Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UPWJB4nL_LwesT0XJuEWlJ98t-k.roa
File: UPWJB4nL_LwesT0XJuEWlJ98t-k.roa (raw, json)
Hash identifier: +zy51rtZpxGquIoSXU4cTZ5CXYfYqPg94yYfjDl9FGo=
Subject key identifier: 50:F5:89:07:89:CB:FC:BC:1E:B1:3D:17:26:E1:16:94:9F:7C:B7:E9
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 019996DA752B9F11EEAA887B9A6A8E68A1D1
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UPWJB4nL_LwesT0XJuEWlJ98t-k.roa
Signing time: Mon 29 Sep 2025 19:02:03 +0000
ROA not before: Mon 29 Sep 2025 19:02:03 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 62403
IP address blocks: 5.231.46.0/24 maxlen: 24
5.231.57.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 20:00:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:96:da:75:2b:9f:11:ee:aa:88:7b:9a:6a:8e:68:a1:d1
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Sep 29 19:02:03 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=50f5890789cbfcbc1eb13d1726e116949f7cb7e9
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c2:3a:08:71:5f:1c:34:9f:2d:01:bd:b9:71:42:
12:32:b9:7d:1d:25:13:f9:75:ae:e3:85:18:c7:bc:
f8:c5:9c:4e:98:b0:af:66:79:5b:fc:c4:00:d5:04:
f1:2e:45:fb:ce:f0:02:84:6a:e9:7b:b9:28:78:2a:
a9:e7:20:bc:25:94:b3:10:f1:63:b6:d9:b6:8c:fd:
20:c1:62:32:32:13:65:99:78:63:81:17:54:b6:50:
53:0b:b5:6f:e5:e2:5e:89:66:ad:50:11:b8:6e:a0:
d3:96:e4:bd:cc:de:52:9f:7d:e2:14:bc:78:27:a2:
9d:9a:e4:a4:07:5f:72:3b:29:57:69:1e:41:d9:8d:
7b:2a:e8:13:34:18:cf:6c:83:26:b4:a1:2d:5e:77:
55:9a:1b:ef:27:bb:00:8f:8d:0f:51:f6:56:16:2e:
e8:59:8f:d4:c1:66:8d:6a:a5:25:ed:36:fd:89:8c:
44:c3:02:45:64:2b:3e:6c:26:b0:ef:54:19:c0:fb:
e7:98:23:1a:66:77:dd:b5:8f:9d:d4:89:70:d9:75:
38:23:53:3e:73:c1:0c:a0:25:89:43:f3:8d:92:9d:
62:20:17:4b:3a:26:d8:6c:0e:79:43:08:14:c2:f4:
c4:43:a4:73:fd:27:3a:b4:99:d4:0a:67:5c:1c:b1:
73:31
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
50:F5:89:07:89:CB:FC:BC:1E:B1:3D:17:26:E1:16:94:9F:7C:B7:E9
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/UPWJB4nL_LwesT0XJuEWlJ98t-k.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.231.46.0/24
5.231.57.0/24
Signature Algorithm: sha256WithRSAEncryption
b6:59:61:40:4f:d5:e0:cb:0b:0a:5d:d4:47:65:a0:48:15:b8:
51:48:22:fd:0d:62:d2:93:a4:1b:df:cc:c4:0b:1e:49:d3:db:
af:d6:c7:49:19:ea:31:2e:c2:25:11:38:4c:8c:93:32:cf:e6:
51:4e:0a:09:dd:e8:32:1f:27:91:d4:c0:f7:4f:25:e3:80:0b:
01:f5:f2:e9:3d:11:7a:28:c3:2b:28:44:5d:0f:27:9f:db:d0:
43:c8:db:33:db:70:38:ba:6f:1b:89:9b:6b:1d:46:15:cb:45:
18:ca:1b:2a:19:80:88:50:42:fa:3d:87:9f:ab:3e:59:ce:66:
a8:93:5c:1d:e9:a2:90:fc:a2:cb:f6:34:5e:dd:6c:a9:72:d9:
4f:64:64:7a:2c:a9:69:31:05:5c:70:89:a3:ed:39:48:fb:bc:
1d:74:3e:c9:fc:5e:0e:ca:70:a6:32:74:4a:59:09:e4:cd:a1:
94:ef:a5:21:84:50:5c:5a:6e:46:49:96:55:ec:98:ee:b5:eb:
51:4d:b2:00:49:e8:94:1e:00:7e:cc:93:e7:66:af:c3:d1:29:
06:5e:4b:e8:ac:b1:d3:5e:2e:41:ac:9d:5b:95:eb:7b:01:48:
65:f9:ab:73:4a:95:44:2d:d8:2c:9a:5b:71:27:ea:9a:7a:3a:
88:c0:51:42
-----BEGIN CERTIFICATE-----
MIIFAzCCA+ugAwIBAgISAZmW2nUrnxHuqoh7mmqOaKHRMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUwOTI5MTkwMjAzWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg1MGY1ODkwNzg5Y2JmY2JjMWViMTNkMTcyNmUxMTY5NDlmN2NiN2U5MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAwjoIcV8cNJ8tAb25cUISMrl9HSUT
+XWu44UYx7z4xZxOmLCvZnlb/MQA1QTxLkX7zvAChGrpe7koeCqp5yC8JZSzEPFj
ttm2jP0gwWIyMhNlmXhjgRdUtlBTC7Vv5eJeiWatUBG4bqDTluS9zN5Sn33iFLx4
J6KdmuSkB19yOylXaR5B2Y17KugTNBjPbIMmtKEtXndVmhvvJ7sAj40PUfZWFi7o
WY/UwWaNaqUl7Tb9iYxEwwJFZCs+bCaw71QZwPvnmCMaZnfdtY+d1Ilw2XU4I1M+
c8EMoCWJQ/ONkp1iIBdLOibYbA55QwgUwvTEQ6Rz/Sc6tJnUCmdcHLFzMQIDAQAB
o4ICDzCCAgswHQYDVR0OBBYEFFD1iQeJy/y8HrE9FybhFpSffLfpMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvVVBXSkI0bkxfTHdlc1QwWEp1RVdsSjk4dC1rLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCUGCCsGAQUFBwEHAQH/BBYwFDASBAIAATAMAwQABecuAwQA
Bec5MA0GCSqGSIb3DQEBCwUAA4IBAQC2WWFAT9XgywsKXdRHZaBIFbhRSCL9DWLS
k6Qb38zECx5J09uv1sdJGeoxLsIlEThMjJMyz+ZRTgoJ3egyHyeR1MD3TyXjgAsB
9fLpPRF6KMMrKERdDyef29BDyNsz23A4um8biZtrHUYVy0UYyhsqGYCIUEL6PYef
qz5Zzmaok1wd6aKQ/KLL9jRe3WypctlPZGR6LKlpMQVccImj7TlI+7wddD7J/F4O
ynCmMnRKWQnkzaGU76UhhFBcWm5GSZZV7JjutetRTbIASeiUHgB+zJPnZq/D0SkG
XkvorLHTXi5BrJ1blet7AUhl+atzSpVELdgsmltxJ+qaejqIwFFC
-----END CERTIFICATE-----
Generated at Mon Oct 20 02:47:44 2025 by rpki-client