Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/15zRjTXVNBGuDrUDEqN5UuwIids.roa
File: 15zRjTXVNBGuDrUDEqN5UuwIids.roa (raw, json)
Hash identifier: FwYZwxMG1QLtJeFhKkER9dDPt8BpPk0Q+1jXXZv9EiM=
Subject key identifier: D7:9C:D1:8D:35:D5:34:11:AE:0E:B5:03:12:A3:79:52:EC:08:89:DB
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 0199018BB1D233A7D70CD867C460F35D47D1
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/15zRjTXVNBGuDrUDEqN5UuwIids.roa
Signing time: Sun 31 Aug 2025 19:12:36 +0000
ROA not before: Sun 31 Aug 2025 19:12:36 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 32043
IP address blocks: 195.216.164.0/24 maxlen: 24
195.216.165.0/24 maxlen: 24
195.216.166.0/24 maxlen: 24
195.216.167.0/24 maxlen: 24
195.216.184.0/24 maxlen: 24
213.182.198.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 08 Sep 2025 05:00:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:01:8b:b1:d2:33:a7:d7:0c:d8:67:c4:60:f3:5d:47:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Aug 31 19:12:36 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d79cd18d35d53411ae0eb50312a37952ec0889db
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ac:12:54:f8:8c:68:be:3d:3b:fe:b4:5d:79:da:
37:89:0e:b0:3c:14:2d:4f:00:57:fe:1d:8a:44:58:
1d:2a:54:39:45:e2:b9:43:58:06:75:6f:66:6d:fc:
3f:c1:93:83:6f:44:d4:b3:3a:33:95:78:ad:9b:b4:
69:67:32:02:00:e0:59:7f:7d:2a:d7:db:54:cf:02:
06:e3:a6:f4:c1:ab:c8:ba:c9:8f:e6:bc:04:d2:4a:
69:95:5f:87:3f:90:7c:1f:88:01:34:ed:ef:3b:28:
62:da:81:67:87:50:cd:42:3f:27:94:4a:6c:67:45:
f8:a1:d9:bc:21:2a:28:ad:0b:d7:c3:b5:66:c2:2c:
be:28:8a:08:ff:5b:e6:d3:97:2f:83:df:c0:3b:36:
56:67:fc:01:d8:78:a6:b8:ba:5e:74:c5:f2:56:ab:
9d:06:e0:e9:63:4f:0d:cc:fc:95:16:5d:3b:c8:28:
bf:d9:89:d0:c5:90:23:74:ed:7d:55:77:cf:4b:0b:
6e:ce:30:c4:51:53:e3:26:69:e8:0f:48:e5:3e:ca:
33:78:da:76:f0:d7:b4:4e:6b:9d:9f:13:bc:78:c7:
0b:d3:56:52:0e:e4:7f:ee:11:d1:4b:a6:39:e1:5f:
53:7b:88:bf:ce:c4:5e:1d:d8:26:db:7c:73:f8:b8:
2e:9f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:9C:D1:8D:35:D5:34:11:AE:0E:B5:03:12:A3:79:52:EC:08:89:DB
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/15zRjTXVNBGuDrUDEqN5UuwIids.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.164.0/22
195.216.184.0/24
213.182.198.0/24
Signature Algorithm: sha256WithRSAEncryption
6d:09:f2:6e:25:48:fb:0e:2f:cf:74:ac:c2:ab:18:9f:2a:fe:
64:64:d1:f3:0f:70:f5:12:2c:f6:90:a3:0f:e3:b5:7a:10:b3:
76:cc:66:2c:85:83:19:7e:9b:c0:4e:3a:3b:0e:74:e2:b0:c4:
25:6f:ee:43:32:8a:a3:d1:cd:62:a8:99:c4:36:d1:e0:17:93:
d6:d2:be:dc:53:ba:d6:09:e7:f9:9b:8c:30:09:3d:5c:4e:9d:
49:5e:c2:e3:31:28:b7:86:a2:74:0d:0f:d9:b5:b1:fa:0c:d5:
aa:77:00:8e:b5:fa:b0:a7:31:9b:0d:0b:64:bf:53:f9:fd:37:
1a:c1:7d:7a:de:7d:84:d9:85:43:4a:ff:83:89:23:10:4b:ac:
e5:e2:6b:4a:c9:3d:fa:5c:fa:c6:6d:0b:cb:40:40:a8:27:ff:
47:b7:50:fa:9a:5d:4c:e7:95:9b:4e:3f:95:48:53:4e:ce:83:
c7:f6:46:95:b8:f3:5a:24:f1:b4:6f:f0:46:1a:3b:8e:bf:ef:
ae:91:ec:6b:ee:70:fb:79:05:6d:da:c1:27:f1:6d:67:c6:04:
7d:28:88:ad:ca:44:db:47:55:bf:4e:eb:8a:c9:6f:e6:a7:d1:
45:3d:52:d4:09:1b:35:87:de:08:48:77:db:1c:f2:26:0a:1e:
fd:54:ad:c3
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZkBi7HSM6fXDNhnxGDzXUfRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjUwODMxMTkxMjM2WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzljZDE4ZDM1ZDUzNDExYWUwZWI1MDMxMmEzNzk1MmVjMDg4OWRiMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArBJU+Ixovj07/rRdedo3iQ6wPBQt
TwBX/h2KRFgdKlQ5ReK5Q1gGdW9mbfw/wZODb0TUszozlXitm7RpZzICAOBZf30q
19tUzwIG46b0wavIusmP5rwE0kpplV+HP5B8H4gBNO3vOyhi2oFnh1DNQj8nlEps
Z0X4odm8ISoorQvXw7Vmwiy+KIoI/1vm05cvg9/AOzZWZ/wB2HimuLpedMXyVqud
BuDpY08NzPyVFl07yCi/2YnQxZAjdO19VXfPSwtuzjDEUVPjJmnoD0jlPsozeNp2
8Ne0TmudnxO8eMcL01ZSDuR/7hHRS6Y54V9Te4i/zsReHdgm23xz+LgunwIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFNec0Y011TQRrg61AxKjeVLsCInbMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvMTV6UmpUWFZOQkd1RHJVREVxTjVVdXdJaWRzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQCw9ikAwQA
w9i4AwQA1bbGMA0GCSqGSIb3DQEBCwUAA4IBAQBtCfJuJUj7Di/PdKzCqxifKv5k
ZNHzD3D1Eiz2kKMP47V6ELN2zGYshYMZfpvATjo7DnTisMQlb+5DMoqj0c1iqJnE
NtHgF5PW0r7cU7rWCef5m4wwCT1cTp1JXsLjMSi3hqJ0DQ/ZtbH6DNWqdwCOtfqw
pzGbDQtkv1P5/TcawX163n2E2YVDSv+DiSMQS6zl4mtKyT36XPrGbQvLQECoJ/9H
t1D6ml1M55WbTj+VSFNOzoPH9kaVuPNaJPG0b/BGGjuOv++ukexr7nD7eQVt2sEn
8W1nxgR9KIitykTbR1W/TuuKyW/mp9FFPVLUCRs1h94ISHfbHPImCh79VK3D
-----END CERTIFICATE-----
Generated at Sun Sep 7 12:26:50 2025 by rpki-client