Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/DlI7IjfwL0SAh4dXLxQbkIVO2pw.roa
File: DlI7IjfwL0SAh4dXLxQbkIVO2pw.roa (raw, json)
Hash identifier: RanqyjCq2uxoaIpK5XkfL6r6d2TC2HkVHoF8vRXcg9U=
Subject key identifier: 0E:52:3B:22:37:F0:2F:44:80:87:87:57:2F:14:1B:90:85:4E:DA:9C
Certificate issuer: /CN=a5013d6b2b553de176dd6ec81ce7b9032539cbba
Certificate serial: 0199570410DFDC9C8332CCB8363C3ED7D980
Authority key identifier: A5:01:3D:6B:2B:55:3D:E1:76:DD:6E:C8:1C:E7:B9:03:25:39:CB:BA
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/pQE9aytVPeF23W7IHOe5AyU5y7o.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/DlI7IjfwL0SAh4dXLxQbkIVO2pw.roa
Signing time: Wed 17 Sep 2025 09:31:48 +0000
ROA not before: Wed 17 Sep 2025 09:31:48 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 212394
IP address blocks: 89.38.154.0/24 maxlen: 24
185.210.159.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.crl
rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.mft
rsync://rpki.ripe.net/repository/DEFAULT/pQE9aytVPeF23W7IHOe5AyU5y7o.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:57:04:10:df:dc:9c:83:32:cc:b8:36:3c:3e:d7:d9:80
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=a5013d6b2b553de176dd6ec81ce7b9032539cbba
Validity
Not Before: Sep 17 09:31:48 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=0e523b2237f02f44808787572f141b90854eda9c
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:30:b0:30:f8:c9:42:ee:18:5b:a4:bc:26:06:
91:cd:fc:cc:8e:44:67:2e:b3:6a:54:28:db:3b:65:
57:32:46:e7:e5:de:88:98:11:dd:63:0c:9b:1f:db:
a3:94:b3:ba:41:b9:99:95:30:e7:e9:cd:92:52:23:
97:84:10:02:6c:29:b2:56:9a:0a:a4:46:ea:39:a7:
0a:b2:9f:d4:13:8e:32:c6:60:a7:84:d5:22:4e:80:
32:40:10:b4:3d:17:4f:54:d1:3f:f6:64:91:bf:ec:
e5:f8:ca:0e:29:62:af:7d:9a:f2:84:32:ce:33:7f:
b5:a8:6a:27:4e:de:d4:2b:c1:d3:8d:0b:40:9e:f8:
e8:b1:f4:72:ef:76:18:bb:d1:6f:73:8f:4d:43:94:
69:7a:1b:f1:8e:3f:60:4c:9e:6a:81:c1:94:f7:fe:
96:00:8a:57:a4:67:a3:44:74:47:d5:d4:95:d3:79:
3c:a4:5c:ea:0c:a3:05:fe:c2:fd:6a:c8:f1:ed:ff:
d5:79:72:20:2b:f9:88:67:70:ec:a1:58:94:e0:3b:
45:31:e7:aa:36:b9:32:a8:04:d8:6b:2c:a2:61:e7:
0f:cc:58:2f:99:5c:cb:0b:ab:b8:57:54:91:56:78:
c1:47:a5:e2:59:33:dc:ab:93:7c:5a:11:a6:e6:3b:
91:09
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
0E:52:3B:22:37:F0:2F:44:80:87:87:57:2F:14:1B:90:85:4E:DA:9C
X509v3 Authority Key Identifier:
keyid:A5:01:3D:6B:2B:55:3D:E1:76:DD:6E:C8:1C:E7:B9:03:25:39:CB:BA
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/pQE9aytVPeF23W7IHOe5AyU5y7o.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/DlI7IjfwL0SAh4dXLxQbkIVO2pw.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/0d/5d4ae1-16e8-4fc4-a81a-13fd2ccf8790/1/pQE9aytVPeF23W7IHOe5AyU5y7o.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
89.38.154.0/24
185.210.159.0/24
Signature Algorithm: sha256WithRSAEncryption
09:6a:c6:47:0f:f4:aa:e9:4b:d3:ce:be:c3:a8:60:e5:0f:c2:
d9:53:7f:fa:f1:72:76:4d:fb:f8:b8:d6:08:ee:1b:fd:57:a6:
9a:4c:7e:32:e5:34:ae:4e:36:cd:81:58:a8:f7:06:e3:fa:f8:
43:16:96:a1:a7:c7:fd:22:65:38:9a:a5:99:a8:a9:4d:a4:26:
90:83:ef:1b:4e:2c:df:7f:e5:41:c3:71:f0:74:cb:08:f1:a3:
1c:60:60:7f:01:c5:21:f4:52:ed:aa:85:37:86:7f:b8:c2:f3:
3d:26:af:94:f7:4b:aa:5b:5c:82:15:f5:b0:6c:43:f4:92:5f:
40:9b:55:22:a1:88:9d:20:20:27:44:85:e9:cb:5f:94:a3:15:
b3:19:f3:29:f4:07:fc:40:d6:eb:37:36:18:d5:d7:b0:85:59:
3b:c0:49:fa:6f:04:db:d8:8a:a0:74:d8:27:17:3e:5d:d7:8c:
dc:6e:b8:9f:d9:70:a1:d3:67:68:bd:47:53:8a:b7:56:a4:24:
8e:0d:62:c9:65:8f:39:a4:cb:29:d8:ca:bd:44:7c:09:9b:a2:
e6:04:d5:82:da:bb:14:67:f2:2d:1e:75:9b:18:7d:a8:db:8d:
4d:e2:1c:af:15:0a:ae:8b:fd:87:7e:c0:f7:51:61:dc:09:9e:
b5:1c:84:c0
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZlXBBDf3JyDMsy4Njw+19mAMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGE1MDEzZDZiMmI1NTNkZTE3NmRkNmVjODFjZTdiOTAzMjUz
OWNiYmEwHhcNMjUwOTE3MDkzMTQ4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygwZTUyM2IyMjM3ZjAyZjQ0ODA4Nzg3NTcyZjE0MWI5MDg1NGVkYTljMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAszCwMPjJQu4YW6S8JgaRzfzMjkRn
LrNqVCjbO2VXMkbn5d6ImBHdYwybH9ujlLO6QbmZlTDn6c2SUiOXhBACbCmyVpoK
pEbqOacKsp/UE44yxmCnhNUiToAyQBC0PRdPVNE/9mSRv+zl+MoOKWKvfZryhDLO
M3+1qGonTt7UK8HTjQtAnvjosfRy73YYu9Fvc49NQ5Rpehvxjj9gTJ5qgcGU9/6W
AIpXpGejRHRH1dSV03k8pFzqDKMF/sL9asjx7f/VeXIgK/mIZ3DsoViU4DtFMeeq
NrkyqATYayyiYecPzFgvmVzLC6u4V1SRVnjBR6XiWTPcq5N8WhGm5juRCQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFA5SOyI38C9EgIeHVy8UG5CFTtqcMB8GA1UdIwQY
MBaAFKUBPWsrVT3hdt1uyBznuQMlOcu6MA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvcFFFOWF5dFZQZUYyM1c3SUhPZTVBeVU1eTdvLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8wZC81ZDRhZTEtMTZlOC00ZmM0LWE4MWEt
MTNmZDJjY2Y4NzkwLzEvRGxJN0lqZndMMFNBaDRkWEx4UWJrSVZPMnB3LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8wZC81ZDRhZTEtMTZlOC00ZmM0LWE4MWEtMTNmZDJjY2Y4Nzkw
LzEvcFFFOWF5dFZQZUYyM1c3SUhPZTVBeVU1eTdvLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQAWSaaAwQA
udKfMA0GCSqGSIb3DQEBCwUAA4IBAQAJasZHD/Sq6UvTzr7DqGDlD8LZU3/68XJ2
Tfv4uNYI7hv9V6aaTH4y5TSuTjbNgVio9wbj+vhDFpahp8f9ImU4mqWZqKlNpCaQ
g+8bTizff+VBw3HwdMsI8aMcYGB/AcUh9FLtqoU3hn+4wvM9Jq+U90uqW1yCFfWw
bEP0kl9Am1UioYidICAnRIXpy1+UoxWzGfMp9Af8QNbrNzYY1dewhVk7wEn6bwTb
2IqgdNgnFz5d14zcbrif2XCh02dovUdTirdWpCSODWLJZY85pMsp2Mq9RHwJm6Lm
BNWC2rsUZ/ItHnWbGH2o241N4hyvFQqui/2HfsD3UWHcCZ61HITA
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:57:30 2025 by rpki-client