Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/krMvWrTmClN0QDDCKGHyCwEtM1o.roa
File: krMvWrTmClN0QDDCKGHyCwEtM1o.roa (raw, json)
Hash identifier: ZbHVn1/9WHrH30Xx8aRofoJKIUy9MeJR0ZfYS2/1ROo=
Subject key identifier: 92:B3:2F:5A:B4:E6:0A:53:74:40:30:C2:28:61:F2:0B:01:2D:33:5A
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 019A48CB6F93CD23781BC52C52CE0E81618C
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/krMvWrTmClN0QDDCKGHyCwEtM1o.roa
Signing time: Mon 03 Nov 2025 08:18:03 +0000
ROA not before: Mon 03 Nov 2025 08:18:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 834
IP address blocks: 95.170.12.0/24 maxlen: 24
95.170.18.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 04 Nov 2025 15:12:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:48:cb:6f:93:cd:23:78:1b:c5:2c:52:ce:0e:81:61:8c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Nov 3 08:18:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=92b32f5ab4e60a53744030c22861f20b012d335a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:84:0d:83:94:9f:59:07:1b:1d:24:15:8d:d8:14:
16:40:6f:2e:be:73:6e:f5:cb:03:48:4d:18:f9:d1:
84:7b:3f:60:ad:f5:86:d2:4d:91:8a:9c:ac:89:d4:
19:a1:72:7e:5a:df:9d:7a:bd:b1:57:de:f6:25:d6:
2d:26:fc:5a:49:8e:2f:3b:9e:37:39:0e:b3:5f:82:
07:90:a1:d2:50:d7:c7:fb:e2:c9:c7:03:d5:5d:88:
22:c6:7b:05:6a:d5:86:09:73:d8:d9:cd:a2:02:d9:
25:c8:79:9a:33:17:ef:dd:0f:f9:74:12:72:f4:58:
ab:a6:bf:e1:a3:8e:94:99:2c:09:db:8f:d1:81:23:
e5:76:8b:bc:0e:f4:f9:0d:37:1c:64:44:f1:44:40:
29:68:f9:d2:6a:1f:6d:f4:79:bf:88:4b:68:33:61:
69:4f:9f:9f:04:05:2e:9f:48:ef:c0:83:35:81:da:
33:e5:b9:5d:6f:66:d3:7f:79:8c:fd:ee:06:00:3f:
6c:59:d8:8e:f3:87:c6:7c:26:da:7d:67:54:6e:99:
a1:31:a6:7d:4e:c1:62:32:5f:67:a1:44:ad:ed:fa:
ee:ae:bb:f1:7f:7a:8e:95:5e:fc:67:57:04:df:c5:
56:0d:93:7b:79:7f:0d:80:47:8b:6c:eb:2d:eb:9e:
4a:dd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
92:B3:2F:5A:B4:E6:0A:53:74:40:30:C2:28:61:F2:0B:01:2D:33:5A
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/krMvWrTmClN0QDDCKGHyCwEtM1o.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.12.0/24
95.170.18.0/24
Signature Algorithm: sha256WithRSAEncryption
60:9e:21:63:2d:a5:44:4e:a9:2c:4b:ce:3e:e3:c8:50:a0:a1:
5b:8b:8e:d9:99:0e:ae:c0:5d:1c:8a:f1:1f:41:34:af:4c:86:
ee:42:83:77:6e:44:b9:14:31:d4:c0:23:8e:ea:e1:2a:a3:e4:
dd:97:5c:2b:a6:0a:30:82:1c:4d:6e:d1:92:b8:b2:62:39:4b:
a1:49:94:fb:d0:2b:05:3c:ab:f2:7b:a8:d8:fb:ae:e7:da:21:
a7:4b:0a:0f:ca:3b:2d:46:27:0f:66:c2:73:f2:07:d9:00:59:
c0:66:0f:b0:d8:ad:42:92:d8:ea:fc:ed:c7:7e:7e:ff:f5:f3:
ff:cf:e1:5f:80:b0:d3:7d:c0:a3:4d:94:0c:c9:d0:d8:97:59:
a3:2c:10:af:d1:22:15:34:fb:37:56:6b:96:59:8d:cc:ea:9b:
19:6c:00:b4:78:e6:1a:48:fd:ea:b8:05:e1:bf:df:e5:19:b9:
b2:19:e8:ea:e6:8e:3a:69:45:ea:92:df:53:34:fa:dd:2e:0f:
b5:e2:92:5e:d6:58:2c:61:48:ba:18:18:e3:4b:70:63:54:e7:
18:f6:c5:92:50:7f:62:7b:c0:dd:d5:bf:10:c9:a2:d7:ee:4a:
32:02:72:da:22:e5:40:05:70:33:01:af:c0:cd:27:9e:31:94:
da:5d:a9:3a
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZpIy2+TzSN4G8UsUs4OgWGMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjUxMTAzMDgxODAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MmIzMmY1YWI0ZTYwYTUzNzQ0MDMwYzIyODYxZjIwYjAxMmQzMzVhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAhA2DlJ9ZBxsdJBWN2BQWQG8uvnNu
9csDSE0Y+dGEez9grfWG0k2RipysidQZoXJ+Wt+der2xV972JdYtJvxaSY4vO543
OQ6zX4IHkKHSUNfH++LJxwPVXYgixnsFatWGCXPY2c2iAtklyHmaMxfv3Q/5dBJy
9Firpr/ho46UmSwJ24/RgSPldou8DvT5DTccZETxREApaPnSah9t9Hm/iEtoM2Fp
T5+fBAUun0jvwIM1gdoz5bldb2bTf3mM/e4GAD9sWdiO84fGfCbafWdUbpmhMaZ9
TsFiMl9noUSt7frurrvxf3qOlV78Z1cE38VWDZN7eX8NgEeLbOst655K3QIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFJKzL1q05gpTdEAwwihh8gsBLTNaMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEva3JNdldyVG1DbE4wUUREQ0tHSHlDd0V0TTFvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAX6oMAwQA
X6oSMA0GCSqGSIb3DQEBCwUAA4IBAQBgniFjLaVETqksS84+48hQoKFbi47ZmQ6u
wF0civEfQTSvTIbuQoN3bkS5FDHUwCOO6uEqo+Tdl1wrpgowghxNbtGSuLJiOUuh
SZT70CsFPKvye6jY+67n2iGnSwoPyjstRicPZsJz8gfZAFnAZg+w2K1Cktjq/O3H
fn7/9fP/z+FfgLDTfcCjTZQMydDYl1mjLBCv0SIVNPs3VmuWWY3M6psZbAC0eOYa
SP3quAXhv9/lGbmyGejq5o46aUXqkt9TNPrdLg+14pJe1lgsYUi6GBjjS3BjVOcY
9sWSUH9ie8Dd1b8QyaLX7koyAnLaIuVABXAzAa/AzSeeMZTaXak6
-----END CERTIFICATE-----
Generated at Mon Nov 3 23:16:29 2025 by rpki-client