Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ICt1Rkbvy2PurXTbs0JUqBhl_E8.roa
File: ICt1Rkbvy2PurXTbs0JUqBhl_E8.roa (raw, json)
Hash identifier: vC+h6HjFcV/FpKrWeC9krmj9LLxIWfjfzAQgLBkIKBQ=
Subject key identifier: 20:2B:75:46:46:EF:CB:63:EE:AD:74:DB:B3:42:54:A8:18:65:FC:4F
Certificate issuer: /CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Certificate serial: 019EA0C47585D6287A09474BA01F7B11A95E
Authority key identifier: 65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ICt1Rkbvy2PurXTbs0JUqBhl_E8.roa
Signing time: Sun 07 Jun 2026 06:28:10 +0000
ROA not before: Sun 07 Jun 2026 06:28:10 +0000
ROA not after: Thu 01 Jul 2027 00:00:00 +0000
asID: 401783
IP address blocks: 195.216.173.0/24 maxlen: 24
195.216.174.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.mft
rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Sun 14 Jun 2026 01:00:11 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9e:a0:c4:75:85:d6:28:7a:09:47:4b:a0:1f:7b:11:a9:5e
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=65b7d6699835bfe9a8081dfc114df1bf6d215da7
Validity
Not Before: Jun 7 06:28:10 2026 GMT
Not After : Jul 1 00:00:00 2027 GMT
Subject: CN=202b754646efcb63eead74dbb34254a81865fc4f
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:e5:6b:17:26:d3:6f:dc:d0:da:2c:1f:32:be:2e:
db:05:3d:b0:fa:c7:3f:61:1e:a0:95:40:44:30:42:
0c:e2:fc:d4:fa:6c:1c:d9:a4:6b:fb:84:a9:f2:c2:
f0:72:05:b4:e1:ac:6c:1c:6f:19:52:de:34:40:e6:
78:98:37:a0:f0:0e:22:55:c3:c0:e6:43:78:7b:88:
65:44:fe:3d:bd:15:af:58:7d:9d:dc:dc:68:e0:b6:
e2:ad:22:6a:42:03:89:0b:a3:41:9e:6c:9e:91:ab:
6f:f9:08:ae:58:35:da:65:8f:16:c1:da:4d:04:9b:
08:b2:0d:07:7e:b3:11:bc:35:5e:b0:7a:d6:96:18:
59:b5:b5:cf:59:73:27:7b:de:6b:f2:00:9f:a3:73:
a4:7a:23:ee:e4:04:5b:6e:9b:a7:4d:1e:22:2b:52:
0e:2f:a3:c6:17:35:2c:f7:52:11:e4:9c:2c:fc:dc:
5f:97:e6:df:dd:91:e4:8b:b8:0d:7b:8f:fe:c0:1d:
ce:db:9b:7f:83:fd:cd:0c:e4:9e:f0:52:55:4d:16:
9d:0e:23:97:8d:ae:d7:37:89:31:43:81:ec:10:56:
80:3f:c5:55:c2:6a:5f:7f:7f:13:e9:7f:3b:ab:c2:
54:65:5e:bb:b7:7b:d6:f2:04:cd:eb:72:5c:a5:c4:
2c:d9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
20:2B:75:46:46:EF:CB:63:EE:AD:74:DB:B3:42:54:A8:18:65:FC:4F
X509v3 Authority Key Identifier:
keyid:65:B7:D6:69:98:35:BF:E9:A8:08:1D:FC:11:4D:F1:BF:6D:21:5D:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ZbfWaZg1v-moCB38EU3xv20hXac.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ICt1Rkbvy2PurXTbs0JUqBhl_E8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/90/025ee8-3f47-457d-8d47-9e413ebf42f3/1/ZbfWaZg1v-moCB38EU3xv20hXac.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
195.216.173.0-195.216.174.255
Signature Algorithm: sha256WithRSAEncryption
59:c9:af:9b:63:df:70:b4:de:7f:c2:b9:94:07:fa:7d:c2:4d:
be:09:4c:e7:06:b1:13:07:cb:ba:fe:20:37:83:6c:af:23:ff:
2f:b5:f7:9c:c4:c7:12:a3:f9:c7:fa:17:aa:28:0e:59:45:a5:
79:74:4c:2a:a0:d3:0a:1b:56:70:c5:75:89:66:96:94:f2:c8:
74:3c:da:10:7b:eb:76:81:90:86:c5:f2:a0:4c:d0:51:a7:90:
89:13:d7:99:ec:77:7c:4d:33:ef:27:64:4c:f7:f5:a3:05:b7:
da:33:89:a2:aa:c4:ab:ba:70:86:e6:f2:b3:46:73:63:5f:5f:
30:a0:b9:b5:48:0e:54:e5:77:1e:b2:19:d1:63:f4:55:f1:76:
10:96:9a:ad:ea:57:e6:7d:2e:cb:20:59:5e:6b:18:98:95:80:
b3:7d:9e:cf:04:f0:0f:a9:0c:b3:36:21:9a:de:8e:c2:04:cf:
e8:df:28:4f:69:47:96:d8:14:2f:27:8c:2f:17:a9:d6:ed:7d:
ae:73:7c:56:e4:ea:35:a9:6e:08:7a:b4:9a:87:2f:4e:bd:27:
2a:32:b5:4d:50:0b:9b:ef:61:b1:e8:59:00:31:fe:29:4d:26:
f2:ba:28:1c:5e:3b:ba:7a:63:8a:3b:e0:fb:a7:8b:41:46:75:
7e:b0:38:9d
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZ6gxHWF1ih6CUdLoB97EaleMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDY1YjdkNjY5OTgzNWJmZTlhODA4MWRmYzExNGRmMWJmNmQy
MTVkYTcwHhcNMjYwNjA3MDYyODEwWhcNMjcwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygyMDJiNzU0NjQ2ZWZjYjYzZWVhZDc0ZGJiMzQyNTRhODE4NjVmYzRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA5WsXJtNv3NDaLB8yvi7bBT2w+sc/
YR6glUBEMEIM4vzU+mwc2aRr+4Sp8sLwcgW04axsHG8ZUt40QOZ4mDeg8A4iVcPA
5kN4e4hlRP49vRWvWH2d3Nxo4LbirSJqQgOJC6NBnmyekatv+QiuWDXaZY8WwdpN
BJsIsg0HfrMRvDVesHrWlhhZtbXPWXMne95r8gCfo3OkeiPu5ARbbpunTR4iK1IO
L6PGFzUs91IR5Jws/Nxfl+bf3ZHki7gNe4/+wB3O25t/g/3NDOSe8FJVTRadDiOX
ja7XN4kxQ4HsEFaAP8VVwmpff38T6X87q8JUZV67t3vW8gTN63JcpcQs2QIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFCArdUZG78tj7q1027NCVKgYZfxPMB8GA1UdIwQY
MBaAFGW31mmYNb/pqAgd/BFN8b9tIV2nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDct
OWU0MTNlYmY0MmYzLzEvSUN0MVJrYnZ5MlB1clhUYnMwSlVxQmhsX0U4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC85MC8wMjVlZTgtM2Y0Ny00NTdkLThkNDctOWU0MTNlYmY0MmYz
LzEvWmJmV2FaZzF2LW1vQ0IzOEVVM3h2MjBoWGFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAATAOMAwDBADD2K0D
BADD2K4wDQYJKoZIhvcNAQELBQADggEBAFnJr5tj33C03n/CuZQH+n3CTb4JTOcG
sRMHy7r+IDeDbK8j/y+195zExxKj+cf6F6ooDllFpXl0TCqg0wobVnDFdYlmlpTy
yHQ82hB763aBkIbF8qBM0FGnkIkT15nsd3xNM+8nZEz39aMFt9oziaKqxKu6cIbm
8rNGc2NfXzCgubVIDlTldx6yGdFj9FXxdhCWmq3qV+Z9LssgWV5rGJiVgLN9ns8E
8A+pDLM2IZrejsIEz+jfKE9pR5bYFC8njC8Xqdbtfa5zfFbk6jWpbgh6tJqHL069
JyoytU1QC5vvYbHoWQAx/ilNJvK6KBxeO7p6Y4o74Puni0FGdX6wOJ0=
-----END CERTIFICATE-----
Generated at Sat Jun 13 09:04:36 2026 by rpki-client