Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/WEl5TX3u4i6tGerZG5eBO0yTHOE.roa
File: WEl5TX3u4i6tGerZG5eBO0yTHOE.roa (raw, json)
Hash identifier: u/MYJmMw/My9tTgRbySiJomSWi8tzS7FXJj3s3DVOvM=
Subject key identifier: 58:49:79:4D:7D:EE:E2:2E:AD:19:EA:D9:1B:97:81:3B:4C:93:1C:E1
Certificate issuer: /CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Certificate serial: 0199FC4EFE97B510971AA9F1FFA6539FFFF0
Authority key identifier: 9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/WEl5TX3u4i6tGerZG5eBO0yTHOE.roa
Signing time: Sun 19 Oct 2025 11:50:59 +0000
ROA not before: Sun 19 Oct 2025 11:50:59 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204768
IP address blocks: 2a0c:9a40:8add::/48 maxlen: 48
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.mft
rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 13:42:03 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:fc:4e:fe:97:b5:10:97:1a:a9:f1:ff:a6:53:9f:ff:f0
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=9e95a361fe2b2c5292626ba4c56a65a814e48008
Validity
Not Before: Oct 19 11:50:59 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=5849794d7deee22ead19ead91b97813b4c931ce1
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:9e:b4:b4:4a:cb:39:68:20:d0:b8:2f:0f:91:3e:
e7:69:61:8e:b4:92:6e:b6:fb:26:c4:3b:bf:42:80:
5a:c0:fe:61:68:f2:79:fa:21:ba:00:11:92:8c:e5:
16:dd:3d:2d:aa:01:c6:97:2d:7b:14:87:2b:20:53:
2d:d9:16:10:69:04:ce:35:50:4a:94:ad:18:ca:b4:
5a:0f:e6:8c:9c:45:10:55:0f:d6:e2:9b:0f:db:b4:
27:e3:3d:61:1e:d6:63:c7:cb:6a:16:f2:d1:7f:85:
0b:d6:fe:be:51:9c:29:ad:2e:77:53:08:a0:83:1b:
3a:98:65:1d:ef:04:67:ac:fb:05:b3:bf:32:a2:d9:
e6:3f:ef:70:fa:0c:5e:bd:de:36:5d:4a:29:4a:11:
37:31:bb:7c:0a:ef:0d:1b:37:e3:e1:19:33:3c:28:
94:6d:fb:c9:f0:b2:39:6b:41:5f:5d:13:ec:71:03:
3f:1a:2a:bd:8a:78:10:db:24:2e:00:48:d9:ea:8a:
b6:b4:2a:01:35:2d:75:69:c9:7b:0c:a1:13:a0:0f:
1d:3b:b8:2f:bc:87:9a:b1:67:97:38:50:7a:13:e8:
34:85:91:40:1c:61:82:eb:69:30:da:42:39:c2:a6:
45:96:bd:18:7d:07:16:15:ec:f5:59:2e:20:1f:1d:
79:e9
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
58:49:79:4D:7D:EE:E2:2E:AD:19:EA:D9:1B:97:81:3B:4C:93:1C:E1
X509v3 Authority Key Identifier:
keyid:9E:95:A3:61:FE:2B:2C:52:92:62:6B:A4:C5:6A:65:A8:14:E4:80:08
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/npWjYf4rLFKSYmukxWplqBTkgAg.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/WEl5TX3u4i6tGerZG5eBO0yTHOE.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/02/f96f73-6686-4164-b23f-bf4e527b9fa8/1/npWjYf4rLFKSYmukxWplqBTkgAg.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a0c:9a40:8add::/48
Signature Algorithm: sha256WithRSAEncryption
25:80:a7:8a:de:6c:42:44:e6:37:7f:4a:84:2c:43:6a:ef:31:
db:db:cf:92:89:71:b0:9d:ad:2a:80:45:06:09:a6:49:18:af:
a3:97:44:a5:16:ad:40:9a:c7:5d:4e:72:f5:2e:1c:e2:db:57:
f1:cb:af:86:20:84:69:1b:e6:7f:c5:1e:6c:9e:17:02:c9:ec:
bb:dd:1c:2f:29:2d:98:df:b0:15:3b:d3:78:1e:65:2e:71:d0:
86:13:85:cc:d2:98:a6:15:b2:71:98:5a:bd:eb:a9:de:e1:36:
8b:bd:e5:09:7f:77:e7:88:1a:79:f6:39:32:5f:30:3d:6a:c9:
4f:1c:b2:23:8e:45:8a:f8:8d:1d:24:aa:14:ca:9c:66:42:eb:
bd:7a:e6:07:5c:fb:83:38:ac:ec:78:31:36:a7:fb:93:ea:0a:
99:70:25:bc:fe:26:22:16:55:b7:84:4f:00:9c:16:cb:af:ac:
02:58:90:70:d0:03:33:78:d1:19:fd:62:57:7c:82:58:dd:46:
d9:ce:7a:35:5a:52:38:c1:dc:78:eb:cd:e3:98:45:18:25:3d:
f1:76:61:5b:77:f1:9b:ef:1e:24:80:33:dc:a2:d8:dd:ef:09:
86:45:3a:bb:bb:2c:fc:71:97:e7:6a:35:01:6c:9e:d1:7d:bd:
ed:1a:a8:19
-----BEGIN CERTIFICATE-----
MIIFADCCA+igAwIBAgISAZn8Tv6XtRCXGqnx/6ZTn//wMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDllOTVhMzYxZmUyYjJjNTI5MjYyNmJhNGM1NmE2NWE4MTRl
NDgwMDgwHhcNMjUxMDE5MTE1MDU5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1ODQ5Nzk0ZDdkZWVlMjJlYWQxOWVhZDkxYjk3ODEzYjRjOTMxY2UxMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAnrS0Sss5aCDQuC8PkT7naWGOtJJu
tvsmxDu/QoBawP5haPJ5+iG6ABGSjOUW3T0tqgHGly17FIcrIFMt2RYQaQTONVBK
lK0YyrRaD+aMnEUQVQ/W4psP27Qn4z1hHtZjx8tqFvLRf4UL1v6+UZwprS53Uwig
gxs6mGUd7wRnrPsFs78yotnmP+9w+gxevd42XUopShE3Mbt8Cu8NGzfj4RkzPCiU
bfvJ8LI5a0FfXRPscQM/Giq9ingQ2yQuAEjZ6oq2tCoBNS11acl7DKEToA8dO7gv
vIeasWeXOFB6E+g0hZFAHGGC62kw2kI5wqZFlr0YfQcWFez1WS4gHx156QIDAQAB
o4ICDDCCAggwHQYDVR0OBBYEFFhJeU197uIurRnq2RuXgTtMkxzhMB8GA1UdIwQY
MBaAFJ6Vo2H+KyxSkmJrpMVqZagU5IAIMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2Yt
YmY0ZTUyN2I5ZmE4LzEvV0VsNVRYM3U0aTZ0R2VyWkc1ZUJPMHlUSE9FLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMi9mOTZmNzMtNjY4Ni00MTY0LWIyM2YtYmY0ZTUyN2I5ZmE4
LzEvbnBXallmNHJMRktTWW11a3hXcGxxQlRrZ0FnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCIGCCsGAQUFBwEHAQH/BBMwETAPBAIAAjAJAwcAKgyaQIrd
MA0GCSqGSIb3DQEBCwUAA4IBAQAlgKeK3mxCROY3f0qELENq7zHb28+SiXGwna0q
gEUGCaZJGK+jl0SlFq1AmsddTnL1Lhzi21fxy6+GIIRpG+Z/xR5snhcCyey73Rwv
KS2Y37AVO9N4HmUucdCGE4XM0pimFbJxmFq966ne4TaLveUJf3fniBp59jkyXzA9
aslPHLIjjkWK+I0dJKoUypxmQuu9euYHXPuDOKzseDE2p/uT6gqZcCW8/iYiFlW3
hE8AnBbLr6wCWJBw0AMzeNEZ/WJXfIJY3UbZzno1WlI4wdx4683jmEUYJT3xdmFb
d/Gb7x4kgDPcotjd7wmGRTq7uyz8cZfnajUBbJ7Rfb3tGqgZ
-----END CERTIFICATE-----
Generated at Mon Oct 20 22:16:30 2025 by rpki-client