Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/NohcJ4WZIaeXcX-OVJUzPxqH120.roa
File: NohcJ4WZIaeXcX-OVJUzPxqH120.roa (raw, json)
Hash identifier: yVdxleiK6WjS5Znh4H6vQaLKbZ4eDhHDboRdcNpplGE=
Subject key identifier: 36:88:5C:27:85:99:21:A7:97:71:7F:8E:54:95:33:3F:1A:87:D7:6D
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0199E41C36B7009BD838E6BCEE9EC9BB1DBE
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/NohcJ4WZIaeXcX-OVJUzPxqH120.roa
Signing time: Tue 14 Oct 2025 19:04:38 +0000
ROA not before: Tue 14 Oct 2025 19:04:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 204916
IP address blocks: 2a11:6544::/32 maxlen: 32
2a14:a403::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:e4:1c:36:b7:00:9b:d8:38:e6:bc:ee:9e:c9:bb:1d:be
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 14 19:04:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=36885c27859921a797717f8e5495333f1a87d76d
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:d7:95:ce:b5:8d:b2:cc:7e:e5:e0:01:01:69:
92:91:7c:a0:96:d7:2f:4c:1c:3a:cc:19:34:f2:93:
6e:72:2f:56:2b:01:77:58:76:96:ba:87:d4:35:c7:
ec:93:83:d2:cc:17:d2:ba:2d:03:22:7d:0f:ee:cb:
01:65:89:a7:24:b1:98:15:91:b6:60:cd:3e:03:3b:
0f:37:74:3e:4f:5e:4c:0d:71:c6:2a:ab:f9:be:6c:
4b:f4:de:69:30:28:53:ae:e1:73:29:cf:41:cd:f3:
f2:3a:d3:b9:dc:2b:9a:59:57:bc:c0:21:67:46:78:
28:32:29:ae:2b:5c:a1:d9:c9:de:a6:67:f8:a3:20:
9d:61:df:6f:1c:61:cb:ee:0d:d3:8b:b6:64:f6:8a:
e7:c9:46:aa:d1:47:52:ad:4c:08:7d:92:82:95:cb:
d1:96:75:40:ff:d5:97:3c:51:b5:d7:e3:3e:a2:cc:
75:f6:4a:db:52:13:99:ea:79:7b:5d:23:84:2d:a0:
5f:6f:cd:46:1b:e9:41:d0:38:5e:a4:9d:88:70:09:
9f:30:ec:dc:b5:c8:86:2f:0c:b8:23:14:c5:49:06:
d1:ad:65:56:ee:c3:72:a2:32:8e:d5:f1:d2:dd:e0:
ce:b0:e2:78:de:18:db:9e:b0:35:c2:5f:9e:b1:f8:
44:0f
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
36:88:5C:27:85:99:21:A7:97:71:7F:8E:54:95:33:3F:1A:87:D7:6D
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/NohcJ4WZIaeXcX-OVJUzPxqH120.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6544::/32
2a14:a403::/32
Signature Algorithm: sha256WithRSAEncryption
52:23:2e:49:e0:12:0b:10:8f:18:09:19:a9:b8:de:79:89:66:
d3:8f:d0:54:34:73:95:88:0d:da:24:e3:ed:14:4c:71:4e:d6:
f1:d2:d7:d6:54:37:11:cc:b5:95:a8:9e:2c:d2:3b:dc:74:da:
77:a7:af:94:14:d6:b6:ab:fc:b4:9a:69:8c:33:79:5c:1b:7a:
24:89:32:6c:e7:7e:e8:cf:5a:a9:55:e0:65:de:69:1e:ef:bc:
2c:25:65:fe:6f:01:87:01:56:bf:dc:71:54:84:f8:3b:7d:ec:
09:76:c8:3a:1f:8f:2a:5c:81:28:d0:41:ee:58:8e:1a:4a:fd:
14:f1:49:c4:cf:b9:59:3b:fe:f6:98:41:06:6a:19:29:95:8a:
16:ce:18:b2:5c:a2:1c:e8:c4:1c:d4:9e:5e:28:00:21:cb:d9:
fa:4f:61:d6:24:67:5f:fb:ad:51:60:e7:fe:f6:de:1b:cb:8e:
9e:75:81:6f:5c:c6:95:15:4d:b7:f9:17:ed:82:e9:26:6e:0c:
67:f5:6a:41:da:02:40:f9:76:44:d0:98:a0:12:f9:58:1f:04:
ab:95:bc:03:32:2f:4c:dd:51:a2:6f:90:e1:fc:f6:fd:41:64:
7d:cf:28:b1:63:ed:f1:a3:0c:26:aa:cb:61:f0:e3:91:1c:2f:
d2:98:3d:e4
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZnkHDa3AJvYOOa87p7Jux2+MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDE0MTkwNDM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
EygzNjg4NWMyNzg1OTkyMWE3OTc3MTdmOGU1NDk1MzMzZjFhODdkNzZkMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvteVzrWNssx+5eABAWmSkXygltcv
TBw6zBk08pNuci9WKwF3WHaWuofUNcfsk4PSzBfSui0DIn0P7ssBZYmnJLGYFZG2
YM0+AzsPN3Q+T15MDXHGKqv5vmxL9N5pMChTruFzKc9BzfPyOtO53CuaWVe8wCFn
RngoMimuK1yh2cnepmf4oyCdYd9vHGHL7g3Ti7Zk9ornyUaq0UdSrUwIfZKClcvR
lnVA/9WXPFG11+M+osx19krbUhOZ6nl7XSOELaBfb81GG+lB0DhepJ2IcAmfMOzc
tciGLwy4IxTFSQbRrWVW7sNyojKO1fHS3eDOsOJ43hjbnrA1wl+esfhEDwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFDaIXCeFmSGnl3F/jlSVMz8ah9dtMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvTm9oY0o0V1pJYWVYY1gtT1ZKVXpQeHFIMTIwLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhFlRAMF
ACoUpAMwDQYJKoZIhvcNAQELBQADggEBAFIjLkngEgsQjxgJGam43nmJZtOP0FQ0
c5WIDdok4+0UTHFO1vHS19ZUNxHMtZWonizSO9x02nenr5QU1rar/LSaaYwzeVwb
eiSJMmznfujPWqlV4GXeaR7vvCwlZf5vAYcBVr/ccVSE+Dt97Al2yDofjypcgSjQ
Qe5YjhpK/RTxScTPuVk7/vaYQQZqGSmVihbOGLJcohzoxBzUnl4oACHL2fpPYdYk
Z1/7rVFg5/723hvLjp51gW9cxpUVTbf5F+2C6SZuDGf1akHaAkD5dkTQmKAS+Vgf
BKuVvAMyL0zdUaJvkOH89v1BZH3PKLFj7fGjDCaqy2Hw45EcL9KYPeQ=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:32 2025 by rpki-client