Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/ceRe27r4TaVzZe1TelFg0Kd7u0Y.roa
File: ceRe27r4TaVzZe1TelFg0Kd7u0Y.roa (raw, json)
Hash identifier: B7bH7cuDjJTKEb3qydpXimO3oByn3OasTj45zytGAyc=
Subject key identifier: 71:E4:5E:DB:BA:F8:4D:A5:73:65:ED:53:7A:51:60:D0:A7:7B:BB:46
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0199DEE9C9F9E3C6A3243E5E427EB5AA633D
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/ceRe27r4TaVzZe1TelFg0Kd7u0Y.roa
Signing time: Mon 13 Oct 2025 18:51:27 +0000
ROA not before: Mon 13 Oct 2025 18:51:27 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 42375
IP address blocks: 2a09:2985::/32 maxlen: 32
2a09:af82::/32 maxlen: 32
2a09:d702::/32 maxlen: 32
2a09:dd02::/32 maxlen: 32
2a09:e301::/32 maxlen: 32
2a09:ef00::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 15:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:de:e9:c9:f9:e3:c6:a3:24:3e:5e:42:7e:b5:aa:63:3d
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 13 18:51:27 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=71e45edbbaf84da57365ed537a5160d0a77bbb46
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b3:dc:cf:2b:8a:0a:c2:af:c1:1d:20:cb:f7:26:
48:88:ec:64:af:cc:d1:8d:0e:13:d7:6b:09:11:ab:
1b:b7:9f:d3:e0:42:8f:40:b2:0b:cf:7f:c8:c3:89:
08:2f:4a:d7:e4:2f:6e:34:0f:dd:a1:26:63:fc:56:
1b:43:97:19:ef:32:fa:9f:d4:83:98:39:d2:4d:53:
59:74:27:11:76:f5:0b:b2:43:06:80:15:cd:2c:69:
8d:50:7d:c7:0f:a0:ef:36:6f:8f:57:9d:da:f1:f3:
c2:ff:7a:8e:3a:4f:3d:db:50:9c:ce:9e:e9:ca:6b:
46:27:a1:fb:09:ec:50:c7:96:c4:c8:4b:86:82:ea:
2c:2f:38:68:c4:e7:73:81:4c:0b:83:08:e2:ce:2b:
c6:f1:e2:84:1b:d2:5b:e9:dd:2b:19:b9:7d:78:86:
dc:aa:ff:df:cf:26:8f:1e:ac:e6:9f:a3:0b:c6:17:
14:56:06:9e:4a:9a:c7:69:91:df:2b:d2:14:d7:f5:
f0:39:dd:05:0b:ea:47:0e:7c:1d:47:25:08:37:c9:
cb:df:74:38:d9:0a:7a:14:13:69:de:33:9a:fa:b8:
f6:3b:46:c8:68:33:8e:6d:31:23:42:21:7b:2d:6d:
54:b0:71:94:80:e2:6a:f6:04:1a:52:31:79:2b:83:
14:91
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
71:E4:5E:DB:BA:F8:4D:A5:73:65:ED:53:7A:51:60:D0:A7:7B:BB:46
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/ceRe27r4TaVzZe1TelFg0Kd7u0Y.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:2985::/32
2a09:af82::/32
2a09:d702::/32
2a09:dd02::/32
2a09:e301::/32
2a09:ef00::/32
Signature Algorithm: sha256WithRSAEncryption
2f:35:23:b3:7d:8e:d5:34:2e:19:3d:6d:a7:1b:b4:0f:31:19:
43:3d:c1:94:ed:c0:85:d0:f2:aa:f4:84:7f:9e:df:64:c5:98:
58:d5:81:48:b3:46:67:bd:f2:63:40:18:b2:bd:98:c5:c3:fc:
1e:31:e2:6e:ff:97:e9:27:96:30:47:ef:26:76:90:39:67:84:
e1:cb:69:c1:da:9f:93:cf:a8:5c:b4:50:db:0c:2d:fe:16:9e:
a4:15:d0:2f:40:3f:74:21:b6:3e:c9:a0:e3:7e:f3:84:79:60:
1a:3f:e7:4b:f7:a7:0c:fb:6a:12:6e:53:1d:2b:e5:14:aa:5f:
fa:7f:d2:39:ba:7c:a7:88:52:17:8f:4c:85:c9:28:b9:e6:60:
2d:a6:1e:74:1f:af:e6:58:00:18:47:0a:fd:32:46:51:4d:79:
7c:0e:d0:24:f0:64:a0:db:6d:fd:5d:bb:73:01:65:94:78:1d:
98:5f:aa:40:ce:76:4b:23:43:9d:b7:76:d7:f4:69:eb:3f:65:
4b:56:cd:c6:d9:7a:4a:bf:85:2b:fb:a8:aa:3d:99:80:93:a9:
55:fa:65:70:20:62:8a:19:5b:90:85:d3:52:28:85:59:08:9a:
96:79:45:23:58:3e:1a:a1:3b:4f:55:fc:e6:7d:47:2e:13:32:
68:ce:01:a7
-----BEGIN CERTIFICATE-----
MIIFITCCBAmgAwIBAgISAZne6cn548ajJD5eQn61qmM9MA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDEzMTg1MTI3WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg3MWU0NWVkYmJhZjg0ZGE1NzM2NWVkNTM3YTUxNjBkMGE3N2JiYjQ2MIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAs9zPK4oKwq/BHSDL9yZIiOxkr8zR
jQ4T12sJEasbt5/T4EKPQLILz3/Iw4kIL0rX5C9uNA/doSZj/FYbQ5cZ7zL6n9SD
mDnSTVNZdCcRdvULskMGgBXNLGmNUH3HD6DvNm+PV53a8fPC/3qOOk8921Cczp7p
ymtGJ6H7CexQx5bEyEuGguosLzhoxOdzgUwLgwjizivG8eKEG9Jb6d0rGbl9eIbc
qv/fzyaPHqzmn6MLxhcUVgaeSprHaZHfK9IU1/XwOd0FC+pHDnwdRyUIN8nL33Q4
2Qp6FBNp3jOa+rj2O0bIaDOObTEjQiF7LW1UsHGUgOJq9gQaUjF5K4MUkQIDAQAB
o4ICLTCCAikwHQYDVR0OBBYEFHHkXtu6+E2lc2XtU3pRYNCne7tGMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvY2VSZTI3cjRUYVZ6WmUxVGVsRmcwS2Q3dTBZLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMEMGCCsGAQUFBwEHAQH/BDQwMjAwBAIAAjAqAwUAKgkphQMF
ACoJr4IDBQAqCdcCAwUAKgndAgMFACoJ4wEDBQAqCe8AMA0GCSqGSIb3DQEBCwUA
A4IBAQAvNSOzfY7VNC4ZPW2nG7QPMRlDPcGU7cCF0PKq9IR/nt9kxZhY1YFIs0Zn
vfJjQBiyvZjFw/weMeJu/5fpJ5YwR+8mdpA5Z4Thy2nB2p+Tz6hctFDbDC3+Fp6k
FdAvQD90IbY+yaDjfvOEeWAaP+dL96cM+2oSblMdK+UUql/6f9I5unyniFIXj0yF
ySi55mAtph50H6/mWAAYRwr9MkZRTXl8DtAk8GSg2239XbtzAWWUeB2YX6pAznZL
I0Odt3bX9GnrP2VLVs3G2XpKv4Ur+6iqPZmAk6lV+mVwIGKKGVuQhdNSKIVZCJqW
eUUjWD4aoTtPVfzmfUcuEzJozgGn
-----END CERTIFICATE-----
Generated at Mon Oct 20 01:25:02 2025 by rpki-client