Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kbTlBZeSU5u_shMUha35_dTjeqg.roa
File: kbTlBZeSU5u_shMUha35_dTjeqg.roa (raw, json)
Hash identifier: /gZI6cQbXXMYV6AOH5QxFfZVLoDnCEt+kXpKNU8uh9U=
Subject key identifier: 91:B4:E5:05:97:92:53:9B:BF:B2:13:14:85:AD:F9:FD:D4:E3:7A:A8
Certificate issuer: /CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Certificate serial: 0199DD2897F35EF79C09E3E489E5A70B63CC
Authority key identifier: 22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kbTlBZeSU5u_shMUha35_dTjeqg.roa
Signing time: Mon 13 Oct 2025 10:40:49 +0000
ROA not before: Mon 13 Oct 2025 10:40:49 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 60647
IP address blocks: 193.25.218.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.mft
rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 06:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:28:97:f3:5e:f7:9c:09:e3:e4:89:e5:a7:0b:63:cc
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=22c4ac3e3c43d70d05349c815baadd38ad775e9d
Validity
Not Before: Oct 13 10:40:49 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=91b4e5059792539bbfb2131485adf9fdd4e37aa8
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:d7:ae:ee:25:25:38:e2:05:9a:9d:0d:4c:ff:f4:
a2:b7:05:db:d3:40:c7:f3:34:d0:cd:fa:07:4f:3b:
ea:63:a9:83:99:71:51:3e:da:64:6a:f5:94:1e:3a:
65:d9:0a:41:c4:7d:9f:a7:40:d8:86:17:83:5c:9a:
3b:54:af:39:31:f4:45:a6:ab:45:51:ad:e7:ee:85:
a0:ca:7d:a5:c8:f9:78:ab:31:78:28:2a:ce:d8:50:
14:81:26:3d:5d:d8:f8:15:91:5d:f9:5c:c1:59:35:
4a:78:07:0d:ca:7f:e8:5d:4e:51:ca:99:a1:3b:97:
9e:c3:29:2b:e7:80:c5:91:ab:ad:d2:14:57:c5:c8:
6d:0e:55:39:59:18:69:c6:f5:7b:65:ae:74:08:fe:
f7:de:30:73:57:71:72:f9:70:44:a2:64:1b:be:39:
1a:fb:e8:b6:0a:e2:4b:05:6c:3a:94:99:02:fd:cd:
19:f8:10:b6:73:10:0c:0e:3b:dd:70:08:1b:1e:40:
9a:77:9f:31:83:d5:0f:0e:71:6d:51:72:6b:9c:e5:
f2:b8:2c:e2:5c:ce:c8:54:e7:a1:57:e1:23:c1:2f:
9a:7d:db:91:1b:ed:28:49:ae:69:bf:d0:06:52:2a:
36:9f:96:fa:d9:0c:62:7a:f0:5a:06:95:9d:c4:e1:
e0:81
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
91:B4:E5:05:97:92:53:9B:BF:B2:13:14:85:AD:F9:FD:D4:E3:7A:A8
X509v3 Authority Key Identifier:
keyid:22:C4:AC:3E:3C:43:D7:0D:05:34:9C:81:5B:AA:DD:38:AD:77:5E:9D
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/IsSsPjxD1w0FNJyBW6rdOK13Xp0.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/kbTlBZeSU5u_shMUha35_dTjeqg.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/03/913a3a-f550-46f0-acc7-cd3ca5975712/1/IsSsPjxD1w0FNJyBW6rdOK13Xp0.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
193.25.218.0/24
Signature Algorithm: sha256WithRSAEncryption
26:08:c8:d4:9d:00:ab:66:01:ea:4d:22:a5:5b:41:ca:d4:ae:
5e:9b:00:bb:b5:c3:43:97:10:9f:ac:d5:e3:6d:57:b6:68:7e:
02:96:2f:d6:9f:3a:7d:1c:c4:ad:37:64:94:4d:f0:5a:1c:70:
f7:4c:d4:68:07:91:4f:24:5e:3c:e0:10:84:e7:df:c4:be:59:
3c:ff:8f:b5:eb:2e:df:d1:3e:3b:ad:16:09:fc:19:03:36:f8:
cd:15:75:ee:0c:d8:75:20:e7:73:c9:20:87:7b:97:ea:d9:ca:
91:07:83:f9:18:e0:db:7a:4c:10:31:2d:9d:06:35:62:5f:41:
20:56:14:59:5e:81:5f:af:39:f8:05:9e:6e:7f:a1:89:60:0e:
34:1a:f1:e9:de:60:08:38:30:b3:aa:87:23:9c:81:6a:97:c7:
fa:19:3d:b9:08:ba:94:31:ac:6a:f4:ce:3b:52:64:b8:27:05:
98:04:29:45:4c:82:a2:29:e2:25:d9:2e:0a:17:54:e8:dd:50:
de:f5:13:c8:2b:0d:9a:99:dc:e9:d5:94:f3:5f:e8:34:6f:84:
dd:cd:86:65:94:ec:4d:03:20:22:8a:20:80:be:53:39:67:ea:
41:e6:ff:95:44:a9:00:73:10:a6:f3:39:7e:84:4a:b6:4b:8d:
8b:43:6a:9a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZndKJfzXvecCePkieWnC2PMMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDIyYzRhYzNlM2M0M2Q3MGQwNTM0OWM4MTViYWFkZDM4YWQ3
NzVlOWQwHhcNMjUxMDEzMTA0MDQ5WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5MWI0ZTUwNTk3OTI1MzliYmZiMjEzMTQ4NWFkZjlmZGQ0ZTM3YWE4MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA167uJSU44gWanQ1M//SitwXb00DH
8zTQzfoHTzvqY6mDmXFRPtpkavWUHjpl2QpBxH2fp0DYhheDXJo7VK85MfRFpqtF
Ua3n7oWgyn2lyPl4qzF4KCrO2FAUgSY9Xdj4FZFd+VzBWTVKeAcNyn/oXU5Rypmh
O5eewykr54DFkaut0hRXxchtDlU5WRhpxvV7Za50CP733jBzV3Fy+XBEomQbvjka
++i2CuJLBWw6lJkC/c0Z+BC2cxAMDjvdcAgbHkCad58xg9UPDnFtUXJrnOXyuCzi
XM7IVOehV+EjwS+afduRG+0oSa5pv9AGUio2n5b62QxievBaBpWdxOHggQIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFJG05QWXklObv7ITFIWt+f3U43qoMB8GA1UdIwQY
MBaAFCLErD48Q9cNBTScgVuq3Titd16dMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzct
Y2QzY2E1OTc1NzEyLzEva2JUbEJaZVNVNXVfc2hNVWhhMzVfZFRqZXFnLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wMy85MTNhM2EtZjU1MC00NmYwLWFjYzctY2QzY2E1OTc1NzEy
LzEvSXNTc1BqeEQxdzBGTkp5Qlc2cmRPSzEzWHAwLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAwRnaMA0G
CSqGSIb3DQEBCwUAA4IBAQAmCMjUnQCrZgHqTSKlW0HK1K5emwC7tcNDlxCfrNXj
bVe2aH4Cli/Wnzp9HMStN2SUTfBaHHD3TNRoB5FPJF484BCE59/Evlk8/4+16y7f
0T47rRYJ/BkDNvjNFXXuDNh1IOdzySCHe5fq2cqRB4P5GODbekwQMS2dBjViX0Eg
VhRZXoFfrzn4BZ5uf6GJYA40GvHp3mAIODCzqocjnIFql8f6GT25CLqUMaxq9M47
UmS4JwWYBClFTIKiKeIl2S4KF1To3VDe9RPIKw2amdzp1ZTzX+g0b4TdzYZllOxN
AyAiiiCAvlM5Z+pB5v+VRKkAcxCm8zl+hEq2S42LQ2qa
-----END CERTIFICATE-----
Generated at Sun Oct 19 15:02:16 2025 by rpki-client