Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/1-uN15WooRn1ILKR5q1XNAneYJkk.roa
File: 1-uN15WooRn1ILKR5q1XNAneYJkk.roa (raw, json)
Hash identifier: ceG95NNBWipckiQC0zFJWFVKiWVKgIWhdLvt9vkMIUA=
Subject key identifier: FA:E3:75:E5:6A:28:46:7D:48:2C:A4:79:AB:55:CD:02:77:98:26:49
Certificate issuer: /CN=07d3c0c115328c3d28c0f5721b00982b2cd4215e
Certificate serial: 0198A8DBF686DEBF73E1672E940889529064
Authority key identifier: 07:D3:C0:C1:15:32:8C:3D:28:C0:F5:72:1B:00:98:2B:2C:D4:21:5E
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/B9PAwRUyjD0owPVyGwCYKyzUIV4.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/1-uN15WooRn1ILKR5q1XNAneYJkk.roa
Signing time: Thu 14 Aug 2025 13:54:04 +0000
ROA not before: Thu 14 Aug 2025 13:54:04 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 14618
IP address blocks: 195.22.120.0/24 maxlen: 24
2001:67c:2f00::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/B9PAwRUyjD0owPVyGwCYKyzUIV4.crl
rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/B9PAwRUyjD0owPVyGwCYKyzUIV4.mft
rsync://rpki.ripe.net/repository/DEFAULT/B9PAwRUyjD0owPVyGwCYKyzUIV4.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Fri 22 Aug 2025 15:34:04 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:98:a8:db:f6:86:de:bf:73:e1:67:2e:94:08:89:52:90:64
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=07d3c0c115328c3d28c0f5721b00982b2cd4215e
Validity
Not Before: Aug 14 13:54:04 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=fae375e56a28467d482ca479ab55cd0277982649
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:cc:35:b7:e4:b0:67:59:d2:0e:00:78:db:4d:40:
bd:a8:cd:83:63:05:83:b0:49:8f:8a:e4:75:07:ae:
e1:ba:7f:34:3a:11:11:a4:9b:64:4a:6a:07:18:37:
bc:0d:d3:80:8f:e1:76:81:6e:48:cd:6a:74:4f:e4:
79:70:d8:03:93:df:95:53:b0:68:98:09:40:b3:f8:
be:b7:ed:e4:75:b7:d4:80:48:f2:51:71:e7:da:b4:
e1:76:66:73:04:cb:94:f6:38:4a:ad:7a:95:cd:da:
47:a1:42:dd:97:98:59:fd:21:e7:e5:10:01:f6:4e:
14:1a:8b:ce:30:67:50:72:46:02:db:c0:91:9c:f2:
ce:c6:1f:63:c4:46:7d:5d:6e:c4:b7:67:99:0e:60:
01:ca:52:ae:16:4b:f1:bd:5b:35:d6:db:86:a9:a1:
69:b7:53:88:bc:bb:96:4f:a4:2e:f3:01:1d:6a:83:
31:cf:05:85:c0:92:a9:e7:a7:6e:a1:a0:c0:7c:0f:
42:ac:1a:93:e7:58:d6:2a:42:62:d1:df:64:b4:20:
3f:90:e9:4b:03:48:ec:17:ab:81:31:d1:ad:8e:4d:
77:77:dd:36:63:88:ae:5c:f4:00:6f:99:cc:25:cf:
a5:49:0a:b6:b4:4d:1b:ee:4d:4a:26:21:ac:cd:dd:
ff:69
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FA:E3:75:E5:6A:28:46:7D:48:2C:A4:79:AB:55:CD:02:77:98:26:49
X509v3 Authority Key Identifier:
keyid:07:D3:C0:C1:15:32:8C:3D:28:C0:F5:72:1B:00:98:2B:2C:D4:21:5E
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/B9PAwRUyjD0owPVyGwCYKyzUIV4.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/1-uN15WooRn1ILKR5q1XNAneYJkk.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/f5/376f5a-c026-4bae-8847-2b1d439b2227/1/B9PAwRUyjD0owPVyGwCYKyzUIV4.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.22.120.0/24
IPv6:
2001:67c:2f00::/48
Signature Algorithm: sha256WithRSAEncryption
90:eb:ce:ad:07:45:47:8d:9d:5f:07:a6:bf:96:36:a3:aa:53:
3d:87:7f:a9:5a:91:d5:c8:88:84:1d:b5:e6:7c:a1:25:ac:30:
64:7a:e1:26:4e:35:cf:f0:96:27:70:d7:81:c9:4d:fc:6c:c4:
11:17:7a:4a:d7:34:8f:44:51:6d:a1:fd:67:ba:bd:95:e3:8d:
d7:be:09:20:f6:e8:d6:ea:1d:da:f7:99:f2:3f:c2:f6:5a:a8:
b4:50:75:7e:ea:5f:30:84:11:eb:15:1d:85:05:b6:ee:65:1f:
ab:54:be:66:00:f3:14:e7:29:98:38:88:23:d9:cb:50:e0:3f:
5f:03:c7:e2:2c:49:e1:72:7c:8a:e2:3b:98:88:74:1e:67:ea:
49:5d:2f:e5:96:c5:91:ff:62:d0:19:13:14:96:43:f4:09:60:
53:b2:21:60:8b:ef:49:39:5c:26:a2:08:92:b4:9b:61:d1:fa:
d0:03:fa:df:58:ed:17:7b:7e:72:ea:69:17:0c:87:2b:c5:39:
39:d6:0a:c7:85:80:55:97:c6:12:ee:bc:27:61:9c:63:c8:1a:
1b:dd:28:d5:4e:39:ce:8b:91:2f:d8:e5:72:7f:91:66:5e:1b:
a8:67:4d:b7:02:f8:8d:61:78:8b:d2:96:7c:4e:f0:07:a9:da:
67:a5:94:68
-----BEGIN CERTIFICATE-----
MIIFDzCCA/egAwIBAgISAZio2/aG3r9z4WculAiJUpBkMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDA3ZDNjMGMxMTUzMjhjM2QyOGMwZjU3MjFiMDA5ODJiMmNk
NDIxNWUwHhcNMjUwODE0MTM1NDA0WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYWUzNzVlNTZhMjg0NjdkNDgyY2E0NzlhYjU1Y2QwMjc3OTgyNjQ5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAzDW35LBnWdIOAHjbTUC9qM2DYwWD
sEmPiuR1B67hun80OhERpJtkSmoHGDe8DdOAj+F2gW5IzWp0T+R5cNgDk9+VU7Bo
mAlAs/i+t+3kdbfUgEjyUXHn2rThdmZzBMuU9jhKrXqVzdpHoULdl5hZ/SHn5RAB
9k4UGovOMGdQckYC28CRnPLOxh9jxEZ9XW7Et2eZDmABylKuFkvxvVs11tuGqaFp
t1OIvLuWT6Qu8wEdaoMxzwWFwJKp56duoaDAfA9CrBqT51jWKkJi0d9ktCA/kOlL
A0jsF6uBMdGtjk13d902Y4iuXPQAb5nMJc+lSQq2tE0b7k1KJiGszd3/aQIDAQAB
o4ICGzCCAhcwHQYDVR0OBBYEFPrjdeVqKEZ9SCykeatVzQJ3mCZJMB8GA1UdIwQY
MBaAFAfTwMEVMow9KMD1chsAmCss1CFeMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvQjlQQXdSVXlqRDBvd1BWeUd3Q1lLeXpVSVY0LmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC9mNS8zNzZmNWEtYzAyNi00YmFlLTg4NDct
MmIxZDQzOWIyMjI3LzEvMS11TjE1V29vUm4xSUxLUjVxMVhOQW5lWUpray5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvZjUvMzc2ZjVhLWMwMjYtNGJhZS04ODQ3LTJiMWQ0MzliMjIy
Ny8xL0I5UEF3UlV5akQwb3dQVnlHd0NZS3l6VUlWNC5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAwBggrBgEFBQcBBwEB/wQhMB8wDAQCAAEwBgMEAMMWeDAP
BAIAAjAJAwcAIAEGfC8AMA0GCSqGSIb3DQEBCwUAA4IBAQCQ686tB0VHjZ1fB6a/
ljajqlM9h3+pWpHVyIiEHbXmfKElrDBkeuEmTjXP8JYncNeByU38bMQRF3pK1zSP
RFFtof1nur2V443Xvgkg9ujW6h3a95nyP8L2Wqi0UHV+6l8whBHrFR2FBbbuZR+r
VL5mAPMU5ymYOIgj2ctQ4D9fA8fiLEnhcnyK4juYiHQeZ+pJXS/llsWR/2LQGRMU
lkP0CWBTsiFgi+9JOVwmogiStJth0frQA/rfWO0Xe35y6mkXDIcrxTk51grHhYBV
l8YS7rwnYZxjyBob3SjVTjnOi5Ev2OVyf5FmXhuoZ023AviNYXiL0pZ8TvAHqdpn
pZRo
-----END CERTIFICATE-----
Generated at Thu Aug 21 18:59:09 2025 by rpki-client