+Tv6EMC0K6k8MMB8GA1UdIwQY
MBaAFGmRxW8RpxccYVMjl2n1V766EBgtMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYt
NjVkMTU2NzM0MGZkLzEvZV9FTmE5TlF0Y1ZJamI1T19vUXdMUXJxVHd3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lZC80Mjg4MTUtMDJiOS00NjA2LWIwNjYtNjVkMTU2NzM0MGZk
LzEvYVpIRmJ4R25GeHhoVXlPWGFmVlh2cm9RR0MwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMG0GCCsGAQUFBwEHAQH/BF4wXDBaBAIAATBUAwQDX6QAMAwD
BABfpAkDBAJfpAgDBAJfpBAwDAMEAF+kFQMEA1+kEAMEA1+kIAMEAl+kLAMEAl+k
PAMEAV+kRDAMAwQCX6RUAwQBX6RYAwQDX6RwMA0GCSqGSIb3DQEBCwUAA4IBAQCs
yhNSs8ZA35fsueylVdJV34XoKTDcZw9FwAFiowWy0p8gZVgFTehUBYk4wBQkzEAm
iN8ta+bhv7RwN9wSFHNQtkZXLSLc2g3Q2y6Q5e46qGj08dukr5S+thHa+FaCzh1Z
OKnXNfE0Y5ew7eMdFGeMcSEfFyWG5WaxqrFZGQ9HN++E8Nt4I9NgM2761zQLcnVR
nmhSKQB4CLQytd7FYWbdWly6tIfapXXQq+3SW39/MNvSSukrZVXhaWlAn1/l7NX8
OYS/xAUmxieLRWQMLHcczhkqqP2wlOrvkMVG2XhscvetLdFoxacu90hjPUN2c5Rj
L1ZMJv9t8ZhA8HibcylJ
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:31 2025 by rpki-client