Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/uxq2n5JkhGf4YgcaGgyw7pL1sd8.roa
File: uxq2n5JkhGf4YgcaGgyw7pL1sd8.roa (raw, json)
Hash identifier: VLFWK5oJQ/6qdYO1VdNuIpGiG2t5Tja2cQppMvurLE0=
Subject key identifier: BB:1A:B6:9F:92:64:84:67:F8:62:07:1A:1A:0C:B0:EE:92:F5:B1:DF
Certificate issuer: /CN=3e6097698686e1555f51f6c883bc5a58549b2362
Certificate serial: 0199BB913EE15151AB0AF46C23CFCD961F90
Authority key identifier: 3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/uxq2n5JkhGf4YgcaGgyw7pL1sd8.roa
Signing time: Mon 06 Oct 2025 22:08:02 +0000
ROA not before: Mon 06 Oct 2025 22:08:02 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 16276
IP address blocks: 5.83.153.0/24 maxlen: 24
5.175.195.0/24 maxlen: 24
94.249.176.0/24 maxlen: 24
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.mft
rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:bb:91:3e:e1:51:51:ab:0a:f4:6c:23:cf:cd:96:1f:90
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=3e6097698686e1555f51f6c883bc5a58549b2362
Validity
Not Before: Oct 6 22:08:02 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=bb1ab69f92648467f862071a1a0cb0ee92f5b1df
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:ad:77:f5:df:d8:55:04:16:07:7f:3e:2d:b7:fe:
d0:af:ee:ee:af:82:0f:51:26:15:fd:ef:a6:a4:f9:
b0:e1:aa:80:c0:a0:f9:65:63:49:2b:21:72:ce:6a:
a1:9d:ff:13:0c:c5:04:17:2d:25:ff:ab:21:35:83:
df:8f:82:a2:8b:01:c9:07:e0:49:c8:58:d2:f7:53:
5b:22:01:7e:85:e2:de:42:4e:87:c1:c9:ae:45:36:
5c:c5:82:d7:e2:dd:85:12:f9:d5:e0:75:29:64:22:
57:1b:00:5d:6f:29:c9:d4:46:76:ef:92:bb:be:a3:
36:fa:b5:a4:12:09:27:04:65:c2:99:c4:1a:5c:47:
a5:11:b6:28:15:78:e8:79:78:81:89:cd:43:5c:99:
d7:bb:38:df:20:26:26:96:e9:93:4d:4a:03:78:d5:
15:0c:b3:f4:2d:86:c7:94:e5:01:1c:3f:9d:bf:e3:
f9:ed:a1:08:d6:03:0a:71:ee:f0:bd:3e:5c:1c:5b:
51:81:79:80:68:01:95:26:b0:f1:e6:8d:96:aa:89:
6b:ad:ee:d3:7d:5f:9f:ae:23:4c:7f:06:c4:ad:26:
8a:4b:83:45:00:68:ef:6b:4b:70:73:37:43:01:0b:
b9:1f:eb:6e:28:c3:a4:04:14:52:c6:6a:5f:8e:1e:
44:51
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
BB:1A:B6:9F:92:64:84:67:F8:62:07:1A:1A:0C:B0:EE:92:F5:B1:DF
X509v3 Authority Key Identifier:
keyid:3E:60:97:69:86:86:E1:55:5F:51:F6:C8:83:BC:5A:58:54:9B:23:62
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/PmCXaYaG4VVfUfbIg7xaWFSbI2I.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/uxq2n5JkhGf4YgcaGgyw7pL1sd8.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/10/965837-52cb-46b4-aedb-e1bd88d3fd07/1/PmCXaYaG4VVfUfbIg7xaWFSbI2I.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4:
5.83.153.0/24
5.175.195.0/24
94.249.176.0/24
Signature Algorithm: sha256WithRSAEncryption
c2:4c:fe:0b:bb:c7:47:4d:a2:bb:4e:eb:61:24:dd:63:f9:5c:
92:31:c3:55:74:73:6e:c6:1e:e0:60:c0:50:f0:93:23:b6:69:
c5:8a:de:1c:0f:97:70:fb:60:c6:00:bb:94:bc:e5:8b:dd:5f:
63:a1:b8:a0:66:9e:16:c1:e8:a2:d8:b3:b4:bd:13:18:50:6e:
1a:19:fb:e4:12:f7:08:6a:db:69:a2:14:78:dd:3b:aa:ee:c0:
3b:2c:73:c9:68:67:19:37:65:c1:b2:e6:d2:35:ae:92:be:50:
12:31:e8:5a:92:94:00:d4:b4:0d:af:d4:fb:ae:39:d8:d5:7b:
58:b4:63:6f:0e:37:89:c1:a6:e9:59:e1:d8:56:39:b1:d8:fe:
13:86:d8:89:18:dc:f4:30:5a:82:f9:00:7d:39:8f:fb:91:9b:
fb:aa:8c:8a:d7:79:3b:1c:ad:d3:6e:b6:4d:4d:61:69:94:e7:
e5:f8:c2:c7:be:8c:4b:6b:8e:43:e3:ec:19:51:1e:1b:28:7f:
43:9f:39:3c:8a:e2:f5:44:94:b9:6d:1c:43:db:d8:a1:10:bd:
ce:ee:56:ab:43:5d:8c:88:09:17:a8:5a:79:5a:c5:ca:a2:9b:
9a:97:8b:fd:5f:26:3f:6c:e8:0f:93:ae:0c:e5:df:92:2a:74:
e2:e3:58:13
-----BEGIN CERTIFICATE-----
MIIFCTCCA/GgAwIBAgISAZm7kT7hUVGrCvRsI8/Nlh+QMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKDNlNjA5NzY5ODY4NmUxNTU1ZjUxZjZjODgzYmM1YTU4NTQ5
YjIzNjIwHhcNMjUxMDA2MjIwODAyWhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EyhiYjFhYjY5ZjkyNjQ4NDY3Zjg2MjA3MWExYTBjYjBlZTkyZjViMWRmMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEArXf139hVBBYHfz4tt/7Qr+7ur4IP
USYV/e+mpPmw4aqAwKD5ZWNJKyFyzmqhnf8TDMUEFy0l/6shNYPfj4KiiwHJB+BJ
yFjS91NbIgF+heLeQk6HwcmuRTZcxYLX4t2FEvnV4HUpZCJXGwBdbynJ1EZ275K7
vqM2+rWkEgknBGXCmcQaXEelEbYoFXjoeXiBic1DXJnXuzjfICYmlumTTUoDeNUV
DLP0LYbHlOUBHD+dv+P57aEI1gMKce7wvT5cHFtRgXmAaAGVJrDx5o2Wqolrre7T
fV+friNMfwbErSaKS4NFAGjva0twczdDAQu5H+tuKMOkBBRSxmpfjh5EUQIDAQAB
o4ICFTCCAhEwHQYDVR0OBBYEFLsatp+SZIRn+GIHGhoMsO6S9bHfMB8GA1UdIwQY
MBaAFD5gl2mGhuFVX1H2yIO8WlhUmyNiMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGIt
ZTFiZDg4ZDNmZDA3LzEvdXhxMm41SmtoR2Y0WWdjYUdneXc3cEwxc2Q4LnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMC85NjU4MzctNTJjYi00NmI0LWFlZGItZTFiZDg4ZDNmZDA3
LzEvUG1DWGFZYUc0VlZmVWZiSWc3eGFXRlNiSTJJLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCsGCCsGAQUFBwEHAQH/BBwwGjAYBAIAATASAwQABVOZAwQA
Ba/DAwQAXvmwMA0GCSqGSIb3DQEBCwUAA4IBAQDCTP4Lu8dHTaK7TuthJN1j+VyS
McNVdHNuxh7gYMBQ8JMjtmnFit4cD5dw+2DGALuUvOWL3V9jobigZp4Wweii2LO0
vRMYUG4aGfvkEvcIattpohR43Tuq7sA7LHPJaGcZN2XBsubSNa6SvlASMehakpQA
1LQNr9T7rjnY1XtYtGNvDjeJwabpWeHYVjmx2P4ThtiJGNz0MFqC+QB9OY/7kZv7
qoyK13k7HK3TbrZNTWFplOfl+MLHvoxLa45D4+wZUR4bKH9Dnzk8iuL1RJS5bRxD
29ihEL3O7larQ12MiAkXqFp5WsXKopual4v9XyY/bOgPk64M5d+SKnTi41gT
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:55:02 2025 by rpki-client