Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-7EPNGxFho4197foBmDyRKWOv-M.roa
File: 1-7EPNGxFho4197foBmDyRKWOv-M.roa (raw, json)
Hash identifier: 4ZhsPd97Hygq3kuERRZTyX2DiX4RdFZXlt/CbP0WNBI=
Subject key identifier: FB:B1:0F:34:6C:45:86:8E:35:F7:B7:E8:06:60:F2:44:A5:8E:BF:E3
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019D4973E78EABA8C210D5D5D81B9C0A4AE5
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-7EPNGxFho4197foBmDyRKWOv-M.roa
Signing time: Wed 01 Apr 2026 14:30:25 +0000
ROA not before: Wed 01 Apr 2026 14:30:25 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 32043
IP address blocks: 195.216.164.0/24 maxlen: 24
195.216.165.0/24 maxlen: 24
195.216.166.0/24 maxlen: 24
195.216.167.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Apr 2026 04:00:20 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9d:49:73:e7:8e:ab:a8:c2:10:d5:d5:d8:1b:9c:0a:4a:e5
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Apr 1 14:30:25 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=fbb10f346c45868e35f7b7e80660f244a58ebfe3
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c8:52:9f:ca:fc:b2:20:08:9f:a6:92:82:87:ce:
eb:af:3d:77:f0:55:62:75:c4:f5:7f:58:c1:77:a7:
ec:04:5d:ae:21:29:c4:64:66:28:bd:3e:2c:ba:c9:
7c:fd:79:88:ed:fd:b7:97:ac:9b:b9:7b:8d:16:22:
71:47:ff:d5:30:66:48:ad:c0:0f:97:ed:05:8f:4b:
30:d8:a5:77:77:d2:f3:a4:25:0a:2e:23:92:23:5d:
9f:58:fb:e6:f5:45:7b:ce:3c:49:5e:e2:e6:63:d9:
ce:40:1e:c3:2f:d1:91:52:34:10:9e:a1:14:5c:5c:
89:73:90:6a:93:36:69:3d:3f:60:a8:65:4f:9d:99:
ae:b5:25:dc:4c:b9:e9:a1:d4:92:4f:5d:0f:b6:6a:
92:d3:8b:94:d5:0d:b2:b1:23:47:4e:91:69:37:cd:
b8:97:00:ff:97:3b:b1:7b:1d:d3:43:c8:2c:86:dd:
92:03:c4:ce:83:ed:8b:af:09:5a:31:81:1e:77:35:
03:68:85:c6:2a:84:43:59:9c:17:fb:4d:15:6a:ff:
c3:70:be:59:cc:82:d9:f4:4d:f9:85:bc:08:b6:6b:
3d:87:bb:2a:54:62:ba:68:3c:86:8f:13:7c:56:f3:
ec:de:09:2e:82:72:ea:b0:14:cd:0a:75:7f:8b:0c:
f4:ff
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
FB:B1:0F:34:6C:45:86:8E:35:F7:B7:E8:06:60:F2:44:A5:8E:BF:E3
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/1-7EPNGxFho4197foBmDyRKWOv-M.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.164.0/22
Signature Algorithm: sha256WithRSAEncryption
7c:2c:f5:e7:74:39:a7:fc:0e:c5:2f:cb:1b:63:8f:ce:54:1d:
96:4f:bd:f3:c3:7d:aa:b6:4f:f3:9b:22:4b:c4:0c:bf:9c:1d:
53:8f:8e:ca:59:45:4b:44:ed:e8:a9:59:b0:88:da:5c:a5:f4:
39:f3:13:54:9f:a3:3d:83:19:46:4e:75:f8:04:80:68:fb:4f:
d8:c1:3f:a0:c8:5c:fa:45:40:41:66:c8:e8:98:a4:22:45:bc:
60:aa:af:83:e2:dd:59:2a:19:53:2a:55:0a:f9:2d:b1:83:9f:
97:8c:48:35:2a:31:64:ca:6c:1c:3e:ad:be:bc:b8:8d:12:b4:
0c:59:58:6f:6f:8f:b2:47:d6:e0:ab:5f:88:41:aa:a6:d7:d3:
e4:de:d8:7b:4f:ff:59:e6:f6:4a:f0:e9:7b:99:99:8b:e3:89:
76:56:b0:cd:35:d5:2a:08:d8:d3:31:a1:9c:b7:4f:c9:0f:8f:
f8:bd:c9:4f:fe:1c:fe:4b:8c:09:79:9e:dc:dc:d0:33:9b:e0:
1d:05:41:65:67:e2:8a:c8:9c:ef:87:56:53:02:73:33:9f:af:
90:1f:d0:00:be:69:8b:9f:fc:c6:e8:36:06:dc:77:39:85:70:
ca:f1:5b:08:e2:b7:c1:75:ac:e0:89:d1:1c:4e:70:06:1c:41:
f5:de:5f:76
-----BEGIN CERTIFICATE-----
MIIE/jCCA+agAwIBAgISAZ1Jc+eOq6jCENXV2BucCkrlMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjYwNDAxMTQzMDI1WhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhmYmIxMGYzNDZjNDU4NjhlMzVmN2I3ZTgwNjYwZjI0NGE1OGViZmUzMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAyFKfyvyyIAifppKCh87rrz138FVi
dcT1f1jBd6fsBF2uISnEZGYovT4susl8/XmI7f23l6ybuXuNFiJxR//VMGZIrcAP
l+0Fj0sw2KV3d9LzpCUKLiOSI12fWPvm9UV7zjxJXuLmY9nOQB7DL9GRUjQQnqEU
XFyJc5BqkzZpPT9gqGVPnZmutSXcTLnpodSST10PtmqS04uU1Q2ysSNHTpFpN824
lwD/lzuxex3TQ8gsht2SA8TOg+2LrwlaMYEedzUDaIXGKoRDWZwX+00Vav/DcL5Z
zILZ9E35hbwItms9h7sqVGK6aDyGjxN8VvPs3gkugnLqsBTNCnV/iwz0/wIDAQAB
o4ICCjCCAgYwHQYDVR0OBBYEFPuxDzRsRYaONfe36AZg8kSljr/jMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jgYIKwYBBQUHAQsEgYEwfzB9BggrBgEFBQcwC4ZxcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvMS03RVBOR3hGaG80MTk3Zm9CbUR5UktXT3YtTS5yb2Ew
gYEGA1UdHwR6MHgwdqB0oHKGcHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBvc2l0
b3J5L0RFRkFVTFQvOTAvMDI1ZWU4LTNmNDctNDU3ZC04ZDQ3LTllNDEzZWJmNDJm
My8xL1piZldhWmcxdi1tb0NCMzhFVTN4djIwaFhhYy5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAfBggrBgEFBQcBBwEB/wQQMA4wDAQCAAEwBgMEAsPYpDAN
BgkqhkiG9w0BAQsFAAOCAQEAfCz153Q5p/wOxS/LG2OPzlQdlk+988N9qrZP85si
S8QMv5wdU4+OyllFS0Tt6KlZsIjaXKX0OfMTVJ+jPYMZRk51+ASAaPtP2ME/oMhc
+kVAQWbI6JikIkW8YKqvg+LdWSoZUypVCvktsYOfl4xINSoxZMpsHD6tvry4jRK0
DFlYb2+PskfW4KtfiEGqptfT5N7Ye0//Web2SvDpe5mZi+OJdlawzTXVKgjY0zGh
nLdPyQ+P+L3JT/4c/kuMCXme3NzQM5vgHQVBZWfiisic74dWUwJzM5+vkB/QAL5p
i5/8xug2Btx3OYVwyvFbCOK3wXWs4InRHE5wBhxB9d5fdg==
-----END CERTIFICATE-----
Generated at Sun Apr 19 13:58:35 2026 by rpki-client