Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/QriAKgPb5OxN8NYevbod9bih3Ao.roa
File: QriAKgPb5OxN8NYevbod9bih3Ao.roa (raw, json)
Hash identifier: xcDTbpvTfMHrAJl0IS53H0E4FlfDEIidiWAb66EAaYQ=
Subject key identifier: 42:B8:80:2A:03:DB:E4:EC:4D:F0:D6:1E:BD:BA:1D:F5:B8:A1:DC:0A
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0199DF073FC356C3D090F5C94271258483EC
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/QriAKgPb5OxN8NYevbod9bih3Ao.roa
Signing time: Mon 13 Oct 2025 19:23:38 +0000
ROA not before: Mon 13 Oct 2025 19:23:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 205866
IP address blocks: 2a11:6d02::/32 maxlen: 32
2a12:3046::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:df:07:3f:c3:56:c3:d0:90:f5:c9:42:71:25:84:83:ec
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 13 19:23:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=42b8802a03dbe4ec4df0d61ebdba1df5b8a1dc0a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:f1:8a:f9:c6:a2:9a:e8:e8:0b:16:ac:55:43:b5:
1d:4f:60:d0:1d:a5:79:fb:55:71:47:b0:75:9a:88:
86:db:05:09:94:05:82:77:40:14:cf:5e:fb:d0:5d:
f3:3d:da:f1:a1:31:9e:a6:0e:15:a9:77:30:16:0e:
05:96:ce:68:bc:9a:f6:72:31:4d:c8:07:2a:79:59:
e3:86:5b:5e:f5:c1:38:6d:bf:cb:7c:03:9c:3e:aa:
08:7f:06:80:34:b2:2a:d0:a4:37:fc:fe:19:0e:dc:
c3:d7:60:2a:25:8e:05:83:14:90:18:a1:5e:6d:13:
09:14:30:d7:03:c3:b7:0a:02:5d:3b:1e:30:86:1c:
82:9c:3d:82:35:89:46:c4:42:5a:21:51:24:bf:b6:
af:df:ce:60:9a:a8:9e:7e:cc:5e:af:31:1c:fe:f1:
dd:d7:94:28:99:f0:3b:19:86:2e:ae:dd:72:51:25:
b4:bf:9b:85:68:2b:c7:f0:f1:1d:c2:0d:11:41:74:
6b:58:04:d6:6e:5b:05:25:c5:84:a2:a5:49:a8:96:
06:22:86:d6:6e:f2:59:28:d1:37:60:7c:11:e6:b1:
27:0d:77:8c:db:a7:81:3d:0e:74:4b:b4:24:41:b0:
3f:61:ae:61:80:81:d5:c5:54:0c:06:fa:65:f2:03:
66:97
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
42:B8:80:2A:03:DB:E4:EC:4D:F0:D6:1E:BD:BA:1D:F5:B8:A1:DC:0A
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/QriAKgPb5OxN8NYevbod9bih3Ao.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a11:6d02::/32
2a12:3046::/32
Signature Algorithm: sha256WithRSAEncryption
0b:81:11:c1:56:ef:7f:3a:c4:69:bd:fb:84:9f:a1:86:4a:e7:
64:8b:c8:23:6c:4a:c9:54:d3:b1:c1:15:32:7a:bb:59:51:ac:
3d:0b:c6:5c:b9:4b:5a:1d:15:7e:22:16:28:a9:0f:3e:ce:bc:
c6:42:94:23:d8:29:60:06:ed:19:37:7d:dd:f0:21:50:f7:97:
04:d8:6c:6f:80:37:29:59:39:67:55:7c:f6:2e:fe:55:1c:1c:
15:85:5d:78:fd:b9:74:0c:e5:db:a7:8b:93:50:3e:13:41:9e:
77:b6:c0:4c:64:95:10:1f:45:18:75:f1:fb:70:31:56:90:00:
04:f5:52:29:4a:e8:97:61:d6:6b:33:e1:a8:53:09:91:a3:a1:
eb:43:37:1a:83:86:d2:cd:65:b6:f5:1b:ad:a7:7c:26:69:8f:
82:ca:f5:78:90:bf:7e:8c:6e:4d:ba:6e:24:a8:6a:74:1e:6d:
e9:83:1d:fa:28:f6:a0:91:77:02:e3:d2:c6:e0:96:af:3c:6d:
09:d5:d3:70:b0:85:38:d4:7f:ad:51:1c:7d:e3:b3:79:14:de:
1e:2d:2f:cc:2b:df:15:4a:98:49:5b:4a:bc:fd:f4:a6:06:4c:
9d:a8:08:1b:4b:2f:74:7c:d6:65:3a:16:28:48:95:73:d2:7a:
ab:63:ca:10
-----BEGIN CERTIFICATE-----
MIIFBTCCA+2gAwIBAgISAZnfBz/DVsPQkPXJQnElhIPsMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDEzMTkyMzM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg0MmI4ODAyYTAzZGJlNGVjNGRmMGQ2MWViZGJhMWRmNWI4YTFkYzBhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEA8Yr5xqKa6OgLFqxVQ7UdT2DQHaV5
+1VxR7B1moiG2wUJlAWCd0AUz1770F3zPdrxoTGepg4VqXcwFg4Fls5ovJr2cjFN
yAcqeVnjhlte9cE4bb/LfAOcPqoIfwaANLIq0KQ3/P4ZDtzD12AqJY4FgxSQGKFe
bRMJFDDXA8O3CgJdOx4whhyCnD2CNYlGxEJaIVEkv7av385gmqiefsxerzEc/vHd
15QomfA7GYYurt1yUSW0v5uFaCvH8PEdwg0RQXRrWATWblsFJcWEoqVJqJYGIobW
bvJZKNE3YHwR5rEnDXeM26eBPQ50S7QkQbA/Ya5hgIHVxVQMBvpl8gNmlwIDAQAB
o4ICETCCAg0wHQYDVR0OBBYEFEK4gCoD2+TsTfDWHr26HfW4odwKMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvUXJpQUtnUGI1T3hOOE5ZZXZib2Q5YmloM0FvLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCcGCCsGAQUFBwEHAQH/BBgwFjAUBAIAAjAOAwUAKhFtAgMF
ACoSMEYwDQYJKoZIhvcNAQELBQADggEBAAuBEcFW7386xGm9+4SfoYZK52SLyCNs
SslU07HBFTJ6u1lRrD0Lxly5S1odFX4iFiipDz7OvMZClCPYKWAG7Rk3fd3wIVD3
lwTYbG+ANylZOWdVfPYu/lUcHBWFXXj9uXQM5duni5NQPhNBnne2wExklRAfRRh1
8ftwMVaQAAT1UilK6Jdh1msz4ahTCZGjoetDNxqDhtLNZbb1G62nfCZpj4LK9XiQ
v36Mbk26biSoanQebemDHfoo9qCRdwLj0sbglq88bQnV03CwhTjUf61RHH3js3kU
3h4tL8wr3xVKmElbSrz99KYGTJ2oCBtLL3R81mU6FihIlXPSeqtjyhA=
-----END CERTIFICATE-----
Generated at Sun Oct 19 22:58:09 2025 by rpki-client