Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/a_e2fVsrb_BEyWyYtq7tIA1ngXQ.roa
File: a_e2fVsrb_BEyWyYtq7tIA1ngXQ.roa (raw, json)
Hash identifier: oRBySryLpw1yOh2S14W2ZwadJe0t8E5Hh2cYwcohgqo=
Subject key identifier: 6B:F7:B6:7D:5B:2B:6F:F0:44:C9:6C:98:B6:AE:ED:20:0D:67:81:74
Certificate issuer: /CN=7e20b034e2c497b1884488def106972704765029
Certificate serial: 019998F95C8F6E896E13F84A33C9C96735A8
Authority key identifier: 7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/a_e2fVsrb_BEyWyYtq7tIA1ngXQ.roa
Signing time: Tue 30 Sep 2025 04:55:02 +0000
ROA not before: Tue 30 Sep 2025 04:55:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 398465
IP address blocks: 195.40.145.0/24 maxlen: 24
195.40.146.0/23 maxlen: 24
195.40.148.0/22 maxlen: 24
195.40.192.0/18 maxlen: 24
195.172.0.0/18 maxlen: 24
195.172.64.0/19 maxlen: 24
195.172.224.0/19 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.mft
rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 09 Oct 2025 22:00:38 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:98:f9:5c:8f:6e:89:6e:13:f8:4a:33:c9:c9:67:35:a8
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=7e20b034e2c497b1884488def106972704765029
Validity
Not Before: Sep 30 04:55:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6bf7b67d5b2b6ff044c96c98b6aeed200d678174
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c9:df:0a:30:bc:7c:65:d2:82:de:50:2d:81:59:
24:39:b9:5d:48:d7:b1:02:2b:91:2b:d1:56:9f:10:
77:c0:1b:f1:31:f6:e8:bd:b2:71:8a:21:a6:11:1e:
c3:cf:22:ef:fa:af:4b:bc:a1:05:32:0c:29:28:c0:
f3:be:1a:b2:91:a4:74:66:82:12:1e:56:26:bc:4b:
58:4b:aa:c4:ac:5d:4e:14:27:19:64:91:b4:4b:1b:
b8:25:b9:1b:16:02:df:56:c5:b5:57:06:2d:8a:7e:
94:42:60:90:92:c8:41:64:06:0c:a9:ab:08:51:4b:
dd:2c:9e:38:b5:00:e3:b2:8c:0a:3e:77:73:cc:f8:
6b:f4:43:0a:46:2b:55:99:8b:9f:68:d0:44:4a:30:
f9:f6:59:69:06:91:94:b4:c2:0d:f9:1b:ae:d0:d1:
24:47:30:11:79:0e:96:f8:06:60:c8:c4:19:a5:ee:
38:b9:f7:92:5d:9d:ad:c6:32:6b:9c:a5:88:84:4e:
ed:12:b4:c9:21:88:af:68:40:8e:5b:a4:85:ce:7a:
17:a5:bf:49:57:93:24:b7:8e:ca:91:18:53:ce:a1:
db:dd:c4:28:8d:86:31:78:c9:f3:b0:64:19:36:da:
2d:43:64:0b:7d:fa:2b:78:f2:66:2b:dd:48:af:6d:
cf:21
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6B:F7:B6:7D:5B:2B:6F:F0:44:C9:6C:98:B6:AE:ED:20:0D:67:81:74
X509v3 Authority Key Identifier:
keyid:7E:20:B0:34:E2:C4:97:B1:88:44:88:DE:F1:06:97:27:04:76:50:29
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/fiCwNOLEl7GIRIje8QaXJwR2UCk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/a_e2fVsrb_BEyWyYtq7tIA1ngXQ.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/80/6b662d-02a1-46e7-b9cd-035d977f4216/1/fiCwNOLEl7GIRIje8QaXJwR2UCk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.40.145.0-195.40.151.255
195.40.192.0/18
195.172.0.0-195.172.95.255
195.172.224.0/19
Signature Algorithm: sha256WithRSAEncryption
6f:ba:8e:bd:85:73:e5:7c:2c:fb:d4:2d:10:11:e5:8f:c9:81:
89:47:31:08:81:4c:96:6a:e2:4a:ee:92:bf:88:8c:9f:d3:4e:
77:c3:5e:fa:4b:a1:e9:89:fe:35:ce:5f:c4:04:9d:92:20:e0:
da:64:63:c8:eb:c5:66:ba:a9:ec:b6:3f:1c:6f:e9:11:bf:de:
18:8d:47:5b:01:23:c6:4f:07:e8:c8:23:45:e2:48:7a:0c:5d:
67:05:34:c5:1a:fb:f5:1d:6e:b8:9e:1b:03:93:94:90:bb:9f:
ee:f7:44:cc:5c:c4:1e:22:b1:02:e5:e6:15:b9:16:4f:6b:92:
15:4c:30:67:e5:17:e1:a9:1f:36:f1:72:f6:de:e1:87:02:02:
6a:aa:51:a0:e2:94:ac:ea:a4:42:95:ec:1d:ec:c7:85:2f:29:
8c:07:38:60:1f:bf:1e:00:b0:2f:a4:b1:a7:5d:ad:d7:d0:8c:
8c:cb:61:fd:c2:3f:57:5f:53:c3:58:aa:63:cb:1d:60:2d:52:
ac:cf:ef:c0:6a:9a:df:dc:08:2c:36:6e:d1:8f:b2:f9:84:ed:
9b:04:bd:6c:8c:f2:aa:e5:24:48:97:38:3d:4c:5c:6e:50:5f:
0d:e4:4d:a9:9a:15:ab:03:07:db:ae:f0:a4:c6:15:6c:91:cb:
a9:9a:6e:c1
-----BEGIN CERTIFICATE-----
MIIFHjCCBAagAwIBAgISAZmY+VyPboluE/hKM8nJZzWoMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDdlMjBiMDM0ZTJjNDk3YjE4ODQ0ODhkZWYxMDY5NzI3MDQ3
NjUwMjkwHhcNMjUwOTMwMDQ1NTAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YmY3YjY3ZDViMmI2ZmYwNDRjOTZjOThiNmFlZWQyMDBkNjc4MTc0MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyd8KMLx8ZdKC3lAtgVkkObldSNex
AiuRK9FWnxB3wBvxMfbovbJxiiGmER7DzyLv+q9LvKEFMgwpKMDzvhqykaR0ZoIS
HlYmvEtYS6rErF1OFCcZZJG0Sxu4JbkbFgLfVsW1VwYtin6UQmCQkshBZAYMqasI
UUvdLJ44tQDjsowKPndzzPhr9EMKRitVmYufaNBESjD59llpBpGUtMIN+Ruu0NEk
RzAReQ6W+AZgyMQZpe44ufeSXZ2txjJrnKWIhE7tErTJIYivaECOW6SFznoXpb9J
V5Mkt47KkRhTzqHb3cQojYYxeMnzsGQZNtotQ2QLfforePJmK91Ir23PIQIDAQAB
o4ICKjCCAiYwHQYDVR0OBBYEFGv3tn1bK2/wRMlsmLau7SANZ4F0MB8GA1UdIwQY
MBaAFH4gsDTixJexiESI3vEGlycEdlApMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2Qt
MDM1ZDk3N2Y0MjE2LzEvYV9lMmZWc3JiX0JFeVd5WXRxN3RJQTFuZ1hRLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC84MC82YjY2MmQtMDJhMS00NmU3LWI5Y2QtMDM1ZDk3N2Y0MjE2
LzEvZmlDd05PTEVsN0dJUklqZThRYVhKd1IyVUNrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEAGCCsGAQUFBwEHAQH/BDEwLzAtBAIAATAnMAwDBADDKJED
BAPDKJADBAbDKMAwCwMDAsOsAwQFw6xAAwQFw6zgMA0GCSqGSIb3DQEBCwUAA4IB
AQBvuo69hXPlfCz71C0QEeWPyYGJRzEIgUyWauJK7pK/iIyf0053w176S6Hpif41
zl/EBJ2SIODaZGPI68Vmuqnstj8cb+kRv94YjUdbASPGTwfoyCNF4kh6DF1nBTTF
Gvv1HW64nhsDk5SQu5/u90TMXMQeIrEC5eYVuRZPa5IVTDBn5RfhqR828XL23uGH
AgJqqlGg4pSs6qRClewd7MeFLymMBzhgH78eALAvpLGnXa3X0IyMy2H9wj9XX1PD
WKpjyx1gLVKsz+/Aaprf3AgsNm7Rj7L5hO2bBL1sjPKq5SRIlzg9TFxuUF8N5E2p
mhWrAwfbrvCkxhVskcupmm7B
-----END CERTIFICATE-----
Generated at Thu Oct 9 03:30:38 2025 by rpki-client