Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/l4KC-sbGxKs9DFhI_hCIMOujqD4.roa
File: l4KC-sbGxKs9DFhI_hCIMOujqD4.roa (raw, json)
Hash identifier: UzdlLgfmcs5IKk+rHylb8IAMuv4vZHutjhIDD1Ip5nM=
Subject key identifier: 97:82:82:FA:C6:C6:C4:AB:3D:0C:58:48:FE:10:88:30:EB:A3:A8:3E
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0197D0FF4FC6CCD279FB8FE6FC9238DADDDB
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/l4KC-sbGxKs9DFhI_hCIMOujqD4.roa
Signing time: Thu 03 Jul 2025 15:54:42 +0000
ROA not before: Thu 03 Jul 2025 15:54:42 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32043
IP address blocks: 195.216.164.0/24 maxlen: 24
195.216.165.0/24 maxlen: 24
195.216.166.0/24 maxlen: 24
195.216.167.0/24 maxlen: 24
195.216.184.0/24 maxlen: 24
195.216.188.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 21 Jul 2025 13:00:25 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:97:d0:ff:4f:c6:cc:d2:79:fb:8f:e6:fc:92:38:da:dd:db
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jul 3 15:54:42 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=978282fac6c6c4ab3d0c5848fe108830eba3a83e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c4:66:47:4b:19:31:3c:5a:6f:0e:13:af:07:0f:
9e:4a:49:e0:c5:96:f8:0d:47:97:b9:94:f7:d5:8d:
63:02:7f:66:b0:ca:86:87:91:9b:8b:5b:fe:ad:a3:
fa:3c:a6:08:7a:59:e1:b6:a1:44:fe:79:8f:de:b5:
01:2f:22:40:0e:84:d4:ae:cf:4c:52:b2:aa:b1:af:
57:c5:bd:9b:85:d8:08:c4:c9:5d:4c:7b:b2:6f:06:
73:e0:47:33:7c:b9:3f:45:ad:c2:22:29:ba:1f:f1:
52:d4:0e:64:9d:f3:53:b6:e3:5f:49:d3:ad:03:44:
2f:23:e5:07:a9:4f:75:51:58:f4:d4:52:b5:29:27:
cb:bf:62:6b:28:da:ce:52:b6:48:f2:10:1f:83:2f:
f0:8d:f7:01:c5:af:38:05:9d:0c:9f:e8:96:41:ed:
7c:f5:e1:22:a7:5f:14:86:7a:3a:5d:a8:87:08:58:
cc:b2:f5:20:e6:21:a3:b4:60:93:ca:33:13:3e:b0:
24:4b:3d:1a:f3:90:b9:1c:c4:69:e1:38:a9:35:10:
c4:ef:ea:69:e2:bb:a9:6b:0f:4d:4f:06:3f:22:da:
6b:20:32:e4:77:21:6f:12:a8:08:c9:9f:0b:43:3f:
a9:47:af:8a:a7:73:32:f1:2a:f2:68:d2:0b:c1:bb:
b2:df
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
97:82:82:FA:C6:C6:C4:AB:3D:0C:58:48:FE:10:88:30:EB:A3:A8:3E
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/l4KC-sbGxKs9DFhI_hCIMOujqD4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.164.0/22
195.216.184.0/24
195.216.188.0/24
Signature Algorithm: sha256WithRSAEncryption
96:ed:b0:51:d6:4f:31:a9:16:f7:00:b7:19:ef:0f:8e:2c:86:
d9:ff:dc:49:32:7a:10:fd:aa:0b:48:0f:37:14:c9:19:a5:71:
0d:ec:74:c0:68:27:80:e5:ac:ea:cf:c2:65:11:f0:92:76:56:
72:b9:8f:25:f2:e5:d7:03:bd:81:c6:46:a4:9b:b9:44:fa:e0:
d3:61:ed:e0:57:98:a4:a4:0c:44:ba:fb:7a:8f:35:0f:d2:a7:
a6:8c:92:c4:a5:73:a6:a6:86:b6:6a:17:49:f2:3f:a9:48:d1:
b5:cc:18:38:83:74:4e:c1:63:e9:74:23:9a:81:f4:f2:7a:c4:
26:25:69:b6:76:06:52:5e:e8:77:b9:cd:a4:55:fd:3c:a8:af:
0f:6d:85:2a:1a:a2:3c:e4:d8:f6:6f:66:9d:9c:6c:76:6d:02:
36:f7:88:56:b0:c3:8d:94:3f:b2:04:ad:91:3a:c5:78:23:52:
ac:b8:fe:3e:a1:7e:d6:c8:2f:d7:13:50:69:15:32:8c:be:e6:
70:8e:d5:db:b8:f3:c7:8a:8a:a4:50:f7:4a:08:1c:a2:7b:16:
ae:72:3d:1d:70:20:86:b8:9f:40:f8:a7:1c:3d:e2:bd:0f:9b:
f2:f6:6f:4e:f6:2b:5f:a0:f0:7c:fe:03:70:a9:ac:d2:f9:7b:
3d:5a:c9:6b
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZfQ/0/GzNJ5+4/m/JI42t3bMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwNzAzMTU1NDQyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5NzgyODJmYWM2YzZjNGFiM2QwYzU4NDhmZTEwODgzMGViYTNhODNlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxGZHSxkxPFpvDhOvBw+eSkngxZb4
DUeXuZT31Y1jAn9msMqGh5Gbi1v+raP6PKYIelnhtqFE/nmP3rUBLyJADoTUrs9M
UrKqsa9Xxb2bhdgIxMldTHuybwZz4EczfLk/Ra3CIim6H/FS1A5knfNTtuNfSdOt
A0QvI+UHqU91UVj01FK1KSfLv2JrKNrOUrZI8hAfgy/wjfcBxa84BZ0Mn+iWQe18
9eEip18Uhno6XaiHCFjMsvUg5iGjtGCTyjMTPrAkSz0a85C5HMRp4TipNRDE7+pp
4rupaw9NTwY/ItprIDLkdyFvEqgIyZ8LQz+pR6+Kp3My8SryaNILwbuy3wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJeCgvrGxsSrPQxYSP4QiDDro6g+MB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvbDRLQy1zYkd4S3M5REZoSV9oQ0lNT3VqcUQ0LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCw9ikAwQA
w9i4AwQAw9i8MA0GCSqGSIb3DQEBCwUAA4IBAQCW7bBR1k8xqRb3ALcZ7w+OLIbZ
/9xJMnoQ/aoLSA83FMkZpXEN7HTAaCeA5azqz8JlEfCSdlZyuY8l8uXXA72Bxkak
m7lE+uDTYe3gV5ikpAxEuvt6jzUP0qemjJLEpXOmpoa2ahdJ8j+pSNG1zBg4g3RO
wWPpdCOagfTyesQmJWm2dgZSXuh3uc2kVf08qK8PbYUqGqI85Nj2b2adnGx2bQI2
94hWsMONlD+yBK2ROsV4I1KsuP4+oX7WyC/XE1BpFTKMvuZwjtXbuPPHioqkUPdK
CByiexaucj0dcCCGuJ9A+KccPeK9D5vy9m9O9itfoPB8/gNwqazS+Xs9Wslr
-----END CERTIFICATE-----
Generated at Sun Jul 20 21:48:04 2025 by rpki-client