Route Origin Authorization
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/nti6jfhXkm1QSIiifqg-oK4RoVs.roa
File: nti6jfhXkm1QSIiifqg-oK4RoVs.roa (raw, json)
Hash identifier: jooh5h1pWqlN6+JTQDRA25GNsO/H10HAQ/qO3BKe1JM=
Subject key identifier: 9E:D8:BA:8D:F8:57:92:6D:50:48:88:A2:7E:A8:3E:A0:AE:11:A1:5B
Certificate issuer: /CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Certificate serial: 0199F38AB618E3D90C40E1BB2D0D253E6CDF
Authority key identifier: BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/nti6jfhXkm1QSIiifqg-oK4RoVs.roa
Signing time: Fri 17 Oct 2025 18:59:38 +0000
ROA not before: Fri 17 Oct 2025 18:59:38 +0000
ROA not after: Wed 01 Jul 2026 00:00:00 +0000
asID: 215330
IP address blocks: 2a09:bc04::/32 maxlen: 32
2a11:6545::/32 maxlen: 32
2a11:6d05::/32 maxlen: 32
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.mft
rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Mon 20 Oct 2025 11:18:59 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:99:f3:8a:b6:18:e3:d9:0c:40:e1:bb:2d:0d:25:3e:6c:df
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=baa0f258eef4b2bf4bbaa8430c1e58ca8c188ea7
Validity
Not Before: Oct 17 18:59:38 2025 GMT
Not After : Jul 1 00:00:00 2026 GMT
Subject: CN=9ed8ba8df857926d504888a27ea83ea0ae11a15b
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:be:36:31:af:78:3b:7b:a8:26:45:87:6b:77:72:
97:70:30:a7:2b:65:4e:4a:cb:ac:95:25:51:c3:51:
f4:d7:18:54:ed:8a:6e:40:2e:f0:0c:81:88:fb:c4:
d0:ba:09:bc:c9:05:9b:62:26:e4:3c:a3:6f:92:47:
ce:c0:f0:ab:86:df:d4:33:c1:f5:5d:d1:82:36:79:
96:9e:de:e0:4e:a2:d5:7d:15:a8:97:70:80:bf:01:
aa:ab:de:05:ba:f3:1b:d6:ee:ef:33:63:4b:ca:d3:
a0:26:0a:03:9c:58:c9:0e:b9:55:93:d7:97:57:53:
f7:18:a6:0b:1d:e2:9e:52:b7:cc:01:97:a4:71:b9:
01:86:b1:98:13:07:51:d3:bb:db:46:7b:29:21:7b:
af:54:a0:0d:92:79:df:02:42:2e:7f:3f:ff:87:a8:
23:e2:32:4e:bb:87:2a:7e:cc:9a:ca:09:8a:09:3e:
83:5f:c8:5f:25:bd:42:e5:23:b2:63:e7:ae:f5:4e:
ba:18:63:b5:25:7f:b1:35:7e:fc:d1:96:97:06:97:
25:bb:fa:52:00:0b:bf:ef:fc:c4:78:9d:ed:5b:c5:
0d:81:bc:30:59:e7:b4:01:c9:0c:79:1d:20:54:56:
69:c6:88:2e:60:e8:e0:2f:59:cd:6d:54:4a:f7:b2:
9b:55
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
9E:D8:BA:8D:F8:57:92:6D:50:48:88:A2:7E:A8:3E:A0:AE:11:A1:5B
X509v3 Authority Key Identifier:
keyid:BA:A0:F2:58:EE:F4:B2:BF:4B:BA:A8:43:0C:1E:58:CA:8C:18:8E:A7
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/uqDyWO70sr9LuqhDDB5YyowYjqc.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/nti6jfhXkm1QSIiifqg-oK4RoVs.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/11/5e0ee1-c833-4241-960a-e5768d6b182c/1/uqDyWO70sr9LuqhDDB5YyowYjqc.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a09:bc04::/32
2a11:6545::/32
2a11:6d05::/32
Signature Algorithm: sha256WithRSAEncryption
23:e1:f5:08:0c:81:67:90:ac:ca:dd:a7:a1:45:44:49:ee:71:
87:a6:75:0f:21:ee:14:df:8c:e3:8a:10:de:b3:90:b3:de:cf:
c5:22:a1:69:4e:0d:2c:5d:16:bf:38:e4:28:63:34:c8:b9:fb:
c9:bb:15:27:96:ce:c6:ea:b3:8f:a8:c2:ca:27:fe:08:53:b7:
a4:22:bb:c4:2c:93:e0:21:24:90:63:eb:fa:c1:05:79:73:b9:
12:41:f6:1c:2a:f7:9d:c1:92:66:40:bb:11:60:47:7d:4e:4f:
eb:19:7f:f3:20:82:bf:f8:04:f0:12:3e:5a:16:46:00:38:bf:
6a:67:7d:c9:30:e4:ce:26:4d:49:30:f4:93:72:dd:a5:c3:54:
2c:29:d0:5f:98:bb:c0:34:dd:83:e9:26:6a:35:98:3a:e0:6e:
29:ac:fc:8d:69:b8:34:58:60:d7:80:42:79:45:a0:32:a7:38:
3f:32:83:57:bd:73:4a:84:d6:40:1d:62:d5:6c:34:0c:08:9a:
06:cb:36:55:d9:bd:a5:6d:fe:62:e7:cf:07:cf:39:30:2e:25:
3e:a0:8e:35:b0:a2:6f:84:7f:43:9c:a0:32:3d:30:7c:c7:7f:
a0:d8:9a:3e:52:24:a6:b7:09:0d:47:86:d7:7d:9b:cc:86:d4:
18:3c:f0:4e
-----BEGIN CERTIFICATE-----
MIIFDDCCA/SgAwIBAgISAZnzirYY49kMQOG7LQ0lPmzfMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGJhYTBmMjU4ZWVmNGIyYmY0YmJhYTg0MzBjMWU1OGNhOGMx
ODhlYTcwHhcNMjUxMDE3MTg1OTM4WhcNMjYwNzAxMDAwMDAwWjAzMTEwLwYDVQQD
Eyg5ZWQ4YmE4ZGY4NTc5MjZkNTA0ODg4YTI3ZWE4M2VhMGFlMTFhMTViMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAvjYxr3g7e6gmRYdrd3KXcDCnK2VO
SsuslSVRw1H01xhU7YpuQC7wDIGI+8TQugm8yQWbYibkPKNvkkfOwPCrht/UM8H1
XdGCNnmWnt7gTqLVfRWol3CAvwGqq94FuvMb1u7vM2NLytOgJgoDnFjJDrlVk9eX
V1P3GKYLHeKeUrfMAZekcbkBhrGYEwdR07vbRnspIXuvVKANknnfAkIufz//h6gj
4jJOu4cqfsyaygmKCT6DX8hfJb1C5SOyY+eu9U66GGO1JX+xNX780ZaXBpclu/pS
AAu/7/zEeJ3tW8UNgbwwWee0AckMeR0gVFZpxoguYOjgL1nNbVRK97KbVQIDAQAB
o4ICGDCCAhQwHQYDVR0OBBYEFJ7Yuo34V5JtUEiIon6oPqCuEaFbMB8GA1UdIwQY
MBaAFLqg8lju9LK/S7qoQwweWMqMGI6nMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEt
ZTU3NjhkNmIxODJjLzEvbnRpNmpmaFhrbTFRU0lpaWZxZy1vSzRSb1ZzLnJvYTCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC8xMS81ZTBlZTEtYzgzMy00MjQxLTk2MGEtZTU3NjhkNmIxODJj
LzEvdXFEeVdPNzBzcjlMdXFoRERCNVl5b3dZanFjLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMC4GCCsGAQUFBwEHAQH/BB8wHTAbBAIAAjAVAwUAKgm8BAMF
ACoRZUUDBQAqEW0FMA0GCSqGSIb3DQEBCwUAA4IBAQAj4fUIDIFnkKzK3aehRURJ
7nGHpnUPIe4U34zjihDes5Cz3s/FIqFpTg0sXRa/OOQoYzTIufvJuxUnls7G6rOP
qMLKJ/4IU7ekIrvELJPgISSQY+v6wQV5c7kSQfYcKvedwZJmQLsRYEd9Tk/rGX/z
IIK/+ATwEj5aFkYAOL9qZ33JMOTOJk1JMPSTct2lw1QsKdBfmLvANN2D6SZqNZg6
4G4prPyNabg0WGDXgEJ5RaAypzg/MoNXvXNKhNZAHWLVbDQMCJoGyzZV2b2lbf5i
588HzzkwLiU+oI41sKJvhH9DnKAyPTB8x3+g2Jo+UiSmtwkNR4bXfZvMhtQYPPBO
-----END CERTIFICATE-----
Generated at Sun Oct 19 20:46:16 2025 by rpki-client