Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/15TOooLLdpjbW_b3cisCOyE_RdY.roa
File: 15TOooLLdpjbW_b3cisCOyE_RdY.roa (raw, json)
Hash identifier: xVGVYewssiiy8kApCS/TVaXMU8QbkCVUeShunh7NxqA=
Subject key identifier: D7:94:CE:A2:82:CB:76:98:DB:5B:F6:F7:72:2B:02:3B:21:3F:45:D6
Certificate issuer: /CN=57c670c8db32dd748df797c5c93013d8c91fa839
Certificate serial: 0198EB34D456448514DDB097A25D7C029E6B
Authority key identifier: 57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/15TOooLLdpjbW_b3cisCOyE_RdY.roa
Signing time: Wed 27 Aug 2025 11:06:04 +0000
ROA not before: Wed 27 Aug 2025 11:06:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 200740
IP address blocks: 89.44.84.0/23 maxlen: 23
95.81.112.0/24 maxlen: 24
95.81.113.0/24 maxlen: 24
95.81.119.0/24 maxlen: 24
95.81.120.0/24 maxlen: 24
109.69.56.0/23 maxlen: 23
109.69.58.0/23 maxlen: 23
185.103.252.0/23 maxlen: 23
185.103.254.0/23 maxlen: 23
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.mft
rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 07 Sep 2025 11:14:23 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:eb:34:d4:56:44:85:14:dd:b0:97:a2:5d:7c:02:9e:6b
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=57c670c8db32dd748df797c5c93013d8c91fa839
Validity
Not Before: Aug 27 11:06:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=d794cea282cb7698db5bf6f7722b023b213f45d6
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a1:31:2c:0b:73:65:36:0a:df:5e:3c:ed:c6:40:
15:e3:4d:b8:fa:6a:b0:26:0d:07:cd:f6:6f:87:4a:
27:ab:8b:ad:cb:39:ba:5c:82:70:a3:66:54:30:3f:
98:a1:0a:89:47:be:9b:a4:61:43:b5:dd:86:f4:a9:
d8:a6:e6:fc:45:ce:6d:ab:98:94:af:a9:8e:da:f2:
51:43:8b:aa:52:bb:41:5a:2f:c6:02:6c:4e:86:18:
38:2f:99:0c:7a:67:8a:98:0c:0e:2d:62:7c:c0:39:
16:5d:9e:16:e7:69:c2:74:a4:dc:d4:fe:90:7c:14:
b6:e9:5d:29:53:87:7c:90:a8:3b:ab:b3:34:42:e5:
2c:5e:e7:2a:d5:40:65:66:71:b8:83:ee:4f:1a:c8:
9b:c5:70:b2:5f:f8:87:25:c9:ed:e2:3d:59:f1:55:
51:eb:18:5e:46:01:64:48:a5:f9:84:f4:2c:64:ed:
2f:bd:de:78:73:d0:0c:d5:55:21:33:bc:89:ca:9b:
bb:5d:7e:20:f2:43:6a:ad:68:7c:74:f3:c3:86:92:
a4:af:68:14:6e:65:78:8e:50:cb:9e:00:81:a6:0b:
64:fa:a5:a7:12:6e:43:89:7e:4d:db:1d:8f:a6:6e:
27:de:90:5c:f1:a3:f7:98:28:82:bb:c9:4d:aa:96:
33:8d
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
D7:94:CE:A2:82:CB:76:98:DB:5B:F6:F7:72:2B:02:3B:21:3F:45:D6
X509v3 Authority Key Identifier:
keyid:57:C6:70:C8:DB:32:DD:74:8D:F7:97:C5:C9:30:13:D8:C9:1F:A8:39
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/V8ZwyNsy3XSN95fFyTAT2MkfqDk.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/15TOooLLdpjbW_b3cisCOyE_RdY.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/e8/5a6fda-7896-4c50-affd-30495f403784/1/V8ZwyNsy3XSN95fFyTAT2MkfqDk.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.44.84.0/23
95.81.112.0/23
95.81.119.0-95.81.120.255
109.69.56.0/22
185.103.252.0/22
Signature Algorithm: sha256WithRSAEncryption
37:b1:50:22:7f:64:fc:be:85:9d:8c:a3:09:e0:00:b9:19:0f:
59:39:4c:c5:12:99:bf:ad:ac:7d:6d:64:3e:20:93:f1:21:86:
b3:a4:50:51:cb:28:5f:0f:2f:df:9e:90:74:92:45:d4:48:bd:
dc:77:23:ec:99:e0:62:08:ec:4f:89:d6:25:15:bc:2a:28:86:
18:77:b6:94:b6:74:da:97:2f:8b:62:02:66:02:6d:1a:c2:61:
b6:27:f9:cc:29:2f:4d:05:37:be:8d:d2:d6:e3:5e:28:9e:2c:
75:66:e4:e8:ec:c8:89:5c:aa:82:fd:8b:30:4a:f0:8b:a6:62:
e6:ae:fe:7a:cf:4f:f5:e2:62:81:8e:cf:fe:33:06:1c:86:a4:
c8:32:fb:c6:68:e1:fb:54:29:69:83:96:8e:76:b8:2b:6f:8f:
86:7e:fd:62:b8:f2:19:6f:97:a1:53:19:92:50:26:75:d1:d1:
a1:6f:4c:1c:3f:db:5c:7c:7b:f7:e4:49:0c:c8:85:47:cc:06:
4a:bc:3a:7d:2b:6a:2a:f8:cf:05:4c:7f:eb:20:78:b5:41:6a:
a5:53:24:45:32:bd:ab:5b:3b:3a:37:cc:9e:c2:c5:6c:d6:45:
e5:53:fd:62:e7:48:31:bb:f4:ef:ee:6c:5b:0b:b9:ce:c1:d0:
d5:86:ae:23
-----BEGIN CERTIFICATE-----
MIIFHTCCBAWgAwIBAgISAZjrNNRWRIUU3bCXol18Ap5rMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDU3YzY3MGM4ZGIzMmRkNzQ4ZGY3OTdjNWM5MzAxM2Q4Yzkx
ZmE4MzkwHhcNMjUwODI3MTEwNjA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhkNzk0Y2VhMjgyY2I3Njk4ZGI1YmY2Zjc3MjJiMDIzYjIxM2Y0NWQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAoTEsC3NlNgrfXjztxkAV4024+mqw
Jg0HzfZvh0onq4utyzm6XIJwo2ZUMD+YoQqJR76bpGFDtd2G9KnYpub8Rc5tq5iU
r6mO2vJRQ4uqUrtBWi/GAmxOhhg4L5kMemeKmAwOLWJ8wDkWXZ4W52nCdKTc1P6Q
fBS26V0pU4d8kKg7q7M0QuUsXucq1UBlZnG4g+5PGsibxXCyX/iHJcnt4j1Z8VVR
6xheRgFkSKX5hPQsZO0vvd54c9AM1VUhM7yJypu7XX4g8kNqrWh8dPPDhpKkr2gU
bmV4jlDLngCBpgtk+qWnEm5DiX5N2x2Ppm4n3pBc8aP3mCiCu8lNqpYzjQIDAQAB
o4ICKTCCAiUwHQYDVR0OBBYEFNeUzqKCy3aY21v293IrAjshP0XWMB8GA1UdIwQY
MBaAFFfGcMjbMt10jfeXxckwE9jJH6g5MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQt
MzA0OTVmNDAzNzg0LzEvMTVUT29vTExkcGpiV19iM2Npc0NPeUVfUmRZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC9lOC81YTZmZGEtNzg5Ni00YzUwLWFmZmQtMzA0OTVmNDAzNzg0
LzEvVjhad3lOc3kzWFNOOTVmRnlUQVQyTWtmcURrLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMD8GCCsGAQUFBwEHAQH/BDAwLjAsBAIAATAmAwQBWSxUAwQB
X1FwMAwDBABfUXcDBABfUXgDBAJtRTgDBAK5Z/wwDQYJKoZIhvcNAQELBQADggEB
ADexUCJ/ZPy+hZ2MowngALkZD1k5TMUSmb+trH1tZD4gk/EhhrOkUFHLKF8PL9+e
kHSSRdRIvdx3I+yZ4GII7E+J1iUVvCoohhh3tpS2dNqXL4tiAmYCbRrCYbYn+cwp
L00FN76N0tbjXiieLHVm5OjsyIlcqoL9izBK8IumYuau/nrPT/XiYoGOz/4zBhyG
pMgy+8Zo4ftUKWmDlo52uCtvj4Z+/WK48hlvl6FTGZJQJnXR0aFvTBw/21x8e/fk
SQzIhUfMBkq8On0rair4zwVMf+sgeLVBaqVTJEUyvatbOzo3zJ7CxWzWReVT/WLn
SDG79O/ubFsLuc7B0NWGriM=
-----END CERTIFICATE-----
Generated at Sat Sep 6 14:18:31 2025 by rpki-client