Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/DqpKurVtsDb39HbxRups2MxtLKc.roa
File: DqpKurVtsDb39HbxRups2MxtLKc.roa (raw, json)
Hash identifier: 7+pcI79ZSotmmRkvmUhbaO+Q2eAfUcTThw6Xq6zn5k4=
Subject key identifier: 0E:AA:4A:BA:B5:6D:B0:36:F7:F4:76:F1:46:EA:6C:D8:CC:6D:2C:A7
Certificate issuer: /CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Certificate serial: 0199E498B8F7BB0ECEAC6CF7BEE1EC9C4C49
Authority key identifier: 96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/DqpKurVtsDb39HbxRups2MxtLKc.roa
Signing time: Tue 14 Oct 2025 21:20:38 +0000
ROA not before: Tue 14 Oct 2025 21:20:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 141718
IP address blocks: 176.102.169.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.mft
rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 19:02:12 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e4:98:b8:f7:bb:0e:ce:ac:6c:f7:be:e1:ec:9c:4c:49
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=96d66966ffda0a5d0e131d134a79d93205c8c550
Validity
Not Before: Oct 14 21:20:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0eaa4abab56db036f7f476f146ea6cd8cc6d2ca7
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b2:47:3e:34:a5:e2:d0:6b:f9:e2:6c:18:d4:61:
32:60:13:14:05:54:df:aa:5b:40:b5:07:85:2b:da:
55:57:2a:3d:03:6f:ed:18:68:97:27:0d:4a:24:12:
23:6b:9f:1b:f0:9f:8b:eb:30:b1:ae:12:42:37:16:
bf:f9:78:2e:11:18:72:e3:bc:b9:1d:4e:d3:59:cc:
96:5a:c1:35:c5:54:3d:96:33:e0:3e:b9:bf:c9:9e:
06:72:f5:05:65:4f:b6:e4:54:ab:c4:af:71:21:e8:
e3:3a:4c:4e:f3:d4:b8:8f:fc:d6:51:f8:93:c3:45:
29:4f:6f:31:fe:b3:02:fa:c3:86:f3:8c:d8:48:22:
29:22:6d:33:b3:a0:64:11:83:c1:15:f7:d4:e9:96:
a9:c6:87:4c:89:bc:50:ba:08:1f:3f:a4:02:41:49:
fc:3f:e1:ad:15:ec:2e:7c:22:53:af:95:b0:df:92:
44:44:b9:b2:f2:fa:3e:94:62:90:1f:17:0c:ad:03:
14:4d:ac:bd:80:d1:eb:b8:f5:21:5d:5d:4e:ce:bc:
95:40:a0:2b:67:d1:b4:65:cf:3c:63:84:3f:11:4c:
4e:00:e1:18:f9:43:d0:9b:21:a7:08:34:ca:43:32:
aa:93:40:01:11:f3:96:c2:3e:17:9b:0a:b9:ff:cc:
26:ab
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:AA:4A:BA:B5:6D:B0:36:F7:F4:76:F1:46:EA:6C:D8:CC:6D:2C:A7
X509v3 Authority Key Identifier:
keyid:96:D6:69:66:FF:DA:0A:5D:0E:13:1D:13:4A:79:D9:32:05:C8:C5:50
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/ltZpZv_aCl0OEx0TSnnZMgXIxVA.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/DqpKurVtsDb39HbxRups2MxtLKc.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/06/5b4426-a266-43ce-a9e6-b0e6058d4dd7/1/ltZpZv_aCl0OEx0TSnnZMgXIxVA.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
176.102.169.0/24
Signature Algorithm: sha256WithRSAEncryption
a9:50:97:38:47:3f:ba:fa:4b:70:89:ee:8e:cb:b5:4b:41:15:
52:19:63:9a:04:3c:50:a8:bb:9f:dc:c7:5c:bd:69:93:87:f3:
7b:cc:cd:80:fb:6e:c1:22:10:de:5e:96:86:b8:5c:94:9c:0d:
f2:a5:5d:ca:52:b5:de:c4:5d:3d:02:ac:93:d2:99:bc:cc:d6:
41:f1:86:84:48:c4:af:36:cc:e0:98:75:30:c8:74:85:fc:59:
01:bf:94:3f:9b:70:f4:97:e9:89:bb:16:da:47:66:05:ba:28:
71:22:a5:1a:1d:5a:83:a7:01:00:0d:41:1a:b8:d2:7d:a8:c8:
f0:01:6e:42:65:19:80:1c:4b:fa:59:80:37:33:7e:29:45:53:
35:6c:8f:82:38:08:09:d0:21:04:c0:85:15:ee:c9:8e:97:03:
a3:0f:cd:8b:ae:7d:85:26:ce:04:1e:fb:27:8c:bf:4c:59:23:
81:11:79:7a:d3:de:87:fe:98:48:e9:ae:4f:27:e4:a6:07:d4:
43:00:73:b6:1d:34:8f:48:02:14:ac:24:f0:b8:ec:57:7f:03:
28:e5:a2:b7:4a:a2:ac:74:51:b7:4e:52:6b:c4:89:6e:cb:e9:
2c:9d:60:b3:59:98:8d:0e:8d:9b:34:ec:78:65:f5:4b:72:18:
fd:89:b5:0a
-----BEGIN CERTIFICATE-----
MIIE/TCCA+WgAwIBAgISAZnkmLj3uw7OrGz3vuHsnExJMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDk2ZDY2OTY2ZmZkYTBhNWQwZTEzMWQxMzRhNzlkOTMyMDVj
OGM1NTAwHhcNMjUxMDE0MjEyMDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZWFhNGFiYWI1NmRiMDM2ZjdmNDc2ZjE0NmVhNmNkOGNjNmQyY2E3MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAskc+NKXi0Gv54mwY1GEyYBMUBVTf
qltAtQeFK9pVVyo9A2/tGGiXJw1KJBIja58b8J+L6zCxrhJCNxa/+XguERhy47y5
HU7TWcyWWsE1xVQ9ljPgPrm/yZ4GcvUFZU+25FSrxK9xIejjOkxO89S4j/zWUfiT
w0UpT28x/rMC+sOG84zYSCIpIm0zs6BkEYPBFffU6ZapxodMibxQuggfP6QCQUn8
P+GtFewufCJTr5Ww35JERLmy8vo+lGKQHxcMrQMUTay9gNHruPUhXV1OzryVQKAr
Z9G0Zc88Y4Q/EUxOAOEY+UPQmyGnCDTKQzKqk0ABEfOWwj4Xmwq5/8wmqwIDAQAB
o4ICCTCCAgUwHQYDVR0OBBYEFA6qSrq1bbA29/R28UbqbNjMbSynMB8GA1UdIwQY
MBaAFJbWaWb/2gpdDhMdE0p52TIFyMVQMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYt
YjBlNjA1OGQ0ZGQ3LzEvRHFwS3VyVnRzRGIzOUhieFJ1cHMyTXh0TEtjLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wNi81YjQ0MjYtYTI2Ni00M2NlLWE5ZTYtYjBlNjA1OGQ0ZGQ3
LzEvbHRacFp2X2FDbDBPRXgwVFNublpNZ1hJeFZBLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMB8GCCsGAQUFBwEHAQH/BBAwDjAMBAIAATAGAwQAsGapMA0G
CSqGSIb3DQEBCwUAA4IBAQCpUJc4Rz+6+ktwie6Oy7VLQRVSGWOaBDxQqLuf3Mdc
vWmTh/N7zM2A+27BIhDeXpaGuFyUnA3ypV3KUrXexF09AqyT0pm8zNZB8YaESMSv
NszgmHUwyHSF/FkBv5Q/m3D0l+mJuxbaR2YFuihxIqUaHVqDpwEADUEauNJ9qMjw
AW5CZRmAHEv6WYA3M34pRVM1bI+COAgJ0CEEwIUV7smOlwOjD82Lrn2FJs4EHvsn
jL9MWSOBEXl6096H/phI6a5PJ+SmB9RDAHO2HTSPSAIUrCTwuOxXfwMo5aK3SqKs
dFG3TlJrxIluy+ksnWCzWZiNDo2bNOx4ZfVLchj9ibUK
-----END CERTIFICATE-----
Generated at Mon Oct 20 03:42:49 2025 by rpki-client