Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/V7FxeBgowMJ9uzRZi_USZCw6XMI.roa
File: V7FxeBgowMJ9uzRZi_USZCw6XMI.roa (raw, json)
Hash identifier: tBwxfUXaS851zDbs0JMu4PFLXBxOjlI4hBYncc4yuPg=
Subject key identifier: 57:B1:71:78:18:28:C0:C2:7D:BB:34:59:8B:F5:12:64:2C:3A:5C:C2
Certificate issuer: /CN=c34094e3236dcd1c835113791a3824da2973df9b
Certificate serial: 0199198276BCB02B4E3F7D6D94A6AEE41D3E
Authority key identifier: C3:40:94:E3:23:6D:CD:1C:83:51:13:79:1A:38:24:DA:29:73:DF:9B
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/V7FxeBgowMJ9uzRZi_USZCw6XMI.roa
Signing time: Fri 05 Sep 2025 10:53:24 +0000
ROA not before: Fri 05 Sep 2025 10:53:24 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 41165
IP address blocks: 80.64.80.0/20 maxlen: 20
94.100.208.0/20 maxlen: 20
185.35.8.0/22 maxlen: 22
195.216.204.0/23 maxlen: 23
195.238.176.0/22 maxlen: 22
2a00:7d00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.crl
rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.mft
rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sat 20 Sep 2025 07:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:19:82:76:bc:b0:2b:4e:3f:7d:6d:94:a6:ae:e4:1d:3e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=c34094e3236dcd1c835113791a3824da2973df9b
Validity
Not Before: Sep 5 10:53:24 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=57b171781828c0c27dbb34598bf512642c3a5cc2
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:6a:cc:bc:18:ac:31:9f:9a:80:4f:e5:23:4e:
d9:90:e0:04:dc:15:24:8e:bc:6c:9d:0b:ab:71:8f:
42:38:b1:fb:85:01:26:69:4b:b5:5e:3a:60:1e:e5:
fb:fe:88:75:64:d2:67:77:61:83:50:94:e6:00:27:
65:d5:7d:99:c2:a7:4b:1b:52:75:25:9c:fa:fb:ee:
ae:ad:45:91:f0:fd:b6:c6:c8:06:31:01:82:13:42:
2c:00:82:a6:bf:7c:ab:9e:54:d6:85:a4:7c:2b:82:
ef:28:0c:3a:1e:68:8d:13:7e:d6:49:5e:bf:2b:fe:
e6:e1:1b:68:41:11:aa:ba:c5:bb:32:92:84:55:ec:
89:45:1c:b7:f9:82:92:60:7a:4b:da:4e:57:ba:87:
3e:23:47:08:01:76:7a:23:76:2c:bc:7b:a4:8c:87:
e6:0c:b2:a1:20:f0:ed:23:e1:e7:22:2c:7b:d0:48:
ed:e1:1d:80:e6:db:50:96:12:9a:8c:d6:2a:a6:28:
88:29:b0:ad:d0:f2:23:7b:fa:45:80:40:9a:2e:67:
61:0c:72:4f:2e:4c:c9:d7:5a:ca:d8:96:fd:47:96:
8f:99:8f:ab:76:45:da:7b:28:e0:10:db:d2:5a:db:
0f:3f:62:84:79:5d:a2:24:f1:7e:bb:fc:73:05:19:
c6:59
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
57:B1:71:78:18:28:C0:C2:7D:BB:34:59:8B:F5:12:64:2C:3A:5C:C2
X509v3 Authority Key Identifier:
keyid:C3:40:94:E3:23:6D:CD:1C:83:51:13:79:1A:38:24:DA:29:73:DF:9B
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/w0CU4yNtzRyDURN5Gjgk2ilz35s.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/V7FxeBgowMJ9uzRZi_USZCw6XMI.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/5a/cfb251-923f-40c1-9832-e8a39dd60864/1/w0CU4yNtzRyDURN5Gjgk2ilz35s.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
80.64.80.0/20
94.100.208.0/20
185.35.8.0/22
195.216.204.0/23
195.238.176.0/22
IPv6:
2a00:7d00::/32
Signature Algorithm: sha256WithRSAEncryption
a4:e3:47:2a:29:c3:21:1f:18:34:30:aa:4d:a9:5d:57:63:e9:
84:1d:68:9e:aa:80:b7:d0:ea:ed:7f:12:0e:f6:6b:f2:10:e3:
60:c3:d7:86:14:e6:c1:00:3d:6f:93:36:80:97:18:a1:f9:45:
d2:31:fd:08:37:81:21:b4:fb:b1:d3:90:d4:80:94:62:fe:a2:
e4:06:ca:85:0d:6c:4b:92:85:8e:2a:09:13:50:a4:bf:75:b4:
80:fb:1e:34:e2:2f:ea:ce:3e:d1:5a:f9:2e:f2:fe:a3:43:6a:
53:4b:15:08:fe:92:5c:f1:68:9c:12:c2:8c:5d:ef:31:8b:51:
b5:94:0d:90:11:dc:8d:85:1b:c9:e6:90:ba:9c:de:71:06:a1:
df:53:15:d0:48:08:68:d8:ec:4c:56:4d:9e:ca:ab:38:42:94:
c8:b3:d3:e9:ef:70:d6:96:f8:47:85:40:07:e6:4d:74:5c:1d:
9f:2b:6b:8d:87:32:e7:56:ba:95:65:9c:a8:25:d7:64:3f:98:
a6:65:55:06:f9:10:b6:fe:c0:e9:be:89:b1:e2:44:80:26:17:
97:7c:f1:10:78:08:ca:ba:06:1e:af:1c:a7:28:e4:e1:c1:33:
61:c2:3c:a4:bf:97:bf:54:b2:1e:b2:48:ff:37:f0:d3:70:54:
27:aa:57:83
-----BEGIN CERTIFICATE-----
MIIFJDCCBAygAwIBAgISAZkZgna8sCtOP31tlKau5B0+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGMzNDA5NGUzMjM2ZGNkMWM4MzUxMTM3OTFhMzgyNGRhMjk3
M2RmOWIwHhcNMjUwOTA1MTA1MzI0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1N2IxNzE3ODE4MjhjMGMyN2RiYjM0NTk4YmY1MTI2NDJjM2E1Y2MyMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8WrMvBisMZ+agE/lI07ZkOAE3BUk
jrxsnQurcY9COLH7hQEmaUu1XjpgHuX7/oh1ZNJnd2GDUJTmACdl1X2ZwqdLG1J1
JZz6++6urUWR8P22xsgGMQGCE0IsAIKmv3yrnlTWhaR8K4LvKAw6HmiNE37WSV6/
K/7m4RtoQRGqusW7MpKEVeyJRRy3+YKSYHpL2k5Xuoc+I0cIAXZ6I3YsvHukjIfm
DLKhIPDtI+HnIix70Ejt4R2A5ttQlhKajNYqpiiIKbCt0PIje/pFgECaLmdhDHJP
LkzJ11rK2Jb9R5aPmY+rdkXaeyjgENvSWtsPP2KEeV2iJPF+u/xzBRnGWQIDAQAB
o4ICMDCCAiwwHQYDVR0OBBYEFFexcXgYKMDCfbs0WYv1EmQsOlzCMB8GA1UdIwQY
MBaAFMNAlOMjbc0cg1ETeRo4JNopc9+bMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdzBDVTR5TnR6UnlEVVJONUdqZ2syaWx6MzVzLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzIt
ZThhMzlkZDYwODY0LzEvVjdGeGVCZ293TUo5dXpSWmlfVVNaQ3c2WE1JLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC81YS9jZmIyNTEtOTIzZi00MGMxLTk4MzItZThhMzlkZDYwODY0
LzEvdzBDVTR5TnR6UnlEVVJONUdqZ2syaWx6MzVzLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEYGCCsGAQUFBwEHAQH/BDcwNTAkBAIAATAeAwQEUEBQAwQE
XmTQAwQCuSMIAwQBw9jMAwQCw+6wMA0EAgACMAcDBQAqAH0AMA0GCSqGSIb3DQEB
CwUAA4IBAQCk40cqKcMhHxg0MKpNqV1XY+mEHWieqoC30OrtfxIO9mvyEONgw9eG
FObBAD1vkzaAlxih+UXSMf0IN4EhtPux05DUgJRi/qLkBsqFDWxLkoWOKgkTUKS/
dbSA+x404i/qzj7RWvku8v6jQ2pTSxUI/pJc8WicEsKMXe8xi1G1lA2QEdyNhRvJ
5pC6nN5xBqHfUxXQSAho2OxMVk2eyqs4QpTIs9Pp73DWlvhHhUAH5k10XB2fK2uN
hzLnVrqVZZyoJddkP5imZVUG+RC2/sDpvomx4kSAJheXfPEQeAjKugYerxynKOTh
wTNhwjykv5e/VLIeskj/N/DTcFQnqleD
-----END CERTIFICATE-----
Generated at Fri Sep 19 16:12:58 2025 by rpki-client