Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/b8DnJoN74NTsPD_KGnBCEwfyzvU.roa
File: b8DnJoN74NTsPD_KGnBCEwfyzvU.roa (raw, json)
Hash identifier: JBZGJZ01ohgzrq8TQqKGft4IChiGkf6cao8eWeUn8y8=
Subject key identifier: 6F:C0:E7:26:83:7B:E0:D4:EC:3C:3F:CA:1A:70:42:13:07:F2:CE:F5
Certificate issuer: /CN=3076e9855f9bca3017a10137b443ee8c528ca952
Certificate serial: 01999B61822DA0E36B7C53EE4344066746A0
Authority key identifier: 30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/b8DnJoN74NTsPD_KGnBCEwfyzvU.roa
Signing time: Tue 30 Sep 2025 16:08:02 +0000
ROA not before: Tue 30 Sep 2025 16:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 206539
IP address blocks: 95.169.64.0/19 maxlen: 24
95.169.64.0/21 maxlen: 24
95.169.72.0/21 maxlen: 24
95.169.80.0/21 maxlen: 24
95.169.88.0/21 maxlen: 24
2a0b:5580::/29 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.mft
rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Thu 06 Nov 2025 12:00:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:9b:61:82:2d:a0:e3:6b:7c:53:ee:43:44:06:67:46:a0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3076e9855f9bca3017a10137b443ee8c528ca952
Validity
Not Before: Sep 30 16:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6fc0e726837be0d4ec3c3fca1a70421307f2cef5
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b5:5a:00:4f:e1:ff:5b:df:06:a7:f2:bd:e0:6c:
56:3d:63:38:12:aa:bf:3c:9b:a5:57:98:a4:72:b5:
c8:b0:b0:f4:06:2b:49:7a:0e:fc:96:9f:5b:01:9f:
a3:85:99:99:aa:2c:e7:45:0a:56:95:4f:ea:f3:da:
04:e6:b7:a2:72:a2:59:84:df:25:f9:10:81:21:5d:
41:ae:7a:49:ff:4a:59:a7:a1:74:ae:6b:42:c1:0d:
d5:91:86:d2:7b:81:43:fa:fe:36:1f:eb:9f:43:e3:
a3:ba:65:3e:e1:ab:64:6c:54:2d:4a:64:35:75:94:
d3:d3:ae:4f:2e:1d:75:20:26:2a:f6:82:f7:3c:2e:
1e:1b:d8:99:93:72:2b:95:4a:09:54:17:26:28:ed:
f8:c5:ae:af:a6:3b:7b:9b:0f:db:49:54:94:e5:b9:
26:22:12:22:41:ae:96:fb:33:2b:70:3f:c2:ad:2c:
01:a2:71:c5:d7:58:db:76:54:52:90:30:fe:08:9a:
e9:e6:d4:e0:89:6b:b5:cf:1d:bf:46:f6:34:d9:c7:
82:1b:4b:de:5b:8e:b7:08:72:44:62:d8:ad:06:27:
f6:74:9a:93:8d:ff:f5:a2:a3:9a:8b:25:3c:f9:aa:
c8:60:09:fe:f1:a1:d6:8e:d7:12:af:ae:79:67:77:
a0:7b
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6F:C0:E7:26:83:7B:E0:D4:EC:3C:3F:CA:1A:70:42:13:07:F2:CE:F5
X509v3 Authority Key Identifier:
keyid:30:76:E9:85:5F:9B:CA:30:17:A1:01:37:B4:43:EE:8C:52:8C:A9:52
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/MHbphV-byjAXoQE3tEPujFKMqVI.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/b8DnJoN74NTsPD_KGnBCEwfyzvU.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/71/e25269-cfc9-4848-b1e5-7f786bb34344/1/MHbphV-byjAXoQE3tEPujFKMqVI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
95.169.64.0/19
IPv6:
2a0b:5580::/29
Signature Algorithm: sha256WithRSAEncryption
4a:18:92:c8:f0:73:4a:17:ea:03:03:ef:49:95:7d:d5:1c:14:
58:3c:66:19:e1:77:84:fc:67:79:6e:63:ff:47:22:de:fe:34:
3a:e3:3c:1c:03:8b:fa:95:67:6f:ae:a9:b2:73:3b:1f:85:43:
f6:95:59:fc:b8:d2:3d:8c:22:af:84:e3:2d:2f:7f:77:62:68:
11:2f:8d:b5:50:92:92:6c:a2:77:f3:d8:94:fd:96:2a:96:2d:
c0:0a:44:b3:9d:33:be:6c:fb:43:fb:89:60:f4:22:42:0f:71:
1b:c1:e4:92:71:e4:91:3f:cc:06:f2:92:78:82:0e:bb:5d:19:
ec:bb:40:e8:40:04:ce:bf:63:e3:d2:f0:0b:35:d8:de:22:b1:
20:dd:1d:7d:93:02:d2:6c:94:a2:a8:fa:d4:85:fd:01:ae:c4:
6d:61:29:35:38:d8:51:17:17:ab:1b:8c:09:94:78:43:a9:90:
08:cd:8a:9f:79:cf:ca:ff:ec:f2:5a:e4:92:02:91:6f:fd:36:
12:57:09:4d:d8:fb:69:8c:cf:a5:15:3e:f5:a7:61:f6:76:46:
16:5f:07:84:5d:9b:25:66:de:99:57:34:23:f4:ea:a9:bc:30:
aa:23:00:b2:63:cb:57:b7:ef:32:03:51:05:0d:f9:45:ed:c2:
10:47:06:52
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZmbYYItoONrfFPuQ0QGZ0agMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDMwNzZlOTg1NWY5YmNhMzAxN2ExMDEzN2I0NDNlZThjNTI4
Y2E5NTIwHhcNMjUwOTMwMTYwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2ZmMwZTcyNjgzN2JlMGQ0ZWMzYzNmY2ExYTcwNDIxMzA3ZjJjZWY1MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAtVoAT+H/W98Gp/K94GxWPWM4Eqq/
PJulV5ikcrXIsLD0BitJeg78lp9bAZ+jhZmZqiznRQpWlU/q89oE5reicqJZhN8l
+RCBIV1BrnpJ/0pZp6F0rmtCwQ3VkYbSe4FD+v42H+ufQ+OjumU+4atkbFQtSmQ1
dZTT065PLh11ICYq9oL3PC4eG9iZk3IrlUoJVBcmKO34xa6vpjt7mw/bSVSU5bkm
IhIiQa6W+zMrcD/CrSwBonHF11jbdlRSkDD+CJrp5tTgiWu1zx2/RvY02ceCG0ve
W463CHJEYtitBif2dJqTjf/1oqOaiyU8+arIYAn+8aHWjtcSr655Z3egewIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFG/A5yaDe+DU7Dw/yhpwQhMH8s71MB8GA1UdIwQY
MBaAFDB26YVfm8owF6EBN7RD7oxSjKlSMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUt
N2Y3ODZiYjM0MzQ0LzEvYjhEbkpvTjc0TlRzUERfS0duQkNFd2Z5enZVLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC83MS9lMjUyNjktY2ZjOS00ODQ4LWIxZTUtN2Y3ODZiYjM0MzQ0
LzEvTUhicGhWLWJ5akFYb1FFM3RFUHVqRktNcVZJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAMBAIAATAGAwQFX6lAMA0E
AgACMAcDBQMqC1WAMA0GCSqGSIb3DQEBCwUAA4IBAQBKGJLI8HNKF+oDA+9JlX3V
HBRYPGYZ4XeE/Gd5bmP/RyLe/jQ64zwcA4v6lWdvrqmyczsfhUP2lVn8uNI9jCKv
hOMtL393YmgRL421UJKSbKJ389iU/ZYqli3ACkSznTO+bPtD+4lg9CJCD3EbweSS
ceSRP8wG8pJ4gg67XRnsu0DoQATOv2Pj0vALNdjeIrEg3R19kwLSbJSiqPrUhf0B
rsRtYSk1ONhRFxerG4wJlHhDqZAIzYqfec/K/+zyWuSSApFv/TYSVwlN2PtpjM+l
FT71p2H2dkYWXweEXZslZt6ZVzQj9OqpvDCqIwCyY8tXt+8yA1EFDflF7cIQRwZS
-----END CERTIFICATE-----
Generated at Wed Nov 5 19:38:09 2025 by rpki-client