Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/apqe91nunbrCbmaxFf5gacnmbm4.roa
File: apqe91nunbrCbmaxFf5gacnmbm4.roa (raw, json)
Hash identifier: Amu7nEAL6Fa4w5Il3cvjuOlQ82Z9LNNhx8WtJHbO8hU=
Subject key identifier: 6A:9A:9E:F7:59:EE:9D:BA:C2:6E:66:B1:15:FE:60:69:C9:E6:6E:6E
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0199DD7381EE9B55F1D856408DE06A0BD723
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/apqe91nunbrCbmaxFf5gacnmbm4.roa
Signing time: Mon 13 Oct 2025 12:02:38 +0000
ROA not before: Mon 13 Oct 2025 12:02:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 211066
IP address blocks: 5.83.134.0/24 maxlen: 24
5.175.140.0/24 maxlen: 24
5.175.192.0/24 maxlen: 24
5.175.237.0/24 maxlen: 24
185.47.142.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:dd:73:81:ee:9b:55:f1:d8:56:40:8d:e0:6a:0b:d7:23
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 13 12:02:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=6a9a9ef759ee9dbac26e66b115fe6069c9e66e6e
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:af:22:a2:06:75:bc:54:8e:e6:a3:8a:9b:c6:9e:
ed:bd:15:bb:97:c9:24:b6:89:38:77:d4:37:e0:29:
fe:a0:8d:06:55:a2:3f:a4:dd:40:71:df:2f:4f:c3:
cf:19:d0:fb:a6:eb:d7:49:6d:3f:76:8c:1c:b5:75:
2b:64:83:05:7c:1e:0e:0e:aa:35:be:da:d8:87:09:
34:16:91:a9:d1:dc:0d:66:b0:1d:de:7c:da:5a:14:
5e:9e:3e:ce:56:0e:66:36:5e:dc:03:5f:98:8c:8a:
b1:53:1d:72:e5:9a:1e:e3:db:ab:8e:da:0d:73:0b:
2c:d4:e4:15:cd:d8:21:8e:db:9a:49:2e:db:38:34:
b1:ee:99:77:03:00:7d:08:53:b0:d6:88:4d:4d:b4:
9a:88:78:38:7a:91:a2:7d:c5:d7:80:43:9a:7a:ea:
05:ce:c0:e4:2c:75:97:fd:39:59:02:cf:d5:fe:51:
7c:72:1e:78:f2:9b:a3:58:58:e8:d9:e8:9f:f3:de:
36:5a:e4:4d:7e:d9:5b:da:fe:60:a7:ef:f3:95:8e:
44:af:d6:32:45:d0:ec:7d:91:44:e3:b0:9d:25:09:
79:bf:ab:53:73:b0:14:14:ff:0c:ec:7d:79:45:41:
36:1c:db:83:5a:a0:89:e0:ec:9b:b9:cd:07:4f:8e:
b1:67
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
6A:9A:9E:F7:59:EE:9D:BA:C2:6E:66:B1:15:FE:60:69:C9:E6:6E:6E
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/apqe91nunbrCbmaxFf5gacnmbm4.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.134.0/24
5.175.140.0/24
5.175.192.0/24
5.175.237.0/24
185.47.142.0/24
Signature Algorithm: sha256WithRSAEncryption
8a:d4:a3:be:f4:20:4a:d6:f2:26:21:1f:bf:1a:19:40:82:d6:
12:58:b7:ab:9f:11:bb:c8:2c:35:34:a4:b6:32:6e:4b:3c:e2:
2e:a2:98:5d:2c:aa:8e:ea:ce:ef:c0:b7:e6:eb:bd:8a:ee:1f:
e2:9a:6e:7e:fa:81:de:ed:0b:24:89:de:d1:34:c5:a8:de:10:
30:93:d2:12:31:a2:b4:3d:52:06:8b:02:b0:d2:06:3c:f2:70:
58:f3:de:48:0a:18:92:7d:31:9c:11:b0:10:4e:2a:d2:85:66:
1a:52:4d:09:84:17:32:d8:98:c8:68:14:b5:2a:26:db:cc:eb:
a7:21:06:2b:2f:df:f7:14:5a:aa:b3:e4:ad:0e:4e:cd:9b:3b:
3c:3c:6d:d5:bf:6f:4a:51:77:a1:a8:22:32:10:92:62:04:c4:
82:e6:d9:55:33:c2:32:4e:65:13:64:40:e7:3d:16:2a:fe:ac:
5d:e0:3b:6d:0a:5e:4c:cc:04:80:1f:a9:2b:96:e4:29:a5:85:
35:c2:d1:de:5c:1c:25:a8:9c:2d:33:2d:33:bc:34:99:75:87:
a3:8b:e9:f7:ac:a2:42:7e:18:dd:d9:0d:c0:c0:6c:ca:4b:b8:
a8:4c:2c:ac:66:b6:b0:f9:ac:b0:f3:21:b1:5a:6c:62:21:0f:
6b:73:71:d4
-----BEGIN CERTIFICATE-----
MIIFFTCCA/2gAwIBAgISAZndc4Hum1Xx2FZAjeBqC9cjMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDEzMTIwMjM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg2YTlhOWVmNzU5ZWU5ZGJhYzI2ZTY2YjExNWZlNjA2OWM5ZTY2ZTZlMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAryKiBnW8VI7mo4qbxp7tvRW7l8kk
tok4d9Q34Cn+oI0GVaI/pN1Acd8vT8PPGdD7puvXSW0/dowctXUrZIMFfB4ODqo1
vtrYhwk0FpGp0dwNZrAd3nzaWhRenj7OVg5mNl7cA1+YjIqxUx1y5Zoe49urjtoN
cwss1OQVzdghjtuaSS7bODSx7pl3AwB9CFOw1ohNTbSaiHg4epGifcXXgEOaeuoF
zsDkLHWX/TlZAs/V/lF8ch548pujWFjo2eif8942WuRNftlb2v5gp+/zlY5Er9Yy
RdDsfZFE47CdJQl5v6tTc7AUFP8M7H15RUE2HNuDWqCJ4Oybuc0HT46xZwIDAQAB
o4ICITCCAh0wHQYDVR0OBBYEFGqanvdZ7p26wm5msRX+YGnJ5m5uMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvYXBxZTkxbnVuYnJDYm1heEZmNWdhY25tYm00LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMDcGCCsGAQUFBwEHAQH/BCgwJjAkBAIAATAeAwQABVOGAwQA
Ba+MAwQABa/AAwQABa/tAwQAuS+OMA0GCSqGSIb3DQEBCwUAA4IBAQCK1KO+9CBK
1vImIR+/GhlAgtYSWLernxG7yCw1NKS2Mm5LPOIuophdLKqO6s7vwLfm672K7h/i
mm5++oHe7Qskid7RNMWo3hAwk9ISMaK0PVIGiwKw0gY88nBY895IChiSfTGcEbAQ
TirShWYaUk0JhBcy2JjIaBS1KibbzOunIQYrL9/3FFqqs+StDk7Nmzs8PG3Vv29K
UXehqCIyEJJiBMSC5tlVM8IyTmUTZEDnPRYq/qxd4DttCl5MzASAH6krluQppYU1
wtHeXBwlqJwtMy0zvDSZdYeji+n3rKJCfhjd2Q3AwGzKS7ioTCysZraw+ayw8yGx
WmxiIQ9rc3HU
-----END CERTIFICATE-----
Generated at Mon Oct 20 14:27:26 2025 by rpki-client