Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/VhyuMgrYNjIoD27sCxbfCYG-yTg.roa
File: VhyuMgrYNjIoD27sCxbfCYG-yTg.roa (raw, json)
Hash identifier: DRQtuuZffvVBOP/OUePQK1oraU+4BWfyBtP8OfC1lC0=
Subject key identifier: 56:1C:AE:32:0A:D8:36:32:28:0F:6E:EC:0B:16:DF:09:81:BE:C9:38
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0198097265AF15468865BDDC202327FCC587
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/VhyuMgrYNjIoD27sCxbfCYG-yTg.roa
Signing time: Mon 14 Jul 2025 14:59:08 +0000
ROA not before: Mon 14 Jul 2025 14:59:08 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 395793
IP address blocks: 195.216.162.0/24 maxlen: 24
195.216.163.0/24 maxlen: 24
195.216.188.0/24 maxlen: 24
195.216.191.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 04:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:09:72:65:af:15:46:88:65:bd:dc:20:23:27:fc:c5:87
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jul 14 14:59:08 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=561cae320ad83632280f6eec0b16df0981bec938
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:80:7c:a8:07:c4:d7:e8:9e:7f:71:df:7b:91:
fc:55:4f:04:9d:fa:01:fb:ed:c1:95:c2:f8:4d:f9:
dd:cc:cd:4e:2a:b1:f6:bd:d5:65:18:42:cb:7c:5d:
8a:37:48:07:0b:31:87:d0:e6:5c:2f:a4:48:00:d7:
b6:a1:85:e7:7e:f5:c7:8e:63:7c:cc:c5:0b:d0:cb:
ef:57:f0:54:a0:04:2d:d8:3d:a9:98:bc:d6:29:1d:
5d:54:f8:fd:8f:41:23:74:05:a3:f4:4e:24:70:b7:
39:a2:eb:2d:b2:5f:72:9b:44:01:bf:b5:7a:1b:31:
42:6c:a9:9a:64:bf:9a:da:92:05:ba:91:39:d2:5e:
fa:91:fd:14:f5:4b:a2:2e:fc:ae:0e:ec:c4:b8:e2:
bb:2b:97:44:dc:28:d7:4a:3b:fd:4b:66:e9:c6:76:
48:79:8e:6a:01:26:c3:a7:a1:c2:cc:a7:42:ec:32:
53:07:27:4d:65:64:0d:a9:54:c4:b9:0d:a5:b3:9e:
95:3a:1f:3b:3a:b7:4b:44:cb:bd:bd:5f:1d:03:b3:
22:85:3a:dd:d8:98:18:8f:17:a3:cb:32:d3:cf:1b:
21:ee:0f:71:f4:0d:27:c6:3b:85:81:c5:3b:2d:c9:
e9:b5:9a:5f:a7:7f:2b:56:dd:14:9f:6e:c6:a6:bc:
62:a5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
56:1C:AE:32:0A:D8:36:32:28:0F:6E:EC:0B:16:DF:09:81:BE:C9:38
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/VhyuMgrYNjIoD27sCxbfCYG-yTg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.162.0/23
195.216.188.0/24
195.216.191.0/24
Signature Algorithm: sha256WithRSAEncryption
5c:3c:6d:13:47:71:bb:3c:13:d1:a5:3f:f4:87:32:b3:5c:03:
7f:17:25:b8:9a:71:5b:e5:3c:8b:5c:05:63:67:ab:13:e2:32:
87:a9:01:6e:b7:bb:8b:f4:f9:b2:34:07:af:d0:37:04:3c:fa:
26:17:12:97:13:35:7c:b1:c8:e3:45:43:c7:a2:b1:48:91:2b:
65:31:97:76:39:30:ce:c7:a0:01:8f:49:76:42:bc:4d:75:6d:
9d:29:a4:69:18:d5:03:62:49:f5:14:c1:a5:f2:bd:10:ee:bc:
ac:ca:58:dc:63:36:21:eb:c5:f8:20:e3:c7:e8:65:c6:e7:52:
33:d1:31:93:48:08:7c:fd:2d:db:6c:17:4e:12:b8:60:ab:19:
70:f6:8f:e0:fb:5d:8a:7f:6f:44:10:ab:64:12:d8:23:76:3e:
22:4a:70:76:79:f0:58:f9:61:ae:b8:35:57:b6:f7:6f:01:63:
07:0c:3b:46:a6:bc:c8:d6:23:55:d9:10:be:b1:9f:02:40:d9:
9b:44:94:79:c7:0b:f4:50:53:6f:47:11:3f:74:89:77:44:d1:
b2:9a:e3:ae:f0:cf:b9:91:6d:61:98:2b:44:67:22:c4:2e:8a:
9a:c1:9a:fe:cf:39:c3:1f:dd:4a:d6:e3:bc:46:74:74:81:e4:
83:f6:c2:b7
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZgJcmWvFUaIZb3cICMn/MWHMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwNzE0MTQ1OTA4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1NjFjYWUzMjBhZDgzNjMyMjgwZjZlZWMwYjE2ZGYwOTgxYmVjOTM4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnoB8qAfE1+ief3Hfe5H8VU8EnfoB
++3BlcL4TfndzM1OKrH2vdVlGELLfF2KN0gHCzGH0OZcL6RIANe2oYXnfvXHjmN8
zMUL0MvvV/BUoAQt2D2pmLzWKR1dVPj9j0EjdAWj9E4kcLc5oustsl9ym0QBv7V6
GzFCbKmaZL+a2pIFupE50l76kf0U9UuiLvyuDuzEuOK7K5dE3CjXSjv9S2bpxnZI
eY5qASbDp6HCzKdC7DJTBydNZWQNqVTEuQ2ls56VOh87OrdLRMu9vV8dA7MihTrd
2JgYjxejyzLTzxsh7g9x9A0nxjuFgcU7LcnptZpfp38rVt0Un27GprxipQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFFYcrjIK2DYyKA9u7AsW3wmBvsk4MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvVmh5dU1ncllOaklvRDI3c0N4YmZDWUcteVRnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQBw9iiAwQA
w9i8AwQAw9i/MA0GCSqGSIb3DQEBCwUAA4IBAQBcPG0TR3G7PBPRpT/0hzKzXAN/
FyW4mnFb5TyLXAVjZ6sT4jKHqQFut7uL9PmyNAev0DcEPPomFxKXEzV8scjjRUPH
orFIkStlMZd2OTDOx6ABj0l2QrxNdW2dKaRpGNUDYkn1FMGl8r0Q7rysyljcYzYh
68X4IOPH6GXG51Iz0TGTSAh8/S3bbBdOErhgqxlw9o/g+12Kf29EEKtkEtgjdj4i
SnB2efBY+WGuuDVXtvdvAWMHDDtGprzI1iNV2RC+sZ8CQNmbRJR5xwv0UFNvRxE/
dIl3RNGymuOu8M+5kW1hmCtEZyLELoqawZr+zznDH91K1uO8RnR0geSD9sK3
-----END CERTIFICATE-----
Generated at Sun Jul 20 11:20:07 2025 by rpki-client