Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/_CZTuF6DCgR7hWjr3imC3BuUGco.roa
File: _CZTuF6DCgR7hWjr3imC3BuUGco.roa (raw, json)
Hash identifier: otj+SUgUnYev14Hu3/FWe/Yz8NTcHKr89T8ufOfcyxo=
Subject key identifier: FC:26:53:B8:5E:83:0A:04:7B:85:68:EB:DE:29:82:DC:1B:94:19:CA
Certificate issuer: /CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Certificate serial: 01998AA04453DE3FEBF7867B696FB570FC11
Authority key identifier: C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/_CZTuF6DCgR7hWjr3imC3BuUGco.roa
Signing time: Sat 27 Sep 2025 10:03:03 +0000
ROA not before: Sat 27 Sep 2025 10:03:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 95.155.130.0/24 maxlen: 24
95.155.157.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.mft
rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:8a:a0:44:53:de:3f:eb:f7:86:7b:69:6f:b5:70:fc:11
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c6a249a0eacd8abcbea0d82ef71016d386e8ef94
Validity
Not Before: Sep 27 10:03:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fc2653b85e830a047b8568ebde2982dc1b9419ca
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d4:71:09:5f:90:0e:0f:94:30:d3:65:7a:e8:ad:
47:5b:ca:6b:f5:5f:09:6c:df:05:04:1b:8c:02:49:
f3:5e:4a:ff:ff:51:c2:78:e6:78:d2:85:02:eb:85:
df:8e:a3:04:ff:23:51:08:fe:c1:01:90:87:c8:d5:
85:e6:4a:5f:37:2b:fa:2d:a9:e7:b2:91:0b:c1:e1:
45:1a:b3:4e:31:0a:5f:01:a3:f2:a2:17:b1:93:e7:
ee:9c:f0:d6:8a:39:fe:64:b3:0b:97:e4:e2:ec:88:
a0:92:92:70:ca:67:f8:94:bd:75:da:87:e9:8c:a2:
2a:d5:b4:f3:00:0d:11:e4:54:cd:de:65:72:3d:d7:
bd:5e:02:79:a8:ac:6a:3c:8f:05:c6:6f:47:a5:f0:
75:7e:c7:34:05:8c:d8:9f:19:db:0b:28:17:7b:19:
81:50:a6:ac:a6:67:8f:74:2b:35:26:99:0f:eb:2b:
ad:ef:53:ae:ad:da:55:6a:23:d9:54:de:91:b1:3f:
89:e6:ca:a7:31:63:d9:08:90:87:6b:af:61:33:f7:
93:74:23:50:97:6c:45:32:43:7e:ce:4d:ee:62:86:
1a:e8:a6:20:00:4f:2c:73:1d:b6:df:28:cb:ea:b5:
c1:c3:d2:b0:5a:14:29:9c:a2:d4:aa:30:89:1b:c0:
ae:5d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FC:26:53:B8:5E:83:0A:04:7B:85:68:EB:DE:29:82:DC:1B:94:19:CA
X509v3 Authority Key Identifier:
keyid:C6:A2:49:A0:EA:CD:8A:BC:BE:A0:D8:2E:F7:10:16:D3:86:E8:EF:94
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/xqJJoOrNiry-oNgu9xAW04bo75Q.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/_CZTuF6DCgR7hWjr3imC3BuUGco.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f4/30f186-90e2-4ca6-917e-21057d228d05/1/xqJJoOrNiry-oNgu9xAW04bo75Q.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.155.130.0/24
95.155.157.0/24
Signature Algorithm: sha256WithRSAEncryption
73:b7:dc:f7:c9:3e:14:a9:64:f7:80:d7:94:df:4c:37:07:53:
f0:36:af:63:14:dc:c9:26:4d:68:8c:0b:0f:fb:2a:0f:f8:67:
4e:5b:5c:95:65:1c:a5:ed:00:87:66:27:71:03:3e:bd:b6:d8:
d1:bb:2f:32:1a:7f:3e:c1:e0:20:9f:ba:14:12:c6:03:ba:26:
b7:c4:ff:fc:46:d5:15:4a:a0:30:75:6a:98:69:df:fd:02:58:
a3:57:a8:96:ce:45:db:1d:1a:92:ad:12:80:07:3a:50:93:0a:
3d:1e:7b:b2:71:a4:76:8e:13:fe:1b:6d:a2:0c:e2:8f:fa:4b:
6a:f8:20:74:b5:bf:ee:16:d8:de:72:40:de:f0:46:07:f7:a8:
48:31:6b:bf:e2:13:c0:79:37:d0:60:17:9d:37:a8:57:34:4c:
d6:c2:20:0a:a3:90:b0:b5:d0:59:97:0a:5d:6c:09:d1:21:b5:
a8:da:7e:b2:6c:f4:11:53:c9:e9:b1:72:f8:8f:66:ba:fb:f1:
e8:a0:b3:19:0f:38:58:49:1b:5d:7e:bb:b5:3c:87:74:5f:ae:
41:66:f9:47:cd:70:b7:f4:65:aa:d3:d4:9d:3f:a7:66:0d:e1:
76:97:b3:c9:1e:55:64:f6:6b:fc:91:0a:b3:65:22:20:98:fd:
7b:48:13:9e
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmKoERT3j/r94Z7aW+1cPwRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGM2YTI0OWEwZWFjZDhhYmNiZWEwZDgyZWY3MTAxNmQzODZl
OGVmOTQwHhcNMjUwOTI3MTAwMzAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYzI2NTNiODVlODMwYTA0N2I4NTY4ZWJkZTI5ODJkYzFiOTQxOWNhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA1HEJX5AOD5Qw02V66K1HW8pr9V8J
bN8FBBuMAknzXkr//1HCeOZ40oUC64XfjqME/yNRCP7BAZCHyNWF5kpfNyv6Lann
spELweFFGrNOMQpfAaPyohexk+funPDWijn+ZLMLl+Ti7IigkpJwymf4lL112ofp
jKIq1bTzAA0R5FTN3mVyPde9XgJ5qKxqPI8Fxm9HpfB1fsc0BYzYnxnbCygXexmB
UKaspmePdCs1JpkP6yut71OurdpVaiPZVN6RsT+J5sqnMWPZCJCHa69hM/eTdCNQ
l2xFMkN+zk3uYoYa6KYgAE8scx223yjL6rXBw9KwWhQpnKLUqjCJG8CuXQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFPwmU7hegwoEe4Vo694pgtwblBnKMB8GA1UdIwQY
MBaAFMaiSaDqzYq8vqDYLvcQFtOG6O+UMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2Ut
MjEwNTdkMjI4ZDA1LzEvX0NaVHVGNkRDZ1I3aFdqcjNpbUMzQnVVR2NvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9mNC8zMGYxODYtOTBlMi00Y2E2LTkxN2UtMjEwNTdkMjI4ZDA1
LzEveHFKSm9Pck5pcnktb05ndTl4QVcwNGJvNzVRLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX5uCAwQA
X5udMA0GCSqGSIb3DQEBCwUAA4IBAQBzt9z3yT4UqWT3gNeU30w3B1PwNq9jFNzJ
Jk1ojAsP+yoP+GdOW1yVZRyl7QCHZidxAz69ttjRuy8yGn8+weAgn7oUEsYDuia3
xP/8RtUVSqAwdWqYad/9AlijV6iWzkXbHRqSrRKABzpQkwo9HnuycaR2jhP+G22i
DOKP+ktq+CB0tb/uFtjeckDe8EYH96hIMWu/4hPAeTfQYBedN6hXNEzWwiAKo5Cw
tdBZlwpdbAnRIbWo2n6ybPQRU8npsXL4j2a6+/HooLMZDzhYSRtdfru1PId0X65B
ZvlHzXC39GWq09SdP6dmDeF2l7PJHlVk9mv8kQqzZSIgmP17SBOe
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:54:59 2025 by rpki-client