Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/mfK6aJ71QzV-sAHIX3PCViU0DkU.roa
File: mfK6aJ71QzV-sAHIX3PCViU0DkU.roa (raw, json)
Hash identifier: U0sp/61DcLhPsHuAw+3JAiFKjincTtP/CmWk6DPp/9o=
Subject key identifier: 99:F2:BA:68:9E:F5:43:35:7E:B0:01:C8:5F:73:C2:56:25:34:0E:45
Certificate issuer: /CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Certificate serial: 019A52A78B9EA5619B8C9087322151FCE39C
Authority key identifier: 20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/mfK6aJ71QzV-sAHIX3PCViU0DkU.roa
Signing time: Wed 05 Nov 2025 06:15:03 +0000
ROA not before: Wed 05 Nov 2025 06:15:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205886
IP address blocks: 95.170.18.0/24 maxlen: 24
95.170.20.0/24 maxlen: 24
95.170.27.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.mft
rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 21:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:52:a7:8b:9e:a5:61:9b:8c:90:87:32:21:51:fc:e3:9c
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=20e425a32b62d39818c4cbb0081075686fc4c8e8
Validity
Not Before: Nov 5 06:15:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=99f2ba689ef543357eb001c85f73c25625340e45
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:e1:eb:13:5a:87:09:4b:61:11:f4:7c:d8:f1:
3b:b7:d4:ad:b2:32:d9:bf:4d:b6:5c:f7:89:74:62:
d6:f4:f0:7f:c8:f9:2e:05:86:cb:69:a0:b3:9d:2b:
6c:2e:3f:bb:3e:7a:b6:16:4d:3f:ca:64:39:8e:2e:
40:4d:61:98:c0:99:c0:b7:51:a4:51:a6:83:b0:a9:
4b:61:5d:cb:78:14:4c:36:45:2d:3d:d8:24:a5:5f:
7d:2a:2e:ae:d9:18:4b:73:6f:f9:1e:0f:25:57:8c:
d2:94:5e:ff:2e:11:a9:6b:ad:6e:21:98:1f:77:bd:
6d:90:36:87:c1:25:bb:f9:99:e7:cf:02:b8:55:3c:
0f:c8:cf:64:4e:22:8b:22:b3:99:af:80:82:f5:32:
c2:49:95:0d:d8:9c:05:85:46:7d:37:ce:f4:27:e1:
06:36:fe:f4:74:a1:d4:67:a4:31:fe:a4:4b:9d:56:
dd:93:98:a2:9a:28:b4:26:97:28:b1:66:3f:53:57:
da:df:14:44:8d:e2:19:09:c2:c5:fd:28:52:b9:56:
a2:f1:d9:00:6e:cf:ea:51:d9:17:a9:d1:83:ed:53:
ae:4c:86:94:11:cb:62:4a:f9:fb:b1:a7:0c:cc:9b:
63:e7:b1:6a:b2:f0:93:45:4c:d7:89:c5:98:05:c8:
7b:e7
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
99:F2:BA:68:9E:F5:43:35:7E:B0:01:C8:5F:73:C2:56:25:34:0E:45
X509v3 Authority Key Identifier:
keyid:20:E4:25:A3:2B:62:D3:98:18:C4:CB:B0:08:10:75:68:6F:C4:C8:E8
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IOQloyti05gYxMuwCBB1aG_EyOg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/mfK6aJ71QzV-sAHIX3PCViU0DkU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/2e/fd8c01-7b71-442c-9adb-ecd2965cb7e7/1/IOQloyti05gYxMuwCBB1aG_EyOg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.170.18.0/24
95.170.20.0/24
95.170.27.0/24
Signature Algorithm: sha256WithRSAEncryption
49:8d:05:e1:ce:bf:ca:67:18:bf:c0:8b:dd:68:e9:1a:08:e1:
d4:fb:04:28:f3:79:07:94:ae:07:89:2a:47:79:78:c8:82:7f:
89:a4:45:3b:74:e6:a6:80:a4:30:cc:f3:52:29:31:48:7b:3b:
f0:e7:80:35:6d:0a:db:06:85:19:32:a3:bf:c6:1f:71:b7:af:
02:e6:d8:93:6a:4f:c5:a7:08:20:fb:c7:f8:1c:22:01:a9:f6:
b2:d3:6a:48:15:6a:51:95:6f:a7:69:e9:c6:b1:8d:aa:88:9f:
d5:d1:88:88:30:01:92:8b:32:45:67:21:41:6f:e1:83:17:db:
14:84:df:29:ea:c9:4a:52:d4:bd:7d:01:49:9c:7d:7a:9f:34:
2d:ab:96:ed:92:41:30:8c:b2:0e:c8:e7:09:65:d9:11:6c:c1:
50:94:07:05:2f:3d:3e:e6:3e:04:c3:83:5a:a9:32:24:ba:b5:
ca:23:6d:bb:e4:64:01:37:b5:a2:8a:bc:51:2d:83:28:fd:0b:
67:ea:8d:f0:ed:dc:ac:c5:5f:69:93:86:c6:39:e6:3d:63:b2:
d8:c0:2b:bd:13:56:7c:7d:df:a6:a3:0f:40:e4:14:be:b9:11:
6f:82:3f:00:12:82:b8:95:36:4b:06:d1:f5:cc:4d:15:c1:00:
16:fd:79:cb
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZpSp4uepWGbjJCHMiFR/OOcMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIwZTQyNWEzMmI2MmQzOTgxOGM0Y2JiMDA4MTA3NTY4NmZj
NGM4ZTgwHhcNMjUxMTA1MDYxNTAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5OWYyYmE2ODllZjU0MzM1N2ViMDAxYzg1ZjczYzI1NjI1MzQwZTQ1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwuHrE1qHCUthEfR82PE7t9StsjLZ
v022XPeJdGLW9PB/yPkuBYbLaaCznStsLj+7Pnq2Fk0/ymQ5ji5ATWGYwJnAt1Gk
UaaDsKlLYV3LeBRMNkUtPdgkpV99Ki6u2RhLc2/5Hg8lV4zSlF7/LhGpa61uIZgf
d71tkDaHwSW7+ZnnzwK4VTwPyM9kTiKLIrOZr4CC9TLCSZUN2JwFhUZ9N870J+EG
Nv70dKHUZ6Qx/qRLnVbdk5iimii0JpcosWY/U1fa3xREjeIZCcLF/ShSuVai8dkA
bs/qUdkXqdGD7VOuTIaUEctiSvn7sacMzJtj57FqsvCTRUzXicWYBch75wIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFJnyumie9UM1frAByF9zwlYlNA5FMB8GA1UdIwQY
MBaAFCDkJaMrYtOYGMTLsAgQdWhvxMjoMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGIt
ZWNkMjk2NWNiN2U3LzEvbWZLNmFKNzFRelYtc0FISVgzUENWaVUwRGtVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8yZS9mZDhjMDEtN2I3MS00NDJjLTlhZGItZWNkMjk2NWNiN2U3
LzEvSU9RbG95dGkwNWdZeE11d0NCQjFhR19FeU9nLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQAX6oSAwQA
X6oUAwQAX6obMA0GCSqGSIb3DQEBCwUAA4IBAQBJjQXhzr/KZxi/wIvdaOkaCOHU
+wQo83kHlK4HiSpHeXjIgn+JpEU7dOamgKQwzPNSKTFIezvw54A1bQrbBoUZMqO/
xh9xt68C5tiTak/Fpwgg+8f4HCIBqfay02pIFWpRlW+naenGsY2qiJ/V0YiIMAGS
izJFZyFBb+GDF9sUhN8p6slKUtS9fQFJnH16nzQtq5btkkEwjLIOyOcJZdkRbMFQ
lAcFLz0+5j4Ew4NaqTIkurXKI2275GQBN7WiirxRLYMo/Qtn6o3w7dysxV9pk4bG
OeY9Y7LYwCu9E1Z8fd+mow9A5BS+uRFvgj8AEoK4lTZLBtH1zE0VwQAW/XnL
-----END CERTIFICATE-----
Generated at Thu Nov 6 05:48:21 2025 by rpki-client